Evolveum’s Identity Management and Governance Blog

midPoint release named after Charles Robert Darwin

MidPoint 3.7 “Darwin”

Posted on by Radovan Semancik

MidPoint 3.7 “Darwin” was released. As the release nickname suggests Darwin is an evolutionary release. It brings few major features and changes. But more importantly it brings a large number of gradual improvements to almost every part of midPoint.

The most obvious change in midPoint 3.7 is its stand-alone deployment form. Previous midPoint versions were designed as traditional Java web applications, distributed in a WAR file that had to be deployed in a web container. This approach was a common routine years ago when midPoint project started. But the world moved on and midPoint had to adapt. Therefore, midPoint 3.7 moved to a stand-alone deployment. All that is needed is to download midPoint and start it up. No need to deploy it to a web container. The traditional WAR file is still provided as an deployment option and it is still supported. But the stand-alone form factor is now the recommended way to run midPoint. […]

Evolveum - Noris and training courses

2017 – The Year of midPoint Training Courses

Posted on by Ivan Noris

This year (2017) was full of training courses. Literally, there was almost no month without any training. Some took place in our office in Bratislava, Slovakia, some were remote/online sessions, but most of them were onsite, which meant a lot of travelling. I travelled to Canada and United States, later also to Finland. I experienced my first transatlantic flight, Read more about 2017 – The Year of midPoint Training Courses[…]

GDPR Lawful Basis Management

GDPR Lawful Basis Management

Posted on by Radovan Semancik

The first thing that most likely comes to the mind when people hear about GDPR is “consent”. That is understandable, as better part of the buzz around GDPR is about customer identities and digital marketing. But this emphasis on consumer identities is casting shadow on other aspects of GDPR that are at least as much important as consent. One of the aspects of GDPR is affecting much larger range of organizations than consent does. In fact almost every organization is affected by it. I’m talking about management of lawful bases for data processing. […]

GDPR - consent, part 2

GDPR – Consent part II.

Posted on by evolveum

Consent under the GDPR looks like really complex and complicated issue. Let’s see what we can already clearly explain. To achieve all stated requirements, you need to structure the consent granularly and give data subjects some options. Consent must be “specific”. Blanket consent without stating the exact purpose is not valid, but the GDPR does Read more about GDPR – Consent part II.[…]

GDPR – consent

GDPR – Consent part I.

Posted on by evolveum

As we are getting closer to the practical side of processing personal data under the GDPR, firstly we need to understand the reason of processing expressed in lawful basis. The first and most discussed basis is obviously a consent. Today we will identify the nature, characteristics and features of the consent needed to process personal Read more about GDPR – Consent part I.[…]

GDPR - Subject matter and scope

GDPR – Subject matter and scope

Posted on by evolveum

Now when we are familiar with GDPR principles and Rights of data subjects it is time to move on and uncover the content and territorial reach of GDPR. We will explain what data, systems and persons are protected by GDPR and who is bound to do so. GDPR applies to all contexts across all sectors. Read more about GDPR – Subject matter and scope[…]

New LDAP and CSV identity connectors

New LDAP and CSV identity connectors

Posted on by Radovan Semancik

Identity connectors are important part of any identity management (IDM) project. For an IDM solution the connector provide interface to the outer world. And there are few connectors that almost any IDM solution needs: LDAP, Active Directory and CSV. New versions of those connectors were released recently. And there is an interesting story behind those connectors. […]

GDPR – Rights and principles

GDPR – Rights and principles III.

Posted on by evolveum

This article is the last continuation of the GDPR principles series. In the previous articles you could read about the purpose limitation principle and data minimisation or accurancy and data retention periods. Now let’s learn about data security and Accountability. Data security Controllers are responsible for ensuring that personal data are kept secure, against both external and internal threats. This Read more about GDPR – Rights and principles III.[…]

GDPR rights and principles II

GDPR – Rights and principles II.

Posted on by evolveum

Last article was devoted to the principles concerning controller’s duties. On contrary, today’s principles will express what data subjects may call for. Accuracy Personal data must be accurate and kept up to date, in other way it should be deleted or amended. So far nothing new in comparison with the Directive. The controllers must make Read more about GDPR – Rights and principles II.[…]

GDPR - Rights and principles I.

GDPR – Rights and principles I.

Posted on by evolveum

Today we will continue discovering GDPR principles by giving attention to two new principles introduced by GDPR. Both of them seem to be burdensome and restrictive for controllers, presenting their new duties and restraints. The purpose limitation principle The purpose limitation principle says the personal data collected for one purpose should not be used for Read more about GDPR – Rights and principles I.[…]