You have defined ownership, you have classified data, and you have created a solid Data Governance Policy. Now, how to manage what is going on with your data, identifying who is accessing it and what they should be doing with the information.
Do you have tools in place that will tell you what someone with privilege access is doing? Have you set parameters to identify anomalous behavior? What steps do you take to secure information from leaving your organization? It’s not only hackers (although, we see that more and more); it is also threats from internal employees, whether malicious or not, that can be your biggest issue.
Perhaps you are going through a down-sizing, do you have controls on what access those who are leaving have and what they can do with data. How do you identify if they are doing something they shouldn’t be doing, such as accessing more file shares, printing a great deal, emailing a bigger volume than customary.
All of these things may be within the scope of their job, but you better have tools that correlate behavior; understand what is normal and what is not; create thresholds and empower those who have to take action, the ability to thwart any behavior that is a threat.
Do you control your data access?
