Data security has been a prominent feature in recent technology headlines as the costs associated with data breaches continue to escalate. Business and IT leaders alike have become all too aware of the need to protect valuable information, but questions of how - and to what extent protection is needed- are common sticking points.
The rule of least privilege has been a long-held strategy that protects sensitive assets by reducing the attack surface. This lowers the chance that a data breach will stem from an inside source, but there is one problem: departments or business units want access to their data when they need it. These two sides may seem at odds with each other, but the truth is that they don't have to be. Tools that offer visibility over IBM i data enable IT professionals to fine tune IBM i client access restrictions and maintain control without inhibiting business innovation.
Security Dashboards: A Valuable Tool in IT's Kit
The potential for compliance violations and other costs make opening the access door to enterprise data a frightening thought. The risk of insider fraud is a real threat. According to a Ponemon Institute study, the average company experiences 55 incidents related to employees each year. However, technology leaders must be careful to avoid the urge to keep everyone out of the system. The ability to make better business decisions is dependent on the time it takes to gain access to and analyze enterprise data. If IT acts as a barrier rather than a facilitator, users are likely to be frustrated and productivity may suffer. Fortunately, IT departments can learn from the demands placed on them by empowering people to access the data they need in a safe environment.
One important thing to keep in mind is that it isn't always about protecting the organization from its employees. In many cases, information security is about protecting users from themselves. The Ponemon Institute found that 33 percent of organizations found employee-owned devices were actually infected with malware.
It's easy to imagine the headache that data stealing malware could cause if it made its way onto a privileged user's system through an employee's login credentials. This is why it’s important to have information such as usage history readily available. The analytics industry has placed much of its focus on features that expedite time-to-information through intuitive dashboards: the same functionality can give IT more insight into their technological environments. Imagine being able to gain a high-level view of log data from a single interface.
Security Dashboards Make IT's Job Easier in Two Significant Ways:
1. Access From Anywhere
In this case, the problem can be reverse engineered to form the solution. Mobile technology is often considered a high-risk, but it can also be a boon to technology professionals. Many evolving responsibilities in the IT world can leave a lot to be desired in terms of work-life balance, but even in the office, accomplishing daily tasks could involve a lot of running around. Professionals have been clamoring for better mobile tools for a long time, so there's nothing wrong with IT wanting software that will make life more convenient.
With security dashboards that are accessible from any device or via the Web, IT security professionals no longer have to be tied to their desks to see what is happening on their systems. This improves security for their organization by allowing them to see their data in real-time, making technical employees responsible for safeguarding enterprise data, and allowing them to attend to their full range of their responsibilities (or even take the occasional lunch break) without leaving the system unattended.
One of the challenges with putting software on portable devices is that every employee has different needs. Just as the CEO would have different priorities than the CFO, not everyone in IT prioritizes the same data. This makes analysis activities more cumbersome than they need to be. Selecting software with customizable dashboards enables IT to focus on the information they need rather than having to wade through lines of irrelevant data.
Perhaps the most important lesson that can be learned from end user focused philosophies is that sophisticated technology does not need to be cumbersome. The traits of being intuitive and easy to use may be normally attributed to mobile productivity software, but technical teams can benefit from a similar level of simplicity.
SEQUEL: Providing Secure Data Access
It's essential that IT professionals have mechanisms to control what users are able to do with the data they're viewing. There are key business benefits in giving users more access and, as a result, more freedom in generating their own reports. However, an effective tool goes beyond providing access by offering the ability to fine-tune user privileges.
In addition to serving as a leading iSeries Data Access tool, SEQUEL provides the controls that you need to keep a firm grasp on the keys to your company's digital kingdom. SEQUEL keeps a record of usage history to make security audits less painful, and gives administrators the ability to see who accesses files and when.
SEQUEL allows for record-level security so that users can only see the data that is relevant to them. For example, IT teams can configure it so that a regional manager may only view data that relates to their area. Because SEQUEL is built for IBM i, the controls leverage work with the i5/OS object authority that operators are already comfortable with, making it easier to restrict certain commands, access to libraries, and the ability to initiate certain processes.
To find out more about how SEQUEL can help find true data empowerment, download the Data Access Control Brief.