From my earlier post:

"The biggest problem with security is apathy and lazyness. FAR too many people use highly privileged accounts for app logins, OR their application is architected in such a way that requires excess rights."

You are generally right in your post, but the above covers what often happens..

CEWII