The Group Account
Managing security for groups, allowing access is selective ways to different individuals is hard. However it’s also something that many DBAs do on a regular basis. We deal with the challenges of row level security and tying particular pieces of data to particular individuals, groups, or other pieces of data. We work to ensure security and systems are flexible, allowing for disparate requirements to be managed with rights, schemas, and other mechanisms. And many of us do it well.
I was reminded of the hard work we do with security when I read this piece on family accounts and the lack of support from Amazon and Apple. There are any number of comments and criticisms of the idea from people that ecosystems are bad ideas, or supporters of this idea have trust issues. Those are valid criticisms of the process, but that doesn’t change the fact that as our digital world has grown more closely linked, and many of us do want ways to share some of our digital assets with others, while retaining our privacy.
This isn’t just a family concern, as many vendors don’t manage customer accounts well with all kinds of software. I’ve encountered many situations where an employee registers software under their email account and subsequently leaves for a new job. Finding licenses or being notified of patches becomes a problem, especially when the new administrator is often searching for information in some sort of disaster situation.
I don’t have a great solution, but I do know that we want the ability to share assets, in much the same we could lend a book or wrench, or car to someone else in the physical world. At some point our cars, other secure application software, maybe even our databases will be authenticated in more secure ways. The future digital software that doesn’t allow for the re-assignment or information or rights to other individuals in an easy and secure manner will fail us.
The Voice of the DBA Podcasts
We publish three versions of the podcast each day for you to enjoy.