What are the 3 different ways of providing data access?
Open: This principle states that a user shall have access to all the information in a system if the user has access to the system or repository in which the information is being held. This type of data access is by far the least safe, as (in most cases) it's not relevant for the user to have access to all the data. Open, unless: This principle states that a user shall have access to all the information in a system unless there are certain settings to shield specific data. As an example, it could be that HR or finance-related data [...]