Identity Gets Smart

SailPoint CEO Interviewed for StartUp City

Mark McClain, CEO & Founder opens up to InformationWeek about identity governance. Watch the video »

Identity Governance Buyer's Guide - 2nd Edition

Identity Governance Buyer's GuideContains tools to help you identify your priorities, conduct side-by-side product analysis and find a solution that suits your needs. Download the Guide »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Access Request Manager Data SheetLearn how SailPoint keeps pace with access change.

Download the Lifecycle Manager data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Manage ComplianceLearn how Identity Governance helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee IdentityIQ in action, request a one-on-one demo today.

"By using roles to request, approve and certify user access privileges, BNSF will be able to simplify its user administration and compliance processes. SailPoint IdentityIQ will allow us to enforce and verify role-based access across our critical enterprise applications using a streamlined, automated approach."

Bart Boudreaux, Director, Technology Services, BNSF Railway

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

"As a publicly-traded company and financial services provider, we are subject to a variety of regulations including FISMA, SOX, PCI, and SAS 70. To meet these requirements, we are standardizing and automating our compliance processes for identity management, so that we can centrally control who gets access to sensitive resources and maintain compliance as the organization changes over time. This centralized and automated approach allows us to proactively address risk and more efficiently maintain a compliant, secure environment."

Jerry Archer, Chief Security Officer, Sallie Mae
Bookmark and Share

New Study Says Companies Lack Necessary Data, Technology to Address Insider Threat

Research Confirms Most Organizations Rely on Manual Controls, Remain Ill-Equipped to Meet Complex Identity Compliance Challenges

ELK RAPIDS, Mich. and AUSTIN, Texas, March 5, 2007 – According to a new study by privacy and information management research firm the Ponemon Institute, nearly 60 percent of US-based businesses and government agencies believe they are unable to effectively assess or quantify "insider threat" risks within their organizations – leaving them open to privacy breaches, failed audits and potential fraud or misuse of data. And although more than 70 percent of respondents confirm that identity compliance activities are strategically important, 58 percent still rely on manual processes to audit and control user access to critical enterprise systems and data resources.

Commissioned by SailPoint Technologies, the Survey on Identity Compliance examines the responses of more than 600 US-based senior information security professionals, pointing to inefficient processes, insufficient data and the lack of collaboration between business and IT groups as the leading causes of risk across the enterprise.

Analysis of the survey suggests that despite healthy budget allocations, the state of identity governance, risk management and compliance initiatives remains a serious challenge.

Key findings include:

  • 71 percent of respondents confirm that identity compliance activities are strategically important, resulting in an average of 28 percent of total IT compliance budgets being earmarked for such initiatives.
  • 64 percent of respondents say they have deployed an identity and access management (IAM) solution, a category that includes access control, password management, provisioning and role management. Nevertheless, almost 60 percent of respondents say their companies are unable to effectively focus IAM controls on areas of the greatest business risk.
  • This limitation is viewed as severe: over 80 percent of respondents either strongly agree or agree that risk should be a determining factor in driving identity compliance activities.
  • Respondents cite numerous inefficiencies in their organizations’ IAM compliance processes:
    • 58 percent use mostly manual methods.
    • 87 percent employ a decentralized strategy.
    • 51 percent take a detective (or reactive) approach.
  • Although findings show that responsibility for identity compliance is shared across business, IT and audit/compliance groups, collaboration among them is very weak. 42 percent of respondents say that collaboration rarely occurs, while another 23 percent say it never occurs.

"Our findings point to a number of barriers preventing the implementation of effective identity management and proactive safeguards for securing sensitive corporate data against insider risk,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute.  “In order to assess risk, and identify and address identity management shortcomings, organizations must have access to data and appropriate coordination across business units. Our research shows that, for too many companies, this is simply not happening."

"As the complexity of identity management has increased, so have the inherent risks, media attention and public scrutiny associated with corporate compliance initiatives," said Jackie Gilbert, vice president of marketing and founder of SailPoint. "SailPoint helps companies focus compliance efforts on the greatest areas of business risk in the organization, with cross-disciplinary involvement from business, IT and audit groups. Our goal is to give organizations a sustainable approach to compliance that is cost effective, automated and systematically reduces risk exposure."

Copies of the Survey on Identity Compliance are available through the Ponemon Institute and through SailPoint.

About The Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About SailPoint

SailPoint Technologies, Inc. develops software with unique “Identity Intelligence” that helps organizations achieve regulatory compliance, improve internal controls and manage risks associated with the proliferation of enterprise-wide identity data. Founded in December 2005, SailPoint is based in Austin, Texas.