Policy Management

In many organizations, enforcing access policy is complicated: systems evolve and change, new roles and users are continually added and existing users need new privileges as additional job responsibilities are assigned. Unless IT and business managers have an automated, easy way to define and scan for policy violations and validate all new access requests before they are granted, violations will remain or seep back into the system.

The policy management component of the Governance Platform provides an easier, automated way to define policies, validate access requests and check for violations.

Overview

Define and Apply Access Policies
A flexible policy model within the Governance Platform allows organizations to define and validate all types of user access policy, including SoD policies, during access request, certification and provisioning processes. Using a business-friendly policy editor, organizations can customize rules and create new policies at both the role and entitlement level. IdentityIQ also allows policy to be applied to user activity or risk scores.

By defining corporate access policies across enterprise resources and storing them in the Governance Platform, the policy management component of IdentityIQ helps organizations detect existing policy violations and prevent new violations from occurring. Importantly, this coverage spans all enterprise systems and applications, enabling policy enforcement across application silos (e.g., SAP, mainframe, web-based applications).

Benefits

With IdentityIQ policy management, enterprises can:

• Improve compliance with internal policy and external regulations when granting and certifying access
• Detect and prevent policy violations and respond appropriately with remediation
• Enable business participation in policy enforcement via easy-to-use tools and rich business context
• Achieve enterprise-wide policy enforcement that spans applications and platforms

Resources

• SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, a comprehensive identity governance solution that delivers risk-aware compliance management, integrated lifecycle management, identity intelligence, and user provisioning with a common framework for managing roles, risk and policy.
• Podcast: Identity Governance Satisfies Compliance, Personnel Management and Security Demands - Dana Gardner, principal analyst at Interarbor Solutions, talks about a serious and potentially catastrophic set of issues for many companies concerning security and risk aversion around personnel, applications, and IT systems. With SailPoint executives, he reviews how companies can more properly manage identity information and access rules for the users of applications and systems.
• Case Study: Stepping up Compliance Efforts while Enhancing Security for Intellectual Property – TEL U.S. Holdings (Tokyo Electron) wanted to streamline its manually-driven compliance processes, improve security and gain better visibility into and control over user access to reduce the risk of intellectual property (IP) theft. Within just two months, SailPoint IdentityIQ enabled them to take a more proactive approach to compliance and improve their overall governance posture.
• White Paper: Get Compliant and Stay Compliant with Identity Governance – This paper examines the common regulatory requirements that companies face in order to manage information security risk, focusing on the key role played by identity governance in meeting those requirements. It provides recommendations on how to build a sustainable approach to compliance and reviews five guidelines for improving compliance efficiency and building risk management into the compliance process.

Demo

Register to See IdentityIQ in Action

Please complete the questions below and someone will contact you soon to schedule an IdentityIQ demo. *Please note, fields marked with an asterisk (*) are required. First Name: * Last Name: * Title: * Company: * Email: * Phone: * (please use only numbers) What capabilities are you most interested in? (select all that apply, please hold down "ctrl" key when selecting multiple answers) Compliance management Access Certifications Policy Enforcement Provisioning Role Management Access request management Identity intelligence Auditing and reporting All of the above Other   * If your browser is set to accept cookies, you will be recognized on subsequent visits and immediately granted access to the SailPoint Resource Center.