Governance, Risk and Compliance need to sync up to keep your organisation’s data secure. You should have a good assessment of your security risks and transparency of this at board level. But are you remembering the importance of compliance? This can have a direct financial impact when your organisation is audited. For example, you could be left with a fine if you are not compliant with your licence contracts. Many organisations are unaware until it is too late, and then are forced to instigate emergency actions.
Identity Management software solutions involve a licence count limit within a contract. If you are over the licence count threshold, you are not compliant with the contract. But if you do not know that threshold, or you do not know how many identities there are in your system, you cannot know whether you are compliant or about to be charged two hundred thousand pounds after an audit for non-compliance.
If your actual number of identities surpasses the licence count threshold, you will be charged for every identity over the limit. Not only this, but you will also be charged a fine for non-compliance. You might have 5,000 members of staff using your system, but this does not mean you have 5,000 identities in your system. You could have 50,000 all managed by the software, including user accounts, secondary accounts, service accounts and test accounts. Some identities might represent more than one person, such as for a shared team account that multiple users have the login for. Many organisations struggle to keep track of the number of identities in their system for these reasons.
.png?width=300&name=Blog%20images%20(2).png)
Untracked identities come with the risk of not knowing who has access to your data, leaving your organisation at risk of attack from bad actors within the system. Compliance regulations exist for multiple reasons, one of which being the visibility to track identities and their access to data, applications, and systems. If you have clarity on your identities, you can better mitigate the risks associated with poor access control and identity management.
Some licence count limits include deleted identities as enabled user accounts, meaning you cannot rely on the number of active identities to give you the total number counting towards the licence threshold. Once you have transparency on your identities and licence count, you can delete unused identities to save money on your licences and reduce the risk of not knowing who has access to what.
.png?width=300&name=Blog%20images%20(3).png)
If you want to know more about your licences, you can talk to one of our support team today to find out what we can provide you in our Licensing Package. Intragen wants to provide clarity on your licensing before an auditor gets there first. You can run the report in minutes for a visual representation of your compliance.
Accredited to Intragen BV
+44 20 3880 1661
Intragen Ltd
870-871, 6th Floor Salisbury House
29 Finsbury Circus
London, EC2M 5SQ, UNITED KINGDOM
+358 10 526 4900
Intragen Oy
Keilaranta 1,
02150 ESPOO, FINLAND
+49 160 94708525
Intragen Deutschland GmbH
Europadamm 4
41460
Neuss
GERMANY