We are starting the process of interoperability of geospatial data, using geOrchestra, which allows the administration of GeoServer and GeoNetwork in a unified way, in addition to offering more services. And, we have a question about making layers available for editing by our internal customers. The question is: about how to make the layers available for editing, updating or deleting, would it be directly in the database or via WFS-T? How are they used in corporate or institutional environments?
Knowing which method is most used and which would be safer when dealing with information security.
Depends on the context. Both methods are safe when well designed.
Several of our customers using geOrchestra edit layers directly in the database, while others use WFS-T, relying on GeoServer's native layer + services security.
If the database is not your only source for layers, you might consider WFS-T which is more flexible when it comes to setting up the ACLs.