Protect Privileged Account Passwords to Help Comply with new EU General Data Protection Regulation
WHAT’s the challenge
The European Union’s new data protection framework, known as the GDPR (General Data Protection Regulation) will come into force soon.
WHY it’s important
It affects any company doing business in the EU. Expect stronger enforcement and penalties. Failure to comply with new rules could result in fines up to 4% of firms’ total worldwide annual turnover.
HOW we solve it
Thycotic Privileged Account security solutions help you enforce security policies to protect privileged account passwords, demonstrate compliance with regulations, and establish least privilege access.
PRIVILEGED PASSWORD STORAGE,
SECURITY, AND MANAGEMENT
Prepare now for upcoming compliance with the EU GDRP regulation
New rules are focused on ensuring any nation state, organization, or company dealing with European citizens’ personal identifiable information are obliged to comply with this regulation. Your colleagues are already acting to assess the awareness, readiness and impact of the EU General Data Protection Regulation changes in the US, UK, France and Germany.
- 83% have already allocated budget with 21% allocating $0.5 million or more to address the changes
- 82% think it will be a higher enforcement priority than the EU Cookie Directive
- The top concerns were the new penalties (42%) and tighter consent requirements (37%)
SOX auditors focus on privileged IT accounts
Privileged accounts, such as IT admin accounts or application/service accounts, each grant a specific level of access on the network. Typically IT teams share these credentials amongst themselves to gain access to equipment as needed. This restricts access among IT staff members and makes it very difficult to know who exactly is accessing which device. Without this knowledge it would be extremely challenging, if not impossible, for an organization to demonstrate EU GDRP compliance.
In addition, privileged accounts can easily proliferate throughout the enterprise with the potential for hundreds, if not thousands of accounts, each with their own password. To maintain proper security, each password should be quite long, comprised of random characters, and changed regularly. For many organizations this requires hundreds of man-hours wasted by highly-paid IT professionals performing manual password changes to help keep these accounts protected.
Important implications for companies with European ties
The new EU GDPR replaces the European General Data Protection Directive from 1995 and provides the foundation for taking responsibility and being accountable when it comes to dealing with European citizens’ private data.
This means you are accountable and responsible for all the information you collect. The more information you gather, the more data you have to account for, and therefore the more data you are responsible for. If a data breach occurs and it is found that adequate security measures were not in place, there are significant penalties and fines: 20 million euros or 4% of annual turnover.
Learn more about the key impacts and consequences for your organization, and how to set expectations for EU GDPR changes affecting the collection or processing of European citizen’s private data by downloading the resources we offer.
Thycotic Privileged Account Password Security Solutions help you prepare for EU GDRP regulation
Privileged accounts are a preferred target of hackers. So Thycotic Secret Server and Privilege Manager for Windows software solutions help you enforce security policies for protecting privileged account passwords, demonstrate compliance with GDRP regulations, and establish least privilege access.