Identity Governance For Non-Profit Organizations

Challenge

Unlike companies that sell goods or services, nonprofits run a much bigger challenge in-event of the data breach. Consumers are less willing to trust nonprofits after a data breach. Any nonprofit organization that processes donations or stores and transfers donor’s personally identifiable information (PII) must take serious steps to address cybersecurity risks. Additionally, any US nonprofit that raises money in the European Union, or provides services to citizens of the EU, including collecting data about those citizens, must follow the EU’s General Data Protection Regulations.

Our Approach

We recently partnered with a non-profit to put together comprehensive access and entitlement review program for its 4,300 Clubs serve nearly 4 million young people through club membership and community outreach. Using SecurEnds CEM and ILM, a multi-tenant, SaaS module, we created a powerful governance and provisioning/ de-provisioning solution that will be used by the non-profit to evaluate and remediate potential attack vectors. The CEM module will allow recurring automated access review campaigns that validate users within systems and ensure their access rights are appropriate while ILM module will drive the management of dormant and orphan accounts.