It's no surprise that malicious insiders and external attackers alike covet sensitive information such as intellectual property, financial records, and personal information. This information has value, and therefore it's a target. Additionally, information is at risk due to careless and negligent employees and other users with elevated levels of trust and access such as partners and consultants. Because information helps drive the business, it must be accessible and usable, lest its value be diminished. This paper explains how striking a balance, where access is allowed while risk is mitigated, is essential.