Security News > 2021 > March > 3 steps to meeting data privacy regulation compliance through identity programs
Security teams need to manage these vulnerabilities to protect the data from a cyber-attack and ensure compliance with the latest data privacy regulations, such as the General Data Protection Regulation or the California Privacy Rights Act.
The key to any data privacy compliance is proper data protection because under these laws, consumers retain the right to deny and revoke the collection of their data.
The subsequent steps include data classification, understanding how the data is processed and stored.
As cloud use normalizes, identity management and governance become an integral part of how firms can manage privileges, access, and ensure data security and privacy.
Things like virtual machines, databases, containers, mobile phones, and IoT devices are all machine identities that access data on other systems while also storing and processing data that need management.
By placing identity at the center of a company's security perimeter, an organization gains visibility into who has access to sensitive data and whether someone is accessing that data without the right permissions or need - or being exfiltrated.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/b771ZhX4TRw/