You've heard it before – that nagging phrase that makes you feel like you're underachieving or stretching yourself too thin: Jack of all trades, Master of none. Yet, in today's world of click-happy multi-tasking, that phrase is ringing less and less true. To be effective, the demand within organizations now seems to be for Jacks of all trades, people who can wear multiple hats in order to obtain a complete picture.

Perhaps nowhere is this more obvious than within the IT Governance space. While there are certainly distinctions among and separations between administrative teams within IT (and for good reason!), the team responsible for an organization's governance and security program needs to be able to access and leverage all of those individual teams and their technologies to truly determine security and compliance levels, and curb potential threats.

While it makes perfect sense to have, for instance, an Exchange team managing Mailboxes or a Collaboration team managing SharePoint from a functional and administrative perspective, security management often requires a "grey area" to ensure governance at the intersection of these teams' endeavors. For instance, if a company is undergoing a Public Folder retirement campaign in preparation for a migration to SharePoint, the Governance team plays a crucial role in answering questions like:

1. Are any of the PF's open to security threats (excessive permissions, sensitive data with improper access assignments, etc.)?

2. Are those threats the result of effective access?

3. Who owns the PF, and are they aware of the people it's available to?

4. Are the folders being migrated to SharePoint locked down as tight as possible, even when considering effective access?

And that's just one scenario. With IT departments often composed of dozens of teams – one or more for each critical area of the enterprise – it's no wonder that Data & Access Governance and Security folks have a tough time gaining the kind of cross-disciplinary insight needed to say with confidence: "Yes, my environment is compliant and secure."

The ability to have insight into security at all levels and across all resources – from Exchange to SharePoint, Active Directory, the file system, SQL, NetApp Storage Controllers, Windows Servers, and even into mobility applications like BES—is critical for anyone brave enough to wear the Security and Compliance Hat. The thing to remember, though, is that IT Governance Teams are still evolving and expanding to address security issues as folders move from Exchange to SharePoint (as above), and usually require the individual Exchange or SharePoint administrators to take on a governance role.

So, to all the Jacks of all Governance trades out there, remember the original (and long-forgotten) addendum to the "Jack of all Trades" phrase:

"Jack of all trades, master of none,
Though oftentimes better than master of one."

Glen Rock, NJ (Marketwire.com 6/8/2011) – STEALTHbits Technologies, a leading Data and Access Governance software vendor, today announced the release of a new SQL Server Management solution. As an extension to the award-winning StealthAUDIT Management Platform (SMP) for Data & Access Governance, the SQL Solution Set leverages the powerful core technologies available within SMP to provide holistic insight into Microsoft SQL databases – from effective access and permissions to resource allocation.

SMP for SQL boasts comprehensive reporting on SQL infrastructure, objects, operations, and permissions, and allows administrators to take full inventory of their SQL instances through discovery. The new solution's key features include the ability to detect and reduce permissions sprawl, discover rogue databases to curb security threats, uncover effective access and detect non-compliance, and retire stale and unnecessary databases. The SQL Solution Set can also secure custom applications leveraging SQL within organizations, as well as collect custom data based on queries written in SQL by leveraging SMP's core data collection capabilities.

"Data is an organization's biggest asset, and, in today's world, a tremendous amount of it lives in digital format in databases," said Chris Olsen, CISM, VP of Product Management at STEALTHbits. "It is vitally important to secure and safeguard that data across the entire environment, but SQL is an often overlooked repository. STEALTHbits' new solution not only addresses this governance hole, but does so by further extending a platform complete with ten years of customer requirements, feedback, and insight already built into it."

The StealthAUDIT Management Platform for Data & Access Governance spans the entire Microsoft computing environment – from Active Directory and the File System to Exchange, SharePoint, SQL and beyond. Detailed data collection combined with built-in business intelligence make SMP ideal for detecting and locking down data access vulnerabilities. STEALTHbits Technologies plans to expand the existing functionality across other common data repositories in future releases.

About STEALTHbits Technologies, Inc.

