Identity is Security: When Data Calls
Are you governing access to your data? That question came into full focus this week as many discovered their data was out in the wild following the discovery of some misconfigured Box accounts. Our CMO Juliette Rizkallah pointed out in SC Magazine that this is just one of many lessons in identity that we are getting these days. While many organizations do in fact have identity programs in place, many fall short of extending their identity governance programs to include governing access to data. It’s been made clear time and again that organizations have a lot of data stored in a lot of places, and users’ access to said data often isn’t governed. Data is one of the three frontiers in identity that we often talk about and this is exactly why – we’re discovering just how exposed our sensitive corporate data is without identity governance.
Coming off RSA and Gartner last week, we also had a lot of catching up to do. Our own Mike Kiser had a great chat with Nick Holland of Data Breach Today at RSA on the Right to Be Forgotten. It was a timely conversation as several other data conversations were taking the headlines, including yet another Facebook data scandal.
As we turn our attention to what’s going on around the globe, there were several developments. We got a peek at some new GDPR data points from the European Data Protection Board, revealing that there were 206,326 cases reported in the 31 countries in the European Economic Area over the past nine months.
In China, new provisions to their cybersecurity law allow the government to access enterprise networks operating in the country. CSO Online shared this guide to how CISOs should react, and in our global economy, this is something we will likely continue to see as government laws try to come up with their own rules around the ever-present tech transformations.
With that, we leave you to start your weekend a little more informed about what’s going on in the world of security and identity!