惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
Security Archives - TechRepublic
Security Archives - TechRepublic
Application and Cybersecurity Blog
Application and Cybersecurity Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
CERT Recently Published Vulnerability Notes
S
Security @ Cisco Blogs
S
Security Affairs
D
Darknet – Hacking Tools, Hacker News & Cyber Security
L
Lohrmann on Cybersecurity
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Hacker News: Ask HN
Hacker News: Ask HN
Forbes - Security
Forbes - Security
H
Heimdal Security Blog
A
Arctic Wolf
NISL@THU
NISL@THU
P
Proofpoint News Feed
W
WeLiveSecurity
S
Schneier on Security
AI
AI
Schneier on Security
Schneier on Security
N
News and Events Feed by Topic
L
LINUX DO - 最新话题
Cisco Talos Blog
Cisco Talos Blog
AWS News Blog
AWS News Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
Know Your Adversary
Know Your Adversary
Scott Helme
Scott Helme
V
Vulnerabilities – Threatpost
Cyberwarzone
Cyberwarzone
I
Intezer
S
Securelist
Help Net Security
Help Net Security
Microsoft Security Blog
Microsoft Security Blog
量子位
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
小众软件
小众软件
Last Week in AI
Last Week in AI
Jina AI
Jina AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
WordPress大学
WordPress大学
罗磊的独立博客
月光博客
月光博客
雷峰网
雷峰网
A
About on SuperTechFans
The GitHub Blog
The GitHub Blog
T
The Blog of Author Tim Ferriss
MongoDB | Blog
MongoDB | Blog
大猫的无限游戏
大猫的无限游戏
博客园 - 司徒正美
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
Why Has Data Access Become A Serious Governance Blind Spot?
Carl D'Halluin · 2026-06-23 · via Forbes - Innovation

Carl D'Halluin, Chief Technology Officer at Datadobi.

getty

​There can be little doubt that many contemporary organizations have morphed from data-centric and data-driven to, inevitably, completely data-dependent. It’s an important distinction because, collectively, we’ve reached a point where data is no longer just an enabler of activity but the de facto standard for how businesses operate. ​

The more information we all collect and retain, the bigger the challenges get, particularly when so much business data is unstructured. In these enormous datasets is everything from benign information of little interest to anyone but its owner to the most sensitive and private details that should never be exposed to third parties. ​

Identifying where sensitive data resides across large, distributed file estates is, to put it mildly, a massive headache. In my last Tech Council article, I explored these issues and the role of data security posture management (DSPM) in helping organizations identify where sensitive data resides and understand their overall data security posture. The idea, of course, is that private information remains private, even when its use is permitted for specific business purposes.

An Incomplete Picture

To briefly recap, DSPM is a category of tools that help organizations understand where their sensitive data resides and who can access it. These technologies are designed to provide structured visibility into data exposure, enabling security and governance teams to assess risk and identify gaps in access control.

The challenge is that while DSPM improves understanding of data exposure, it does not inherently provide a means to reduce it. This is particularly true in large-scale environments where remediation must be carried out across complex and deeply embedded permission structures.

It’s at this point that many organizations encounter some serious problems. Over time, access permissions can become extremely nuanced and messy. In almost every organization, there will be elements of excessive rights, abandoned shares or stale data that remains widely accessible and permissions that no longer align with roles or business requirements, all of which create lingering risk.

As a result, organizations are often left with an incomplete picture of reality. On the one hand, they understand what data they have, but on the other, they cannot confidently determine whether access to it is justified.

The Role Of Data Access Governance

From a security and governance perspective, the risks this creates are potentially right up there with unpatched software vulnerabilities, exposed credentials and other common issues that leave systems open to compromise.

Closing this blind spot is crucial. Enter data access governance (DAG), a capability that actively manages and corrects access permissions. Rather than treating access as a static configuration or something that becomes increasingly opaque over time, this approach shifts the governance emphasis toward permissions being reviewed and updated on an ongoing basis.

Consider this scenario: Almost all of us use shared directories, and we’ve all seen how access can broaden over time. In many cases, permissions are rarely revisited, meaning users can retain access long after they have changed roles or even left the organization. Many of us will have wondered why certain individuals remain, in theory, able to access shared files and data even when it’s obvious they shouldn't. ​

DSPM can identify sensitive data in these environments, but without ongoing access reviews, organizations cannot be confident that permissions are appropriate. Clearly, that’s not good enough, and access must always be granted and removed in line with fully up-to-date roles and policies. Anything else is a governance and security risk.

The underlying point is that data and the access rights businesses provide have a life cycle. Without insight into who can access what and, equally important, when that access should end, there is inherent vulnerability. Data dependency is here to stay, but the permissions that surround it should be temporary and role-based.

The problem is that for most organizations today, managing this life cycle is an almost entirely manual process. Permissions reviews are conducted infrequently, sometimes not at all, often by IT or security teams, who work through lists of users and shared folders with limited context. It's time-consuming, error-prone and inevitably incomplete at scale. When a review cycle happens once a quarter or less or sometimes not at all, the gap between what access people should have and what they actually do have continues to widen silently.

Consider a large financial services firm with tens of thousands of employees and hundreds of terabytes of unstructured data spread across file servers and cloud storage. After a round of departmental restructuring, hundreds of employees shift roles. Without an automated DAG in place, their legacy access permissions linger. Not out of negligence, but because there is simply no scalable mechanism to track and remediate them in real time. DSPM tools may flag that sensitive data is broadly accessible, but without DAG, acting on that insight requires enormous manual effort. The result is a governance gap that sits open, often undetected, for months.

With DAG in place, that same scenario plays out very differently. Access permissions are reviewed continuously and reconciled against current roles and policies. When employees change roles or leave, access is revoked promptly and consistently. The security team spends less time on reactive cleanup and more time on proactive governance. The organization can demonstrate, to auditors and regulators alike, that access to sensitive data is controlled, reviewed and justified—not as a one-time exercise, but as an ongoing operational standard.

Data dependency is not going away. The question is whether the governance frameworks organizations rely on can keep pace with the complexity they entail. DAG is a critical piece of that puzzle.


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?