Certify Access
Enforce Policy
Monitor Activity
Streamline Compliance
Get the Big Picture
Align Access with Business
Apply Best Practices
Manage Identity Data
Manage Compliance
Succeed with SailPoint
Don't take our word for it, see what others are saying.
Stay Connected
Subscribe to our quarterly newsletter. Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"
Media Contacts
Kari Hanson Michelle Dillon
Choose Wisely
SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.
Subscribe
SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.
CONTACT US
Hours Email Phone
Schedule a Demo
|
At the Helm: A Smooth Path to Identity
|
 By Jackie Gilbert |
Adopting a risk management approach to identity may seem out of reach for many companies – but it needn't be a giant cultural or technological change. At SailPoint, we believe in a stepwise approach that delivers immediate and short-term results while moving your business toward a long-term vision of "true" risk management. After all, you have to crawl (and get out from under your greatest area of pain), before you can walk or run.
We designed our product, SailPoint Compliance IQ, to be flexible and modular, so it can be deployed to solve specific identity management or compliance-driven projects while laying the foundation for a risk-based approach. Taking baby steps makes sense in a lot of ways, as it allows you to show quick progress and get buy-in from other stakeholders.
Let's take a financial services firm as a good example. In order to comply with Sarbanes-Oxley, the company was required to audit and certify user access to sensitive financial data on a quarterly basis. Like many businesses, the company had a mostly manual access certification process. Every quarter, the staff spent hundreds of hours generating reports across multiple applications and platforms, compiling and correlating the data, so that supervisors could review and approve access privileges for each user.
This project was an ideal starting point for SailPoint Compliance IQ. Our product helps companies solve their most pressing compliance pains, such as access certifications or separation of duty (SOD) policy enforcement, while building a foundation for risk management. The following illustrates a practical approach that works for this company's needs:
Step 1: Compliance IQ automates the entire access certification process, correlating and formatting all user access data into one simple web interface for review and approval. This process vastly improves the quality and reliability of reports, while dramatically shrinking the time it takes to generate and review them.
Step 2: Compliance IQ's "identity intelligence" approach gives the company centralized visibility into identity data and allows them to apply common policy across applications and platforms. The new consolidated view of access privileges makes it much easier for reviewers to spot inappropriate and/or excess access points, while automation provides a way to systematically eliminate policy violations.
Step 3: Moving towards "true" identity risk management, the company can apply Compliance IQ's risk model to their centralized view of identity data, pinpointing "hot spots" of higher-than-average business risk. The company can then focus its controls and monitoring based on risk and demonstrate measurable improvements in risk reduction over time.
In plain terms, SailPoint Compliance IQ helps organizations to progressively build identity compliance and risk management capabilities with the end goal of reducing their overall business risk.
If you'd like to find out how your organization's identity compliance and risk management capabilities measure up, check out our interactive compliance assessment tool and receive an initial assessment with our recommendations.
Prepare now for smoother sailing tomorrow,
Jackie