LGPD
LGPD compliance doesn’t have to be complicated. Know how Privileged Access Management facilitates the compliance process.
The General Data Protection Law, law 13.709/18, enacted in August 2018, aims to increase the privacy of personal data of brazilian residents and the power of regulatory bodies to oversee organizations in this area.
The legislation adapts Brazil to the best global data management practices and covers all companies established in the national territory, as well as organizations headquartered abroad that offer services or have operations in the country involving data processing of brazilian residents.
The application of the law is extraterritorial: it applies to any processing operation carried out by a natural person or by a legal entity governed by public or private law, regardless of the environment, the country of its headquarters or the country where the data is located.
How do we help you comply with the LGPD?
senhasegura enables the information security team to implement the changes stipulated in LGPD. Administrators can, through the solution, define and enforce access and privacy policies for privileged users across the environment, and thus comply with regulation.
The architecture of senhasegura, without the need to install agents, allows for quick deployment by the IT team and easy use by users. senhasegura becomes the infrastructure access proxy, allowing administrators to know exactly the systems accessed and the user’s privilege level. Additionally, all sessions performed can be recorded for auditing and incident analysis purposes.
The senhasegura solution can help your organization to comply with the 10 data privacy principles endorsed by the LGPD:
Suitability:
Compatibility of the treatment with the purposes informed to the holder, according to the context of the treatment.
Prevention:
Adoption of measures to prevent the occurrence of damage due to the processing of personal data.
Purpose:
Carrying out the processing for legitimate, specific, explicit and informed purposes to the holder, without the possibility of further processing in a manner incompatible with these purposes.
Necessity:
Limitation of the processing to the minimum necessary for the accomplishment of its purposes, with the scope of pertinent data, proportional and not excessive in relation to the purposes of the data processing.
Transparency:
Guarantee, to holders, of clear, accurate and easily accessible information about the performance of the treatment and the respective treatment agents, observing commercial and industrial secrets.
Free access:
Guarantee, to holders, of easy and free consultation on the form and duration of the treatment, as well as on the completeness of their personal data.
Data quality:
Guarantee, to the data subjects, of accuracy, clarity, relevance and updating of the data, according to the need and for the fulfillment of the purpose of its treatment.
Non-discrimination:
Impossibility of carrying out the treatment for illegal or abusive discriminatory purposes.
Security:
Use of technical and administrative measures capable of protecting personal data from unauthorized access and from accidental or illegal situations of destruction, loss, alteration, communication or dissemination.
Accountability and accountability:
Demonstration, by the agent, of the adoption of effective measures capable of proving the observance and compliance with the rules for the protection of personal data, and even of the effectiveness of these measures.
PAM Core – Management of the Full Cycle of
High Privilege Credentials
Centralized access management, with the objective of protecting and controlling the use of generic and high-privilege credentials, providing secure storage, segregation of access and full traceability of use.
When configuring access groups, you can define the administrator users who will be allowed to be given a physical access password and the group of users who can use the remote access provided by the solution to access a target device or system.
All cases can follow multi-level approval workflows and reasons provided by the requesting user.
Who is it recommended for?
senhasegura is a leading global solution in privileged access management with a mission to eliminate the abuse of privileges in organizations around the world.
The solution is recommended for companies in the following scenarios:
Companies with more than 10 users.
Companies that received points of attention in auditing.
Companies that must comply with cybersecurity rules and regulations.
Companies that want to implement the best security practices.
Companies that have suffered a security incident.
Companies that need to reduce operating costs.
World Recognition
In 2021, senhasegura was recognized as a Challenger in the Gartner Magic Quadrant report. In the same year, Gartner also named us among the top three PAM technologies in the world in its PAM Critical Capabilities report.
In addition, senhasegura was listed in Forrester’s Wave report for Privileged Identity Management 2018, which considered our access granularity among the best in the market. In addition, senhasegura was named a Leader by KuppingerCole in its Leadership Compass 2021 report.
Customer Testimonials
"The management of the technological infrastructure in our company is a permanent challenge and privileged user management needs to have the proper focus and control. senhasegura allows adequate control and traceability of these accesses, creating just-in-time access to protect the most critical assets of the company The solution is also highly granular, allowing for better adherence to our information security policies."
Senior IT Analyst
"Many companies are having problems with third parties that manage their data centers (data leakage and data breaches). I see that senhasegura PAM is a great option to ensure secure access and active monitoring of all actions being performed by environment administrators."