Business GRC

Access Risk Management for SAP and Beyond

Organizations are increasingly under pressure to deliver security, identity, compliance, governance, and risk management for all types of business applications. This challenge is exacerbated by the fact that most organizations have a heterogeneous landscape of business applications both in…

A First End to the Schrems II Limbo

Writing about legal topics is always a challenge. I am not a lawyer, but as an analyst and advisor, however, I almost inevitably encounter the implications of laws and current case law. Thus, this text describes only a personal assessment and is not intended to be, and should not be used as,…

Cloud Codes of Conduct Get the EU Green Light, but More Is Still Needed

Green Light On May 20th, 2021 it was announced that the EU Cloud Code of Conduct had received official approval by the Belgian Data Protection Authority, following the positive opinion issued by the European Data Protection Board.  At the same time, the European Data Protection…

Marcus Scharra: Why PAM is crucial for DevOps security compliance

Arndt Lingscheid: How to Build a Strong Security and Compliance Foundation for Your SAP Landscape

Cyber-attacks can have severe consequences when it comes to SAP S/4HANA applications. These attacks increasingly focus on the company’s application layer and use privileged user accounts. Unfortunately, many security departments see the SAP application layer as a “black…

Managing Access to Your Business Applications: Breadth vs. Depth

I’ve been in IT long enough to remember when business applications were home-grown and written in COBOL. In the early stages of my career, I even gave computer classes on the standard algorithms for good COBOL programming, such as sorting and grouping. In the more than three decades…

SailPoint to Strengthen Their SAP Access Control and SoD Control Capabilities by Acquiring ERP Maestro

This week, SailPoint announced their intent to acquire ERP Maestro, a SaaS-based solution for monitoring SoD controls and manage access controls in business applications such as SAP. This announcement fits well into the SailPoint strategy of expanding their core offerings IdentityIQ and…

R&S®Trusted Gate - Secure Glocalization von Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity ermöglicht eine zuverlässige Verarbeitung regulierter und sensibler Informationen für die Zusammenarbeit und zum Dateiaustausch in gemeinsamen SharePoint-Plattformen für Organisationen in verschiedenen Ländern und Regionen unter…

Oxyliom Solutions GAÏA Advanced Identity Management

The GAÏA Advanced Identity Management component of the GAÏA Trust Platform by Oxyliom Solutions integrates the key elements of identity management required for regulatory compliance and a modern digital experience, especially in highly regulated industries such as the financial sector.

Micro Focus Identity Governance

Identity Governance is a mature Identity Governance and Administration (IGA) solution that is undergoing extensive development to meet the identity services requirements of the modern enterprise. As business systems become increasingly demanding of identity management environments, Micro…

Business Resilience Management (Crisis Roadmap for Beginners)

Business Resilience Management is key to business survival in the face of rapidly changing IT, cyber threat, and regulatory environments.

Imagining Future Regulations on AI – Similarities to the GDPR?

There are ongoing discussions from high-level expert groups from the EU Commission about what regulation of Artificial Intelligence – particularly the algorithms that process data – will look like. There is a high priority to not only create alignment with the GDPR but to add…

Jul 07, 2020: Privileged Access Management (PAM) for Your Enterprise

In this virtual event, KuppingerCole and other top experts in the industry will present crucial information on why companies need PAM and how PAM works best to prevent security breaches and credential thefts through defining and implementing the right strategy.

Executive View: Soterion for SAP - 80113

Soterion for SAP is a GRC (Governance, Risk & Compliance) solution targeted at SAP environments and delivering major capabilities in that space. The solution is available as both on premises solution and in an as-a-service model. Soterion has put specific emphasis on delivering a…

What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the…

Executive View: Onegini Connect - 80168

Onegini provides a compelling no-code cloud-delivered solution for Consumer Identity and Access Management (CIAM) and B2B IAM. Onegini is headquartered in the Netherlands, is expanding across Europe, and has global ambitions. They have expertise in EU regulations such as GDPR, PSD2 and…

Leadership Brief: Six Key Actions to Prepare for CCPA - 80353

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing personal data have changed.  This report identifies six key actions that IT needs to take to prepare for compliance.

