Manage

How would you define the responsibilities of a data custodian in a bank?

Data security is incredibly important for financial institutions, and it's the data custodian's job to make sure that data is safe. Security management expert Mike Rothman explains more.

Mike Rothman, Securosis

How would you define the roles and responsibilities of a data custodian in a bank? We are trying to form such a group, and we have a single person from each department taking on the responsibilities of data classification.

Data is the lifeblood of any financial institution. Not only is customer data heavily regulated, but analyzing the data and figuring out how to monetize it is one of the critical success factors for banks as the business continues to get more and more competitive.

The data custodian function assumes responsibility to build a policy to govern access to the data of the organization....

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

This person or group takes a focused "inside-out" view of data access. In other words, they should start with the data and then determine who should be allowed to access it. And "who" is kind of a misnomer. We are not only dealing with people, but also applications and business processes. Firm access rules must be established and kept current as new types of data are gathered.

In ideal circumstances, the data custodian function needs to be managed by a cross-functional team because resources from all business units need access to the organization's data, and it's almost impossible to accurately reflect that access without having someone on the "inside" of those functions on the team to ensure their requirements are met.

Thus, someone within the security or risk team tends to chair the group, but representatives from all across the organization contribute to ensuring the rules reflect how they need to access and consume the data.

More information:

Read about the security of online banking.
How secure is the information submitted to a website? Learn how to test.

This was last published in February 2008

How can SAP Data Custodian boost public cloud data control?

data dictionary

Identity custodians needed in digital era

What is the best structure for data governance programs?

Please create a username to comment.

Prevent cloud account hijacking with 3 key strategies

Security for SaaS applications starts with collaboration

An inside look at the CCSP cloud security cert

How to secure remote access for WFH employees

What's involved in VPN maintenance and management?

The pros and cons of 5G networks

Enterprise architect job still requires IT in critical role

Holy Grail still elusive in enterprise architecture strategy

Ensuring your cybersecurity teams are helping the business

Evaluate if Chromebooks are secure enough for business use

Set up Windows Remote Desktop on a Mac device

Microsoft Endpoint Manager gets better Mac, iPad management

The cloud shared responsibility model for IaaS, PaaS and SaaS

Microsoft's Azure Arc reaches GA milestone

Top 6 complexity challenges of operating a cloud at scale

SSE Enterprise Telecoms makes further investment in UK business connectivity, 5G

Forensic expert questions US claims that Julian Assange conspired to crack military password

Government remains in orbit to develop UK sat nav

Dig Deeper on Information security certifications, training and jobs

How can SAP Data Custodian boost public cloud data control?

data dictionary

Identity custodians needed in digital era

What is the best structure for data governance programs?

Related Q&A from Mike Rothman

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.