Identity Gets Smart

SailPoint CEO Interviewed for StartUp City

Mark McClain, CEO & Founder opens up to InformationWeek about identity governance. Watch the video »

Identity Governance Buyer's Guide - 2nd Edition

Identity Governance Buyer's GuideContains tools to help you identify your priorities, conduct side-by-side product analysis and find a solution that suits your needs. Download the Guide »

Streamline Compliance

Streamline ComplianceLearn how SailPoint makes compliance more effective and sustainable.

Download the Compliance Manager data sheet »

Deliver Convenient Access

Access Request Manager Data SheetLearn how SailPoint keeps pace with access change.

Download the Lifecycle Manager data sheet »

Get the Big Picture

Get the Big PictureSee exactly how SailPoint IdentityIQ works.

Download the SailPoint IdentityIQ brochure »

Align Access with Business

Align Access with BusinessLearn how SailPoint strengthens identity governance.

Download the Role Manager data sheet »

Apply Best Practices

Apply Best PracticesLearn how to plan ahead for successful role management.

Download the White Paper: Practical Role Management »

Manage Identity Data

Manage Identity DataLearn how to improve visibility and transparency.

Download the Identity Intelligence data sheet »

Manage Compliance

Manage ComplianceLearn how Identity Governance helps meet compliance requirements.

Download the white paper »

Succeed with SailPoint

Don't take our word for it, see what others are saying.

Stay Connected

Subscribe to our quarterly newsletter.

Subscribe »


Get the latest news and views with SailPoint's podcast series, "The Identity Intelligence Insider"

Listen »  |  Subscribe »

Media Contacts

Kari Hanson
pr@sailpoint.com
phone: 978-373-4003


Michelle Dillon
Beaupre & Co. Public Relations
mdillon@beaupre.com
phone: 603-559-5835

Choose Wisely

SailPoint's innovative approach is getting noticed. Don't take our word for it, see what others are saying.

Subscribe

SailPoint's Identity Intelligence Insider is a monthly podcast series on hot topics in identity risk management.

Listen »

CONTACT US

Hours
8:00AM - 6:00PM CST
Monday through Friday excluding holidays

Email
support@sailpoint.com

Phone
(888) 4SAILPT
(888) 472-4578

Schedule a Demo

Schedule a DemoSee IdentityIQ in action, request a one-on-one demo today.

"By using roles to request, approve and certify user access privileges, BNSF will be able to simplify its user administration and compliance processes. SailPoint IdentityIQ will allow us to enforce and verify role-based access across our critical enterprise applications using a streamlined, automated approach."

Bart Boudreaux, Director, Technology Services, BNSF Railway

"SailPoint helps us define the connection between user access, financial control and intellectual property protection. Their risk-aware approach focuses on the relative risks associated with user access within our business."

Russ Finney, Vice President of U.S. Information Systems operations for Tokyo Electron, U.S. Holdings

"Businesses that are concerned with compliance mandates and ensuring the security and integrity of their IT systems cannot afford 12 to 18 month deployments. With IdentityIQ, organizations can gain immediate payback from automating key governance processes to better address business risk."

Kevin Cunningham, Co-Founder and President, SailPoint

"As a publicly-traded company and financial services provider, we are subject to a variety of regulations including FISMA, SOX, PCI, and SAS 70. To meet these requirements, we are standardizing and automating our compliance processes for identity management, so that we can centrally control who gets access to sensitive resources and maintain compliance as the organization changes over time. This centralized and automated approach allows us to proactively address risk and more efficiently maintain a compliant, secure environment."

Jerry Archer, Chief Security Officer, Sallie Mae
Bookmark and Share
Home » Product » Compliance Manager » Policy Enforcement

Policy Enforcement

Enforcing access policy: It's one of the most important, and one of the most challenging, components of compliance. Many organizations are still trying to handle it in a fragmented, manual manner – a nearly impossible job as systems continually evolve and change, new users come onboard and existing users make job changes that require new access privileges.

