Data is essentially inert and passive, lacking an inherent ability to either control its own fate or mitigate risks while under process. Data loss and theft is a result of the problem.
We do not control or govern data. In reality, only users, applications and machines are “controlled.” We attempt to control the creators/senders and users/receivers of information. Ultimately, the safety and integrity of valuable information is wholly dependent on trusting the insider coupled with the IT organization’s ability to “control” users an infrastructure. This approach has reached maturity and is not data-centric.
What if data could become an active participant in the solution?