The $100 Billion Challenge of Internal Data Security
The information management business is worth over $100 billion USD, and based on 2010 data the number was set to grow at nearly 10% a year (Economist). Clearly, data is one of the most important assets of today’s organizations. Companies rely on data to make crucial business decisions, and consistently face the issue of data security. Strong emphasis is often placed on external data threats, such as cyber-attacks; however, a less discussed, but greatly important, data security issue is actually internal.(For more on cyber threats, see our two articles Syria and Cyber Attacks and August 2013 DataWatch Editorial Letter.)
Within an organization, it can become nearly impossible to track which employees have access to what data, which poses security risk. As we consistently see in the news these days, when information enters the wrong hands, the results can be disastrous.
When UK-based IT management company IT Governance surveyed 260 international companies in 2013, they found that over half of the participants ranked their organization’s employees to be the number one threat to company data. In fact, 54% surveyed listed the security risk from employees ahead of criminals, competitors, and state-sponsored cyber-attacks (IT Governance).
Leading research agency LCD’s February 2013 survey of global companies supports this view. Over half of the companies surveyed believe that employees’ negligence is a significant threat to the security of private company data. This risk does not only refer to employees who purposely try to access data that they shouldn’t, but also employees who are simply inattentive or careless (Kaspersky).
In order to begin to combat this problem, companies need to have full control over their employees’ permissions when it comes to their data. Admin Console, a feature of our data management and solution software, the ZEMA Suite, does exactly this. Admin Console lets companies manage access to applications, users, and functionality within ZEMA, in turn improving the security, auditability, and reporting of a company’s data, as well as mitigating employee risk.
Admin Console’s security layer lets clients ensure that their employees only have access to the specific data which they need, which can be done on an individual or group level. Data is assigned to users on a report-by-report basis, ensuring that they are abiding by external license agreements and internal security requirements.
To help companies report on their data compliance, Admin Console provides extensive logging and reporting on application and data usage. A company can see which applications were accessed, by whom, and what data was used within those applications. They can see all changes made within the ZEMA system, including who made the changes, and when.