Protecting an organization’s data assets is more than securing sensitive and confidential information residing in application databases to meet compliance regulations. It should extend to the unstructured data – the word processing, spreadsheets, presentations, and media files that contain proprietary and intellectual information whose unauthorized access or loss could be as equally catastrophic.
Many organizations utilize Identity and Access Management systems (IAM) to automate application and associated structured data access of confidential and sensitive information based on user role. Recognizing that sensitive information also resides in unstructured data, these same organizations are looking for identity-driven solutions to automate and restrict access to unstructured data repositories based on identity and role.
With the prevalence of IAM systems for more than two decades, organizations have the expertise and the cooperative departmental structure to tie HR systems, Active Directory, IAM systems and applications for secure application access. However, developing a similar cross-department system for securing unstructured data access and protection is much more uncommon – and access is tasked largely to the IT department.
Managing unstructured data, including creating storage repositories and setting access permissions, is just a small part of the myriad of responsibilities of an oftentimes understaffed IT department. Consequently, work orders oftentimes tend to be done as “quick fixes” prone to mistakes. Workstation tools or scripts might speed up manually performed tasks but have their limitations.