In the age-old battle of data and systems administration,
organizations must understand who actually owns the data contained in the
applications. Data center staff may well administrate the programs and the
operating system upon which the programs depend, but their role in ownership is
limited.
Access to sensitive data must be authorized by the
department or group who create and maintain the actual content of the system.
They alone should decided who gets access to the system, since they know all
their departmental players, and are best suited to determining who has an
actual business need for access.
Systems maintenance staff are the perfect choice for
maintaining the software that runs the application, the operating system that
supports the application, and the hardware that houses the application. They
are not the best folks to decide who gets access to the data.