Applying the Information Protection Life Cycle and Framework to CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020. Enforcement is slated to start by July 1, 2020. CCPA is complex regulation which does bear some similarities with EU GDPR. For more information on how CCPA and GDPR compare, see our webinar. Both regulations deal…

Executive View: AWS Security Analytics Solutions - 80220

AWS provides a comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio, with all security alerts aggregated, organized and prioritized within AWS Security Hub – an extensible cloud security and compliance management platform.

Mar 05, 2020: What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same…

The Information Protection Life Cycle and Framework

The Information Protection Life Cycle (IPLC) and Framework describes the phases, methods, and controls associated with the protection of information. Though other IT and cybersecurity frameworks exist, none specifically focus on the protection of information across its use life. The IPLC…

Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory…

Akamai to Block Magecart-Style Attacks

Credit card data thieves, commonly known as Magecart groups, typically use JavaScript code injected into compromised third-party components of e-commerce websites to harvest data from shoppers to commit fraud. A classic example was a Magecart group’s compromise of Inbenta…

GDP R U Compliant?

Almost one and a half years after the introduction of GDPR (EU General Data Protection Regulation), some companies still struggle with implementing appropriate measures to deal with Personally Identifiable Information (PII) in a compliant fashion. Last week the Commissioner for Data…

Oct 29, 2019: Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory Authority…

Executive View: SAST SUITE Der Akquinet AG - 80191

Die heutigen SAP-Sicherheitsanforderungen gehen weit über die traditionellen Access Governance-Anforderungen an Benutzer, deren Zugriff und Rollen hinaus. akquinet bietet eine vollwertige Produktsuite für GRC (Governance, Risk & Compliance) und Sicherheit für…

Executive View: SAST SUITE by akquinet AG - 80116

Today’s SAP security requirements go far beyond traditional Access Governance needs regarding users and their access and roles. AKQUINET offers a full-featured product suite for GRC (Governance, Risk & Compliance) and security for SAP environments. The provided modules cover a…

Assuming High Criticality: Resilience, Continuity and Security for Organizations and Infrastructures

Acronyms are an ever-growing species. Technologies, standards and concepts come with their share of new acronyms to know and to consider. In recent years we had to learn and understand what GDPR or PSD2 stand for. And we have learned that IT security, compliance and data protection are key…

Mit Access-Governance-Projekten neue Vorschriften erfüllen, ohne das Rad neu zu erfinden

IGA-Projekte (Identity Governance & Administration) bergen aufgrund ihrer Komplexität diverse Risiken. Diese ergeben sich meistens in der Vernetzung einer komplexen, heterogenen IT-Infrastruktur sowie durch den bereichsübergreifenden Charakter von IGA-Projekten. Wenn man nicht…

Leverage Enterprise Architecture to Achieve GDPR Compliance

Several measures have been undertaken by Organizations at various levels to comply with GDPR, most of which remain reactive, fragmented and largely ad-hoc. These controls are also not continuous in nature and therefore fail to satisfy ongoing compliance requirements. Organizational leaders…

Sustainable Data Management

Getting competitive advantage from data is not a new idea however, the volume of data now available and the way in which it is being collected and analysed has led to increasing concerns. As a result, there are a growing number of regulations over its collection, processing and use.…

Jun 25, 2019: Mit Access-Governance-Projekten neue Vorschriften erfüllen, ohne das Rad neu zu erfinden

IGA-Projekte (Identity Governance & Administration) bergen aufgrund ihrer Komplexität diverse Risiken. Diese ergeben sich meistens in der Vernetzung einer komplexen, heterogenen IT-Infrastruktur sowie durch den bereichsübergreifenden Charakter von IGA-Projekten. Wenn man nicht bei jedem…

Executive View: BigID - 80046

With today's mounting regulations to protect sensitive customer data, organizations are faced with new requirements, challenges and compliance risks. BigID assist organizations with their data compliance requirements by helping them find, categorize and map their data at scale.

