“Only administrators (not even executives) should have access to data in mass. This prevents an insider from dumping large quantities of information, or an executive’s account being hacked and leveraged against the organization.”