Identity Governance Buyer's Guide

Identity Governance Buyer's GuideContains tools to help you identify your priorities, conduct side-by-side product analysis and find a solution that suits your needs. Download the Guide »

Certify Access

Certify AccessGet the details on how SailPoint streamlines and automates the review and approval of user access privileges.

Download the access certification at-a-glance »

Enforce Policy

Enforce PolicyGet the details on how SailPoint defines and enforces business rules and policies to mitigate risk.

Download the policy management at-a-glance »

Monitor Activity

Monitor ActivityGet the details on how SailPoint streamlines and automates the review and approval of user access privileges.

Download the Activity Monitoring at-a-glance »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Access Request Manager Data SheetLearn how SailPoint delivers access in a policy-controlled environment.

Download the Access Request Manager
data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Manage ComplianceLearn how Identity Governance helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee IdentityIQ in action, request a one-on-one demo today.

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

Headlines & Editorials

The latest news coverage on identity compliance trends and technologies.

"In-house Fraud Cases Surge"
Fraud committed against companies by their own employees has surged this year, new data suggest, providing fresh evidence that the recession is fuelling a rise in crime.
Financial Times  |  May 10, 2009

"Can You No Longer Avoid Closely Monitoring Employees?"
The insider threat has always existed, but in an era of economic upheaval and uncertainty, the problem is only magnified. That point came across in a recent Ponemon Institute survey of 945 individuals who were laid off, fired or quit their jobs during the last year, with 59% admitting to stealing company data and 67% using their former company's confidential information to leverage a new job.
NetworkWorld  |  April 27, 2009

"Governance, risk management and compliance: Putting it together"
Governance, risk management and compliance (GRC) planning is still a new concept, but already it has gotten a bit of a bad rap. Mainly, it's been called too vague and, now, frequently gets overused by vendors hocking their wares – whether these solutions directly are related to GRC or not.
SC Magazine  |  March 5, 2009

"Government Security News: Responses to Risky Realities in Government IT"
You might not recognize the names Joseph Thomas Colon or Claude Carpenter off the top of your head, but there were people at the FBI and the IRS who knew them before both men allegedly broke into government IT systems between 2001 and 2004. The people who knew the two men best probably also knew when they crossed the line from average employee/contractor to potential security risk. Owing largely to the two agencies’ inability to protect critical systems and data adequately from their own internal staff, they became victims of a severe security breach and sabotage.
Government Security News  |  February 24, 2009

"Deloitte: Firms Lack Confidence They Can Deter Internal Attacks"
Human error is the leading cause for IT system breaches, and most corporate security officials do not feel confident they can protect their organizations from internal cyberattacks, according to Deloitte Touche Tohmatsu's annual survey. In all, the survey, released Wednesday, found that the global recession is putting information at great risk for these companies.
SC Magazine  |  February 05, 2009

"Data Breaches Cost More Than Money"
A study by the Ponemon Institute found the average cost of data breaches - from detection to notification to lost business – is rising. The No. 1 cost to companies is lost business, which now accounts for 69 percent of total costs.
eWeek  |  February 2, 2009

"Shell fingers IT contractor in theft of employee data"
Oil company says outside IT worker used info from database to file fake unemployment claims.
Computerworld  |  October 10, 2008

"Data Breaches Reach Record High"
First, the bad news: data breaches continue unabated at U.S. corporations, governments and universities, already surpassing last year's record 446 breaches, according to the ITRC (Identity Theft Resource Center). Through the end of September, the total number of data breaches recorded by the ITRC was 516, averaging 57 breaches a month.
eWeek  |  October 7, 2008

"How secure is secure enough?"
If there is a Holy Grail in the information security industry, it surely is the answer to the question, "How secure is secure enough?" It's a question that many security managers have either avoided answering altogether or tried to quickly sidestep by throwing a fistful of mainly pointless operational metrics at anyone who cared to ask.
Computerworld  |  July 28, 2008

"Why are security pros dealing with compliance?"
The dawn of the age of IT compliance has had any number of consequences for IT staffs in general, and security teams specifically. Now, instead of simply worrying about whether the network is running properly and the good guys can get in and the bad guys can’t, security specialists have to consider how every modification, deployment and installation they make might affect the company’s compliance with PCI DSS, Sarbanes-Oxley or HIPAA.
SearchSecurity.com  |  July 17, 2008

"Rotting at the Core"
Forget Ukrainian hackers. A bigger threat to your company's data security may be sitting in one of its cubicles. In the first half of 2008, the fraction of data breach incidents caused by employees stealing information more than doubled compared to last year, according to a report released Monday by the Identity Theft Resource Center.
Forbes.com  |  June 30, 2008

"2008 Security Survey: We're Spending More, But Data's No Safer Than Last Year"
In the face of growing demand to target security investments based on risk management principles – a domain foreign to many CIOs and infosec practitioners – there's wisdom to be garnered from our peers.
InformationWeek  |  June 28, 2008

"GRC and IAM – You can't separate it"
Today it is not necessary to buy the IAM and the GRC products from the same vendor, especially because the GRC solutions are in their early stage. And due to the fact that IAM tools always will focus more on the IT level whilst GRC focuses on the business level I'm not sure whether they shall be really integrated. But one thing is sure: You will need both levels of tools to fully support the business requirements which are driving IAM today.
Kuppinger Cole's Blog  |  June 6, 2008

"7 Steps to Effective Risk Management"
When your organization talks about risk management, what does it mean? According to Gartner, many enterprises are inconsistent in the use and application of the term. So it's no surprise that risk management often ends up siloed into separate functional areas such as business continuity, security, management and privacy. In order to make risk management more effective in your IT organization, Gartner offers 7 steps for companies to consider.
Network World  |  May 27, 2008

"Risk management surpasses compliance as top GRC priority"
Managing enterprise-wide, operational, and IT-related risk has surpassed regulatory compliance as the top governance, risk management and compliance (GRC) priority at most organizations, according to a new report from AMR Research.
SearchDataManagement.com  |  April 15, 2008

"Identity 2.0 tops 2008 trends in identity management"
Analyst group Kuppinger Cole + Partners has unveiled the ten predominant topics and trends in Identity Management in 2008, with Identity 2.0 unsurprisingly leading the way… Also featuring in this year's top ten trends is a growing ‘superstructure' of GRC (Governance, Risk Management and Compliance), which has become the driving force of Identity Management with a strong impact on the change from administration-focused to business-orientated Identity Management.
SourceWire  |  March 10, 2008

"Leveraging Compliance For Security"
One of the big issues facing companies these days is compliance – Sarbanes-Oxley, GLBA, PCI, and there will undoubtedly be more in the coming years. As a result, vendors are pushing all sorts of products that purport to help solve the compliance problem. However, compliance is not a technology problem – it's a business problem which needs a business solution. By instituting sustainable business processes that effectively leverage people and technology, enterprises will become not just more secure but also compliant with current and emerging regulations.
Securosis.com  |  February 18, 2008

"Interview: What Went Wrong at Société Générale?"
Breakdown of IT security and controls underscores the need for security to act as a business partner.
CSO  |  February 2, 2008

"Neglected IT Tasks May Have Led to Bank Meltdown"
The huge losses reported by French bank Société Générale, apparently caused by a rogue trader with inside knowledge of the bank's procedures, don't necessarily point to an IT systems failure but rather to poor management of those systems, analysts say.
IDG News  |  February 2, 2008

"The Future of Information Security: 2008 and Beyond"
Looking into 2008, the information security agenda for executives continues to evolve. Long gone are the days where a firewall and an intrusion detection system can constitute the arsenal of information security defense. The complexities of what to protect and when, overlaid with requirements of regulation and compliance, create the need for a new type of information security executive—one with business savvy, sound risk fundamentals and holistic technical understanding. These skills, coupled with a strong strategy, will be necessary for organizations to achieve their 2008 information security goals.
Cio.com  |  January 2, 2008

"Changing Risk: Enter the CRO"
What you don't know can kill you – or sink the company. As executives and boards of directors demand an integrated, enterprise-wide view of risk, they're turning to chief risk officers (CROs) to provide it. Where should CROs fit inside an organization, and do they have the authority and oversight to really make a difference? Learn how to make a CRO succeed.
ITCI Trends and Technologies  |  December 18, 2007

"Tech Just a Part of the Security Puzzle"
Risk assessment has too often focused too much on technology, but several other factors should be considered as well. Security professionals need to take the various types of risk into account and develop mitigation strategies to minimize those risks, said Ted Friedman, Gartner vice president and member of the firm's information infrastructure team.
Enterprise Security Today  |  December 13, 2007

"A primer on roles"
Last time, we discussed roles and I promised some more about that subject. In particular, it's the whole definition of roles – what are they, what are they useful for – that I wanted to talk about. So here it is. Roles are an administrative tool. Roles allow identity and security administrators to grant privileges (or entitlements) using a layer of abstraction that allows for easier management.
Network World's Security: Identity Management Newsletter  |  September 24, 2007

"The Cost of Compliance"
Regulatory compliance is a form of asymmetric warfare. It will always be faster and cheaper for Congress to create new regulations than it is for businesses to comply with them. After all, the infamous Section 404 of the Sarbanes-Oxley Act is only a few sentences, but carries an enormous punch.
Network World  |  August 20, 2007

"IT and Compliance: A Risk Management 'Odd Couple'"
Handling compliance and risk have become inescapable elements of the modern CIO's role as they strive to ensure that business can forge ahead while not exposing areas of weakness or potential liability. Learn how CIOs manage risk in an age of tightening regulation.
Silicon.com  |  July 7, 2007

For more articles, visit the Headlines & Editorials Archive »