Table of Contents
Why Should Data Access Roles Be Refined Based on Usage Patterns?
Learn what uneven dataset access patterns mean and why least privilege and role-based access reviews help refine permissions more accurately.
Question
A data scientist has accessed the customer_transactions dataset 200 times in the past month but the financial_reports dataset only 3 times, despite having equal permissions to both. What does this access pattern most likely indicate?
A. The financial_reports dataset should be removed from their permissions
B. Their role should be refined to reflect their primary data usage patterns
C. This indicates a security violation that requires immediate investigation
D. Both datasets should have equal access restrictions applied
Answer
B. Their role should be refined to reflect their primary data usage patterns
Explanation
This access pattern most likely suggests the user’s permissions are broader than their regular work requires. Under the principle of least privilege and role-based access control, access should be aligned with actual job needs, so frequent use of one dataset and almost no use of another is a sign that the role may need refinement.
Usage-based access reviews are commonly used to identify this kind of mismatch between granted permissions and real behavior. The goal is not to punish the user, but to make permissions more precise and reduce unnecessary exposure to sensitive data.
Why the others are weaker
A is too absolute because low usage alone does not automatically mean a dataset should be removed from permissions without review. C is also too strong because uneven usage is not, by itself, evidence of a security violation.
D is incorrect because equal access restrictions are not the goal of sound access governance. Good access control is based on role need, risk, and actual usage patterns, not forced symmetry.