A key aspect of preparing for the GDPR mandate is managing your employee’s access rights to personal data. Limiting access to any data that falls under the protection of this regulation will be an important step in ensuring your organisation is compliant.
Accomplishing this basic task can be extremely time consuming and challenging if you're just using Active Directory native tools. Through comprehensive automation 8MAN can solve this issue.
- Who has access to network resources, and how did they acquire these access rights?
- How would you know if a confidential file has been modified or copied to a different folder?
- How many ex-employees still have access rights to your network?
- How robust is your network from an inadvertent data breach?
- Who has overall responsibility for managing access rights within your organisation?
Learn how 8MAN can help you manage information access privileges and keep your permission rights updated. In our 60 minute webinar you will discover how data security compliance can be demonstrated with consultancy expertise from CST and industry-leading solutions from 8MAN.
What is the WebEx about?
Join us on the webinar to learn how to avoid the pitfalls of personal data breaches and keep data secure. Followed by a live demonstration of 8MAN Access Rights Management Solution.
- Welcome & Overview - Simon Cuthbert, Head of International, 8MAN
Introduction to how 8MAN’s access rights management (ARM) solution protects company data from unauthorized access, whilst preventing economic losses through misuse.
- 8MAN & GDPR - Steve Gormly, International Pre-Sales Manager, 8MAN
The live demonstration will cover functions and features of 8MAN. With the vast amount of confidential data that is held by companies, IT security has become a highly charged topic. GDPR will bring a number of new requirements for organisations. Hear how 8MAN’s access rights management solution can be tailored to your organisation and help prevent infringement of the GDPR mandate.
- Q&A - Maciek Salaj, Security Engineer, CST
The opportunity to get answers to your pressing questions about Access Rights Management and GDPR.
- Closing Comment
Meanwhile discover how 8MAN Access Rights Management Solutions can help you on your way to become GDPR ready with this 2 minute video.
The main GDPR Requirements of Access Rights Management are Articles 5 and 32 which imply a number of access rights management requirements for your company.
Article 5: Implicit Requirements
- Ensuring data security and integrity: Resources that contain personal data must only be accessible to trustworthy individuals. Additionally, all folders must be subject to continuous monitoring.
- Documentation of access rights: Especially, the accountability requirement of article 5, paragraph 2 states that data processing institutions must account the for exact access and permissions history of each directory.
- Maintenance of access rights situations: The joiners, movers, and leavers process (including the life cycle of a user account in your company network) requires both IT and business departments to maintain an overview of all access rights, and make changes very quickly. Data theft most often occurs during the leavers phase. At this point, business departments need to have already removed the employee’s permissions to security critical directories.
Article 32: Implicit Requirements
- Introducing Data Owners: The GDPR demands clear responsibilities when processing personal data. In this context, introducing the role of a data owner is absolutely central. Data Owners are managers that protect data within their departments. They know exactly which directories must be protected and which employees require access. The introduction of new roles such as data owners also requires new processes of collaboration and documenting shared activities and responsibilities.
For more information about GDPR regulations please read Whitepaper GDPR. In addition, click here to read more about the 4 main concerns organisations face with the upcoming GDPR Mandate.
Don't leave it too late!
The new mandate comes into force on May 25th 2018, so organisations need to act now to ensure they take the necessary steps to keep data secured.