Comment by michaelt

In my experience, every sufficiently large org with data centres on multiple continents has an accretion of legacy systems and special exceptions.

And a heuristic anomaly detection system that generates masses of false alarms, and enough different teams and documents and policies to bury an army of SOC2 auditors. And so many log lines almost anything can get lost in the noise.

The janitors always have keys to everything. Especially when it’s required by law.