Data is likely to be your organization’s most valuable asset in a fast-growing digitalized economy. With potentially millions of data changes made in your database daily, the residual impact of high-risk changes can be critical, either in terms of optimizing business operations or disrupting them. The key lies in a three-fold process that involves defining atypical high-risk changes, aligning insider risk with accountability, and facilitating consistent automated reporting.  

Step 1: Defining Risk

What does ‘risk’ mean to your organization? ‘Risky’ data changes are anomalous, unusual, unauthorized, or unexpected modifications that could negatively impact the company financially or legally. Although each organization will have bespoke requirements when establishing the parameters of risk associated with their specific organization, typical considerations should include:

• Have employees used what you might consider non-standard programs to update data?
• Have changes been made to critical files?
• Have users unconsciously made mistakes due to human error?

Step 2: Aligning insider risk with employee accountability

Once the foundations of what constitutes risk are defined, you need to establish who is allowed to do what. For example, an employee in the accounts department should not be able to change a client’s account number without following the correct procedure. However, if this does occur, it is vital to have automated monitoring tools in place that can:

• Provide instant notifications about high-risk user breaches.
• Act as mitigation controls that focalize access approvals and restrictions regarding role-based processes.
• Detect and monitor questionable user activity on a database level.
• Track unexpected changes to critical data made by high-risk users.

 Step 3: Consistent report and review

Implementing monitoring and detection tools takes you one step closer to fulfilling audit and compliance initiatives. It is essential, however, to retain, store and review essential data concerning critical business processes as it can facilitate the following:

• Monitoring database logs to track unexpected changes.
• Extracting and storing data for improved audit control functionality.
• Producing automated or scheduled reports for internal stakeholder and audit reviews.

 If you have questions about mitigating data risk effectively, take a look at our TRACE - 360° data monitoring solution for IBM i and Oracle DB: https://alloutsecurity.com/products/audit-monitoring/trace-data-monitoring/