Data Governance Matters

The Danger Within

A reporter asked me this last week whether I thought private data was safe within corporate firewalls. He wasn’t asking if I thought the firewalls would keep out hackers. Rather, he was asking whether I thought it was safe from internal threats – people who would copy private data.

I told him the truth: that often, it’s safe only because people are basically good. That for most of the company’s I’ve seen, once someone is given credentials and permission to work with certain types of data, there would be very little to stop them from misappropriating information. We talked a bit about the possibility of corporate espionage – how easy it would be, and how great it is that company’s aren’t out there creating data breaches just to hurt their competitors.

And yes, we did talk about new technologies that detect improper patterns of behavior by credentialed users. We talked a bit about catching bad guys – the stuff that security freaks revel in. But when we were done, what I remembered most about our conversation is that people really are generally good, trying to do the right thing. And that’s what I like best about helping companies with their Data Governance programs; for the most part, its about helping good people do good things better.