How to Securely Modernize Employee Access Management with Graph Databases
Even though 2013 was a distinguishing year for data breaches (think Target, the IRS and tens of millions of records stolen), according to a recent report by the Identity Theft Resource Center (ITRC), 2015 represented the second highest year in number of data breaches on record (count: 781) since the ITRC began tracking breaches in 2005. In addition, these data breaches spanned healthcare, financial services, education, government and more – no industry was (or, rather, is) safe.
Additionally, as we continue to modernize our workplaces with remote offices, teams or team members, as well as our workspaces with multiple devices (laptop, desktop, smartphone, tablet, etc.), it is imperative that organizations ensure that their data is kept safe – even from their own employees. Certain data should only be accessed by certain members of the business, which can cause a huge headache for management in terms of allowing access to the right people. However, this is where graph databases can provide some pain relief.
The Threat of Unsecure Data
Every two days we create more data than we did from the dawn of civilization until 2003. Some of this data can be extremely sensitive, such as hospital records or bank details, carrying serious ramifications should it end up in the wrong hands. New laws are constantly coming into play, placing more responsibility on businesses for the safety of the data they look after.
And there are serious consequences should a company be found to breach these rules – not only could it tarnish an organization’s image, but they’ll also likely face hefty fines from the Information Commissioner’s Office (ICO). With this in mind, businesses must have an evolving strategy in place to keep data safe.
Giving the Key to the Right People
Organizations need to make sure that they have a plan in place to prevent these incidents following the wrong employee viewing or handling data they should not have had access to in the first place.
It is unthinkable to imagine that everyone within an organization has access to the same information, files and servers. For example, you would not expect a bank branch assistant to be able to access the account information for top business clients, or a civil servant to be able to view critical files regarding international relations privy only to the President. Equally, organizations need to ensure that the door is firmly closed to external threats, including data hacking and malicious acts of fraud.
Although the issues might seem obvious, the problem is vastly complex. As organizations grow, expand overseas and increase mobile and remote working practices, this problem around access management begins to intensify. While most companies have an existing access management system in place, some simply aren’t designed for the needs of new working practices and, in many cases, the authentication process can be a slow and painful one.
Guarding the Door
Good access management requires a comprehensive and intelligent system in place for quick and accurate identification of an individual’s right to view certain information. As workplaces become less driven by hierarchy, access to important information is no longer determined by an employee’s rank, it depends on other factors such as their specific role within the company and certain projects they might be working on.
This means a more granular and flexible approach to control is needed – and where graph databases can help.
By their nature, graph databases are designed to query intricate connected data and can be used to identify problems and patterns in a quick and easy way. For example, when it comes to data access there are many questions that need to be asked, such as:
- Who wants access?
- How are they connected to the company and what is their role?
- From where are they trying to access the data?
- Have they tried to access this file before?
- Do they work at the company?
- If so, how long for and at what level?
- And why do they need this data?
This is a lot of information that must be gleaned at once. Taking all of these factors into consideration is complex enough for just one individual, let alone if this needs to be done throughout an organization, on a daily basis – especially in an age where people expect immediate access to data that is usually requested online. Graphs can answer these queries in real time, so businesses don’t need to rely on traditional methods such as cache permissions, which take longer to process.
By storing all of this information and looking at an “individual” connection to other criteria (such as length of time worked at the company and their role), businesses can determine if that person should be granted access instantly. This identification process is vital in today’s environment where a data leakage of any kind can have disastrous consequences. Such activity is usually traced back to the wrong people, be it internally or externally, with access to sensitive data.
Modern working has arrived – people now expect data access at the drop of a hat from all over the globe. Coinciding with this is constantly changing data regulation, making access management an increasingly complex (but vital) task.
As previously demonstrated, traditional methods are simply unable to keep up with the rapid change of technology and, when business are working with the possibility of lost or stolen sensitive data, it’s essential to not only keep up with the times, but make sure they are ahead of them. With graphs, businesses have essential information at their fingertips to identify the right people in real-time and give them the secure access they are entitled to.
Data breach numbers are on the rise – make sure your organization isn’t contributing.
About the author: Emil Eifrem is CEO of Neo Technology and co-founder of l
the Neo4j project. Before founding Neo, he was the CTO of Windh AB, where he headed the development of highly complex information architecture for enterprise content management systems. Committed to sustainable open source, he guides Neo along a balanced path between free availability and commercial reliability. Emil is a frequent conference speaker and author on NoSQL databases. His twitter handle is @emileifrem.