Quest software has just released its six steps for guiding assessments and improving data access controls. Those steps include:
- Discover Users and Resources ““ The first step involves an infrastructure inventory of important data, which can and often does reside on multiple platforms, Network-Attached Storage devices, SharePoint sites, Active Directory group memberships, mobile computing devices, etc. In particular, it“™s also important to identify the resources of unstructured or orphaned data.
- Classify Data and Assign Rights ““ Data must be classified in terms of confidentiality, correlation to regulations, overall relevance and archive requirements. Appropriate owners of business data should be reviewed and assessed to ensure they are in accordance with security policies.
- Assign Data Owners and Approvers ““ Assign appropriate business owners based on roles, locations and other attributes. Separation of duties must be taken into consideration to assure compliance and security.
- Audit and Report on Access ““ Schedule and perform continuous business-level attestation of access to ensure accuracy, compliance and security.
- Automate Access Requests & Problem Remediation ““ Automating access fulfillment workflows based on access rights and the requestor“™s role in the organization is ideal for security purposes; also, automated responses that remediate deviations can proactively prevent potential threats or breaches.
- Prevent Unauthorized Changes ““ Lock down certain data, groups or access rights that should never be altered; all changes should be logged in a secure depository that cannot be manipulated to ensure a high level of forensics analysis.
“Our view of end-to-end data access governance blends discovery, control and automation to help business decision-makers determine who needs access to business critical data, whether it resides in structured formats within applications and databases or in unstructured formats within documents and spreadsheets, in order to meet ever-evolving business demands without compromising security or compliance requirements,” said Nick Nikols, vice president and general manager of Identity, Security and Windows Management at Quest Software.