
Every organization has a certain amount of acceptable and unacceptable security risk. Nearly every company accepts the level of risk entailed by granting their employees access to company data needed to perform their job. For example, running reports on your customer base might require access to a database of all your customers.