The Point - The SailPoint Blog

Mind the Competence Inversion

Recently, an iGoogle “quote of the day” made me stop and think. Usually, I read the quotes, smirk, and move on. But this one was different:   Technology is dominated by two types of people: those who understand what they do not manage, and those who manage what they do […]

An Identity Report from the Road

For the past several weeks, I’ve been racking up the frequent flier miles, canvassing the identity management marketplace and talking with customers from various industries and geographies. My overwhelming conclusion from these meetings is that the concept of identity governance has rapidly evolved over the last 12 months from an […]

Another Day, Another Breach

Heads up – there’s been another “massive” credit card security breach – the 3rd such incident in recent months. We don’t know which company suffered the breach, but it appears to be another card payment processor. We’re still in the “whisper period” as some call it – Visa and MasterCard […]

Identity Risk Modeling: the Secret Sauce of IT Risk Management

Lately I’ve been talking to a lot of customers and prospects about how to proactively approach risk mitigation with identity-related technologies. In today’s climate, I see an ever increasing need for a new approach to managing identity and the need for a more “directed” focus for the deployment of identity […]

“Thwarting an Internal Hacker” – Monitor Access, Not Employees

I just read a Wall Street Journal article by Bruce Schneier, the CTO of BT and a renowned security author. The piece, “Thwarting an Internal Hacker,” is timely given recent security breaches hitting the news (including Heartland Payment Systems and Fannie Mae, which he references) coupled with the economy. I’ve […]

Tired Feet on the Street: Day Two at IBM Pulse

Role management appears to be a very hot topic at Pulse. It was standing room only at our CTO Darran Rolls’ tech talk on “Role-Based Identity Governance.” Darran was also a panelist in a role management session led by Earl Perkins of Gartner this afternoon. The panel was one of […]

Feet on the Street: Day One at IBM Pulse

The SailPoint team is out in Las Vegas this week, exhibiting at the IBM Pulse conference. I’m happy to say that attendance is quite healthy, despite the tough economy – around 4,000 according to the show organizers (of course this includes IBM staff) – and the SailPoint booth has been […]

The New Reality of “Do More With Less”

An article by Marcia Savage published in Information Security today caught my eye: “PCI Costs Slow Compliance Projects in Down Economy.” The article describes how in an economic downtown, financial services companies will look for ways to spend less (yes, less) on PCI compliance. Quoting commentary from Larry Ponemon (whose […]

The Importance of Managing User Access in Today’s Economy

Today’s brutal economy is producing a perfect storm for massive insider threats. Shotgun mergers on a grand scale, which historically would take months of due diligence to complete, are happening over the weekend. Staggering levels of layoffs are being announced weeks before they’re being executed, leaving employees in a state […]

Lessons from TJX: Proactive Risk Management Pays

I read today that TJX just held a “Customer Appreciation” sale related to the massive data breach that exposed as many as 100 million customer accounts. According to TJX spokesperson Sherry Lang, TJX offered customers 15% off entire purchases on January 22 “to express our appreciation to customers for their […]