Global and Regional Requirements for Data Governance

Last week I had the opportunity to present “Ensuring Your Organizations Digital Collaboration is Secure” at an IDC conference in Dubai.  The conference was attended by approximately 100 people from a variety of Middle Eastern countries and companies.  Although the event proved to be beneficial for the obvious reasons (market development and sales), it also proved to be worthwhile as it provided additional proof that data governance is a global challenge which needs to be addressed at both global and regional levels.

Not surprisingly, the IDC conference was attended by every type of vertical, including financial services, manufacturing, technology, media, medical and telecom companies.  Many of the people I had the opportunity to speak with expressed interest in controlling access to data, understanding where their critical data resides, and, most importantly, who was accessing their critical data.  They were interested partly because of regulatory factors such as PCI, but mostly because they recognize that critical data simply must be protected.

One participant expressed concern that IT and data governance decisions are centralized as broad corporate initiatives, but local business requirements dictate the institution of immediate controls:

  • Prove that access permissions to email, shared folders and SharePoint repositories conform to a least privilege model
  • Remediate inappropriate access permissions
  • Identify the individuals responsible for sensitive data (data owners)
  • Ensure that intellectual property access is monitored by these data owners

Based on these requirements, this participant has been authorized to initiate a local data governance initiative to ensure that intellectual property (IP) is protected in his division. Given that IP exists throughout his company, implementing a successful governance strategy at a local level will likely have broader ramifications for his organization’s data governance initiatives.

Get the latest security news in your inbox.

Next Article

The Dangers of Data Portability