The Identity Blog

As the U.S. Government Moves Towards Zero Trust, SailPoint Continues To Support Key Federal Security Initiatives

Authored by Frank Briguglio, CISSP – Public Sector Strategist, SailPoint  There’s been a lot of movement from officials to shore up the U.S. government’s security posture.  In early September, the Office of Management and Budget (OMB) published the draft strategy “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles” to identify critical security […]

Q&A with Nick Shevelyov, Chief Technology & Risk Strategist at Silicon Valley Bank

Security and privacy have always been important to Nick Shevelyov. One of his earliest memories as a boy was having to walk to the sink and run the water faucet as a way to confound any surveillance bugs within their Moscow apartment. He carried those childhood memories into his cybersecurity career.   After 14 years as Chief Security Officer at […]

BJ’s Wholesale Club Delivers Savings and Automation with Identity Security

BJ’s Wholesale Club has built a robust infrastructure around access and identity rooted in the automation of manual processes. Steve Breton, Senior Manager of Identity and Access Management at BJ’s recently shared his perspective on the impact automation has had.  Steve’s primary focus has been on developing automation to help improve the employee experience, especially the onboarding and offboarding of team members. This has resulted […]

Friday Quick-Take: The Water Cooler Version of SailPoint’s Leadership in the Latest Industry Analyst Report

Pop the Waterloo sparkling water (we are big fans at the SailPoint HQ) or the real-deal bubbles, depending on what part of the world you are in, because we are celebrating this week! Recently, the SailPoint Crew (if you’re new here, that is what we like to call ourselves) was named Overall Leader in KuppingerCole’s Leadership Compass Identity as a Service-Identity Governance and Administration […]

Everybody In: General Motors Takes Us on a Ride with Identity Security

Authored by Katherine Cola With over 100 years of automotive experience, General Motors (GM) is familiar with adapting their business to meet evolving security challenges head-on. Tray Wyman, Director of Identity and Access Management at GM recently shared the important role identity security plays in their organization’s strategy. Minimizing certification […]

CISA Q&A: The Road to Continuous Monitoring and Zero Trust Access Control

Authored by George V. Hulme  Two of the most important trends in cybersecurity today are continuous security monitoring and the implementation of zero trust access controls. In the federal government, continuous monitoring and remediation fall under the purview of the Continuous Diagnostics and Mitigation program, known widely as CDM. CDM kicked off in earnest in 2014 and maybe one of the most ambitious cybersecurity efforts ever.  Led by […]

Identity Discombobulated – Reorienting Identity in the Enterprise

Authored by Gary Savarino, Identity Strategist APAC Identity is not a new concept. Since the invention of the ‘digital identity,’ organizations have been tackling the challenges of identity with various approaches for decades. Identity capabilities, often generically categorized as Identity and Access Management (IAM) or Identity Management (IDM), represent multiple […]

Finding the Needles (Shadow IT) in the Haystack

Authored by Barak Kaufman The explosion of SaaS continues and has become a major challenge for enterprise security teams. Organizations now store nearly all of their most sensitive corporate data in cloud applications.   Additionally, the use of shadow SaaS applications (hidden from IT) is a widespread issue. According to SailPoint’s research, most organizations have 3.5-4x more SaaS apps in use by employees than the IT & Security teams are aware of.  Each one of these SaaS applications introduces new […]

Correlated Identities from IDN within CAM

Authored by Doug Fierro A fundamental question we have been helping customers with for years is also a very basic one: who has access to what? This includes access to environments, applications, systems, and repositories across the IT landscape from an IT perspective. This was not a simple task before […]

Can You Prevent Access Risks Before They Happen?

Authored by Alex Gambill Preventing access risks is like building defenses for a castle. There are ramparts that form a perimeter and a moat to deter invaders because it’s a lot easier to keep enemies out than to remove them once they’re in. Trying to rid a system of risks after threats have been detected is analogous to building a moat around a castle after the enemy is inside.  We can think of identity security as the moat that forces users through a checkpoint that controls entry. User identification is the most relevant security […]