The basic data protection regulation in the European Union is now in force for a good year. Due to its extraterritorial effect, it also applies to Swiss companies in many areas. In any case, it would be a good idea to follow this worldwide highest standard for the protection of personal data. According to current surveys, however, only a little more than half of the companies believe that they now fully comply with the regulations. In complex applications, searching for possible accesses to personal data is too time-consuming.
Although most commercial standard applications have functions for user and rights management that regulate not only the access rights of individuals, but also entire user groups and role profiles, there is no reason why they should not be used. But when web links come into play for partners, for example, these management systems quickly reach their limits.
The more business models in the digital economy are based on the procurement and processing of data, the more important sophisticated management tools become for the observance of privacy: who is allowed to view which data and by what means is this monitored! No wonder that 57 percent of the IT managers surveyed by Gartner in a study already consider “data governance and data security” to be the most important challenge in their everyday data life.
In addition, sophisticated rights management must also be able to block or release certain application functions for users or user groups. This is virtually impossible in a distributed and hybrid environment of onsite and cloud applications for standard systems. One more reason to doubt that the DSGVO has in fact already been implemented in all business processes of a company.
We at actesy are confronted with this challenge in practically every integration project we supervise.
Practically every time it is up to us to find a solution to this challenge. The reason: for the traditional standard providers, the area of responsibility ends at the limits of their application. However, in a digitally transformed world, conditions are no longer the same.
We have therefore made a virtue out of necessity and developed a tool from the numerous individual solutions that we have developed with the help of the actesy metadata framework that manages the rights for data, functions and links in practically every environment. For this purpose, each time an application managed by actesy Rights Managament is accessed, it is checked whether the user, user group or role has the necessary access rights. No functional release without rights! But also: No data release without rights! More than 250 adaptors have already been developed within the framework of actesy projects, which allow external access to the data stored in applications. With the help of actesy RightsManagement, it is ensured that not everyone can view personal data or data worthy of protection from outside. With the actesy Rights Management, your infrastructure becomes as secure as Fort Knox for partners on the web or for mobile access by field staff.
actesy Rights Management should not be missing in any digital project. Even in industry 4.0 projects, in which, for example, production machines are networked in the Internet of Things, the protection of access rights – even without personal data – is a protection against espionage and sabotage.
To that extent: See you in your next digital project.
We look forward to hearing from you at firstname.lastname@example.org