In Discovery: DAS- Activity Monitoring of Access to Critical Data by Identities and External Users

Business Problem

Governance Directors and Security Admins lack visibility on access to critical data. They need this visibility to perform incident investigations, provide threat detection, or imply required policy changes for access policies to critical data. Customers need to know who is accessing data and how to detect inappropriate access. Activity monitoring of data access is an integral part of controlling this access and one of the tools used to detect inappropriate (malicious, or non-policy) access to the data. There is a vast amount of events related to access to critical data, coming from external and internal accounts in the cloud and on-prem applications. Those should be monitored and alerted by the Security and Governance Admins. Given the vast amount of events over time, this is almost impossible to perform manually. Sometimes, Security Admins find themselves juggling multiple tools and struggle to elaborate on all the information about access they receive from different organizational locations.

By addressing these key challenges, we can start to overcome these problems:

  1. Access Control and Monitoring in Data Access Security: Provides granular access controls by inventory and search of events about access to unstructured critical data. Simultaneously, incorporate robust monitoring capabilities to track access, modifications, and usage patterns for comprehensive auditing.
  2. Real-time Visibility and Reporting: Provide real-time visibility into actual access of unstructured critical data to OneDrive and SharePoint Online and generate comprehensive reports for compliance audits, enabling future phases’ quick identification of unauthorized access attempts or suspicious behavior.
  3. Detect external accounts accessing critical data. Monitor identity behavior in accessing critical data over time.

Sound Familiar?

If this is a problem that impacts your organization, use our Ideas Portal to cast your vote for this Idea. Here you can view currently submitted ideas, add comments for your specific use cases around this problem, and vote!.
Idea: Activity Monitoring of Access to Critical Data by Identities and External Users

How You Can Help

We are continuing to validate our understanding of the problem space and solution. In addition, we are conducting research calls focused on validating our designed solution, better understanding the desired user experience, and ensuring we hit the most common customer use cases.

Our Product Management team would love to hear from you! Here’s how:

  • Voice your thoughts, questions, comments, and concerns right here in this topic.
  • Vote on the idea linked above.
  • or schedule a call if you feel the need to discuss this topic in private, and provide insights specific to your business problem and use cases. If you don’t see a calendar opening that aligns with your availability, feel free to send me a direct email.