Data & Access Governance for the Masses (of servers)

Data & Access Governance for the Masses (of servers)

We’ve been building and perfecting our solution for data and access governance over the past few years and we’ve learned that two of the biggest considerations for data governance solutions are (1) Scalability and (2) Coverage.

Scalability

Scalability is critical. Any solution that attempts to scan a server will take some amount of time depending on how big the server is and how deep the scan goes. We can’t control the number of servers or the fact that scanners take time to work. A few things we CAN control are the architecture of the solution and the flexibility of the approach. For example, the STEALTHbits solution is multi-threaded. So, we can scan 1, 10, 50, or 10,000 servers concurrently depending on the precise need. We can also scan a batch of 500 servers in a single job or maybe expand that job to 5000 servers. Obviously, scanning 5000 servers takes considerably more time than 500, but there may be a valid business justification to get it all done at once.

Our customers report that they feel most successful when they can break jobs into chunks and review results along the way. 250 – 500 servers at a time seems like a sweet spot for many. One customer had an immediate need and we scanned close to 20,000 servers for a specific requirement in about 10 minutes. That’s the power of a multi-threaded approach and a flexible architecture. And In some cases, for global scalability, we might recommend deploying regional instances of the StealthAUDIT console that could manage data collection jobs locally and then deliver that information to a central reporting console.

The key to all of the above was our decision to design technology that will scale and enable flexibility in implementation so that decisions can be made that meet any requirements that come up, whether it be to finish quickly, handle large numbers, or just to keep things simple. It’s not a one-size-fits-all approach.

Coverage

The second consideration is coverage. If you care about “Who has access to what?” you should care about it wherever the data lives. The StealthAUDIT Management Platform can report on access to many areas where unstructured data may live, including file systems, SharePoint sites, and Exchange Mailboxes and Public Folders. And, by the way, even though various applications may control access to data in database (structured data) and that seems secure, DBA access to SQL Server is one of the most common insider threat scenarios. And that should be on your mind as well. Of course, we can help with that too.

We’d love an opportunity to discuss how the largest companies in the world are deploying STEALTHbits’ solution for Data & Access Governance. Let us know if you’d like to hear more.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.