Data access governance is a concept known in the art as a technology for protecting an organization's data from theft, fraud and general misuse.
Data access governance is a technology aimed at protecting the organizational sensitive information from being leaked or abused by both internal and internal threats. Regardless of where it is stored, the information is protected using an organized process. The phases of the process are typically: 1) Discovery—locating the sensitive information, in every form, and on any store; 2) Real-Time Continuous Monitoring—knowing who has accessed what, and, when and where each access occurred; 3) Permissions Management—knowing who has permission to access what and who is not using the granted permissions; 4) Real-Time Data Access Policies—protecting resources by access rules defined based on the user and data context and 5) Compliance—delivering compliance processes such as controls, access reviews, access requests and more.
The data access governance platform commercially available from Whitebox Security Ltd., uses a usage profiler and a compliance profiler in conjunction with a main database (XGS). The usage profiler component is responsible for mining information from the database, such as usage profiles for each user, usage profiles of each resource and many other patterns based on different attributes, monitored, and enriched by the data access governance platform The compliance profiler component searches the governed applications for critical configuration errors, compliance violations, bad practices, and unused resources, and permissions. The data access governance platform uses purposely built application monitors to continuously monitor the activities of users throughout all organizational applications. The data access governance platform constantly analyzes who is accessible to what data, and who actually uses it.