The security aspects (from an attack surface perspective) are APPALLING.

Given that every Tom, Dick, and Harry on the PLANET can potentially see the DB and try to hack it, the liability is simply breathtaking.

Yes, security can exist. But...we already know that security and the net are mutually exclusive. The defenders need to cover every single potential weakness (and realistically, this number might as well be infinite). The attacker only needs ONE.

Not to mention the number of potential inside attackers explodes from the company's own employees to the vendors employees, their contractors, any hackers that may have corrupted insiders or compromised systems--of either the company or vendors or vendor contractors... Need I remind you of the hack that resulted from an HVAC company being compromised? Really? An *H/VAC* company????

Seriously, has everyone forgotten attack surface in the rush to chase that pretty rainbow unicorn right into the wood chipper?