STEALTHbits Technologies, Inc. is an innovative technology leader in the Microsoft Infrastructure and Application Management space. STEALTHbits' StealthAUDIT Management Platform bridges the gap between IT Management and Compliance, providing a unified framework by which to measure, manage, and maintain. STEALTHbits Technologies can be found online at stealthbits.com.

Editorial Contact:

Adam Laub
VP Marketing & Technical Operations
STEALTHbits Technologies
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
201.447.9308

Every day Administrators are constantly asked to answer seemingly simple questions like Who? What? When? Where? and even How? users have access to systems and data within the infrastructure. STEALTHbits Technologies, Inc. takes a unified view on the IT world to bridge the gaps between Active Directory domains, systems, key applications, and shared data repositories to provide a single, comprehensive approach to assessing and securing the environment.

The StealthAUDIT Management Platform is designed to give the administrators who manage the environment a powerful toolset capable of providing the highly scalable, high-speed data collection, analysis, reporting, and remediation facilities needed to satisfy auditors and fulfill the continually evolving list of audit and compliance requirements. Embracing the undeniable fact that every organization has very different requirements, StealthAUDIT doesn't force administrators into adopting a generic or pre-defined process, but allows the flexibility to fulfill these objectives while catering to existing processes and procedures. Contrary to single-threaded point solutions or product suites of disengaged tools loosely banded together, the StealthAUDIT Management Platform rises above and extends beyond to serve as an integrated and fully functional infrastructure management and compliance solution set to help organizations in desperate need of tools to establish comprehensive systems and data governance programs that satisfy compliance requirements, reduce risk of data exposure, and can quickly be implemented without a long, costly, and complex roll out to the organization.

StealthAUDIT insight starts with Active Directory as the center of the Microsoft-based infrastructure. Simple transactions in AD, like adding a user to or removing a user from a Group, have far reaching implications of granting or revoking access to all of the IT assets within the infrastructure. Controlling which AD administrators have this power to grant or revoke privileges, monitoring who is responsible for the changes that are taking place, as well as cleaning up directory objects that have gone stale over time are critical pieces to maintaining a healthy environment.

Lying beneath the AD umbrella are the actual systems within the infrastructure. Systems Administrators ultimately have the authority over the applications and data residing on their systems and can even create Users and Groups outside the view of the Domain. StealthAUDIT provides the consistency to provide the same insight on permissions, activity, and configuration at the system level required to maintain the stability and security desired.

Finally, information is the ultimate asset; as well as being the largest and most challenging area of risk to organizations these days. The data housed within an organization's infrastructure ranges from proprietary to confidential, personal, healthcare, financial or otherwise government regulatory related. Data is constantly generated by internal users, partners, external customers, and even by automated systems. The volume of data is easily in the Terabytes at most organizations and spans many applications from Messaging (Exchange, Public Folder, and SharePoint) to the largest and most problematic area, the Distributed Shared File System. StealthAUDIT helps mitigate the risk of financial loss resulting from inappropriate access to (or storage of) privileged data spread across your Microsoft infrastructure with a proven workflow to effect change that ultimately reduces risk, reclaims storage capacity, and answers the age old questions around the Who? What? When? and Where? of your critical systems and data.

We all know that information is the ultimate asset, as well as being the largest and most challenging area of risk to organizations these days. The data ranges from being proprietary to confidential, encompassing everything from personal files to healthcare details to financial or even government regulatory related documents. Data is constantly generated by internal users, partners, external customers, and even by automated systems. The volume of data is easily in the Terabytes at most organizations, and spans many applications from Messaging and Collaboration (Exchange, Public Folder, and SharePoint) to the largest and most problematic area, the Distributed Shared File System. Organizations are in desperate need of tools that help establish a Data Governance program that satisfies compliance requirements, reduces risk of data exposure, and can quickly be implemented without a long, costly, and complex roll-out to the organization.

