Traditionally, to grant or revoke access to database assets, administrators must manually enter data into a database - possibly in multiple resources. This method is inefficient and does not scale as organizations grow, merge, or reorganize. Furthermore, this may be vulnerable to privacy and security risks since all users have access to all information, or administrators need to restrict access by creating user accounts with specific permissions.