Organizations have reported that data has been vital in their operations since most decisions depend on core data that is credible and reliably stored in the enterprise (Nemati, 2011). In this regard, organizations have developed initiatives aimed at protecting data from both external and internal users since breach of data security can be detrimental to an organization. Organizations through their IT department have determined location, status and value of core data through building interfaces with application that standardizes data into various formats (Nemati, 2011). This has resulted into data being kept into special containers called databases of which only authorized individuals can access, crucial data has also been encrypted and different users given different rights and privileges on core data access.
Core data in organization are subjected to risks that can jeopardize their credibility and reliability and so risk analysis need to be conducted to highlight on threats and attacks that may lead to loss of data. Data specialists have outlined several factors that need to be addressed during risk analysis and include examining individuals responsible for core data quality, data distribution control, user levels and privileges and vulnerability of data and computer systems (Calder and Watkins, 2006). Notably, it has been established that organizations and enterprises experience huge challenges on addressing threats arising from internal and external use of data systems. Most of the challenges arise from privileged users and organizations can mitigate such risks through developing comprehensive and layered strategy since auditing privileged users has been too difficult and complicated. Moreover, enterprises can mitigate threats from privileged user by developing system accountability and responsibility policies where individual users will be accountable for their actions should risk and threats arise (Calder and Watkins, 2006).
Calder, A., & Watkins, S. (2006). International IT governance: An executive guide to ISO
17799/ISO 27001. London: Kogan Page Ltd.
Nemati, H. R. (2011). Pervasive information security and privacy developments: Trends and
advancements. Hershey, PA: Information Science Reference.