I recently had the opportunity to attend a banking software conference in Dallas, TX. After spending three days with banking IT professionals from all over the country, I realized something: No matter where you are, and no matter what industry you’re in, seeing and understanding the access your employees have is a tremendous challenge!
Identity governance helps us tackle this challenge. Identity governance focuses on who has access to what, identifies whether they should have that access, and shows what are they doing with that access. Regardless of whether your team has started implementing an identity governance program, or if your organization is completely unaware of what identity governance is, visibility to user access rights is a key issue many organizations are looking to solve. Throughout the conference, I heard a familiar narrative we hear from many IT experts. Many are not aware of their ‘visibility blind spot’ until a critical event occurs, such as a failed audit or even a breach. These events then force them to scramble for data to prove compliance or uncover the cause of a breach. In many cases, IT teams resort to hiring external consultants, or investing a great deal of unplanned time, to identify the distribution of access across their organization.
As an example, let’s imagine a scenario in which “Alex”, an IT security specialist, is suddenly notified of a breach to a cloud application. Alex needs a way to quickly discover who may have access to the affected system, view the total access held by those users, and begin triage to minimize the impact. The request might seem straightforward, but for Alex it means manually correlating large sets of access data from several disparate resources and databases. This is a time consuming and inefficient process.
But what about non-breach related events? Is the time spent on seemingly routine operations also a challenge for Alex? Is he able to quickly ensure security standards are being met by minimizing excessive access?
“Alex, can you validate that inactive users don’t have lingering active accounts?”
Does he have an easy way to monitor and administer software licenses in order to control costs?
“Alex, can you easily tell how many employees with access to our marketing application have not used it in the last year?”
Is he able to clearly identify and troubleshoot holes in the organization’s access distribution?
“Alex, can you quickly pull a report on who doesn’t have an assigned manager?”
Is he able to quickly report on users with access to sensitive applications?
“Alex, can you show the auditors who has had access to our financial application this year.”
Identity governance solutions have been solving these challenges for years.
And IdentityNow has been making it even easier. IdentityNow brings together identity and access data from a wide variety of systems to create a comprehensive view of user access across the organization. To streamline how IT professionals, business analysts and compliance administrators access and act upon this information, SailPoint recently introduced the Dynamic Discovery Engine in IdentityNow. It provides a Google-like experience to find anything identity-related at the speed of search.
As an example, IdentityNow automatically suggests queries for advanced filtering. Want to search for all marketing staff in a branch office with access to a particular application? The auto-suggest function will populate recommendations to help you complete this advanced query as you type. It also allows users to add or remove columns from their results, so they can customize reports to include whatever data is most meaningful to them. In fact, they can even set queries to run at scheduled times, and have the results sent straight to their inbox.
Alex can now quickly surface identity information and immediately take action. By gaining the right insights he can focus on the right things – the critical things – and that’s how he (and his team) become more efficient. Additionally, clear understanding of identity data can result in benefits such as streamlining on-boarding, transitioning and off-boarding processes for employees. It eliminates excessive access across the organization and simplifies audit and compliance activities.
The critical first step of visibility just became significantly easier and achievable for organizations of all sizes and with any level of expertise.
For more information on the Dynamic Discovery Engine and IdentityNow visit: www.sailpoint.com/identitynow