Finding your Best Approach to GDPR Compliant CIAM

GDPR, Blockchain & The Right to be Forgotten

A World without Identity and Access Management systems is unimaginable in our time. Just as in corporate environments, customer environments are highly depended on identity providers like Google or Facebook. But topics like access management are especially important in corporate environments. The main concept though is still trust. People have to trust that a main server for an IAM system is highly available, they have to trust their IT admins to not mess around with their data, and they have to trust the central database to be secured and not be accessed by anyone who is not entitled to do so.

In this day and age, we try to use a new technology to help us with all problems centered around trust: THE BLOCKCHAIN!

But is the blockchain the answer to IAM problems?

Does it help us to comply with GDPR and other privacy standards or does it make those topics even more complicated?

And how exactly could the blockchain, an invention for financial transactions even handle Identity and Access Management?

All those and more questions will be discussed in our presentation. We will show revolutionary ways to use the blockchain for IAM and even tell the story of a developer team from the future that uses a blockchain based IAM to on and off board developers to guarantee security within the team and the project!

Key Takeaways:

• Attestation workflows in the blockchain
• How to distribute permissions in a blockchain
• GDPR & Blockchain can you ever be forgotten?

Presentation deck

GDPR, Blockchain & The Right to be Forgotten

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.

Panel: How to Interact with your Customer without Comprising Privacy

Building an identity and access management strategy is a key factor to comply with the GDPR, to manage customer identities and to help improve the business’s view of its customer and its relationship with them.

There are some more challenges for companies which will be adopting and implementing GDPR privacy guidelines:

• They should improve data management practices, data quality and privacy governance.
• They should be responsible for establishment, control, and governance of valid credentials for protection for all sensitive data.
• They should plan their authentication needs for GDPR by selecting authentication and access management solutions, including identity governance, access management, privileged account management, certificate-based authentication, identity federation, complete lifecycle management and auditing tools.

Key Takeaways:

• A strong, reliable and trustworthy IAM strategy is a core building block required to achieve compliance with GDPR.
• To meet the new protection laws, companies should focus on protecting the data of EU individuals and to reduce the risk of a data breach and loss of reputation.
• Increasing security initiatives and controls will bring better visibility of data storage and management and will enable more transparent handling of customer personal data.