White PapersRead the latest Greenlight white paper
White Papers by Topic
Insider Threat, Privileged Access Management and Firefighting
Extending SAP Access Control to SAP and non-SAP On-Premise and Cloud Applications
Segregation of Duties, Continuous Controls Monitoring, and Access Violation Management
Insider Threat, Privileged Access Management and Firefighting White Papers
An Insider Threat Checklist for Your Business-Critical Applications: 10 Steps You Must Take to Prevent the Inside Threat from Wreaking Havoc on Your Applications
The inside threat can be devastating. According to a recent Ponemon Institute study, the total average cost of an inside breach is $8.76 million. Out of the 3,269 insider incidents it reviewed, 64% were due to negligence, 23% were related to criminal activity, and 13% were based on user credential threat. Making it even harder for security teams is that Individual applications are starting to become a growing target for the inside threat. Download the Insider Threat Checklist now to see the top steps you need to take to protect your business-critical applications!
Top 5 Ways Your Procurement System Is Vulnerable to the Inside Threat eBook
How do you prevent the inside threat in your procurement system? Whether you use SAP Ariba, Coupa or other system, this is a critical area you must address. Download our eBook to discover the top 5 vulnerabilities & how you can close the security gap!
Top 5 Ways Your HR System Is Vulnerable to the Inside Threat eBook
How do you prevent the inside threat in your HR system? Whether you use SAP SuccessFactors, Workday, Oracle Peoplesoft or other system, this is a critical area you must address. Download our eBook to discover the top 5 vulnerabilities & how you can close the security gap!
Extending SAP Access Control to SAP and non-SAP On-Premise and Cloud Applications White Papers
How to Extend SAP Access Control to All Business-Critical Applications to Achieve 100% Real-time Transaction Monitoring
SAP Access Control analyzes each user’s entitlements within a siloed ERP system to determine if there is a Segregation of Duties violation. When a violation is detected, the user is flagged for review. But the only thing you know is that the user CAN perform a fraudulent transaction. The reviewer knows where the risk is, but doesn’t know if any fraudulent activity actually occurred. And the review is only capturing a small fraction of the transactions taking place across the enterprise. Download this white paper to find out how you can extend SAP Access Control to monitor transactions and master data changes in real-time across all of your business-critical applications to uncover the moment a violation occurs.
Internal Controls and Fraud Prevention Checklist
How pervasive is the business-controls problem? A recent study by ACFE found that “a lack of internal controls, such as segregation of duties, was cited as the biggest deficiency” in control weaknesses that can lead to fraud. In its “Access Governance Trends Survey,” Ponemon Institute LLC found that 57% of organizations surveyed lack the confidence to know whether their user access practices are compliant because they don’t have enterprise-wide visibility of that user access. With Greenlight you can quickly ensure your SAP and non-SAP solutions are secure, respond to suspicious activity and analyze business activity for risk or compliance issues. Download the checklist to see the top ten applications that Greenlight’s customers have asked to integrate with SAP Access Control to achieve enterprise compliance before an auditor identifies the gap.
Segregation of Duties, Continuous Controls Monitoring, and Access Violation Management White Papers
GRC 20/20 Report: Internal Controls by Design – An Integrated & Continuous Approach to Managing Controls
In this report, Michael Rasmussen, the GRC Pundit, provides a blueprint on effective internal control management strategies to transform governance from being based on trust to being based on facts.
The IT Professional’s Guide on How to Deal with Audit Findings Related to IT General Control Failures
In this guide, we take a deeper dive into the material weaknesses being disclosed and walk through the steps to remediate the issues & ensure they don’t happen again.
The Total Economic Impact of Greenlight’s Access Violation Management Solution
This Forrester report measures the value of reducing manual mitigating controls and quantifying your financial exposure from access management risks.
Extending the Value of User-Provisioning Systems Through Continuous Controls Monitoring
This whitepaper explains why continuous controls monitoring is critical for companies looking to extend their user provisioning system to achieve a holistic, end-to-end approach for access risk and compliance requirements.
Access-Risk Management: Automated Solutions To Find, Analyze, Fix, Monitor, and Manage User Access Risks
This whitepaper explores how an automated approach to access risk management allows organizations to efficiently monitor user access to ensure transactional integrity, detect fraud and malfeasance, strengthen regulatory compliance, and improve operational performance.
Regulation Management White Papers
The California Consumer Privacy Act: Steps to Safeguard Data and Protect the Enterprise
Any business that collects or sells a California resident’s personal information must comply with the California Consumer Privacy Act. And a breach of that data can be very costly. The fine imposed in the Act is up to $750 per consumer per incident. A recent study by IBM Security and the Ponemon Institute, 2018 Cost of a Data Breach Study: Global Overview, found that the average size of a data breach in the U.S. is 31,465 compromised records. That means the average breach could cost a company over $23.5M in fines. Download this white paper to get up to speed on the California Consumer Privacy Act and the steps you need to take now to protect the enterprise.
GDPR’s 72-Hour Notification Requirement
You have put all the right security measures in place but it still happened… You’ve been breached and the clock is ticking… You have 72 hours to report everything to the supervisory authority as part of the new GDPR regulations or you risk devastating fines – up to €20 million or 4% of global revenues, whichever is higher. In those 72 hours, you have to uncover what data was exposed, how much was accessed, who may be affected by the breach, and when it happened. That’s no easy task but you can’t risk missing the deadline. And that’s why you need to read this white paper: GDPR’s 72-hour Breach Notification Requirement.