Certify Access

Certify AccessGet the details on how SailPoint streamlines and automates the review and approval of user access privileges.

Download the access certification at-a-glance »

Enforce Policy

Enforce PolicyGet the details on how SailPoint defines and enforces business rules and policies to mitigate risk.

Download the policy management at-a-glance »

Monitor Activity

Monitor ActivityGet the details on how SailPoint streamlines and automates the review and approval of user access privileges.

Download the Activity Monitoring at-a-glance »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Access Request Manager Data SheetLearn how SailPoint delivers access in a policy-controlled environment.

Download the Access Request Manager
data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Manage ComplianceLearn how Identity Risk Management helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee IdentityIQ in action, request a one-on-one demo today.

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

Risk Never Sleeps – Time to Rise and Shine

Kevin Cunningham

By Kevin Cunningham
President and Co-founder

It seems like you can't get your news these days without reading about another organization that's lost sensitive customer data or fallen victim to a trusted employee committing internal fraud. Paradoxically, breaches are occurring with increasing frequency despite the flood of regulations mandating stronger security and privacy practices.

Part of the answer to this puzzle lies in the fact that many organizations fail to effectively align security and compliance activities with tangible goals to reduce actual risk. Companies that implement "check-the-box" compliance processes are likely not addressing the true areas of risk to the business. What's missing is a disciplined approach to managing risk that quantitatively evaluates exposures and consequences.

Taking a risk-based approach to managing user access to sensitive applications and data is key when it comes to protecting your organization's reputation, intellectual property, and financial integrity. But where do you start? Here are a few practical steps organizations can take to build risk management into their identity infrastructure:

  • Inventory IT assets and classify by business risk. To adequately protect your information assets, create a common framework that will allow you to determine the level and severity of risk associated with each asset.
  • Gain enterprise-wide visibility to user access privileges, and systematically identify high-risk users. Start with building a comprehensive view of "who has access to what" across all of your high-risk or compliance-relevant applications. You can then employ rules-based analytics to identify high-risk users based on the number and type of access privileges held by the user, policy violations detected, or other user attributes such as temporary/contractor status or location. My advice: start with a simple risk model and build from that base.
  • Take a risk-based approach in the design of IT controls. Prioritize controls that relate to areas of greatest business risk – avoid treating all assets and users the same. This will ensure you get the biggest impact from your efforts.
  • Remember, you need to measure risk in order to manage it. Metrics deliver the information needed to make informed decision and to monitor and improve your organization's risk management performance.

Remember the famous quote by Benjamin Franklin, "An ounce of prevention is worth a pound of cure"? Well, he's right. It's time to get ahead of risk, and, in this edition of SailPoint Navigate, we offer you tools, real-world examples and expert advice that will help you do just that.

Coffee's ready,

Kevin Cunningham
President and Co-founder
SailPoint