How do you manage database security permissions and ensure compliance with least-privilege access principles?