Data can be edited or deleted if permissions not set properly. Data can be entered using the identity of another user.