The Foundation for GDPR Compliance and PI/PII Protection: Understand Where Data Resides and Who Processes It

The EU GDPR requires covered organizations to be able to account for and document how personal data is collected, processed and shared.  What many companies often fail to realize is that this data is not only stored in specialized and appropriately secured silos such as…

Jun 05, 2019: Leverage Enterprise Architecture to Achieve GDPR Compliance

Several measures have been undertaken by Organizations at various levels to comply with GDPR, most of which remain reactive, fragmented and largely ad-hoc. These controls are also not continuous in nature and therefore fail to satisfy ongoing compliance requirements. Organizational leaders…

Building Trust by Design

Trust has somehow become a marketing buzzword recently. There is a lot of talks about “redefining trust”, “trust technologies” or even “trustless models” (the latter is usually applied to Blockchain, of course). To me, this has always sounded……

Data Privacy & CX

Beyond the new data privacy regulations: how to improve customer understanding and the customer experience? When it comes to state-of-the-art sales and marketing, customer experience (CX) is a highly important topic. Creating and analyzing outstanding customer journeys while considering…

CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

Apr 02, 2019: The Foundation for GDPR Compliance and PI/PII Protection: Understand Where Data Resides and Who Processes It

The EU GDPR requires covered organizations to be able to account for and document how personal data is collected, processed and shared. What many companies often fail to realize is that this data is not only stored in specialized and appropriately secured silos such as databases. In fact,…

CCPA: GDPR as a Catalyst for Improving Data Protection Outside the EU

It wasn't too long ago that discussions and meetings on the subject of digitization and consumer identity access management (CIAM) in an international environment became more and more controversial when it came to privacy and the personal rights of customers, employees and users. Back then…

Feb 12, 2019: CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

Another Astounding Data Breach Hits the Confidence of Customers

The dust is still setting, but the information on this case currently available, which also includes the official press release, is worrying: Just this Friday, November 30, the hotel chain Marriott International announced that it has become the target of a hacker attack. Marriott's brand…

Cybersecurity Leadership Summit Berlin 2018 - Review

This month we launched our Cybersecurity Leadership Summit in Berlin. A pre-conference workshop entitled “Focusing Your Cybersecurity Investments: What Do You Really Need for Mitigating Your Cyber-risks?” was held on Monday. The workshop was both business-oriented and technical…

Marketing Automation Systems and GDPR Readiness - 80018

Marketing automation systems are key when it comes to digital or omni-channel marketing. This KuppingerCole Buyer’s Guide will provide you with questions to ask vendors, criteria to select your vendor and requirements for successful deployments. It will also prepare your organization…

Sep 18 - 19, 2019: Digital Finance World 2019

Welcome to the new world of Digital Finance: DFW - Digital Finance World, Frankfurt, September 18 – 19, 2019 - is the place for finance innovators from traditional players to meet with Fintechs and Start-ups to shape the Future. Here you can interact with a targeted and engaged financial…

How to Handle Consent to Be Compliant With the GDPR and the Upcoming ePrivacy Regulation

GDPR is here to stay and the new ePrivacy regulation is on the horizon, but many organizations are still not yet in full state of compliance. A core requirement for compliance with GDPR is the concept of “consent,” which is fairly new for most data controllers. Now, with the…

Customer Identity Access Management (CIAM): Creating the Foundations for User Focused Digital Business, GDPR Compliant

Digital Business Transformation is a continuous process that affects all areas of doing business, with technology finally getting the right focus: The customer and his/her experience with your business. It is now all about providing that ultimate Frictionless CX (customer experience) so…

Nov 06, 2018: How to Handle Consent to Be Compliant With the GDPR and the Upcoming ePrivacy Regulation

GDPR is here to stay and the new ePrivacy regulation is on the horizon, but many organizations are still not yet in full state of compliance. A core requirement for compliance with GDPR is the concept of “consent,” which is fairly new for most data controllers. Now, with the GDPR regulation…

Advisory Note: GRC Reference Architecture - 72582

GRC covers the areas of Governance, Risk and Compliance and this report refers to GRC in the context of delivering IT services to meet organizational goals.  GRC is concerned with setting objectives, policies and controls and monitoring performance against these.  This report…

Consumer Identity & Access Management (CIAM), Big Data and the Internet of Things (IoT)

It is all about providing your customer a great experience so that they return to you and not to your competitor, who has never before been that close to your business. Anticipating, maybe even in advance, your customer's needs has on the one hand become a must. On the other hand, GDPR is…

Executive View: TechDemocracy Intellicta - 70362

A software platform designed to achieve a holistic assessment of an organization’s cybersecurity, compliance, risk and governance status by establishing risk governance, resilience and protection from cyber threats through the deployment of a standards-based risk governance framework.

