Making sure the right person accesses the right data.
80% of your corporate data are non-configured (man-made) data and managing this data is four times more difficult than managing your databases. People mainly create non-configured data with each document, electronic table and presentation they create. Users copy and paste data from secure applications and these files roam around the network, unchecked.
Data Access Governance helps you with the following subjects.
- Finds your non-configured data
- Provides you access to these data with the most effective methods
- Determines your critical data (SOX, HIPAA, PCI, ITAR, etc.)
- Helps you identify the owner of the data
- Fixes problematic situations (Open sharing etc.)
Ideal data access governance (DAG)
Involve The Data Owners
It won’t be realistic to expect from your IT team to completely secure your Non-Configured Data. You have so much corporate date and this data keeps changing and accumulating. IT team won’t be able to answer the question “Who will access which data?”. Business owners being responsible for such data and granting the necessary authorizations, will be a successful strategy.
Acquire Short Term Gains, Plan For Long Term Success
When it comes to Data Access Governance strategy, organizations try to solve every issue at once. A successful plan focuses on short term gains at first, implement more complex solutions in due course. Achieving inspection and compliance objectives and reporting who accesses which data and their activities, can be considered as short term gains. Focusing on obvious security violations such as locations where critical data is stored or where too much open access is in question, will increase the level of security.