Comprehensive Software Reviews to make better IT decisions
OneTrust Launches Vendorpedia, a Combined Security and Privacy Third-Party Risk Exchange
At the 2019 RSA Conference, OneTrust announced Vendorpedia, billed as the only security and privacy third-party risk exchange. However, it will need to increase its vendor coverage quickly to create a true value proposition.
OneTrust is a leading privacy management platform vendor. This announcement will help mature its relatively new third-party risk management solution set.
According to OneTrust, its Vendorpedia offering provides security and privacy profiles on over 6,000 third-party vendors. These profiles include pre-completed responses to many of the most popular vendor questionnaires in use. OneTrust customers can use this new service to streamline vendor security assessments.
“Vendorpedia is the first and only third-party risk exchange that brings together the information both security and privacy professionals need for the complete vendor lifecycle,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “We built Vendorpedia with our world-class privacy and security research expertise to be a scalable, automated and user-friendly solution for security, IT, privacy and procurement professionals alike to tackle the complex and changing third-party vendor risk management lifecycle.”
This is a welcome announcement from OneTrust. However, many customers may find that their largest vendors are not included in the service. While 6,000 vendors may sound like a lot, it just barely scratches the surface. Vendor coverage will need to grow quickly in order to make Vendorpedia a good value for most customers.
Want to Know More?
Osano recently released its SaaS privacy solution aimed at simplifying compliance and vendor assessments. The product feels familiar, but Osano’s ethical commitment sets it apart from the crowd.
TrustArc has announced the acquisition of Canadian counterpart, Nymity – a more boutique-style vendor known for its very high standard of privacy research, expertise which manifests in its product offering.
Data governance player Collibra recently announced the acquisition of SQLdep, a leading provider of automated data lineage.
Privacy by Design (PbD) is a General Data Protection Regulation (GDPR) requirement, but effective implementation requires deep insight into the operation and interconnection of various data collection processes. Thus, PbD can be difficult to document and demonstrate. However, Proteus may help.
BigID launches a certification program, aimed to help users, administrators, and organizations demonstrate compliance.
TrustArc’s introduction of Privacy Profile aims to solve an ongoing problem privacy professionals have: identifying all applicable regulations.
Quest Software’s new add-on module, Toad for Oracle Standard Data Protection (SDP), automates the detection and remediation of potential violations of data privacy regulations such as GDPR, HIPAA, and PCI.
Varonis Report Identifies Widespread Shortcomings of Organizational Data Security Despite Increased Pressure of Regulations
Varonis reports that even after GDPR, businesses still are failing to effectively protect sensitive data.
Nymity expands its product offering with the introduction of a new Data Subject Requests product.