Data Access Control for Delegated IT Governance Models

IT teams are more frequently getting caught between different approaches to data access governance, especially when working within the cloud. Two common IT strategies are a mandated/dictated approach and decentralized approach.

The first is a top-down approach where IT controls data access control directly. However, because IT lacks first-hand knowledge of who should have access to what, they are not best placed, nor do they have enough resources, to make data access decisions on an individual basis.

The second decentralised approach involves IT implementing high-level protocols but leaving decisions on which data governance tools and processes to implement down to individual teams. This creates inconsistencies however, particularly as teams collaborate and people change job roles etc.

To resolve these issues, more organisations are moving to a delegated governance model – effectively a combination of the above. Within this model IT provides the data governance platform but day to day control is down to individual business users. It ensures that everybody is working in an area that they are an expert in.

More specifically, industry experts have widely recommended this approach for self-service data access (something that we looked at in our last blog) because it fully utilises the level of automation available and therefore allows organisations to make faster and smarter data access decisions.

This article in Enterprise Talk looks much deeper at why a delegated IT strategy can enable organisations to ensure data access control and visibility across clouds.

So where does Torsion fit within a delegated IT model? Well, Torsion is an automated data access control platform that provides a framework for business users to control their data access directly. It works on the assumption that only a business user really knows who should have access to the data they created and why.

IT cannot be expected to understand the relevance or business case of each piece of information. By retaining IT as the gatekeeper of data access, demands and ticket requests placed upon the IT team are not sustainable.

So if you want to match everybody’s responsibilities to their expertise when it comes to data access control, operating an automated data access platform such as Torsion within a delegated IT framework could be the most effective option out there.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.