MidPoint as Part of the Complex IT Landscape

Digital transformation and evolution introduced new processes to businesses, and even the existing processes have become more complex and interconnected throughout companies’ infrastructures. In a regulatory controlled environment, there are additional information security requirements together with legal and compliance policies resulting in even more complex processes and workflows. One of the most important factors for Read more about MidPoint as Part of the Complex IT Landscape[…]

First global midPoint community meet up

First October weekend was kicked off with midPoint community event. MidPoint made its little history. EU FOSSA 2 program organized 3rd Hackathon event where midPoint community has met face to face for the first time. The weekend full of ideas, discussions, brainstorming, bonding and amazing vibe. That is how midPoint community gathering looked like. We Read more about First global midPoint community meet up[…]

HR contract

How to notify future account expiration

In my previous posts, I wrote how you can fix temporary mistakes in HR data. If you have up to date data in HR, you are a happy Identity Engineer and your customer is a happy midPoint user. Midpoint automatically creates the user from HR data, send new user’s credentials over email or SMS. Set Read more about How to notify future account expiration[…]

Lawful basis Part II.

As the entry into force of the GDPR approaches, we continue in our search for the most appropriate lawful basis and assess each requirement. The most discussed kind of legal basis is “legitimate interests”. It is the most flexible one and is designated for various situations, where the others obviously don’t fit. Nevertheless, you cannot Read more about Lawful basis Part II.[…]

How to override administrative status

In my previous post, I wrote how to override full name if you don’t have actual data from HR in all cases. We can have a similar problem with a special property like Administrative status (user is enabled/disabled/archived). In most cases you already have done the mapping from HR. If the employee is active (or Read more about How to override administrative status[…]

Evolveum - GDPR, lawful basis

Lawful basis Part I.

On the way to the practical side of the GDPR we need to recognize reasons for processing the personal data, officially known as lawful basis. It has been long time since the data processing had been uncontrolled. You have needed lawful basis since the directive had come into effect, but under the GDPR there is Read more about Lawful basis Part I.[…]

Evolveum - How to override full name

How to override full name

You know, at the beginning every IDM project is clear and ideal. Everything seems to work well in the test environment, but as time goes by, the deadline is close and your customer finds more and more special cases. These cases have to be part of the solution “somehow” and “quickly” and of course they are found Read more about How to override full name[…]

GDPR - consent, part 2

GDPR – Consent part II.

Consent under the GDPR looks like really complex and complicated issue. Let’s see what we can already clearly explain. To achieve all stated requirements, you need to structure the consent granularly and give data subjects some options. Consent must be “specific”. Blanket consent without stating the exact purpose is not valid, but the GDPR does Read more about GDPR – Consent part II.[…]

GDPR – consent

GDPR – Consent part I.

As we are getting closer to the practical side of processing personal data under the GDPR, firstly we need to understand the reason of processing expressed in lawful basis. The first and most discussed basis is obviously a consent. Today we will identify the nature, characteristics and features of the consent needed to process personal Read more about GDPR – Consent part I.[…]

GDPR - Subject matter and scope

GDPR – Subject matter and scope

Now when we are familiar with GDPR principles and Rights of data subjects it is time to move on and uncover the content and territorial reach of GDPR. We will explain what data, systems and persons are protected by GDPR and who is bound to do so. GDPR applies to all contexts across all sectors. Read more about GDPR – Subject matter and scope[…]