Access Governance

Data access governance for unstructured data

Companies have to process more and more unstructured data, such as documents, tables, presentations or e-mails, on a daily basis. This leads to increasingly opaque file systems and access authorizations. Information security is threatened by undesired rights accumulations and orphaned user rights of previous employees.

What is needed to fix this problem is clarity on who may access what data, who controls data access and whether the file system has structural weaknesses that facilitate unwanted data leakage. This requires well-structured access management in addition to common identity access management solutions.

The GARANCY Data Access Governance (DAG) module includes a dedicated administration and control tool for accessing this kind of unstructured data.

Access Rights to Unstructured Data

How is this data protected both reliably and efficiently?

An authorization audit is performed based on a proven principle. The results are used to automatically consolidate the file systems in terms of access management.

Authorization audit: Analysis & reporting

  • Automatic identification and analysis of access rights to unstructured data including reporting on “who is authorized to do what and who assigned what rights to whom?”
  • Security analysis: KPI-based list generation and ranking of threat potentials based on risk factors.
  • Results reports: Evaluation of the cost of resolving security issues including recommendations for action. Integrate and control IT applications using the widest selection of out-of-the-box connectors available on the market.

Clean-up: Consolidation and migration of existing systems

  • Restructuring of storage and authorization structures according to legal and corporate guidelines
  • Migration of data and rights without affecting the business processes

Data Access Governance: Monitoring and control of access rights to unstructured data

  • Secure management of information, authorizations and resources in systems containing unstructured data.
  • Data owners located in the specialist departments autonomously control their access without direct intervention of the IT department.
  • Rights management is based on business-oriented request and release workflows as well as roles with integrated compliance checks that compare target and actual rights to identify high-risk deviations on the spot.

GARANCY DAG’s method of operation

Specialist departments assign their own access rights

GARANCY Data Access Governance provides functions for access management below the Active Directory group level and down to the folder and file level, e.g. to file servers, in Microsoft SharePoint or other document management systems. Integrated release workflows or portal self-services automatically connect the respective data owners or project leaders with the assignment processes.

GARANCY Data Access Governance places the specialist departments back in charge of stored information: A simple process that does not require direct involvement of the IT administration allows data owners to decide who may access certain data resources when, where and to what extent. The built-in compliance checks allow users to compare target and actual rights to identify high-risk deviations on the spot.

GARANCY DAG thus allows specialist departments to autonomously govern data, resources and access rights in compliance with all applicable laws and standards.

Share this page