Certify Access

Certify AccessGet the details on how SailPoint streamlines and automates the review and approval of user access privileges.

Download the access certification at-a-glance »

Enforce Policy

Enforce PolicyGet the details on how SailPoint defines and enforces business rules and policies to mitigate risk.

Download the policy management at-a-glance »

Monitor Activity

Monitor ActivityGet the details on how SailPoint streamlines and automates the review and approval of user access privileges.

Download the Activity Monitoring at-a-glance »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the compliance management data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint Compliance IQ works.

Download the SailPoint Compliance IQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the role management data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to manage the multiple dimensions of identity.

Download the Identity Cubes overview »

Manage Compliance

Manage ComplianceLearn how Identity Risk Management helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee Compliance IQ in action, request a one-on-one demo today.

New Study Says Companies Lack Necessary Data, Technology to Address Insider Threat

Research Confirms Most Organizations Rely on Manual Controls, Remain Ill-Equipped to Meet Complex Identity Compliance Challenges

ELK RAPIDS, Mich. and AUSTIN, Texas, March 5, 2007 – According to a new study by privacy and information management research firm the Ponemon Institute, nearly 60 percent of US-based businesses and government agencies believe they are unable to effectively assess or quantify "insider threat" risks within their organizations – leaving them open to privacy breaches, failed audits and potential fraud or misuse of data. And although more than 70 percent of respondents confirm that identity compliance activities are strategically important, 58 percent still rely on manual processes to audit and control user access to critical enterprise systems and data resources.

Commissioned by SailPoint Technologies, the Survey on Identity Compliance examines the responses of more than 600 US-based senior information security professionals, pointing to inefficient processes, insufficient data and the lack of collaboration between business and IT groups as the leading causes of risk across the enterprise.

Analysis of the survey suggests that despite healthy budget allocations, the state of identity governance, risk management and compliance initiatives remains a serious challenge.

Key findings include:

  • 71 percent of respondents confirm that identity compliance activities are strategically important, resulting in an average of 28 percent of total IT compliance budgets being earmarked for such initiatives.
  • 64 percent of respondents say they have deployed an identity and access management (IAM) solution, a category that includes access control, password management, provisioning and role management. Nevertheless, almost 60 percent of respondents say their companies are unable to effectively focus IAM controls on areas of the greatest business risk.
  • This limitation is viewed as severe: over 80 percent of respondents either strongly agree or agree that risk should be a determining factor in driving identity compliance activities.
  • Respondents cite numerous inefficiencies in their organizations’ IAM compliance processes:
    • 58 percent use mostly manual methods.
    • 87 percent employ a decentralized strategy.
    • 51 percent take a detective (or reactive) approach.
  • Although findings show that responsibility for identity compliance is shared across business, IT and audit/compliance groups, collaboration among them is very weak. 42 percent of respondents say that collaboration rarely occurs, while another 23 percent say it never occurs.

"Our findings point to a number of barriers preventing the implementation of effective identity management and proactive safeguards for securing sensitive corporate data against insider risk,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute.  “In order to assess risk, and identify and address identity management shortcomings, organizations must have access to data and appropriate coordination across business units. Our research shows that, for too many companies, this is simply not happening."

"As the complexity of identity management has increased, so have the inherent risks, media attention and public scrutiny associated with corporate compliance initiatives," said Jackie Gilbert, vice president of marketing and founder of SailPoint. "SailPoint helps companies focus compliance efforts on the greatest areas of business risk in the organization, with cross-disciplinary involvement from business, IT and audit groups. Our goal is to give organizations a sustainable approach to compliance that is cost effective, automated and systematically reduces risk exposure."

Copies of the Survey on Identity Compliance are available through the Ponemon Institute and through SailPoint.

About The Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About SailPoint

SailPoint Technologies, Inc. develops software with unique “Identity Intelligence” that helps organizations achieve regulatory compliance, improve internal controls and manage risks associated with the proliferation of enterprise-wide identity data. Founded in December 2005, SailPoint is based in Austin, Texas.