The Importance of Governing Access to Data Stored in Files

According to Gartner*, upward of 80 percent of enterprise data today is unstructured. ‘Unstructured’ data refers to files like spreadsheets, presentations, documents, PDFs or other user-generated content that is typically stored in unstructured systems like a file share or cloud storage application like Box or Dropbox. As the modern enterprise continues to digitize business activities to improve and transform operations, the volume of data a company creates, stores, manages and protects is growing at unprecedented rates.

Let’s paint the picture of what this means to a typical enterprise today. The majority of enterprise data stored in files is created, extracted or downloaded by individual employees, and is then stored and shared from a variety of locations, often outside the purview of the IT department.

Then couple in GDPR, for which there are less than two months left to prepare and get compliant, and the issue is compounded. Governing access to sensitive personal data stored in files is critical to staying compliant with the stringent requirements of this new law regarding handling personal data. Failure to secure sensitive data stored in files not only increases the number of exposure points in the event of a data breach, but it also increases regulatory risk.

As you can quickly see, governing access to files is a lot to manage. This isn’t just a big data problem, it’s a growing security problem: how do you both manage and govern access to all data across the enterprise when the volume of data is so high and the ability to see and understand who is accessing that data isn’t quite so crystal clear?

That is why we took the opportunity while at Gartner IAM London to poll attendees to see how many are prioritizing, protecting and governing access to this large pool of data that lives in files. The majority (65 percent) of people we polled acknowledged the importance of governing access to data stored in files as part of their overall identity governance strategy. This is a positive step in the right direction and highlights an important and growing trend in identity.

It also confirms what we’ve known all along: to truly improve security posture and ensure compliance with the increasing number of regulations, enterprises must govern all digital identities, across all applications and data, including files stored in unstructured systems. How can enterprises ensure they’re taking the right path? By extending their identity programs to weave in access to files.

If you’re not sure where to start or if you’re truly covering all your identity exposure points, watch Identity is Security to accelerate your security and compliance strategy.

*Source:  Gartner, Inc., “Organizations Will Need to Tackle Three Challenges to Curb Unstructured Data Glut and Neglect Foundational,” refreshed January 17, 2017. See “Market and Industry Data” for information regarding the industry data used in this prospectus.

Discussion