Killing two birds with one stone – POPI compliance and secure remote access during COVID-19

With Fudo PAM, organisations can achieve POPIA compliance while securing remote access during the global COVID-19 crisis.

As the world goes through unprecedented digital transformation, both information and customer data have become the most important asset to many companies.

Unsurprisingly, database-targeted cyber attacks have increased rapidly, leading to massive financial drawbacks that have hit companies particularly hard during global challenges like COVID-19.

As a result, privacy has become the main focus of regulatory agencies.

From 1 July 2020, South African companies had less than one year to meet compliance with the new POPI Act (Protection of Personal Information Act).

It targets the containment of negligent usage or the misuse of personal data, as well as the protection of personal rights.

POPIA forces all companies to take appropriate measures to prevent security incidents that include the loss of personal data and in case they do occur to report and publish each individual security incident:

“Where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person, the responsible party must notify the Regulator; and subject to subsection, the data subject …“

Failing to comply with POPIA may lead to high penalties of up to R10 million or long prison terms of up to 10 years, depending on the seriousness of the breach.

Unfortunately, most IT-related business units have already experienced difficulties in securing an appropriate security level during “normal times”, having a hard time arguing internally why they need money for non-operative topics.

With COVID-19, a global recession, trade slumps and major uncertainties, the situation has gotten much worse.

Senior management tends to underinvest in IT-security related areas even though security breaches can lead to much worse situations than a POPIA violation.

Unsurprisingly, many CIOs’ heads are spinning, arguing why they need money for IT security, all while the company’s future is so uncertain.

Fudo Privileged Access Management

The answer to the herculean task is plain and simple: Fudo PAM - Privileged Access Management.

During these unprecedented times, the urgent need for remote access can result in time pressure and does not provide a buffer for well-thought-out solutions.

Previous security concepts are often avoided to enable remote access. With Fudo PAM - which is the ideal PAM product - both goals are achieved at once: meeting POPIA compliance while also securing remote access during the global COVID-19 crisis.

Leading PAM solutions like Fudo PAM aim to protect company data, but only the best of the best are able to create added value which improves the operational business right after deployment.

Here are some examples:

  • Recording all traffic in real-time (but reducing the session storage to a minimum).
  • Generating complete access control (especially to personal data).
  • Distributing only necessary rights to every internal and external company party.
  • Preventing unwanted commands, actions and breaches.
  • Allowing proactive monitoring and cooperative working by sharing sessions.
  • Preventing the abuse of privileged user accounts thanks to artificial intelligence, rule settings and machine learning.
  • Analysing the efficiency of external services.
  • Serving as an internal training tool.
  • Reducing the expenditures for the coordination of workflows to a minimum.

Of course, privileged access management is not the only topic directed at the regulations of POPIA, but it is intuitive and therefore serves perfectly as leverage for CIOs and CISOs during global challenges like COVID-19 when remote working is booming and security risks are rising.

Article written by Christian Reicher, 21 September 2020, Fudo Security DACH, Hans-Bornkessel-Straße 45, 90763 Fürth.

Share

Fudo Security

Our expertise in security is confirmed by years of experience, hundreds of satisfied customers and a global distribution channel. Our mission is to design the friendliest and most reliable solutions to arm organizations against the abuse of privileges. Our products allow you to monitor the activity of users with access to critical assets, help you manage the password policy and alert you in case of any suspicious behavior. We combine the strongest security features with a business approach. Using our solutions will unburden you team to ensure they can focus on what matters for your company. Let us prove our outstanding speed of deployment, our user-friendly operating modes and our excellent post-sales support.

DT Networks

DT Networks is a Johannesburg based cyber security distributor that specializes in next-generation information security solutions for the African market. DT Networks is the only distributor for FUDO Security, Agent X SOC services and Agent X Cyber Awareness Training in South Africa. 

DataTegra

DataTegra has been around for more than a decade and delivers hybrid cloud security, SOC-as-a-Service, managed security, risk management and professional services to commercial and public sector clients in South Africa and across Africa. We provide the visibility and control needed for effective hybrid cloud, endpoint, and network security to bridge the gap to a modern security approach. Our Agent X platform uses Security Orchestration Automation and Response (SOAR) to optimize and scale Managed Detection and Response (MDR) capabilities across the enterprise. Our South African-based cyber security experts provide 24×7 monitoring, consulting, and guidance to our customers on their journey to a secure environment. Our professional services include penetration testing, exercises and training, vulnerability assessments, threat hunting, and incident response. Our single risk management platform assists with building, automating and managing risk compliance within the organisation across the NIST, POPIA, GDPR, ISO, PCI and HIPAA frameworks. Our cyber awareness training (Agent X CAT) is a unified cyber security awareness training platform, It positively and demonstrably improves what people know, how they behave and what they think about information security.

FUDO PAM is distributed by DT Networks and re-sold by DataTegra in SADAC and Africa.

Click here for more information about Fudo Security, or Contact DT Networks fudo@dtnetworks.co.za, Tel. +27 11 796 6948 or DataTegra sales@datatega.co.za, 086 100 DATA (3282)