Dell Survey Shows IT Professionals Lack Confidence in Ability to Manage Governance, Risk and Compliance in Regulated Industries
Results of a survey of more than 200 technology professionals charged with maintaining compliance at companies with more than 2,000 employees in the healthcare, retail and financial services industries reveal almost all respondents lack confidence in their ability to address and manage governance, risk, and compliance. It’s no secret that today’s complex GRC landscape is a challenge to understand, implement and maintain, especially in regulated industries where it is likely compliance and security teams are independent of each other. IT professionals face an uphill climb to maintain environments held to standards set by external regulatory control, as well as meet internal policies and best practices set forth by the organization itself. Controls required by regulatory agencies are not just a one-time implementation. Rather, represent a set of minimum, usually security-based standards that must be maintained and updated at all times to keep the company prepared in the event of an internal or external data breach disaster, which can happen at any time, with little warning.
Organizations must develop a comprehensive GRC strategy to mitigate the risk of a costly data breach.
A solid governance, risk and compliance strategy calls for compliance and security teams to work together and share information. This helps to ensure your organization is continually compliant, has the maximum level of protection from breaches, and prepares you to handle a potential data breach effectively, Dell Software recommends IT organizations get a better understanding of the value of closer alignment between compliance and security teams and the importance of sharing regulatory information across the teams. There are benefits to regularly and proactively reviewing data sources collected, getting rid of the old, as well as ensuring the right people have the right access to the right information. Remember that de-provisioning is more important than provisioning. There is a benefit to managing access rights properly and an opportunity to share data without providing access to the collecting application or infrastructure. This can be done without providing knowledge about how the data was collected. Finally, don’t forget privileged accounts. With access to mission-critical applications and data like credit card information or patient history, these powerful accounts are highly sought-after by external and internal threats alike. It is critical to understand what privileged accounts are in any organization’s environment as well as the dangers of setting up access controls and privacy in an inconsistent manner.
Dell Software solutions boost organizations’ confidence in their ability to protect sensitive company data and avoid costly data breaches
Dell Software’s compliance and identity and access management (IAM) solutions help maintain continual compliance, and protect the organization by giving business owners control of access to sensitive data for internal users, external users, and privileged users. Dell solutions help IT organizations feel confident in their processes for managing the wealth of regulatory data sources, as well as the permissions and access methods for all systems and data that must be accessed for day-to-day operations and their ability to proactively maintain continual compliance.
Tim Sedlack, senior product manager, Governance/Risk/Compliance solutions, Dell Software
“Too often, we are seeing security and compliance failures that don’t have to happen. Regulated industries like healthcare, retail and financial services have a tough road when it comes to meeting their governance, risk and compliance objectives, and our survey results show they are worried about it. Let’s face it – a failed audit can be very costly for any organization. But, with the help of Dell Software’s compliance and identity and access management solutions, and by following our best practices for achieving continuous compliance, IT organizations can help their companies maintain a compliance and security orientation that is ready for an audit at any time.”
Delivering Complete and Connected Software Solutions
Dell Software empowers companies of all sizes to experience Dell’s “Power to Do More” by delivering scalable yet simple-to-use solutions that can increase productivity, responsiveness and efficiency. Dell Software is uniquely positioned to address today’s most pressing business and IT challenges with holistic, connected software offerings across five core solution areas, encompassing data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, helps customers simplify IT, mitigate risk and accelerate business results.
Dell Inc. listens to customers and delivers innovative technology and services that give them the power to do more. For more information, visit www.dell.com.
Dell is a trademark of Dell Inc. Dell disclaims any proprietary interest in the marks and names of others.