Guardian Sails with SailPoint
Identity programs evolve for a variety of different reasons: from regulatory compliance pressure and manual process fatigue to digital transformation across the enterprise, no organization is immune from having to build and evolve a strong identity program.
At our annual conference, Navigate, we invited customers to the stage to discuss their identity program success, failure and learnings.
In Austin, we had the pleasure of hearing from a longtime customer, The Guardian Life Insurance Company of America. Dante Rodino, IAM Business Operations Manager at Guardian, described the steps to build a successful identity program. Here’s a recap of his session and an update on their program from the last time they shared it with us.
Guardian is a Fortune 250 company and leading provider of life, disability and other benefits for over 27 million people. Rodino shared Guardian’s specific recipe for success in hopes of educating other organizations that are beginning their identity program. Guardian’s identity program began from a need to mitigate access-related risk across the organization and increase operational efficiency. “We spent some time up front exploring the best way to approach this program to ensure its success. I strongly believe keeping your intended use cases simple when launching your program keeps you on track for success,” Rodino shared with the audience.
Scaling the program was a huge priority, as it likely is for you, too. “You need to manage customer and stakeholder expectations. It takes time to do things right,” Rodino reflected. When bringing different divisions and applications together under an identity governance program, cleaning source system data should be your first priority. Once you’re comfortable with the data, move forward integrating with your identity governance solution. “The integrity of your program relies on clean data,” said Rodino.
The Importance of Interconnectivity
Your identity governance program is the intersection of security and efficiency of your key systems. “It was a priority for us to integrate ServiceNow and SailPoint so our access control was end-to-end.”
Integrating these two systems allowed Guardian to maintain security and compliance requirements while providing their users with the same experience. This integration provides the ability to extend governance to applications that do not support direct provisioning. For example, when you request something from SailPoint, it will automatically create a service request ticket in ServiceNow. The integration also supports creating incident or change request ticket types. A ServiceNow ticket can be manually fulfilled by a ServiceNow administrator, and the status will be updated back to SailPoint. This provides closed-loop auditing to ticket completion.
You will often find your identity program will make the lives of application owners much easier, creating demand to have your identity governance solution govern access to more applications. With the average enterprise company having over 500 applications in their stack, the demand to incorporate applications into your identity governance program can be a tall order. “We prioritize the integrations and applications on a risk-basis.” Rodino shared. Documenting the onboarding process, educating users and building a seamless integration takes time too, so focus on what is key for your business.
Rodino also shared forward-thinking thoughts on where he wants to take the program. “SailPoint Predictive Identity™ looks valuable” he shared. SailPoint Predictive Identity™ is SailPoint’s vision for identity governance. It provides your team with the power of AI and machine learning – while giving you control at all times. “We are excited to see how we can take advantage of these AI and machine learning capabilities to drive great efficiency with our program.”