From my earlier post:
"The biggest problem with security is apathy and lazyness. FAR too many people use highly privileged accounts for app logins, OR their application is architected in such a way that requires excess rights."
You are generally right in your post, but the above covers what often happens..
CEWII