Identity Gets Smart

SailPoint CEO Interviewed for StartUp City

Mark McClain, CEO & Founder opens up to InformationWeek about identity governance. Watch the video »

Identity Governance Buyer's Guide - 2nd Edition

Identity Governance Buyer's GuideContains tools to help you identify your priorities, conduct side-by-side product analysis and find a solution that suits your needs. Download the Guide »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Access Request Manager Data SheetLearn how SailPoint keeps pace with access change.

Download the Lifecycle Manager data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Manage ComplianceLearn how Identity Governance helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee IdentityIQ in action, request a one-on-one demo today.

"By using roles to request, approve and certify user access privileges, BNSF will be able to simplify its user administration and compliance processes. SailPoint IdentityIQ will allow us to enforce and verify role-based access across our critical enterprise applications using a streamlined, automated approach."

Bart Boudreaux, Director, Technology Services, BNSF Railway

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

"As a publicly-traded company and financial services provider, we are subject to a variety of regulations including FISMA, SOX, PCI, and SAS 70. To meet these requirements, we are standardizing and automating our compliance processes for identity management, so that we can centrally control who gets access to sensitive resources and maintain compliance as the organization changes over time. This centralized and automated approach allows us to proactively address risk and more efficiently maintain a compliant, secure environment."

Jerry Archer, Chief Security Officer, Sallie Mae
Bookmark and Share

SailPoint and Cloakware Partner to Strengthen Identity Controls for Privileged User Accounts

Integrated Solution Reduces Risk of Insider Fraud, Data Breaches

AUSTIN, Texas and Vienna, Virginia, June 11, 2008 – SailPoint Technologies, the leading provider of identity risk management software, and Cloakware, the security solutions provider that makes security inseparable from software, today announced a technology and business partnership that will allow enterprises to better protect their critical business applications and data through strong management and monitoring of privileged and application-to-application accounts.

Many organizations fail to adequately manage privileged or application-to-application (A2A) passwords which guard access to an organization's most sensitive information such as customer and financial data. Privileged passwords are typically managed using manual processes and are hard to audit due to the anonymous nature of the accounts (in that they are not associated with a specific user). A2A passwords tend to proliferate and are often unmanaged. These passwords are known to developers and contractors and are visible in plain text inside scripts, applications, and server configuration files. Many IT groups knowingly allow A2A passwords and user IDs to remain unchanged for months or even years, creating a security risk.

"The increased emphasis on compliance has raised concerns about privileged accounts to the highest levels of the organization," noted Mark Diodati, Senior Analyst at Burton Group. "These accounts can bypass most security controls to breach data, and remain a focal point of the insider attack. While privileged password management products are valuable – and arguably essential – for most large organizations, additional controls are needed. These controls include holistic policy management and 360 degree auditing."

The solution combines SailPoint Compliance IQ and Cloakware Server Password Manager (CSPM) to more effectively meet the requirements of regulations such as SOX, PCI, and HIPAA and to reduce the risk of data breaches, fraud, or loss of intellectual property. Using strong analytics and data mining capabilities, Compliance IQ provides organizations with an enterprise-wide view of user access privileges and the ability to apply automated controls and policy to user access. Cloakware CSPM eliminates the need for shared accounts by securely storing privileged user ids and passwords in a central repository and maintaining complete control over the use of privileged accounts by IT personnel.

The partnership between SailPoint and Cloakware gives organizations an out-of-the-box solution that eliminates the need to build custom integration and speeds time-to-deployment, providing four key features:

  • Access Certification and Remediation – incorporates privileged user accounts into Compliance IQ's automated workflow for access certification. A decision to revoke or modify privileged account access triggers a request from Compliance IQ to Cloakware Server Password Manager to restrict the allocation and ongoing use of that account by that user.
  • Policy Checks – enables Cloakware Server Password Manager to query Compliance IQ to determine if granting privileged access to a user will violate any identity governance policies such as Separation-of-Duty. This capability allows organizations to implement "preventive compliance" by checking policies before credential changes are introduced into the IT environment.
  • Privileged User Monitoring – correlates Cloakware Server Password Manager's comprehensive log of how workers are using privileged accounts with the identity data in Compliance IQ, providing a holistic view of how privileged access is being used across enterprise resources.
  • Risk Modeling – factors the privileged account data from Cloakware Server Password Manager into Compliance IQ's identity risk model to calculate a unique identity risk score for each privileged user. The solution can also assign risk scores to application and system resources based on the number of privileged user and application-to-application accounts that reside on that resource.

"Combining the privileged user management capabilities of Cloakware with the identity risk management capabilities of SailPoint enables organizations to strengthen internal controls and better protect business assets," said Mark McClain, chief executive officer of SailPoint. "Together, we provide the visibility to identify and proactively address potential exposures that otherwise would be difficult to detect."

"Recent cases of data theft in large organizations around the world have underlined the need for closed loop password and identity risk management systems," said David Canellos, chief operating officer and president of Cloakware. "Linking Cloakware's password management system to SailPoint's identity risk management systems is an elegant solution to enforce individual business policies and information technology policies. The combined solution significantly reduces the likelihood of data breaches, fraud and the loss of intellectual property. We are looking forward to offering this solution to our customers around the globe."

The integrated solution offering from SailPoint and Cloakware is available now. The two companies are collaborating on marketing, sales, and customer deployments.

About Cloakware

Cloakware, an Irdeto company, is the security solutions provider that makes security inseparable from the software it protects. From applications and databases in corporate data centers, to PCs and consumer devices such as mobile phones and set-top boxes, software applications need to protect themselves from unauthorized user access and tampering. Cloakware's patented, layered, and compliance-driven approach to software self-protection delivers the trusted environment that the government, enterprise and consumer markets require. Cloakware's software security solutions protect more than one billion shipped applications and the assets of some of the world's largest, most recognizable and technologically advanced companies. The company is headquartered in Vienna, VA with offices in Ottawa, Canada and the UK, and regional sales offices throughout the US. For more information, please go to www.cloakware.com.

About SailPoint

SailPoint Technologies, Inc. develops identity risk management solutions that help organizations improve visibility and control over enterprise-wide identity data, ultimately reducing the risks of privacy breaches, failed audits and potential fraud or misuse of sensitive business information. Founded in December 2005, SailPoint is based in Austin, Texas.