Use Case
Manage third party vendor access
The Problem
Companies rely on dozens and even hundreds of third party vendors, contractors and freelancers to get work done, and in the process need to share company documents with these organizations. The problem is how do companies achieve least privilege access for third party organizations so that they get access to only the information that is needed to get the job done, and thus reduce access risk?
Quite often more people in a vendor organization have access to company data than is needed and they have access to more information than is required for the job. This access can remain for months and years, even after work on projects is complete. This creates risks for data fraud and data theft.
To make matters worse, IT and security teams have very limited and time-intensive means to analyze and control third party document access. As a result, third party access often remains unchecked, increasing risks for an organization.
The Solution
You need a system that can enable you to easily analyze and control access to company documents by external domains. The system should provide the ability to review all external domains with company document access, review how much data access do these domains have, and find whether any confidential information (such as c-level owned) or stale data is being accessed. In addition, you need the ability to quickly restrict and remove access, or assign access reviews to end-users in these scenarios with just a few clicks.
Finally, your system should also enable you to identify confidential documents that are owned by third parties, so that you can transfer ownership of such documents back to the company.