[cycomanic]

If we take your argument further all engineers should be given the root password to all production servers and we should simply trust them (and keep logs) to not use the password?

Access control is something so central to IT systems that I'm frankly dumbstruck that someone would argue against them on HN.

[LanceH]

If you don't need access, you shouldn't have it.

If you do need it to do your job, you shouldn't have to run to your manager several times a day to make a request to do it. You should have root or whatever is necessary and it can be audited.

I'm not arguing against access control. I'm arguing for those with responsibility to work to be given the commensurate authority to do their work -- with auditing even.

[Arainach]

Who are these hypothetical employees who need to access customer data multiple times per day? If there are more than 5 of them in your O(1000) organization you have serious issues.

For 99.9% of employees, accessing customer data should absolutely be a "talk to your manager" level of occurrence, and each time it happens the manager should ask why it was necessary and what logging you need to add such that you don't need to do it again.