What is Data Access Governance?

Data Access Governance (DAG) creates visibility and control of ‘who has access to what’ files and information.

It is a best practice system which runs throughout the organisation, spanning both business users and IT. It encompasses the people, processes, and systems required to manage and protect data access.

When staff, interns, contractors, suppliers, customers and partners have access to business information, it is critical that their access is correct and appropriate.

Catastrophic security problems can happen when people have access to sensitive data that they’re not supposed to have. And compliance with InfoSec regulations involves proving to an auditor that the business has control of data access.

DAG in Collaboration Systems

Microsoft 365 tools like Teams, SharePoint and OneDrive are designed to encourage collaboration. For people to collaborate on something, they all need access to it, which is why there are so many ‘share’ buttons everywhere.

But the more people with access to information, the less secure it is.

So, collaboration and security are in tension: they pull in different directions. The ideal balance is when everyone has access to everything they need, and nothing they don’t need, even as things change over time.

In Collaboration Systems, Data Access Governance needs to handle data sharing that sprawls rapidly, driven by changing business users and circumstances. It needs to focus on the data owners in the business, because only they have the necessary understanding of the information itself.