dcsimg

Data Breach: Who’s to Blame?

  • Data Breach: Who’s to Blame?-

    In looking at the line of business manager, the reason the fingers are sometimes pointed in their direction is because they are ultimately responsible for the data in their area from a compliance standpoint. Think of the CFO, for example: They are responsible for the financial data, the accuracy of the data and reporting it to the board of directors, and likely the SEC, if they are a publicly traded company, and so on. Ultimately, they should be the ones who are consulted on who in the company can access the data in question. Do they know that a bunch of end users have access to the data they are responsible for? Do all of those people use that data or even need that access? 

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8

Data Breach: Who’s to Blame?

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
  • Data Breach: Who’s to Blame?-4

    In looking at the line of business manager, the reason the fingers are sometimes pointed in their direction is because they are ultimately responsible for the data in their area from a compliance standpoint. Think of the CFO, for example: They are responsible for the financial data, the accuracy of the data and reporting it to the board of directors, and likely the SEC, if they are a publicly traded company, and so on. Ultimately, they should be the ones who are consulted on who in the company can access the data in question. Do they know that a bunch of end users have access to the data they are responsible for? Do all of those people use that data or even need that access? 

Data breaches are reported all the time in the news - and often when a breach occurs, fingers are pointed at everyone from hackers, to CSOs, IT and even end users. So in looking at a typical breach, Jackson Shaw, senior director of product management at Quest Software, wanted to break down why the fingers get pointed at these particular people (aside from the hacker, as that’s generally an obvious target) and why they should each care about data governance. For simplicity, he’s going to break this down into three groups: The end user, the IT department, and the line of business manager, and he’ll use the case of financial data.