Tales from the Trenches: Identity Governance Best Practices

In SailPoint’s recent issue of NAVIGATE, Kevin shares identity governance best practices based on his discussions with SailPoint customers:

It’s important to take a step back from your identity governance initiatives to make sure you’re addressing security and compliance challenges in tandem. It not only makes your approach more efficient, which is critical for teams with constrained resources, it ensures maximum effectiveness and value for your efforts and investment.

Take the case of a major insurance company that wanted to implement an identity governance solution to demonstrate proof of SOX compliance while reducing security vulnerabilities. The company is visionary when it comes to proactive risk management because its IT leaders were adamant that they improve security in addition to complying with the “letter of the law.”

With SailPoint IdentityIQ the company was able to quickly and easily aggregate, correlate and cleanse data for high-risk applications, and fully automate review and certification by line managers for 45,000 users. Out-of-box reports now provide visibility and proof necessary for internal and external audits without the need for time-consuming data gathering and compilation. And equally important, the project has lowered risk and improved security through the elimination of orphan accounts, excess privileges and SoD policy violations.

Kevin also discusses the value of identifying “quick wins” to achieve incremental process and garner on-going executive support for your project. You can read all of Kevin’s advice in the September issue of NAVIGATE, available here.