Data Access Governance Still Has a Long Way to Go

Data governance is one of those things that everybody wants to complain about, but nobody wants to actually be in charge of. And yet, more often than not, when there is a security breach, it’s directly related to the lack of a coherent data governance policy.

A new survey from The Ponemon Institute that was funded by Aveksa, a provider of data governance tools, clearly highlights this issue in a survey of 728 IT executives that finds that a huge percentage of employees have access to information they don’t need for their roles in the company, thus introducing unnecessary risks in terms of how that data can either be accidentally or purposely compromised. (Be sure to check out our Mike Vizard's deeper look at the survey.)

In general, the survey also finds that the majority of IT organizations are understaffed in the number of people they have on hand to manage data governance, while the number of sensitive documents and the requests to access that information appear to be increasing exponentially.

The good news is that progress is being made in some quarters concerning the adoption of more sophisticated tools for managing data governance, but Larry Ponemon, chairman of the The Ponemon Institute, warns that without a holistic approach to data governance that encompasses both the business side and the IT department, it’s only a matter of time before most companies experience a major security breach.