Data Governance
“As a public school, protecting data from unauthorized access is a natural priority. Within minutes we had visibility that we never had before into our user permissions and access rights.”
Martin Male, IT Manager, YellowKnife Education District No.1
Data Governance. It’s Simple
So your organization has an initiative to improve its Data Governance. Let’s break this buzzword down into everyday terms.
Data Governance means gaining visibility and control into your business data. The outcome of any Data Governance policy should be:
- Improving the security or protection of sensitive data
- Reducing the cost of the storage environment
How to implement a Data Governance policy with Aprigo NINJA
Step 2: Identify Data Exposures: Use Aprigo NINJA to highlight folders that are exposed to the ‘Everyone’ or ‘Domain Users’ groups.
Step 3: Identify gaps in your RBAC (Role Based Access Control) policy: Use Aprigo NINJA to identify folders that have explicit permissions set on them. They got there for a good reason: someone wanted to get something done without going through IT, but they break RBAC policies implemented with Active Directory group membership
Step 4: Report on permissions of sensitive folders: Aprigo NINJA aggregates information collected from Active Directory with ACLs collected from the file system to provide detailed visibilty into the actual users that have access to sensitive folders. Security groups are great, but they mean nothing to the business owner or IT auditor that needs to change access controls on those sensitive folders
Step 5: Perform user entitlement reviews of user and groups: Use Aprigo NINJA to illustrate all the network folders that a user or group has access to, where they gained this access from and remediate issues. End-users have ABE (Access Based Enumeration) that provide them with a view to only the resources they have access to. Now, the system administrator can have a similar view for each user and group in the environment.
Step 6: Analyze storage capacity usage: Use Aprigo NINJA to understand how the storage environment is being utilized, how retention policies being enforced, what’s driving that storage growth that stresses your back-up environment and identify cost-savings opportunities by identifying files for archiving or deletion.
Step 7: Implement storage chargeback: Use Aprigo NINJA to report on folder capacities and associate cost with each aspect of your environment using the built-in cost calculator.
