Organizations today are experiencing a surge of technologies including software bots, cloud applications and cloud infrastructure with the promise of improved agility, efficiency, innovation, and competitiveness. While each of these technologies drives inherent value to an organization, they also present new risks, which left unmanaged, can lead to severe consequences such as a security breach.
Software bots, including Robotic Process Automation (RPA), are coming online in droves to help automate repetitive business and IT tasks, improve organizational efficiency, and reduce overall costs. This new user type is freely accessing business-critical applications, systems and data to fulfill repetitive tasks. However, many organizations are bringing bots online without proper access governance controls, creating an attractive attack vector for cybercriminals.
Compounding the risk factor further is the number of new applications being rolled out at an ever-increasing, never-ending pace. Enterprise organizations are reaping tremendous benefits from cloud applications including cost-effectiveness, purchasing ease, improved collaboration among users, improved mobility, and immediate access to the latest product updates – to name a few. What many are not recognizing, are the challenges and security risks rising underneath the cloud computing surface. One risk manifests itself when IT is unable to onboard these new applications quickly, resulting in shadow IT activity where business users purchase and utilize resources outside of the supervisory control of IT. Shadow-IT bypasses established security controls and puts you at risk for a breach.
Further, adoption of cloud infrastructure has presented a new scalable alternative for organizations who are looking to transition out of investing and managing massive datacenter CAPEX expenditures. Cloud platforms such as Amazon Web Services (AWS), are providing the ability to quickly stand up new infrastructure with relative ease and an elastic consumption model giving organizations the ability to free up budgets and increase investment opportunities. While cloud infrastructure platforms may provide some basic access control capabilities, cybercriminals are finding their way into these environments to infect systems with malware, steal data, or even shut down critical services.
While all of these risks may make you want to run for cover, the good news is that at SailPoint, we’ve seen this large surge coming for quite some time, and have been innovating our solutions to address these new technological frontiers so you can not only successfully and securely face the surge head-on, but actually embrace it and ride it with confidence as you evolve through your digital transformation.
Introducing IdentityIQ 7.3
IdentityIQ 7.3, SailPoint’s newest release, is pushing the boundaries of innovation by extending identity for all users, across all applications and data, reducing your organization’s risk profile.
Among a growing list of innovations, IdentityIQ 7.3 includes support for bot identities and rapid deployment and application onboarding. This is the first release where RPAs/bots are included as a standard identity type ‘out-of-the-box.’ This allows bots to be used in all identity governance processes, including access requests and compliance controls and ensures a comprehensive approach across all users that help minimize risk associated with this new attack vector.
The new IdentityIQ Accelerator Pack takes what used to be IT-intensive identity tasks that could be measured in weeks – such as onboarding new applications into your governance program – to simplified tasks that can be done by business analysts in mere hours. Three core capabilities included with the Accelerator Pack are Rapid Application Onboarding, SmartSetup and Break Glass Operations. These capabilities were designed and built using pre-configured, best practice use cases to help simplify identity processes and reduce deployment cost/time.
When it comes to cloud infrastructures, IdentityIQ 7.3 enables organizations to interweave identity governance into mission-critical AWS IaaS environments. The new Advanced Governance Module for AWS allows you to retrieve all of the fine-grained AWS policy information that exists within your organization and apply governance capabilities in IdentityIQ leveraging: certification reviews, access requests, and the creation of Separation-of-Duty (SoD) policies helping to maintain a secure and compliant environment.
Taking on the surge of new technologies to achieve your digital transformation initiatives does not have to include new security risks as long as you are leveraging the power of identity to maintain a more secure, compliant and efficient infrastructure.
To learn more, watch our webinar “Taming the Surge of Bots, Apps, and Cloud Using the Power of Identity”