For the past several weeks, I’ve been racking up the frequent flier miles, canvassing the identity management marketplace and talking with customers from various industries and geographies. My overwhelming conclusion from these meetings is that the concept of identity governance has rapidly evolved over the last 12 months from an auditor’s concern to an urgent enterprise requirement. Last year, it was not unusual for me speak to companies that believed they had identity governance covered, had other priorities, or in some rare cases, believed that identity governance was “something that doesn’t affect us.”
This year, the companies I’m meeting are facing hard deadlines to get their houses in order because many organizations that originally dodged the compliance bullet are now likely to face tough identity-related questions from their executive management. There is now widespread recognition of the need for increased focus on corporate controls around access management – an area that IT auditors are scrutinizing more than ever (In fact, Deloitte’s 6th Annual Global Security Survey points to 10 problems revealed by IT auditors – and the majority are identity-related issues. CIO Insight also posted a slideshow on the survey).
It’s refreshing to see companies moving quickly to proactively get ahead of the curve and begin to implement a identity governance strategy. Of course, my favorite examples are those where SailPoint is helping to make organizations successful with that strategy. One of our customers perhaps said it best recently:
“By implementing SailPoint IdentityIQ, [we have] benefited from enterprise-wide visibility into and control over our identity data. We’ve been able to proactively mitigate business risk associated with weak user access controls, map employee access to the risk ranking of our applications based on Sarbanes-Oxley and other regulations, and work closely with business managers to ensure user privileges follow our corporate policies.”
If you’d like to learn more, we have a series of webinars available that detail various identity governance best practices. Be sure to check back, as we add new topics each month.