1. The first step in initiating a data governance program involves the creation of a governing body. The governing body usually consists of executive leadership, project management, line-of-business managers, and data stewards. The identification of a data steward is essential. He or she will have a large list of responsibilities including, but not limited to, improving data quality and security. The team usually employs some methodology for tracking and improving enterprise data, such as Six Sigma, and tools for data mapping, profiling, cleansing, and monitoring. Data Governance programs are largely dependent on lines of communication with these governing body members.

2. The next step is establishing the target repositories of data that are to be included in the data governance program. Initial implementations may vary in scope as well as origin. Sometimes, an executive mandate will arise to initiate an enterprise-wide effort, while at other times, the mandate will be to create a pilot project or projects, limited in scope and objectives. Usually, reduced scope or mandated programs aim to either resolve existing issues, or to demonstrate achievable results and value. Some examples of these targeted repositories may include Shared File Systems, Active Directory, Mailboxes, Public Folders, and collaborative environments like Share Point. There are many vendors with multiple tools and bundled products that can tap into these applications. For instance, the StealthAUDIT Management Platform (SMP) from STEALTHbits Technologies provides deep visibility into all of these application spaces.

In order to streamline ongoing data governance processes, as well as operational and capital expenditures, content should be assessed to determine what is out there and pruned wherever possible. On average, organizations incur a monthly cost of around $55 to maintain one Gigabyte of data storage. Gartner even estimates that 70% of unstructured data goes untouched as soon as 90 days after initial creation. That quickly translates into large sums of cost and wasted resources due to stale data. Archiving data to lower cost storage tiers can help or slow the capacity demands, but deleting the data will actually free up these valuable storage resources. Tools like SMP empower administrators to quickly find and assess stale and/or unauthorized data. SMP in particular allows you to correlate data to the most probable owners, programmatically interact with thousands of those data custodians with ease through in-product surveys, and ultimately reclaim storage capacity by cleaning up unnecessary content.

3. The next critical task is the proactive review of permissions in conjunction with ownership recertification and entitlement review processes. Basically, knowing who has what level of access to which resource is of the utmost importance. However, permissions are a complex web weaved through any organization. Starting at the domain level within Active Directory, Users and Groups form the foundation of control over what resources can be accessed throughout your infrastructure. Individual systems extend the boundary of where Users and Groups can be created. Local system administrators, ultimately, have access to the resources that reside on those systems. Digging even deeper, users and groups can be granted access directly or via policies to shares, folders, and even to individual files. In order to assess and/or secure your data, all of those points, policies, and inheritance spots must be evaluated and considered in the equation of determining a userÌs effective level of access rights to the data in the Domain. Care must be taken before removing users from any of those permission points, as the removal or deny action could break their access to other valid and business-critical resources across the domain. SMP empowers Domain and System administrators to audit, assess, truly understand, and control which users have access to what resources within their infrastructure, crossing traditional application boundaries with a single tool. Furthermore, SMP goes above and beyond to show all paths to how a user is inheriting access rights to resources. In addition, SMP also features built-in, proven business intelligence that identifies key owners of Shared Systems and Repositories based on multiple evaluation points such as who has access, claims ownership, or posted the most information, while easily filtering out administrative groups or even disabled users.

4. Finally, constant monitoring is required to provide a historical view into how your environment is changing. Knowing who gave out or delegated access, or who is using their rights to interact with resources, is critical, especially when something goes wrong. SMP provides insight into who is creating new users or groups at the domain and system levels, and allows you to see who is connecting to your systems and how, as well as who is interacting with and changing what data.

The StealthAUDIT Management Platform (SMP) is highly effective at mitigating the risk of financial loss resulting from inappropriate access to or storage of privileged data spread across your Microsoft infrastructure. The management platform is a simple, low-cost approach to knowing who mightÛor who didÛaccess what data. In addition, StealthAUDIT gives administrators complete visibility into the content from the Domain level to Distributed Systems, right down to the individual data itself. The management platform provides a proven workflow to effect change that ultimately reduces risk and reclaims storage capacity.