GDPR and Identity Access Management
Get ready for GDPR!
The General Data Protection Regulation (GDPR) is due to come into force in on 25th May, 2018 – so how will this affect your organization? How do you mitigate vulnerabilities and risks with the support of Identity Access Management?
You may feel overwhelmed by the requirements of this regulation, especially considering the financial ramifications of non-compliance. However, leveraging identity governance at the core of your security strategy can go a long way towards mitigating the risk of a data breach and the resulting penalties that may incur.
Read more →
Can IAM software provide certificates for the compliance with legal regulations?
IAM Compliance Certificates
The introduction of IAM systems is often driven by the need for compliance with legal regulations. From high-level laws like the Sarbanes-Oxley Act (SOX) down to technical standards like ISO 27000 – the availability of an efficient Identity and Access Management is a prerequisite for the compliance with such frameworks. Therefore it is self-evident, that companies are asking vendors for the availability of general certificates that testify to be compliant with the individual regulation, when implementing the IAM solution.
To make a long story short:
Such certificates are either not available or of dubious validity.
Read more →
Increase Security with Portal-Based Recertification of Access Rights
We are very pleased to announce the general availability of its Garancy Recertification Center, our portal solution to boost the use of SAM Enterprise for the efficient recertification of user access rights. It enables companies to review internal and external users’ access rights and to specify which managers are able to recertify or revoke user permissions. The benefit to companies is an increase in the security and accuracy of recertifications, while making the recertification process itself auditable and compliant.
Read more →
Insider threats – how to fight the vulnerabilities coming from within the company
Recent studies have shown that 50-70% of all attacks on information security are coming from within the organization, and often the length of time that the breach existed is unknown. There are many issues involved in closing the gaps that cause such insider incidents and strenghten the protection of data.
Using the need “need to know” principal, organizations can limit who has access to data. Controls that adjust given access rights to actual needs exist and should be utilized. This webcast session will focus on how to adjust data access rights, implementing the “least privilege principal”, and the use of detective and proactive risk-oriented controls.
Join our 45 min webcast on insider threats on July 28, 2015 at and register here:
Webcast Insider Threats