Notice: will be retired soon. Please visit our new site at

Six Steps to Achieving Effective Data Access Governance

Well-Defined Processes for Controlling Movement of Data Among Corporate Stakeholders Help Lower Barriers to Comprehensive and Agile Data Access Governance


ALISO VIEJO, Calif., Nov. 8, 2011 Quest Software, Inc. (NASDAQ: QSFT)

Highly publicized data security breaches serve as important reminders that data access governance must be an ongoing corporate imperative. Too often, however, the process of controlling access to vital information assets is inefficient, ineffective and lacks the agility to adapt easily to dynamic growth and change. According to a Gartner report on security and risk management lessons[i], data access decisions should be based on an assessment of the risks and benefits of a given level of data sharing, as well as an assessment of the process, people and technology that can securely enable that sharing.

As a leader in identity and access management, Quest Software utilizes a six-step process for guiding assessments and improving data access controls.


Tweet This: @Quest recommends six steps to achieve effective data access governance.

Six Steps to Better Governance:

1.       Discover Users and Resources – The first step involves an infrastructure inventory of important data (or access points to that data), which can and often does reside on multiple platforms, Network-Attached Storage (NAS) devices, SharePoint sites, Active Directory group memberships, mobile computing devices, etc. In particular, it’s also important to identify the resources of unstructured or orphaned data.

2.       Classify Data and Assign Rights – Data must be classified in terms of confidentiality, correlation to regulations (e.g., credit card numbers), overall relevance, and archive requirements. Appropriate owners of business data should be reviewed and assessed to ensure they are in accordance with security policies.

3.       Assign Data Owners and Approvers – Assign appropriate business owners based on roles, locations and other attributes. Separation of duties must be taken into consideration to assure compliance and security.

4.       Audit and Report on Access – Schedule and perform continuous business-level attestation of access to ensure accuracy, compliance and security.

5.       Automate Access Requests & Problem Remediation – Automating access fulfillment workflows based on access rights and the requestor’s role in the organization is ideal for security purposes; also, automated responses that remediate deviations can proactively prevent potential threats or breaches.

6.       Prevent Unauthorized Changes – Lock down certain data, groups or access rights that should never be altered; all changes should be logged in a secure depository that cannot be manipulated to ensure a high level of forensics analysis.


Proactive Protection and Control of Critical Data

  • Automated, multi-platform data access governance can remove the barriers to satisfying compliance requirements, while preventing unauthorized access to sensitive data residing on physical and virtual file servers, NAS devices, SharePoint sites, Windows file servers, and more.
  • Improved access control is a key driver in reducing security threats, as well as preventing them in the first place. According to the 2011 Verizon Business 2011 Data Breach Investigations Report, 86 percent of security breaches were available to the organization prior to the actual incident.
  • Comprehensive, 360-degree visibility into company-wide user access gives IT, business managers and data owners the insight needed to enforce policies and comply with regulations without creating an adverse impact on operations.


Supporting Quote:

Nick Nikols, vice president and general manager, Identity, Security and Windows Management, Quest Software

“Our view of end-to-end data access governance blends discovery, control and automation to help business decision-makers determine who needs access to business critical data, whether it resides in structured formats within applications and databases or in unstructured formats within documents and spreadsheets, in order to meet ever-evolving business demands without compromising security or compliance requirements.”


Supporting Resources:


About Quest:

Quest Software (Nasdaq: QSFT) simplifies and reduces the cost of managing IT for more than 100,000 customers worldwide. Our innovative solutions make solving the toughest IT management problems easier, enabling customers to save time and money across physical, virtual and cloud environments.  For more information about Quest solutions for administration and automation, data protection, development and optimization, identity and access management, migration and consolidation, and performance monitoring, go to



RSS Feeds:


Technorati Tags:

Quest Software




Quest, Quest Software, and the Quest logo are trademarks or registered trademarks of Quest Software in the United States and certain other countries. All other names mentioned herein may be trademarks of their respective owners.


Editorial Contact:
Beth Johnson
Quest Software, Inc.

[i] Gartner Security and Risk Management Lessons, Courtesy of WikiLeaks by Mark Nicolett, May 23, 2011