Oct 02, 2018: Customer Identity Access Management (CIAM): Creating the Foundations for User Focused Digital Business, GDPR Compliant

Digital Business Transformation is a continuous process that affects all areas of doing business, with technology finally getting the right focus: The customer and his/her experience with your business. It is now all about providing that ultimate Frictionless CX (customer experience) so that…

Advisory Note: Big Data Security, Governance, Stewardship - 72565

An ever-increasing number of devices, sensors and people are connected to the global internet and generate data.  The analysis of this data can help organizations to improve their effectiveness and make better decisions.  However, there are concerns over the trustworthiness of the…

Sep 11, 2018: Consumer Identity & Access Management (CIAM), Big Data and the Internet of Things (IoT)

It is all about providing your customer a great experience so that they return to you and not to your competitor, who has never before been that close to your business. Anticipating, maybe even in advance, your customer's needs has on the one hand become a must. On the other hand, GDPR is…

Cross-Border Data Management and Cybersecurity: Walking the Tightrope of Compliance and Business Efficiency

Guest Author: Jordan L. Fischer, Esq., Co-Founder & Managing Partner of XPAN Law Group, LLC Technology is changing rapidly, correlating in an increasing amount of data collected every second.  These technologies cross-borders and allow businesses to operate on a global scale, at…

"Archive != Delete": Bring Back the Delete Button

Why does it seem to be getting harder to delete information online? GDPR will take effect in just a few days. GDPR empowers EU people to take control of their personal information. When in force, GDPR will mandate that companies and other organizations which control or process personal…

How (Not) to Achieve Instant GDPR Compliance

With mere days left till the dreaded General Data Protection Regulation comes into force, many companies, especially those not based in the EU, still haven’t quite figured out how to deal with it. As we mentioned countless times earlier, the upcoming GDPR will profoundly change the way…

Will Your Security Solutions Violate GDPR?

As the May 25th, 2018 GDPR enforcement date approaches, more and more companies are actively taking steps to find, evaluate, and protect the personally identifiable information (Personal Data) of EU persons. Organizations that do business with EU persons are conducting data protection impact…

Whitepaper: Varonis - Daten kennen - 79028

Neue Regulierungen wie die Datenschutz-Grundverordnung (DSGVO) und die stetig wachsende Gefahr durch Cyber-Attacken führen zu einem hohen Druck auf Unternehmen. Es gibt aber auch Chancen, wenn man versteht, wo die wirklich wertvollen Daten liegen und sich darauf fokussiert, diese Daten…

Tim Hobbs - What Connects DevOps & IAM

IAM products are highly configurable systems tailored to the diverse needs of customer environments and applications. Modern applications require short development cycles and IAM systems that can be adjusted at the same pace. Modern data centers are configuration-driven, resilient…

Jeff Jonas - Do you Know What You Know About the Data Subject?

GDPR obligates organizations to provide data subjects with access to their personal data. To comply, companies must be able to answer a seemingly innocuous but frighteningly difficult question: What do we know about the data subject? Further, organizations must respond to Data Subject…

Martin Kuppinger - Microservices Architectures: Making IAM Hybrid

In recent times, an increasing number of vendors announced a migration of their products towards microservices architectures. Some renovate their existing on premises IAM tools, others build new solutions with a new architectural approach. Factually, the idea isn’t that new, but the…

European Identity & Cloud Awards Ceremony

European Identity & Cloud Awards Ceremony

Prof. Dr. Heiko Beier - Is it Facebook's End Game? Why Social Networks as we know them Today will not Survive

The real problem behind the recent Facebook scandal is not primarily that a company like Cambridge Analytica has "gained" access to the personal information of millions of Facebook users and misused them for political manipulation. It is the business model of social networks itself: Letting…

