Data Access Governance

What is thye meaning Data Governance in which we often hear the name of the personal data protection law No. 6698 recently? Where is the importance of KVKK?

Nowadays, data is stored in environments such as technological environments or cloud systems within institutions and often in such a way that it does not constitute a meaning or content when first viewed. This data is divided into structured and unstructured. Structured data is data that is typically stored in database systems of output resulting from the execution of an application. This type of data management and reporting can be done on systems where data is stored.

Unstructured data is a type of data that does not depend on any formal rule, has a large amount of textual content, requires advanced text processing, natural language processing and artificial intelligence methods to be processed and analyzed. This data is usually stored on on-premises file server services (Windows File Server, SharePoint, Exchange, EMC, NetApp., Etc.) or on systems that provide cloud services (Google Drive, DropBox, etc.). By definition, it is quite difficult to manage and report such data for organizations.

Data governance is the process of identifying such data within the organization, assigning responsibilities after classifying the data according to the type of data and reducing the risks. For this purpose, data access policies, procedures and standards are determined by determining who will use the data within the organization, to decide on which rights to use and to decide, to implement and to raise awareness.

The growth of the corporation needs is proportional to the growth of the institution. As the organizations grow, data access and management will become more complicated, resulting in coordination between teams. Within the framework of data governance, identifying and managing corporate policies well will ensure that the decisions to be taken to access data are fast and accurate. In this way, the coordination problem between the teams will decrease and will reduce the costs and increase the quality of work.

The need for data governance is simply questionable through the following questions;

• Where is the Data (Sensitive) stored?

• Who is accessing data?

• Is access appropriate?

• Is it proof?

Discussion of the questions within the institution will be sufficient to reveal the deficiencies in this subject. In the event that the deficiency occurs, if the hosted data contains any iyor Personal Information / Data Eks, it is a legal obligation to remedy this deficiency.

Any information relating to an identifiable or identifiable natural person is personal information. Personal information is any kind of information, such as name, identity information, habits, image, sound, biometric information, without any limitations on the nature of the information. In order to protect the fundamental rights and freedoms of persons, especially the privacy of private life, and to regulate the procedures and principles of natural and legal persons who process personal data, in order to regulate personal data, Law No. 6698 on Protection of Personal Data was published in the official gazette on 7 April 2016. When it is considered, it is seen that everyone who includes customer information is covered. Especially when we think that banks and large-scale companies are working with a large number of suppliers, it is once again clear that supplier management and security issues should be reconsidered and data governance is important in this context.

It is a solution architecture that can present system reports on the systems and data to be controlled (Active Directory, File System, Exchange, Ms Sql, etc.) by presenting the system audit logs or their audit logs by analyzing these logs and making ready reports in real time.

Analyze Hub Metric values ​​and analyzes on Exchange, Cas Metric values ​​and analysis, Exchange Database values ​​and analysis, Mailbox values ​​and analysis, Public Folder structure, capabilities and analysis on Exchange, Distribution Lists values ​​and analysis on Exchange, Exchange Version based values ​​and analysis is a solution architecture that can report in meaningful data.

A list of files that are publicly accessible and which are not restricted to access on file sharing systems, all privileges, list of authorized users, incorrect authorizations, file types, file sizes, list of unused files in the specified time period, movements, authorization changes, usage statistics, suspicious transactions, user movements It is a solution architecture which is able to report files containing sensitive data according to specified criteria and determined criteria by analyzing the accesses of the file owners as meaningful data.

dentifying the users with SQL SYSADMIN privileges on the basis of servers, instance based and Domain user based, Database level SQL privileges, authorizations in all MSSQL databases separately for each instance, activity logs in SQL inventory of domain users authorized in SQL Servers, SQL Inventory Enterprise criterion is a solution architecture that can report successful and unsuccessful login attempts by analyzing the logs of instances accessed by re-using Password Hash by identifying the databases with public access authorization defined.

Content control analysis and reports.

Improvement suggestions and analysis reports on the regulation of resources available to everyone.

View and authorize reports on File System.

Assigning File Authorizations to the File Owner by creating Active Directory Authorization groups based on Source with Self-Service.

Ensure that the file owner authorizes their own files and provides workflows and reports with the Self Service feature. (For this, no other software is needed, the workflow and authorizations are provided via Mail and the requests are also sent by e-mail.)

With data access governance, you can provide access to real-time access logs and the ability to interfere with the Kernal level on the operating system, with a layer above your existing systems, preventing and limiting access levels.

It can analyze and log in real-time the group membership, GPO, Mailbox, File Folder permissions, Mailbox access activities and changes in all critical objects and configurations in Active Directory, File Server and Exchange environments.

With this solution;

• Find your unstructured data

• Access this data in the most efficient way

• Identify your critical data (SOX, HIPAA, PCI, ITAR, etc.)

• Help you determine the owner of the data

• Corrects problematic situations (Open shares, etc.)

• Analysis of data access and improvement of open access

• Possible data ownership assignment

• Authorization review activities

• Discovering sensitive data

• Finding unused data

• Monitoring of file and folder activities

• Analysis of unused or double objects in Domain

• Group membership analysis

• Reporting of group accesses

• Reporting of Active Directory changes

• Reporting my Mailbox accesses

• Activities can be carried out.

• AD object & GPO change, create, delete and move operations

• File access and permission change activities

• Unauthorized mailbox access

• Intrusion-based attack analysis (Brute Force, Lateral Movement, Account Hacking)

• Crypto Ransomware (Cryptolocker) analyzes and notifications

• Identification of changes and access.

• Real-time alarm generation

• Instant access control, access restriction and blocking on related systems

• Direct SIEM Integrations

Activities can be carried out.

Sentra works with Stealthbits for the Data Access Governance solution. To learn more about Stealthbits solutions, you can use the resources tab of our site or call the Sentra sales channel directly.