by Angela Guess
Varonis has published a new white paper, Data Owners: The Data Governance Frontier. The abstract states, “This document explores the background and ramifications of the following dialogue: Does access to unstructured data need to be managed? If so, will someone or some persons need to decide who gets access to a given set of data? Are persons with knowledge about the data, knowledge of how the data may be used by the business, and its sensitivity the people best qualified to make access control decisions? Should the business, and not IT, designate an individual or individuals to make access control decisions? Should these designated individuals authorize and review access as the business deems appropriate?”
It continues, “Assuming the answers to the questions above are ‘Yes,’ then we can conclude the following: Unstructured data needs an owner, or steward, that will make access control decisions, utilizing their knowledge of the data and its business context in accordance with business policy.” The introduction notes, “Identifying and interacting with Data Owners is becoming a critical objective for many organizations. Information is a sort of currency, and needs to be subject to the same controls as any other asset: it must have an identified owner, access controls, access records, and reporting on these components.”
photo credit: Varonis
