RBAC or role-based security is a mechanism to restrict system access Access control systems can be: Physical: access is limited to buildings, rooms or servers Logical: Digital access to data, files or networks is controlled In Discretionary Access Control (DAC), the owner of a protected system or resource sets policies to define who can access it Mandatory Access Control (MAC) involves assigning classifications to system resources and the security kernel or operating system Access Control List ( ACL) is an alternative to RBAC. ACL is a table listing the permissions attached to computing resources Attribute-Based Access Control ( ABAC) evaluates a set of rules and policies to manage access rights according to specific attributes

— Data masking logic to be applied with business and user confirmation like Random Shuffle, Redaction, Tokenization etc — Masked data should be used in all non production environements for build, testing etc. — Fine grained permissions (Review after every specific period) — All Api accessing data warehouse should be secure — Regular auditing and access monitoring — Use apache ranger like tool for easy access management, monitor and comprehensive data security

- Use encryption at multiple levels - Use fine grained-permissions (RBAC) - Network security and segmentations - Data classification, labeling, and data masking (role based, dynamic, documents, etc.) - Implement auditing and access monitoring - Threat detection - Leverage AI where possible: anomaly detection, threat detection, risk assessments, data classification and masking, automated compliance, etc. - Implement governance and compliance frameworks - Secure APIs that interact with the DW - DRPs in place and test them regularly - Performance governance and DW health monitoring - Use different storage strategies for improved performance

All businees data should be segmented, classified and managed as key intellectual property. This becomes part of the overall data management strategy to ensure quick recovery in case if any data violation. Few organisations treat business and master data with the care it deserves until it is too late. In terms of how, there is a range of tactical and operational solutions, but all start with a robust strategy.