How to use graph technology to securely grant employee access

Cybercrime is on the rise. Recent research found that in 2014 data breaches increased by 49% with more than a billion data records stolen or compromised (that’s 32 records lost or stolen every second). Recent incidents involving large financial institutions such as JP Morgan Chase have brought this to the forefront of media attention, and ensured that it is high up on the CIO’s agenda.

With increased scrutiny on data regulation from security bodies and the rise of modern working practices, where more and more employees are working remotely, organisations must ensure that the right data is only accessed by the right people. This can be a nightmare for all types of businesses to manage, but using graph databases could make this a thing of the past.

The threat of unsecure data

Every two days we create more data than we did from the dawn of civilisation until 2003. Some of this data can be extremely sensitive, such as hospital records or bank details, carrying serious ramifications should it end up in the wrong hands. New laws are constantly coming into play, placing more responsibility on businesses for the safety of the data they look after.

> See also: The future of making things with big data

And there are serious consequences should a company be found to breach these rules – not only could it tarnish an organisation’s image, but they’ll also likely face hefty fines from the Information Commissioner’s Office (ICO). With this in mind, businesses must have an evolving strategy in place to keep data safe.

Giving the key to the right people

Recent research from Kaspersky Lab highlighted that for the first time accidental leaks by an employee overtook software vulnerabilities as the leading cause of data breaches. Organisations need to make sure that they have a plan in place to prevent these incidents following the wrong employee viewing or handling data they should not have had access to in the first place.

It is unthinkable to imagine that everyone within an organisation has access to the same information, files and servers. For example you would not expect a bank branch assistant to be able to access the account information for top business clients, or a civil servant to be able to view critical files regarding international relations privy only to the Prime Minister. Equally, organisations need to ensure that the door is firmly closed to external threats, including data hacking and malicious acts of fraud.

Although the issues might seem obvious, the problem is vastly complex. Particularly as organisations grow, expand overseas and increase mobile and remote working practices this problem around access management begins to intensify. While most companies have an existing access management system in place some simply aren’t designed for the needs of new working practices and in many cases the authentication process can be a slow and painful one.

Guarding the door

Good access management requires a comprehensive and intelligent system in place that can quickly and accurately identify an individual’s right to view certain information. As workplaces become less driven by hierarchy, access to important information is no longer determined by an employee’s rank, it depends on other factors such as their specific role within the company and certain projects they might be working on.

This means a more granular and flexible approach to control is needed. This is where graph databases can help.

By their nature, graph databases are designed to query intricate connected data and can be used to identify problems and patterns in a quick and easy way. For example, when it comes to data access there are many questions that need to be asked, such as: Who wants access? How are they connected to the company and what is their role? Where are they trying to access the data from? Have they tried to access this file before? Do they work at the company? If so, how long for and at what level? And why do they need this data?

> See also: Living the graph: how graph databases fit into everyday life

This is a lot of information that must be gleaned at once. Taking all of these factors into consideration is complex enough for just one individual, let alone if this needs to be done throughout an organisation, on a daily basis – especially in an age where people expect immediate access to data that is usually requested online. Graphs can answer these queries in real-time, so businesses don’t need to rely on traditional methods such as cache permissions which take longer to process. 

By storing all of this information and looking at an ‘individual’ connection to other criteria (such as length of time worked at the company and their role), you can determine if that person should be granted access instantly. This identification process is vital in today’s environment where a data leakage of any kind can have disastrous consequences. Such activity is usually traced back to the wrong people, be it internally or externally, having access to sensitive data.

Modern working has arrived, with people expecting data access at the drop of a hat from all over the globe. Coinciding with this is constantly changing data regulation, making access management an increasingly complex (but vital) task.

One thing is for certain, traditional methods of access management can no longer provide a robust system that can adapt to the rapid pace of technological change. With graph technology, businesses have essential information at their fingertips to identify the right people in real-time and give them the secure access they are entitled to.

Sourced from Emil Eifrem, CEO, Neo Technology

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...