IdentityIQ Compliance Manager provides an automated, efficient way to detect and manage inappropriate combinations of access that may result in policy violations, such as separation-of-duty (SoD), across the enterprise – far more accurately and quickly than any manual, decentralized approach.

Overview

Detect and Mitigate Enterprise-Wide Policy Violations in Real Time
Proactively managing policy violations is critical to managing security and business risk. Compliance Manager takes a proactive, automated approach to policy enforcement, allowing business managers and IT to define and automatically scan for policy violations, across enterprise IT systems, and to respond appropriately.

Compliance Manager tracks the status of policy violations for each user and incorporates this information into the compliance dashboard, identity risk scores and certification reports. Managers can lower risk scores by revoking access that results in a policy violation or by allowing an exception.

Benefits

With IdentityIQ Policy Enforcement, enterprises can:

  • Enforce Multiple Types of Policy across Enterprise Applications – Allows organizations to define, detect and remediate SoD policies for roles and entitlements, as well as account, risk and activity policies
  • Proactively Identify Violations – Automatically scans and analyzes identity data across all compliance-relevant applications to quickly detect policy violations, enabling organizations to rapidly find and resolve policy exceptions
  • Mitigate Violations in Real Time – Supports customization of how policy violations are handled once detected; for example, low-severity violations can be summarized in reports while high-severity alerts can trigger notifications to a manager for immediate remediation
  • Use a Risk-Based Approach to Prioritize Violations – Assigns a risk score to indicate the level of risk associated with the violation of a defined policy
  • Track and Report on Violations – Generates graphical reports based on policy scans, with violations summarized and grouped by application, department or geography
  • Check Policy before Implementing Access Changes – Proactive policy checking and impact analysis ensures that inappropriate access privileges in violation of defined policies are not granted

Resources

  • SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, a comprehensive identity governance solution that delivers risk-aware compliance management, integrated lifecycle management, identity intelligence, and user provisioning with a common framework for managing roles, risk and policy.
  • IdentityIQ Compliance Manager Data Sheet – Provides a detailed look at the benefits, key capabilities and features for the compliance management component of SailPoint IdentityIQ offering automated access certifications and policy enforcement.
  • Podcast: Identity Governance Satisfies Compliance, Personnel Management and Security Demands – Dana Gardner, principal analyst at Interarbor Solutions, talks about a serious and potentially catastrophic set of issues for many companies concerning security and risk aversion around personnel, applications, and IT systems. With SailPoint executives, he reviews how companies can more properly manage identity information and access rules for the users of applications and systems.
  • White Paper: Effectively Managing Today's Compliance Challenges with Identity Governance – This paper examines the common regulatory requirements that companies face in order to manage information security risk, focusing on the key role played by identity governance in meeting those requirements. It provides recommendations on how to build a sustainable approach to compliance and reviews five guidelines for improving compliance efficiency and building risk management into the compliance process.
  • Case Study: Stepping up Compliance Efforts while Enhancing Security for Intellectual Property – TEL U.S. Holdings (Tokyo Electron) wanted to streamline its manually-driven compliance processes, improve security and gain better visibility into and control over user access to reduce the risk of intellectual property (IP) theft. Within just two months, SailPoint IdentityIQ enabled them to take a more proactive approach to compliance and improve their overall governance posture.

Demo

Register to See IdentityIQ in Action

Please complete the questions below and someone will contact you soon to schedule an IdentityIQ demo.

*Please note, fields marked with an asterisk (*) are required.

First Name: *
Last Name: *
Title: *
*
*
Phone: * (please use only numbers)
What capabilities are you most interested in? (select all that apply, please hold down "ctrl" key when selecting multiple answers)
 

* If your browser is set to accept cookies, you will be recognized on subsequent visits and immediately granted access to the SailPoint Resource Center.