Blog: William McKnight: Data Warehouse Manager pleads guilty

« Why have a centralized MDM strategy? | Main | Avoiding wishisms in consulting relationships »

Data Warehouse Manager pleads guilty

Access has its privileges … and responsibilities

Remember that fellow college student who ran the college computer system? He could see everyone's class schedules, grades, ratings, etc. if he wanted to. (I was that guy, by the way.) Everyone else with that access had titles like Dean, Professor or President. IT staff always had — and still has — special privileges and access.

With privileged access comes responsibility, and sometimes that privilege is abused. Who has the highest privileged access to data for non-business meetings other than the data warehouse team?

Consider the following: A group inside ERCOT, the Electric Reliability Council here in Texas, allegedly created bogus companies that charged more than $2 million for completing fake work. A guilty plea deal was arranged last week with a person in the scheme. His title was – you guessed it – data warehouse manager.

The Sarbanes-Oxley Act requires CFO to sign off on company numbers or face severe consequences. Is it a stretch to think that responsibility would be shifted intra-company — or even at the legal level — to whomever manages the data, the CIO? And then, perhaps, on to those individuals with privileged access to a wide range of data before anybody else sees it, such as the data warehouse team?

Privileged access requires responsibility and accountability. CIOs need education on laws affecting corporate information and need to stay alert to regulations about historical data, vendor data and all company data. The data warehouse manager is in position to help, but clearly he or she, too, needs to be controlled as well.

Share: