I have seen an interesting issue surface recently, one that many other corporations are probably facing: the dividing forces of security and auditing. It could be argued that auditing practices should strengthen security, however this may depend on the situation. Let's take database access control as an example. In a typical two-tier application, connections established to a database server are performed using a shared account. Usually, shared accounts are considered less secured than network accounts ......