Naresh Persaud - How to Enable Trust with Interoperable & Shared Credentials

The focus of digital identity for consumers and enterprise is to remove silos, minimize redundant effort, enable better collaboration and provide a foundation for regulatory compliance. The challenge is that shared credentials for both commercial and public-sector organizations will require…

Dr. Torsten George - Zero Trust: Solving IT Security’s Identity Crisis

Although companies are constantly increasing their cybersecurity budgets, this does not seem to help much: each day we learn about new large-scale data breaches. Considering that over 80% of hacking-related breaches leverage compromised user credentials, it’s mindboggling why so many…

Joy Chik - Planning for Tomorrow: Connecting Identities for People, Processes, and Things

Social, economic and technological changes are creating urgent new requirements for enterprise identity that enable interconnected digital systems. These new use cases require a governance framework that is consistent, integrated and efficiently managed. It also needs to provide increased…

Martin Kuppinger - The Future Model of Identity: Blockchain ID and the Digital Transformation

Distributed Ledger Technologies ("Blockchain") are the foundation for the most disruptive changes to business we are either already observing or that are on the road to becoming a reality. Based on these technologies, both new business models and fundamental changes to established models…

Prof. Dr. Hans Ulrich Buhl - Unchaining Blockchain

Blockchain is much more than the technology behind its still most successful application – the Bitcoin. One of its key attributes is the immutable storage of information. Besides other applications, this enables trustful online business between two or more individuals – without…

Ralf Oestereich - We will Disrupt You

We will Disrupt You - Are AI, Blockchain, IoT a Blessing or Curse for an Insurance Company?

Doc Searls - How Customers Will Lead Companies to GDPR Compliance and Beyond

Nearly all advice on GDPR compliance is about what companies can do for other companies, or companies can do for themselves. There isn't much on what customers can do for companies, which may turn out to be the biggest help of all. That’s because customers are going to get more power…

Drs. Jacoba C. Sieders - Digital Identities and Blockchain: Experiments and Use Cases @ ABNAMRO

ABNAMRO runs over 30 blockchain experiments, also involving digital identity capabilities. Co-operation has been set –up across various coalitions, and use cases are running a lot wider than just the banking and payments industry. Academia, building-, and shipping industries are also…

Jason Rose - Realizing the full potential of Consumer Identity

Customer Experience is Everything and Everything is Digital. Digital transformation is now the center of marketing, advertising and sales strategy across every industry and region, with today’s consumers demanding a seamless and relevant experience across online and offline channels…

Mo Ahddoud - SGN Securing Shared Credentials at The Heart of Digital Transformation

The future of IT security will depend on CISOs who are brave enough to build a new security model that is both innovative and unconventional. Gas distribution company, SGN, is blazing a trail that every company can follow. As a UK, critical infrastructure company SGN’s cloud-first…

Christopher Spanton - Blockchain and the Business of Identity

Identity and Access Management (IAM) within an enterprise environment presents complex challenges for any business. While new technologies, such as blockchain, have the potential to help solve some of these challenges, today bringing blockchain into solution oriented discussions can merely…

Lukas Praml - Your Mobile Identity: Blockchain Ain't no Swiss Army Knife

Digital identity solutions are very wide spread and everybody is using them on a day to day basis. Mainly it can be distinguished between state issued IDs/eIDs which lack usability and are therefore not as successful as hoped and self-claimed or self-established eIDs (sometimes stored in…

Carmine Auletta - Identity & Digital Trust

Trust is essential for a society to function. It’s even more critical in a digital society where transactions take place between parties that can only rely on each other supplied digital Identity. eIDAS Regulation provides – for the first time – a clear, universal and…

Jackson Shaw - Fire Safety and Cyber-Security – Smoke Detectors are Not Enough

It takes most businesses over 6 months to detect a breach on their network. And while smoke detectors are proven to halve the death rate by fire, saving thousands of lives each year, detection is sometimes too late to prevent many buildings from burning to the ground. So imagine if it…

Eve Maler - The Evolution of Identity and its Importance for our Digital Lives

Identity is as old as mankind and adapted very well to its changing environments. From a simple look that determines who you are to a high frequency of multi-factor vehicle-to-vehicle authentication in autonomous driving - with Digital Transformation, Identity in digital form has become the…

