How to Predict Identity Needs
“AI and ML is going to enable our governance teams to make better and quicker decisions with respect to our identity and access management strategy, employee access rights, groups, permissions, and the lifecycle of our employees going forward. AI and ML is going to help streamline our processes even further.”
– Kayla Williams, Director of Governance, Risk & Compliance at LogMeIn
LogMeIn provides users the ability to manage and network remote devices.
LogMeIn started on their identity journey in 2018, looking for a solution that would mitigate risk and increase compliance. Being a SaaS provider themselves, a cloud solution that could allow them to move quickly was essential.
- Meet compliance requirements with SOX critical applications
- Increase operational efficiency through automation of certifications
- Future-proof their program with AI & ML technologies
With SailPoint, LogMeIn has a streamlined identity program that can move with the pace of the business while mitigating risk. Having a centralized system in place has reduced the amount of time spent on access certifications and allowed them to focus on other projects.
A Conversation with SailPoint and LogMeIn
Nicole Thomas: Hello, and welcome to our viewers. I’m Nicole Thomas. And today we’re going to hear from SailPoint customers. Kayla Williams, the director of governance, risk and compliance, and Po Wang, senior manager and portfolio management for office of the CIO both at LogMeIn. LogMeIn is the maker of LastPass, a top password management solution. They also provide users the ability to manage and network remote devices. Kayla and Po, thank you so much for joining me today.
Kayla Williams: Thank you for having us.
Po Wang: Thanks Nicole.
Nicole Thomas: Alright. Could you both tell me a bit about your background and what you do at LogMeIn?
Kayla Williams: Sure. So my background is an enterprise risk management, information security consultancy, and external audit. And at LogMeIn, I focus on security risk management, technical privacy and security compliance programs.
Po Wang: And I am the senior manager of portfolio management for the office of CIO. And what I do is I help implement enterprise solutions at LogMeIn such as IGA and GDPR and other enterprise programs to really help LMI be a world-class leader SaaS solution company.
Nicole Thomas: Can you tell me a bit about your identity journey, how it’s going and maybe the progress that you’ve made?
Po Wang: Sure. We started the journey about two years ago in terms of looking at other solutions and taking in RFPs. That process was condensed in terms of picking a solution like SailPoint, and actually starting to implement the core tenant right, with HRS, AD and SailPoint. And we’ve also, onboarded a few, solutions, fall within our SOX compliance and there a has been a good phase one process and not really going big bang. I think a lot of companies make the bad decision on going big bang. We decided to make sure that the foundation was successful. Work out the kinks and then, as well as onboarding a couple of applications that we can test and make sure that it meets our customer’s needs.
Nicole Thomas: How has the SaaS approach enabled you to move faster with your program?
Po Wang: Well, identity as a service is really a pinnacle offering for us, to actually choose SailPoint as a solution because it allowed us to really move forward without spending a lot of resources and monies to purchase hardware and find DCS, right. And for us to be able to deploy, but also to have the support of the customer support team to be able to have us look at the code before we deploy it onto the platform is quite important, right. So it actually has that level of, quality control and if something does happen, we also have the backing of them understanding the systems in and out. And more importantly, we don’t have to worry about security or upgrades, right. That whole platform just does the work on that end as well. So we, we really appreciate SailPoint to have that as offering.
Nicole Thomas: I know your strategy relied heavily on artificial intelligence and machine learning technologies. How do you see these technologies aiding in your identity program.
Kayla Williams: As we are moving towards a more metric and information centric decision-making across the entire enterprise. AI and machine learning is going to enable our governance teams to make better and quicker decisions with respect to our identity and access management strategy, employee access rights, groups, permissions, et cetera, the life cycle of our employees going forward. So the AI and the ML is really going to help streamline our processes even further.
Nicole Thomas: Kayla, last time we talked you had mentioned that you were about to onboard all your SOX critical applications. How has that helped your organization mitigate risk and increase compliance?
Kayla Williams: Yeah. We’ve seen a huge return on our investment here by onboarding our SOX applications. We are saving so much time. There were some applications that were just done manually and it was taking hours and in some instances days to get through the manual re-certification of access, when the systems didn’t tie into a centralized system or a day. And having SailPoint sit in the middle here has really cut down on the amount of time our resources have been spending doing this. And now they’re able to shift their focus onto other projects. We do our re-certifications for SOX on a quarterly basis. So times that amount over four quarters. And we’re really starting to see a huge benefit there. And from a compliance perspective and risk management, having the automated downstream, termination of employee rights, whether it’s a voluntary or involuntary termination or a move across different functions has really saved our teams a lot of time as well. And it’s been a big reward for us.
Nicole Thomas: LastPass is LogMeIn in password management solution. How do LastPass and SailPoint compliment each other?
Po Wang: Yeah. SailPoint can be used to manage the life cycle of the identity, that is managed within the LastPass identity, right. So in terms of, the joiners, movers, leavers, group management, group membership and et cetera, right. Essentially all our LMI deployments with LastPass identity, is used instead of, AD directory federation of services.
Nicole Thomas: What’s on the horizon for identity at LogMeIn?
Kayla Williams: We are continuing to onboard our critical applications. And we’re cleaning up our roles and all of our access rights across the entire enterprise as we move forward with this program. So from there, we’re going to shift at that focus once we have, kind of a clean slate to continue on moving towards using the AI and machine learning in future phases.
Nicole Thomas: Last question for you guys. If identity was a celebrity, TV or movie character, who would it be and why?
Kayla Williams: We think that it would be the “Teenage Mutant Ninja Turtles,” because they are bigger than they seem. They are sophisticated in some ways and difficult, and others are kind of a rebel. And as you know we’re shifting to a new dynamic in the way we work and the way we interact with each other. We’re going to be able to see this maturity so, they can’t be the Teenage Mutant Ninja Turtles forever. Same with identity. It can’t stay the same forever.
Nicole Thomas: Fantastic. It’s been a pleasure talking to you both and learning more about LogMeIn’s identity journey we’re excited to see what you guys do next. Thanks for joining me.
Kayla Williams: Thank you so much Nicole.
Po Wang: Thank you.