Control over your organization’s data is vital to eliminating issues such as security breaches, loss of sensitive information, or non-compliance with external and internal guidelines. Data Governance Edition provides a systematic approach to managing data access, preserving data integrity, and providing content owners with the tools and workflows to manage their own data resources, removing reliance on IT administrators.
Ultimately, you need a process in place that allows you to:
The governance of unstructured data is accomplished through workflows that cross both the Manager and the web portal. The following diagram identifies the key processes in securing and controlling access to your organization’s data.
Figure 1: Data Governance Edition key processes
Data Governance Edition is designed to serve the needs of different users.
Business owners are automatically assigned to the Data Governance | Direct Owners application role when they are assigned as the business owner of a resource. They must also be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests.
For more information on how to perform the business owner tasks, see Managing governed resources using the web portal
Compliance Officer\Security Officer
This user must be assigned the Identity & Access Governance | Compliance & Security Officer application role.
Data Governance Administrator
This user must be assigned the Data Governance | Administrators application role. They must also be assigned to the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests.
Employee\End-User\Resource Consumer\Knowledge Worker
All active employees are automatically members of the Identity & Access Lifestyle shop and can therefore make self-service requests.
Employee managers must be assigned the Request & Fulfillment | IT Shop | Product Owners application role or an application role under the Product Owners role to approve IT Shop requests.
Data Governance Edition consists of the following components:
Data Governance server: The server acts as an intermediary between the agents and the databases where information is stored. It coordinates all agent deployments and communication, and manages the security index for each managed host.
The server is the central authority that receives and indexes information from agents deployed on target computers. It only maintains a subset of information for the computers that are being indexed (essentially access to specific resource types on managed computers). When you request detailed access information, the server attempts to contact the local agent and provide information stored in the local agent index.
For more information about component communications and how communication is encrypted, see the One Identity Manager Data Governance Edition Technical Insight Guide.
Figure 2: Data Governance Edition architecture