On one side I somewhat agree with the concept of seperation of duties, the problem is that I have seen it taken WAY too far, particularly in big companies and not far enough in little ones. The big companies tend to be risk adverse so they throw money, people, policy, and tech at it, especially if they are in a regulated industry. But the problem is that all these systems really do is keep honest people honest, the guy who is coming in with the plan to steal from you is not going to be deterred and in most cases you aren't going to know what hit you until later. Also in big companies, the DBA isn't the watcher, there is often a group (or two) above them that watches, they often go by names like Compliance and they tend to watch the whole infrastructure as well, from the network switch to the machine, to the database..

CEWII