August 20, 2012, 5:27 PM — Extending its line of identity management software, Quest Software has released an application to help administrators more easily control who accesses documents on the corporate network.
While enterprise applications such as Oracle's PeopleSoft are pretty well-locked-down when it comes to user access, organizational networks are often populated with many files that are more widely accessible, such as spreadsheets or source code files, noted Jonathan Sander, an identity management analyst for Quest.
The Quest One Identity Manager Data Governance Edition extends the company's Quest One Identity Manager line of software to unstructured data. The software helps administrators "make sure when a breach takes place [they] are in the best position possible to ensure people are not walking off with data," Sander said.
Data is called unstructured when it does not reside in a database, but rather in a document that resides directly on the file system. Spreadsheets, word processing documents, PDFs, presentations, images, and audio and video recordings are all forms of unstructured data.
Administrators can't keep control of who accesses unstructured data as closely as they can for data in databases, Sander said. File systems provide access control but they require considerable work in establishing user permissions and extracting usage data from system logs. An administrator can "find all the file shares and SharePoint sites, but wouldn't haven't a clue about who owns these things," Sander said.
According to Quest's understanding, organizations want to have greater accountability and control over who can access unstructured documents on their networks. The software would be most beneficial for establishing access for users who may be requesting material they don't normally require, rather than for the users accessing the same set of material on a daily basis, Sander said.
In a survey, Quest found that 50 percent to 100 percent of enterprise data is unstructured, yet only 15 percent of organizations can determine the proper owners of all their unstructured data. About 68 percent of these respondents have set up processes to give their employees permission to access data, though these processes tend to be manual and take up the time of the system administrators.
Establishing proper access control appears to be an ongoing challenge for many organizations. This week, the U.S. Environmental Protection Agency was criticized by the Government Accountability Office for not having sufficient controls in its IT systems to identify and authenticate users.