Vertica isn't operated in a vacuum. Most of your clients (if not all) will have network security systems with sophisticated management capabilities. Having very limited linkage to authorization data stored outside the database means that it has to be constantly replicated and synchronized. The basic external client authentication support is start, but much more is needed. See other ideas around broader Kerberos support and user security groups.