How to Deal with the Dangers Posed By the "sa" Account for Microsoft Dynamics GP
Microsoft Dynamics GP has long required the ‘sa' (system administrator) account to perform several tasks, including user management, maintenance and installation of third party products. It is also widely used as a "do everything" User ID by companies and consultants.
Use of the ‘sa' account creates audit risk in both the IT department and the Finance department. A user with access to this account may make changes to financial data and eradicate any trace of the change that was made. Additionally, users without appropriate SQL training may modify SQL objects or settings that impact data and performance.