Re: Depends if decent efforts at data security made by Morrisons
And this is part of the problem - being able to trust that the person with the Admin privileges won't abuse that trust, or that they haven't been given higher access rights than they should have which they then abuse and take advantage of.
In my former role my team and I used a service account which we believed had Server admin rights to the Estate to perform our job roles; it was only after a security audit that we found out it had been wrongly given Enterprise Administrator rights instead. We had been using that account for over two years but had never thought to check what rights the account had as it had been created by the relevant team under a standard account request ticket with the access permissions clearly specified.