Recently I have spoken to customers about the need to protect data from the inside--- out. As a result the ability to manage data security through a governance lens has become more important.
This lens means looking at data security throughout the same data governance phases. For example:
Define - Define the data security policies and metadata and data metadata patterns of sensitive data.
Discover - Based on those definitions, discover where that sensitive data across databases and applications
Apply - Apply the appropriate masking-- whether in production or for test and development -- to prevent data breaches from occurring.
Manage and Monitor - Prove that your data has been protected-- on a continuous basis as data changes frequently.
Have your organizations developed governance guidelines for data security? How have they enforced?