Security Management

PLATFORMS

SharePoint 2013

SOLUTIONS

SharePoint User Profile Application extension

INDUSTRIES

Banking & Finance

COUNTRIES

Canada, Ireland, Czech Republic, Cayman Islands, Jersey, Bermuda, Singapore, the UK

EFFORTS

14 MDs

THE TASK

Sometimes new legislation requires a major overhaul of company procedures.

The arrival of the European GDPR law made it necessary for a corporate client to quickly implement changes in its global policies to comply with the new regulations. (Note: GDPR stands for General Data Protection Regulation.) A swift transition to a new legal framework could have strained the company's resources, but they wisely enlisted Consovenio to handle the situation. In our work to make the compliance more convenient for our client, we've automated it as much as possible via our GDPR compliance data security management system. But beyond the automation, we've also conceived our software to be informative. Running on the client's SharePoint intranet, the GDPR system is equipped with a helpful "public countdown" feature that would inform employees about when the new policies would take effect.

An important benefit of our Intranet-based solution is being made with emphasis to support SharePoint collaboration, making it highly effective for a workforce scattered across multiple locations. Therefore our customer's staff - based in different countries - can collaborate on GDPR compliance because they all have access to the same tools and information no matter where they are located. This eliminates confusion and communication delays involved in managing collaboration between offices and teams separated by large distances.

THE PROCESS

Consovenio's SharePoint architects worked with the client's security team to create a list of features that needed to be developed.

Based on our discussions, we've designed a system that would allow for easy identification and management of user accounts belonging to inactive employees who have left the company. This means that our smart tool quickly detects a staff member's departure and automatically deactivates and removes his or her account.

THE SOLUTIONS

We have implemented a solution that fulfilled our customer's list of requirements. It consists of an Advanced Security Management Script that carries out the following actions:

Evaluates data from the Active Directory

Applies to the User Profile Application and to the individual sites and webpages

Regularly searches through the content of the entire Intranet using an enterprise content management system

Executes anonymization and removal of no-longer relevant users based on predefined parameters

THE RESULTS

Consovenio's solution helped our client's security team meet their GDPR obligations, all without having to deal with a burdensome manual process. The credit goes to our automated system; its powerful features make removing and anonymizing user accounts effortless and straightforward. As part of our long-term relationship with the client, we are committed to offering SharePoint IT support and updating the software. The updates are meant to integrate new technologies, and to retain compliance with changes in the GDPR legislation and internal SecOps governance.