Part 5: Do Too Many Users Have Privileged Access Rights?

Part 5: Do Too Many Users Have Privileged Access Rights?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Do Too Many Users Have Privileged Access Rights? Do your users have privileged access rights they don’t need? According to a recent Ponemon report on the State of Data Access Governance, plenty of organizations are granting privileged access rights for “no apparent reason”. Others are even granting privileged access to every user at a certain job level, even if it is not required to do their…

Read More Read More

Part 4: Are You Securing Active Directory?

Part 4: Are You Securing Active Directory?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are You Securing Active Directory? As an IT professional, you’ve likely made a number of different investments to protect the data within your organization. In order to help with the provisioning of user access rights, you may have invested in an Identity and Access Management (IAM) solution. You’ve likely adopted a SIEM and Data Loss Prevention (DLP) platform as well. And you should!  These technologies provide…

Read More Read More

Part 3: Are Users Putting Your Sensitive Data at Risk?

Part 3: Are Users Putting Your Sensitive Data at Risk?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are Users Putting Your Sensitive Data at Risk? Previously in this blog series, we talked about understanding your organization’s data footprint. We also discussed methodologies for identifying where sensitive data exists. At this point, you’re probably realizing how much data lives across your organization and wondering… who is accessing all this information? The concern now isn’t solely about the data itself, but rather that users within…

Read More Read More

Part 2: Is Your Unstructured Data Safe?

Part 2: Is Your Unstructured Data Safe?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Is Your Unstructured Data Safe? In Part 1 of this blog series, we uncovered a lurking fear among administrators everywhere: the unknown of unstructured data. Over 60% of people do not know where their unstructured data lives across their organization. This is particularly scary because unstructured data accounts for over 80% of all data within any organization. Fortunately, as we discussed previously, there are tried and…

Read More Read More

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study

Part 1: Do You Know Where Your Data Lives? Thinking of all the data that lives across your organization? It’s a spooky thought. According to a recent Ponemon study on the current state of Data Access Governance (DAG), 62% of people have no confidence or little confidence of where users are storing unstructured data. On the surface, it might seem like a daunting task to figure out where all your data lives. However, with the right tools and a plan,…

Read More Read More

Governing Data Access to Meet Security, Compliance and Operational Standards

Governing Data Access to Meet Security, Compliance and Operational Standards

Part 6: Governing Data Access to Meet Security, Compliance and Operational Standards In this 6th and final post of our “Moving from Checkbox Compliance to True Data Security” blog series, we’re going to see how all the work we’ve done in discovering where our data lives, collecting and analyzing relevant information about our data, monitoring activity, and restructuring access rights will pay off in a major way. As you’ve likely gathered already, “Governance” is a pretty important component of a…

Read More Read More

Restructuring Permissions to Achieve a Least Privilege Access Model

Restructuring Permissions to Achieve a Least Privilege Access Model

Part 5: Restructuring Permissions to Achieve a Least Privilege Access Model In part 4 of this 6-part blog series, ‘Moving from Checkbox Compliance to True Data Security,’ we discussed why it’s important to monitor file share activity before you begin to take any action so you can get a full understanding of: Who is leveraging their access privileges What types of operations each user performs Who is creating or contributing the most amount of content If you’ve completed that step and…

Read More Read More

Monitoring Sensitive Data Activity and Identifying Data Owners

Monitoring Sensitive Data Activity and Identifying Data Owners

If you’ve been following along in this 6-part Checkbox Compliance to True Data Security series, you should have a better understanding of how to locate your data, pinpoint which data is considered sensitive or risky to your organization, and compile a priority list of the sensitive data you’ll want to govern first. You may be thinking that once you’re done with the above it’s time to start making changes to security and locking down the risky data you found, however,…

Read More Read More

Collect and Analyze Relevant Data Points to Assess Risk

Collect and Analyze Relevant Data Points to Assess Risk

The goal of the Collect and Analyze phase is to assess relevant data points to answer critical questions like what’s the sensitivity of the data, who has access to it, who owns it, and what’s the age of that data.  When you begin to understand the answers to these questions, you can then begin prioritizing the resources that are at most risk and limiting access to them as you work towards achieving a Least Privilege Access model.

Prioritizing Data Access Governance Initiatives Through Discovery

Prioritizing Data Access Governance Initiatives Through Discovery

Organizations are starting to shift their focus to establish a core set of principles around protecting their data, and they need a blueprint to help them get started. This series serves as the blueprint that will help your organization chart a course to proper data security. The first step in establishing a Data Access Governance program is Discovery.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.