Company approach for sensitive data access
I guess a lot of you that maintained sensitive data in Oracle, faced this issue. we have in our IS team few developers which are currently not supposed to be exposed to sensitive data. BUT they should have access to REST API tools, BI publisher etc '.. which through those features that can easily pool salary and compensation table and read from those tables.
how your approach in your company? do you use system that are monitoring security and sensitive data (like CasB for example), or you simply give access to your developer to access all data?
thank you in advanced!