Identity Gets Smart

SailPoint CEO Interviewed for StartUp City

Mark McClain, CEO & Founder opens up to InformationWeek about identity governance. Watch the video »

Identity Governance Buyer's Guide - 2nd Edition

Identity Governance Buyer's GuideContains tools to help you identify your priorities, conduct side-by-side product analysis and find a solution that suits your needs. Download the Guide »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Access Request Manager Data SheetLearn how SailPoint keeps pace with access change.

Download the Lifecycle Manager data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Manage ComplianceLearn how Identity Governance helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee IdentityIQ in action, request a one-on-one demo today.

"By using roles to request, approve and certify user access privileges, BNSF will be able to simplify its user administration and compliance processes. SailPoint IdentityIQ will allow us to enforce and verify role-based access across our critical enterprise applications using a streamlined, automated approach."

Bart Boudreaux, Director, Technology Services, BNSF Railway

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

"As a publicly-traded company and financial services provider, we are subject to a variety of regulations including FISMA, SOX, PCI, and SAS 70. To meet these requirements, we are standardizing and automating our compliance processes for identity management, so that we can centrally control who gets access to sensitive resources and maintain compliance as the organization changes over time. This centralized and automated approach allows us to proactively address risk and more efficiently maintain a compliant, secure environment."

Jerry Archer, Chief Security Officer, Sallie Mae
Bookmark and Share

SailPoint Delivers Next Generation Identity Risk Management with Compliance IQ 2.0

AUSTIN, Texas, Dec. 5, 2007 – SailPoint Technologies, Inc. today released Compliance IQ 2.0, the latest version of the company's breakthrough identity risk management software that reduces the complexity, costs and risks associated with controlling and managing user access to sensitive applications and data. With new risk management features and tools to help IT and business managers collaborate on managing risks associated with user access, Version 2.0 accelerates organizations' ability to put in place proactive risk management practices while tackling the practical issues associated with identity and access compliance.

In spite of billions in compliance spending by public and private enterprises across industries, breaches involving insiders who expose consumer data, intellectual property and government intelligence have dominated headlines in recent months. The frequency of these breaches indicates the extent to which enterprises are struggling to secure user access to information and applications within the organization.

"When a typical large enterprise has tens of thousands of users and thousands of applications, basic identity audit and compliance tasks like certifying which users have access to critical applications and data are monumental," said Lori Rowland, Burton Group. "Organizations that master these tactical matters are poised to tackle the next big challenge and opportunity for most enterprises – collaborating with business managers to determine acceptable levels of risk for users and IT resources."

SailPoint Compliance IQ

Compliance IQ helps organizations achieve and demonstrate strong, consistent control over user access to critical systems and data in an automated and sustainable way. By providing rich, multi-dimensional views of identity data, Compliance IQ enables enterprises to understand what systems and data their users can access; determine if users' access aligns with their job functions and with corporate and regulatory policies; automate certification of users' access; and assess the relative risk each user's access represents to the business. Compliance IQ capabilities include risk modeling and analytics, user access certifications, role management, automated policy enforcement and user activity monitoring.

Making Risk Management Attainable

The extended risk model in Compliance IQ 2.0 helps enterprises – no matter what level of identity governance maturity they have achieved – focus access controls and monitoring according to business risk.

  • Rapid Risk Modeling: The product's graphical risk configuration templates enable quick and easy definition and customization of the factors that contribute to identity risk. Once the risk model is configured, organizations can begin compiling risk metrics to improve the effectiveness of controls and ultimately the security of the business.
  • Resource-Level Risk Management: Unique to Compliance IQ 2.0, resource-level risk management measures the risk levels of corporate IT resources – applications, databases and file shares – allowing application and data owners to measure asset risk and proactively address it with improved controls. Like the risk scores Compliance IQ assigns to user identities, Version 2.0 now also gives risk scores to IT assets based on attributes such as number of orphaned, dormant, service-level or super-user accounts; high risk users with access; and policy violations detected.
  • Risk Advisor: The new risk advisor feature strengthens IT controls by proactively alerting business managers and application owners to changes in identity and resource risk scores and providing mitigation or remediation advice, e.g., removing access privileges, performing an on-demand access certification for a user, or initiating activity monitoring for a user or a group of users.
  • Extensible Risk Model: Compliance IQ 2.0 allows organizations to extend the identity and resource risk models by incorporating new, customizable factors into risk calculations. For example, Compliance IQ can integrate with corporate directories or human resource systems to factor attributes such as geographic location or temporary worker status into the risk score for a given user.

"Our risk-based approach to compliance and governance has been extremely well received by the market," said SailPoint CEO Mark McClain. "We will continue investing in next-generation technology to bring identity risk management into the mainstream as a core IT discipline. With Compliance IQ 2.0, we want to help our customers see risk management as something that's possible today rather than some far-off vision for the future."

Simplifying Compliance and Providing Business Context

New features in Compliance IQ 2.0 make it easier for companies to manage identity audit and compliance with richer business context, making technical data more understandable to executives and business users performing compliance oversight.

  • Collaborative Role Definition: New to Compliance IQ 2.0 is the unique ability for business managers to define new roles while certifying access privileges – a feature that allows organizations to adjust roles as the business evolves and to accomplish role definition incrementally. With this capability, Compliance IQ broadens its comprehensive range of options for creating business roles, including directed role mining, undirected role mining and role modeling.
  • Business Context for Entitlements: In the same way business roles define collections of IT privileges in meaningful business terms, Version 2.0 introduces the ability to assign business friendly descriptors to entitlements being managed by Compliance IQ. These descriptors ease the process of access certification for business users while ensuring greater reliability and accuracy.
  • Role Lifecycle Management: The solution's role lifecycle management features provide easy-to-use workflow for approving roles once they are created or modified and to review and verify roles on a periodic basis, ensuring business roles remain accurate. New what-if analysis allows role approvers to see how proposed changes will impact users before changes are implemented.

Availability

SailPoint Compliance IQ 2.0 is available immediately. For more information, visit www.sailpoint.com.

About SailPoint

SailPoint Technologies, Inc. develops identity risk management software that helps organizations gain control over user access to critical systems and data, streamline costly IT compliance processes and reduce the risks of fraud, corporate data loss or theft and failed audits. Founded in December 2005, SailPoint is based in Austin, Texas.