Relying On Reporting Rather Than Prevention Tools To Deliver Compliance
Reporting tools often give organizations a sense of security that they would have a way to go back, review and manage something bad that has happened, according to Jaimin Patel, director of product management for provisioning at Lexington, Mass.-based Imprivata.
But reporting after the fact isn't the same as preventing the access that caused the damage in the first place, Patel said. Proactive monitoring is still important for knowing what's going on so that an organization can take action right away, according to Patel.
Patel said identity governance and access management tools will make it easier for companies to proactively take steps to avoid being attacked. For instance, Patel said these tools might require additional or multi-factor authentication for a physician that's outside a hospital and attempting to access patient data.