Can IAM software provide certificates for the compliance with legal regulations?
IAM Compliance Certificates
The introduction of IAM systems is often driven by the need for compliance with legal regulations. From high-level laws like the Sarbanes-Oxley Act (SOX) down to technical standards like ISO 27000 – the availability of an efficient Identity and Access Management is a prerequisite for the compliance with such frameworks. Therefore it is self-evident, that companies are asking vendors for the availability of general certificates that testify to be compliant with the individual regulation, when implementing the IAM solution.
To make a long story short:
Such certificates are either not available or of dubious validity.
Read more →
Increase Security with Portal-Based Recertification of Access Rights
We are very pleased to announce the general availability of its Garancy Recertification Center, our portal solution to boost the use of SAM Enterprise for the efficient recertification of user access rights. It enables companies to review internal and external users’ access rights and to specify which managers are able to recertify or revoke user permissions. The benefit to companies is an increase in the security and accuracy of recertifications, while making the recertification process itself auditable and compliant.
Read more →
Insider threats – how to fight the vulnerabilities coming from within the company
Recent studies have shown that 50-70% of all attacks on information security are coming from within the organization, and often the length of time that the breach existed is unknown. There are many issues involved in closing the gaps that cause such insider incidents and strenghten the protection of data.
Using the need “need to know” principal, organizations can limit who has access to data. Controls that adjust given access rights to actual needs exist and should be utilized. This webcast session will focus on how to adjust data access rights, implementing the “least privilege principal”, and the use of detective and proactive risk-oriented controls.
Join our 45 min webcast on insider threats on July 28, 2015 at and register here:
Webcast Insider Threats
Access Governance is a must have
Organizations have an ongoing-need to support the companies to reach their strategic objetives. They must enable every employee or involved partner or contractor to perform better. At the same time organizations must manage the involved security risk when using the data and applications . Companies there
fore need to perform role and user management based on audit-compliant processes in order to meet compliance requirements. They require the highest possible level of transparency in order to implement and enforce consistent identity access governance processes.
Read more →