IAM a Core Building Block for GDPR
Identity and access management is key to enabling organisations to become compliant with the GDPR, according to a senior analyst.
Matthias Reinwarth, Senior Analyst at KuppingerCole, said: “A strong, robust, reliable and trustworthy IAM strategy and capability is a core building block required to achieve compliance with the [General Data Protection Regulation] GDPR.
“This provides a formal approach to maintaining identities in a way that can be GDPR compliant because it is personally identifiable information, be it an employee in a traditional IAM system, a partner in a federated IAM system or a customer in a Ciam [consumer identity and access management] system.”
Reinwarth said if done correctly, all these systems will enable organisations to comply with GDPR requirements such as managing consent by individuals to have their data recorded and tracked, responding to individuals’ rights to have their data erased, and notifying people in the event of a personal data breach.
Reinwarth added: “Organisations with a strong IAM strategy in place are more likely to be able to tell the right people at the right time if their data has been compromised,”
He said many organisations still don’t realise they have to comply with the GDPR or understand exactly what this will mean, never mind how IAM capability management could help.
Reinwarth added that an important part of having an IAM strategy is the growing importance of being able to manage customer identities, as well as helping to comply with the GDPR and helping to improve the businesses’ view of its customer and its relationships with them.
He said: “It is important to recognise that customer identity is as the core of most modern business processes and that customer identity management will be a key enabler for many organisations – or to put it the other way around, businesses that do not do that will fail, or at least fall short.”Return to internet news headlines
View Internet News Archive