Patrick Parker - The AI and Robotic Process Automation Revolution and the Upcoming Redesign of IAM

The AI and Robotic Process Automation revolutions are in full swing with record growth in both sectors as well as an explosion of new startups in this space. Not to be left behind, existing vendors are rushing to heed the call of AI and automation by sprucing up there existing product…

Dr. Sridhar Muppidi - Identity Meets Fraud Protection to Establish Digital Trust

In this session, we will introduce a framework to establish digital trust based on capabilities from fraud protection and Identity. This will quickly and transparently establish a trusted, frictionless digital relationship for your customers, employees, and business partners. The session…

Kim Cameron - The Laws of Identity on the Blockchain

Keynote at the European Identity & Cloud Conference 2018

May 14 - 17, 2019: European Identity & Cloud Conference 2019

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 14-17, 2019, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 950 thought…

Some Perspective on Self-Sovereign Identity

Identity isn't hard when you don't always use it. For example, here in the natural world we are anonymous—literally, nameless—in most of our public life, and this is a handy thing. Think about it: none of us walks down the street wearing a name badge, and it would be strange to…

Without Prosecution, There Is No Protection

The Equifax data breach saga continues to unfold. In late 2017, the company admitted it had suffered significant data loss starting in March of last year. There were likely multiple data theft events over a number of months. At some point in May, they notified a small group of customers but…

BAIT: Clearer Guidelines as a Basis for More Effective Implementation

If legal laypersons (as I am) read legal texts and regulations, they often miss clear and obligatory guidelines on how to implement them in practice. This is not least due to the fact that laws are generally designed to last and are not directly geared to concrete measures. This type of…

Acing the Upcoming GDPR Exam

With only weeks to go until the EU GDPR (General Data Protection Regulation) takes effect on May 25th, global businesses are scrambling to figure out how to avoid the hefty fines that loom for companies failing to achieve compliance. Sanctions for non-compliance are very severe with…

2018 – the Turning Point for Social Networks

The Facebook data privacy story continues to be in the headlines this week. For many of us in IT, this event is not really a surprise. The sharing of data from social media is not a data breach, it’s a business model. Social media developers make apps (often as quizzes and games) that…

PSEUDO WHAT AND GDPR?

GDPR comes into force on May 25th this year, the obligations from this are stringent, the penalties for non-compliance are severe and yet many organizations are not fully prepared. There has been much discussion in the press around the penalties under GDPR for data breaches.…

Leadership Brief: Marketing Chatbots and GDPR - 79026

Chatbots are a recent trend in marketing automation, designed to enhance customers’ digital journeys and elicit more information from consumers. This report evaluates the impact of GDPR will have on the use of chatbots and provides an overview of topics to be considered in order to…

Holistic Approach to Cyber Risk Governance in the GDPR Era

Pressured by the Digital Transformation, corporate networks are becoming increasingly complex, spanning across multiple geographical locations and technology platforms. Unfortunately, even as companies are becoming more open to the outside world, different business units within the same…

Faktor Mensch: Wie man das schwächste Glied der IT-Infrastruktur Ihres Unternehmens schützt

Obwohl der Markt mit einer großen Anzahl von Sicherheitslösungen reagiert und die Budgets für Cybersicherheit ständig wachsen, scheinen sich viele Unternehmen immer noch auf den Schutz von Endgeräten und Netzwerken zu konzentrieren. Sie übersehen dabei das…

Apr 10, 2018: Acing the Upcoming GDPR Exam

With only weeks to go until the EU GDPR (General Data Protection Regulation) takes effect on May 25th, global businesses are scrambling to figure out how to avoid the hefty fines that loom for companies failing to achieve compliance. Sanctions for non-compliance are very severe with…

Martin Kuppinger - 2018 - The Year of Disruption: Why the Finance Business Will Never Be the Same Again

The year 2018 brings major changes to the financial industry. Two disruptive regulations (PSD2 and GDPR) come into effect early in the year and will have a far-reaching impact. Their implementation can be a challenge, but through these directives new opportunities will be created.…

