Establish a Framework for Assessing Risk and Compliance

Between the ways that employees share your company's data to the quantity of customers connecting to your network, it's becoming more complicated than ever to track and trace interactions with your systems. And that's not even accounting for the external regulations and internal service agreements governing data that your organization must comply with.

Pam Taylor, senior product manager at IBM, shared her thoughts about the importance of establishing a framework for addressing governance, risk and compliance during the SHARE in Pittsburgh event last August.

"It’s important that you know what the health and heartbeat of your various systems are," Taylor said. "If you can configure all that information in a governance system, and have that system identify whenever there’s a problem and track trends and overtime that helps you in keeping the infrastructure up and running."

Governance and compliance, Taylor said, tend to be afterthoughts, but they shouldn't be.

International Data Corporation estimates organizations deal with 75 times the number of files that they used to, which translates to an exponentially larger amount of data. What's more, it's easier than ever for employees to take data sharing into their own hands with services like Dropbox. File sharing using a public entity like that might solve a temporary problem -- getting files to someone outside the company -- but create a whole host of new ones because it allows employees to bypass security protocol.

Therefore, companies must establish a continuous process for risk assessment, mitigation, monitoring and response. Controls, for example, will let you know who tries to access data and when -- and will also bar people who don’t have permission from peeking into digital files that they shouldn't.

"Where we need to move is to real governance," she said. "We need to really identify risks and patterns and transactions in near real time and take steps to intervene. We need to automate the process of enforcing policy and take steps to intervene before a problem occurs."

This is just a taste of the type of content that will be available during SHARE in Seattle, taking place March 1-6 at Sheraton Seattle Hotel. There are more than 500 sessions that will address everything from big data analytics to the dark side of virtualization, with an emphasis on the theme of enterprise security.  There will also be numerous vendors exhibiting in the SHARE Technology Exchange that can help with security solutions.

For more information or to register, visit

1 Comment
1 Like


March 20, 2015 03:53 PM by Jim Kovic
Recent Stories
VIDEO: Meet Justin Bastin, SHARE President

The Impact of PDSE on Mainframe Performance

More to Know About Zowe: Your Questions Answered