For almost anything technology related there are different levels of access, depending on who you are to the system in question. It is called rights management, user roles, access levels or similar, with the idea that everyone should be able to do what they need to, but not more.
Higher levels should create new accounts at the lowest level possible, according to the needs/tasks of the person.
Hierarchy
- Owner
- Usually the original creator with rights to start/stop/sell the whole project, think CEO
- Creates accounts for trusted administrators, full control
- Administrator
- Someone trusted, with some experience, think management
- Creates accounts based on tasks for workers, changes basic settings
- Editor/Worker/Content Manager/Advertiser
- Someone with a specific, reoccurring task to add/change content
- Cannot add/change accounts
web hosting as an example
Usually there are 2 or 3 levels:
- Hosting (Where you can see/pay the bill)
- Control panel (Plesk, cPanel, …)
- CMS (WordPress, Drupal, …) or FTP for static sites
Hosting level
Where the owner pays for domains, packages and sets up basic things or requests support from the hosting provider, maybe restoring/managing backups. The most powerful and dangerous access, it should not be available to anyone but the owner, one login with all the rights.
Control Panel level
The control panel usually offers already more granular rights management, per domain for example. Here you create users with different rights, to create/manage websites, email accounts, databases, backups per domain. Access can be provided as needed to install a CMS or similar for specific domains, but can also fully delete/reset the website. Accounts for ftp/sftp/ftps for an agency to upload files, without access to emails or other functions. Suitable for trustworthy friends or more experienced employees.
CMS level
Accounts in a CMS can easily be restricted to only create/add content, without changing the structure or breaking much, preventing accidents. Suitable for employees, contractors.