Access Certification: A Critical Step on the Road to Enterprise Risk Reduction

Today, companies are more dependent than ever on computer systems to gather, analyze and process a wide variety of vital IT resources, including sensitive data such as nonpublic personal information.

With access to this data comes the responsibility to ensure that it is kept secure. This means making certain that only authorized personnel have access to it, and that their access is limited to the lowest level of privilege required for them to perform their business function effectively and efficiently.

Implementing a strategy that includes periodic access certification reviews by the business to ensure that only the right people have the right level of access to vital IT assets will reduce the likelihood of a data breach, which can be devastating in terms of costs, such as law suits, regulatory fines and brand damage.