One of your employees needs access to part of your customer database so he can fulfill an urgent reporting request. You’re busy and this employee is trustworthy, so you grant him administrative status. Simple solution, right? You’ll revoke it later when you’re done with the other 600 critical things you’re working on right now. Right?
Not so fast. In reality, freely granting employees admin status is one of the most common mistakes enterprises make. Even if employees don’t have malicious intent — and the vast majority do not — this move still exposes companies to serious risk. An employee with full admin access, for example, can see everything but is also free to make changes to the code and configuration of your applications, thinking they’re just “tweaking” their personal experience.