How SAM supports compliance with DSGVO/GDPR

Software Asset Management as the foundation for implementing DSGVO/GDPR

For a long time software asset management was seen as counting, weighing and measuring and was used to overcome the licence audit. The actual resulting added value was vastly under-estimated. On the one hand SAM prevents under-licensing and corporate risks using subsequent licensing. But homogeneous integrated software asset management can do much more. It reveals unknown software and the resulting security gaps. Automated patch management closes access points for cyber attacks and minimises the risks of data loss. By constantly storing current inventory data for hardware and software, software asset management forms a company-wide basis for the DSGVO/GDPR requirements that must be met.

Data protection starts at the patch level

Using the integrated patch and update management you check your software environment for current patches and ensure common release versions across the company. The subsequent system check compares available release versions on a daily basis with the patch level stipulated by the manufacturer. All products are clearly shown in a patch level security dashboard and can be updated using the integrated workflow based software distribution and patch management. This enables you to avoid security risks such as data loss and fraudulent intent by means of out-of date release and patch versions, unauthorised software and endof- life programs.

User access management

In order to control authorisation processes through the Active Directory, DeskCenter also provides you with integrated user access management. With P!view you can directly create analyses via the DeskCenter interface on which users have which rights to the folders authorised on the file server. The access options for sensitive data for employees, customers or suppliers can therefore be shown transparently and restricted using prompt countermeasures. This ensures data protection where you require it.

DeskCenter DSGVO/GDPR Add-on

With the DeskCenter DSGVO/GDPR Add-on you have the option to seamlessly classify the recognised applications in your software portfolio and generate a directory of the processing activities. The directory of processing activities is used to ensure transparency about the processing of personal data and ensuring compliance with the new legal situation. In addition, such sensitive data as user data, pseudonymisation and the storage of user information can be documented in the DeskCenter Management Suite.

What will change with GDPR/DSGVO?

The EU General Data Protection Regulation (GDPR/DSGVO) comes into force on 25 May 2018 and fundamentally changes how data is handled in the future. The new law extends the scope and implementation of data protection and thus brings new challenges to companies. In future only one authority will be responsible for the rules which are applicable to all and will take decisions on sanctions and punishments for non compliance and infringements. DeskCenter supports you with a practical tool for complying with the DSGVO/GDPR regulations.