Policy Enforcement

Overview

Proactively Manage Enterprise-Wide Access Privileges
IdentityIQ Compliance Manager allows IT and business users to define and automatically scan for policy violations. In addition, through integration with IdentityIQ Access Request Manager or a user provisioning solution, Compliance Manager can proactively validate and enforce policies before access is granted.

Compliance Manager tracks the status of policy violations for each user and incorporates this information into identity risk scores and certification reports. Managers can lower risk scores by revoking access that results in a policy violation or by allowing an exception on a given policy violation.

Capabilities

• Define Multiple Types of Policy across Enterprise Applications – Define and enforce policies, in accordance with internal governance, audit, and legal requirements across all critical application environments. IdentityIQ supports implementation of SoD policy for roles and entitlements, as well as account, risk and activity policy as needed.
• Proactively Identify Violations – Automatically scans and analyzes identity data across all compliance-relevant applications to quickly detect policy violations, enabling organizations to rapidly find and resolve policy exceptions.
• Mitigate Violations in Real-Time – Organizations can customize how policy violations are handled once they are detected by scans. For example, lower severity violations can be summarized in reports, whereas high severity alerts can automatically trigger notifications to managers for immediate remediation.
• Check Policy before Implementing Access Changes – Proactive policy checking and impact analysis ensures that inappropriate access privileges in violation of defined policies are not granted.
• Track and Report on Violations – Graphical reports are generated based on policy scans, showing a summary of violations grouped by application, department, or geography.

Features

• Policy Definition – Create rules and policies in business-friendly language based on compliance and legal requirements across all critical application environments.
• Separation-of-Duty Support – Facilitate compliance with enterprise-wide definition and enforcement of SoD policies for roles and entitlements.
• Violation Detection and Alerting – Proactively scan and analyze identity data and notify key personnel or automatically initiate configurable workflows when violations are detected.
• Impact Analysis – Prevent new violations with policy checks and impact analyses before new user access privileges are granted.
• Violation Management – Centralize management of enterprise policy violations through an easy-to-navigate user interface.
• Risk-Aware Policy Enforcement – Elevate identity risk scores for users who have policy violations that have not been resolved or granted an exception.

Resources

• SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, an innovative identity governance solution that delivers risk-aware compliance management, adaptive role management, access request management and identity intelligence.
• IdentityIQ Compliance Manager Data Sheet – Outlines the key components and benefits of IdentityIQ's compliance management offering including access certification, policy enforcement, and activity monitoring.
• NEW! What's New in SailPoint IdentityIQ 4.0 – Get a closer look at the business drivers behind the new features now available in the latest version of IdentityIQ and how they help to synchronizes identity business processes with IT controls for improved compliance performance.
• Podcast: Identity Governance Satisfies Compliance, Personnel Management and Security Demands – Dana Gardner principal analyst at Interarbor Solutions, talks about a serious and potentially catastrophic set of issues for many companies concerning security and risk aversion around personnel, applications, and IT systems. With SailPoint executives, he reviews how companies can more properly manage identity information and access rules for the users of applications and systems.
• White Paper: Effectively Managing Today's Compliance Challenges with Identity Governance – This paper examines the common regulatory requirements that companies face in order to manage information security risk, focusing on the key role played by identity governance in meeting those requirements. It provides recommendations on how to build a sustainable approach to compliance and reviews five guidelines for improving compliance efficiency and building risk management into the compliance process.
• Case Study: Stepping up Compliance Efforts while Enhancing Security for Intellectual Property – TEL U.S. Holdings (Tokyo Electron) wanted to streamline its manually-driven compliance processes, improve security and gain better visibility into and control over user access to reduce the risk of intellectual property (IP) theft. Within just two months, SailPoint IdentityIQ enabled them to take a more proactive approach to compliance and improve their overall governance posture.

Demo

Register to See IdentityIQ in Action

Please complete the questions below and someone will contact you soon to schedule an IdentityIQ demo. *Please note, fields marked with an asterisk (*) are required. First Name: * Last Name: * Title: * Company: * Email: * Phone: * (please use only numbers) What capabilities are you most interested in? (select all that apply, please hold down "ctrl" key when selecting multiple answers) Compliance management Access Certifications Policy Enforcement Activity Monitoring Role Management Access request management Identity intelligence Auditing and reporting All of the above Other   * If your browser is set to accept cookies, you will be recognized on subsequent visits and immediately granted access to the SailPoint Resource Center.