75 percent recognize the important role identity governance plays within GDPR compliance plans
Until recently, enterprises have focused on securing the network perimeter as a means to protect their applications and data that resides within it. However, with a growing number of data breaches occurring due to compromised credentials, malicious insider behavior, and the proliferation of sensitive data being saved in unsanctioned locations, enterprises are realizing the way to mitigate these risks is to implement tight governance of the identities – employees, contractors, partners, etc. – within their organization and controlling the data, applications, and systems users are allowed to access. This governance oversight must now extend to both personal data stored in unstructured systems like file systems, collaboration portals and cloud storage systems and to management of user access to structured systems that contain personally identifiable information and data.
By monitoring who has access to what, organizations can leverage SailPoint’s identity management platform to quickly identify inappropriate access – including policy violations – and take action, mitigating malicious data breach behavior leading to GDPR-related penalties. Ready-to-use data discovery and classification policies allow enterprises to more easily identify files containing PII, PCI, and PHI related information. With SecurityIQ, SailPoint’s data access governance solution, enterprises are armed to confidently discover and protect the slew of personal and highly-sensitive information often stored in hard-to-manage unstructured files. With the added layer of SailPoint’s IdentityIQ (identity governance on-premises) and IdentityNow (identity governance in the cloud) organizations can administer identity and data access governance policies to further strengthen overall GDPR compliance efforts. And, with an extensive library of ready-made reports, enterprises have quick visibility into activity regarding permissions, policies and data access required to demonstrate proof-of-compliance with GDPR.
“With less than a year to go before GDPR takes full effect, now is the time for enterprises to get their identity house in order,” said Kevin Cunningham, SailPoint’s President and Co-Founder. “By focusing on a few key identity governance priorities: locating sensitive data, understanding who has access to it and maintaining proper access controls on that data, organizations will have the full visibility they need to comply with GDPR. To be able to answer ‘who has access to what’ at any time and across the entire security ecosystem puts enterprises in a position of power – the power to protect sensitive data stored in unstructured systems; the power to confidently comply with global regulations like GDPR; and the ultimate power to reduce risk to the business overall.”
SailPoint, the leader in identity management, brings the Power of Identity to enterprise customers around the world. SailPoint’s open identity platform gives enterprises the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis – securely and confidently. The company pioneered and is the undisputed leader in identity governance, and provides an integrated set of cloud-based services, including compliance controls, provisioning, password management, single sign-on and data access governance, all built on the belief that identity is a business enabler. SailPoint's customers are among the world’s largest companies in virtually every industry, including: 9 of the top banks, 6 of the top 10 healthcare organizations, 6 of the top 20 property and casualty insurance providers, and 6 of the top 20 pharmaceutical companies.