State Governments Rely on SailPoint to Address Top Priorities
NASCIO recently released their top priorities for 2021. The NASCIO list is formed by a survey of its membership, whom it asks to prioritize the top issues they face. This year’s results we noticed a few shifts in the top priorities but many that stayed the same from the previous year. The priorities that were added or shifted are no doubt a result of the pandemic and subsequent work from anywhere necessity. Here are just a few ways that SailPoint is providing value for identity security.
Cybersecurity and Risk Management
Cybersecurity once again was at the top with the subcategories staying the same with the addition of Insider Threats. Today’s threat landscape is more complex than ever, and insider threats have increasingly become a reality. Organizations can no longer hedge their enterprise cybersecurity on a firewall or isolated network but must adapt to the rapidly changing workplace. As organizations migrate to the cloud, embrace bring-your-own-device programs and move to a ‘work from anywhere’ workforce, they open doors for data breaches and insider threats. Reducing exposure to cyber risk should start by taking a comprehensive identity governance approach across all applications, systems and data. By leveraging a consistent set of access controls and monitoring capabilities, organizations can gain the visibility and control needed to identify suspicious internal and external activities before it is too late!
Cloud IT investment was already in progress throughout the government prior to 2020. The organizational advantages and cost savings are far too great to deny. But as the result of organizations pivoting to all employees working from anywhere, cloud consumption increased significantly in 2020. This helped organizations provide access for business services with speed and scale but did not account for the access and security gaps. To better meet these requirements, organizations must take an identity-centric approach to managing access across their multi-cloud environment that may include AWS, Azure and GCP.
Identity and Access Management
The importance of having a sound identity program has increasingly become more apparent in 2020. Organizations are realizing that identity is more than just Single Sign On and MFA. An identity program involves more than just giving employees access to apps, systems and data. It is about managing and governing the digital identities that get access to sensitive data whether it resides in systems, cloud apps, or in files and folders. But identity is not just access; it’s more than that. Identity goes beyond the network, but ties into both endpoint and data security. It takes information from every piece of an organization’s security infrastructure and ties it all together. Providing the who, why and how access is being used has never been more important.
Artificial Intelligence (AI) / Robotic Process Automation (RPA)
Rapid adoption of AI and RPA technologies have been occurring in the public sector. The use cases are cross functional in nature, from preventing malicious cyber-attacks, shifting repetitive work to digital work and automating routine tasks. SailPoint embraces both of these technologies both as a solution incorporated into our technology and as an integration into our identity platform. The introduction of these technologies has been shown to decrease security overload, improve productivity, and reduce operational costs. However, in the case of RPA, if these non-human identities are not properly managed and governed, it can open a door to security gaps and risk. Due to the nature of their job function, these bots are often given elevated privileges and should be managed and governed just as their human identity counterparts.
Throughout State and Local Government, a majority of the employees went into an office most of a work week. Organizations had more control over their employee’s access based on this reality. When that changed overnight most organizations were unprepared for this transition. Excess access and permissions were granted on the fly and normal security controls had to be overlooked to keep the business moving forward. This has led organizations to ramp up their digital transformation journey to be able to prevent these security gaps, improve productivity and prepare for the hybrid working model that will most certainly be here to stay. In a recent survey, by the Center for Digital Government assessing how the COVID-19 pandemic has impacted this specific priority, almost a third of the State and local government leaders that responded said they do not have visibility into the access their users have to systems and applications.