Dr. Karsten Kinast - Preparing for GDPR: Key Aspects and Best Practices for Financial Services

The EU General Data Protection Regulation (GDPR) will be implemented in May 2018. It replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across…

Guido Scholz - GDPR Is Not Only Law, It Is Also a Trusted Relationships with Customers

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Best Practices and Essential Tools for GDPR Compliance

Join this KuppingerCole webinar to get practical, straightforward advice on how to prepare for GDPR, including: Devising and maintaining a plan to detect a data breach, Properly documenting evidence of compliance for auditors, Evaluating the effectiveness of your…

Ivana Bartoletti - Meeting the GDPR Transparency Requirements in Digital Finance

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Matthias Reinwarth - You Are Here! Assessing Your Organisation‘s GDPR Readiness

Presentation at the Digital Finance World 2018 in Frankfurt, Germany

Make Things Happen Rather Than Watch Things Happen With Vendor-Provided Compliance Solutions

In May 2017, my fellow KuppingerCole analyst Mike Small published the Executive Brief research document entitled “Six Key Actions to Prepare for GDPR” (then and now free to download). This was published almost exactly one year before the GDPR takes full effect and outlines six…

Excutive View: Imprivata - 71514

On October 24, 2017, Imprivata significantly enhanced their healthcare-focused enterprise SSO offering with Identity Provisioning and Access Governance capabilities acquired from Caradigm. With that offering they are broadening their portfolio while remaining focused on the healthcare…

Whitepaper: GDPR Herausforderungen mit Delphix meistern - 70368

Mit der neuen Datenschutz-Grundverordnung (GDPR) führt die EU strenge Kontrollen bezüglich der Verarbeitung personenbezogener Daten von EU-Bürgern sowie hohe Geldstrafen bei Nicht-Einhaltung eben dieser ein. Die Compliance der Grundverordnung erfordert kostenintensive…

Whitepaper: Meeting GDPR Challenges with Delphix - 70368

GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.  Compliance requires costly controls that can be justified for processing of PII with direct business benefits.  However, using PII for…

GDPR and Financial Services – Imperatives and Conflicts

Over the past months two major financial services regulations have come into force. These are the fourth money laundering directive (4AMLD) and the Second Payment Services Directive (PSD II). In May this year the EU General Data Protection Regulation will be added. Organizations within the…

Mar 13, 2018: Faktor Mensch: Wie man das schwächste Glied der IT-Infrastruktur Ihres Unternehmens schützt

Um im hart umkämpften und sich ständig verändernden globalen Markt bestehen zu können, sind Unternehmen gezwungen, ständig neue Technologien und Plattformen einzuführen, die unweigerlich zu einer erheblichen Erhöhung der Komplexität ihrer IT-Infrastrukturen führen. Da sensible Geschäftsdaten…

Free Tools That Can Save Millions? We Need More of These

When IT visionaries give presentations about the Digital Transformation, they usually talk about large enterprises with teams of experts working on exciting stuff like heterogeneous multi-cloud application architectures with blockchain-based identity assurance and real-time behavior…

Mar 15, 2018: Holistic Approach to Cyber Risk Governance in the GDPR Era

As we are getting closer to the dreaded May 25th deadline, when the General Data Protection Regulation will come into force, many companies are still struggling with implementing effective risk assurance programs that constitute a key requirement for any sensible cybersecurity and compliance…

UK Open Banking – Progress and Challenges

On January 13th, 2018 a new set of rules for banking came into force that open up the market by allowing new companies to offer electronic payment services. These rules follow from the EU Directive 2015/2366 of 25 November 2015 that is commonly referred to as Payment Services Directive II…

Mar 08, 2018: Best Practices and Essential Tools for GDPR Compliance

With just over three months until the General Data Protection Regulation (GDPR) comes into force in the European Union, many organizations are still struggling to prepare for the new regulation.

Executive View: SAP HANA Platform Security - 70272

SAP HANA Platform securely supports the IT applications and services needed by organizations to achieve digital transformation as well as the traditional IT systems of record. It offers a high - performance database through in - memory processing and provides enterprise grade security…