TL;DR: Data silos fragment trust, visibility, and shared standards across teams, with 40% of professionals still lacking confidence in their data and only 21% prioritising silo reduction in governance plans, according to Collibra. The identity lesson is that access, stewardship, and accountability fail together when governance is disconnected from where data is created and used.
NHIMG editorial — based on content published by Collibra: The true cost of data silos and how to break free
By the numbers:
- 40% of professionals still lack confidence in their data
- Nearly 4 out of 10 professionals say data silos actively prevent efficient sharing across teams
- Only 21% of organizations list reducing information silos as a top priority in their governance improvement plans
Questions worth separating out
Q: How should teams govern data access when datasets are spread across multiple platforms?
A: Teams should govern access with a shared policy model, consistent ownership metadata, and source-level stewardship.
Q: Why do data silos create governance risk even when access controls exist?
A: Because access control only answers who can reach the data, not whether the data is consistent, understood, or owned in the same way across teams.
Q: What signals show that data governance is not actually working?
A: Common warning signs are repeated manual rework, conflicting metrics across departments, slow approvals, and frequent disputes about what a data element means.
Practitioner guidance
- Map data ownership to identity governance roles Assign clear owners for critical datasets, then tie those owners to approval, review, and escalation paths so access decisions are not detached from accountability.
- Standardise shared definitions before widening access Create common definitions for high-value data elements such as customer, revenue, and risk, then use those definitions in access reviews and downstream reporting.
- Track lineage where data is consumed Require lineage and usage metadata at the source so reviewers can see who changed data, where it moved, and which workflows depend on it.
What's in the full article
Collibra's full blog post covers the operational detail this post intentionally leaves for the source:
- How the vendor frames unified governance across discovery, permissions, and stewardship in practice
- The supporting survey context behind the 40% confidence figure and the 21% governance priority figure
- Examples of how organisations apply governance directly at the source without forcing rigid centralisation
- The vendor's own framing of shared definitions, federated stewardship, and lineage tracking
👉 Read Collibra's analysis of data silos and unified governance →
Data silos and access control gaps: what IAM teams should notice?
Explore further
Siloed data creates an identity trust problem, not just an information management problem. When teams cannot agree on definitions, ownership, or access context, the identity layer becomes technically functional but operationally unreliable. That is why siloed data often produces more risk than a simple visibility gap: it undermines the conditions needed for decisions to be trusted. Practitioners should treat trust breakdown as a governance failure across identity and data.
A few things that frame the scale:
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
- Lack of credential rotation is cited as the top cause of NHI-related attacks by 45% of organisations, followed by inadequate monitoring and logging at 37% and over-privileged accounts at 37%.
A question worth separating out:
Q: Who is accountable when data definitions differ across departments?
A: Accountability should sit with the owners of the source data and the governance function that approves shared definitions. If different teams use different meanings for the same term, the failure is structural, not accidental. A governance model without defined ownership will keep producing inconsistent answers.
👉 Read our full editorial: Data silos and identity governance: what practitioners are missing