-
Title
Main Use Cases Part 2 -
Description
What is Data Governance?
- One Data Governance Edition is a stand alone installation that provides agent server based architecture allowing IT administrators to scan resources on various servers (NAS devices, SharePoint, file servers).
Why is this useful?
- From an IT perspective this is an invaluable tool providing administrators the ability to create a variety of reports that provide up-to-date metrics on what resources employees within an organization are able to access.
-
Resolution
What are the various types of account based reports?
- Account Access Report: Display’s the user’s access to resources tied to Identity Manager and Active Directory group memberships.
- Account Activity Report: DGE not only scans for security, but also collects security. The Data Governance agents monitor file systems for security changes, file reads and file writes, all stored in a separate database called the DGE Activity Database. This report allows you to actually see this data, providing a summary in aggregated format where the user has been accessing resources (storing the data in customizable timespans).
- Account Comparison: This option provides you the ability to identify where two accounts have similar or different access by selecting two users and comparing access either explicitly or indirectly.
- Account Simulation: This feature enables you to determine the repercussions for adding or removing a user from a group prior to actually making the changes in a production environment, making administrators aware that an employee may gain access to any potentially sensitive shares.
What are the various types of resource based reports?
- Resource Access Report: This report not only shows you the security of the target, but also identifies the sub folder that may have deviated security from your policy. Selecting this report, you will not only see security access entries, but will be able to expand the group and view the users within that group that have access via their group memberships.
- Resource Activity Report: – This report focuses on a resource itself by generating an aggregate view on the users who have accessed this resource. Furthermore there are options to configure, on a per host basis, specific actions such as read, write, create, etc., to provide the most useful and comprehensive data on what is being done with your resource.
- Perceived Ownership Calculation: Another useful feature is that Data Governance allows you to calculate perceived owners using the data collected within the DGE database. This can be accomplished by selecting the resource and under tasks, enabling ‘Calculate Perceived Owners’.
- Perceived ownership provides additional functionality by allowing you to limit who can request this data by assigning business roles and or organizations, useful for restricting the visibility of those resources in the IT Shop down to specific departments or cost centers: