Identity Gets Smart
Mark McClain, CEO & Founder opens up to InformationWeek about identity governance. Watch the video »
Identity Governance Buyer's Guide - 2nd Edition
Streamline Compliance
Deliver Convenient Access
Get the Big Picture
Align Access with Business
Apply Best Practices
Manage Identity Data
Manage Compliance
Succeed with SailPoint
Don't take our word for it, see what others are saying.
Stay Connected
Subscribe to our quarterly newsletter. Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"
Media Contacts
Kari Hanson Michelle Dillon
Choose Wisely
SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.
Subscribe
SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.
CONTACT US
Hours Email Phone
Schedule a Demo
"By using roles to request, approve and certify user access privileges, BNSF will be able to simplify its user administration and compliance processes. SailPoint IdentityIQ will allow us to enforce and verify role-based access across our critical enterprise applications using a streamlined, automated approach." Bart Boudreaux, Director, Technology Services, BNSF Railway
"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business." Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings
"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk." Kevin Cunningham, Co-Founder and President, SailPoint
"As a publicly-traded company and financial services provider, we are subject to a variety of regulations including FISMA, SOX, PCI, and SAS 70. To meet these requirements, we are standardizing and automating our compliance processes for identity management, so that we can centrally control who gets access to sensitive resources and maintain compliance as the organization changes over time. This centralized and automated approach allows us to proactively address risk and more efficiently maintain a compliant, secure environment." Jerry Archer, Chief Security Officer, Sallie Mae |
At the Helm: A New Year and a Fresh Look at Identity Compliance
A new year always brings hope and enthusiasm with the idea that we're somehow working with a clean slate. We're inspired to drop a bad habit, modify some existing circumstances and start new projects – something good for ourselves. In the spirit of the New Year, I wanted to outline a few thoughts on what customers might want to change, do differently, or start doing in the area of identity audit and compliance for 2008. Save money and invest in your futureCost-cutting continues to be a high priority for most large organizations. CIOs are looking for ways to streamline, gain efficiencies and reduce the amount of time spent on redundant tasks and processes. Unfortunately, for many the initial rush to comply with regulatory mandates resulted in the adoption of piecemeal and labor-intensive compliance processes. Many organizations adopted manual compliance processes with little or no real automation (e-mail systems, spreadsheets, homegrown scripts). Without automation, they are dependent upon people to implement controls, remediate changes, and demonstrate proof of compliance – a far less reliable approach that perpetuates ever-increasing costs and burden on IT staff. Companies should resolve to automate more compliance processes to shape up during 2008. Resolve to quit throwing money out the window on compliance and take control for long-term gain. Assess your situation with our Identity Compliance Assessment Tool and get a quick ROI calculation today. Think long-term fitness, not fad dietOne of the most common mistakes made by organizations under pressure to meet regulatory requirements is to treat compliance as a one-time event to pass an audit. Compliance efforts can be severely undermined by using a short-term project focus to address long-term, continuous business requirements. This causes many organizations to miss the strategic objectives of compliance: the need to strengthen internal controls and ensure the integrity of the business on an ongoing basis. SailPoint Compliance IQ™ provides a scalable, sustainable process for effectively responding to compliance requirements now and in the future. Resolve to change your reactive approach to compliance demands and get ahead of the curve. Use identity risk management to keep you a step ahead of breaches and violations. Learn a new skillA lot of experts are talking about risk management – but most organizations struggle to put a risk-based approach into practice. They want to be able to focus their compliance efforts on the areas of highest business risk. To do this, however, organizations must adopt a new way of thinking and a new discipline. By weaving risk management into identity compliance – from certifying access rights to enforcing policy to managing roles – an organization can better prioritize the risks facing the business and take the appropriate steps to reduce, avoid, or mitigate those risks. Resolve to incorporate risk management into your identity strategy. Listen to a 40-minute webinar that explains how identity risk management can help you to pinpoint which users, departments or areas within the organization are the highest risks for non-compliance or security threats. Finally, resolve to talk back. I want to hear from you. If you're making some of your own New Year's resolutions, please send them my way! Happy New Year, |
