Lack of Security at Partner Firms Could be Costly
New data suggests too many organizations are turning a blind eye to the security profile of their partners, which could cause not only data breaches for both companies, but with the introduction of the GDPR, also costly fines and a damaged reputation.
February 2018: A leading European telco earlier this month made headlines for all the wrong reasons, when it was disclosed that it had been the victim of a major data theft. The breach revealed that unknown parties had wrongful access rights to privacy data after the telco’s sales partner had been breached.
“The data breach was thereby not the result of a hacker attack, but by someone misusing existing access rights of a sales partner,” notes Martin Kuhlmann, Lead Solution Consultant, Omada. “All too often, organizations turn a blind eye to their IT security. Many IT managers focus their attention on firewalls, penetration tests, and platform hardening, while another IT security cornerstone is neglected: identity and access governance.”
Securing the digital organization
The digital organization manages more IT users than ever before, which is why identity and access governance as a safeguard has never been more important, protecting the company both on-premises and in the cloud. It is essential for organizations to be in control of their identities, constantly having an overview of who has access to what, why, and who gave the access.
“While enabling business by providing the appropriate access to users, the door to cyber criminals is closed. Access is terminated when tasks change, accounts are disabled when no longer needed, and access risks are uncovered,” adds Martin Kuhlmann.
Manage internal and external identities alike
We see a growing demand for our customer identity and access management solution, which governs partners’ access rights.
Organizations strive to offer customers and external partners innovative digitized services, but struggle to find the right balance between a seamless customer experience and robust security measures. On one hand, security teams need to protect customers' privacy data against fraud or theft, but on the other hand, they also need to manage customer access to multichannel services and data - offering high performance, usability, and support.
The Omada solution enables you to manage external identities with the same level of security and access governance as for your internal identities. With a web-based portal for self-registration you can encourage your customers and external partners to engage with your company while ensuring data privacy and security.