SailPoint leads by example, advancing its own Horizon of Identity Security

Today’s organizations need to modernize and mature their approach to identity, and security providers are no exception. SailPoint is a leader in the identity security industry, and it takes that role seriously—which is why the Identity Security Cloud platform SailPoint uses to manage and secure its own identities is the same solution the company delivers to more than 3,000 customers worldwide. SailPoint is its own “Customer Zero,” always striving to reach the next Horizon of identity security—and helping its customers do the same.

Executive buy-in paves the way

Making meaningful improvements to identity security is a substantial undertaking—one that would not be possible without significant buy-in from company leadership. As an identity leader, generating executive buy-in is rarely a challenge for SailPoint, whose executives understand the product, the process, and—most importantly—the critical nature of identity security amid today’s evolving threat landscape. Regardless of the business, it is critical to bring the executive team on board and help them understand the importance of identity security. Finding a way to generate the necessary executive buy-in represents an essential first step.

“Executive leadership aligned early; that top-down support accelerated the program,” said Scott Boysel, Director, Enterprise Identity & IT Security at SailPoint. “They helped socialize the value and the vision of the program across different business units and established key partnerships within the company. Without that buy-in, it would have been extremely difficult to accomplish as much as we have, and that support continues to be critical.”

Strong data hygiene practices lead to better outcomes

Data hygiene is a foundational element of identity security—one that customers regularly cite as a significant pain point. Roles, entitlements, and access permissions are only as reliable as the data they are based on, and accurate, high-quality data can help eliminate overprovisioning, orphaned accounts, and other security risks. Better still, strong data hygiene practices can provide visibility into potential challenges that the organization may not even be aware of. For SailPoint, establishing greater visibility paid immediate dividends.

“Increased data visibility across target systems highlighted things we had not been aware of in our environment,” said Boysel. “We proactively partnered with application owners to ensure data was clean and actionable—setting the stage for scalable, high-integrity automation. It also allowed us to send the data to connected applications downstream, build a more robust access model, and streamline access requests through our self-service Access Request Center.”

Normalizing data is also an excellent use case for the platform’s AI features. Identifying patterns is one of the most valuable use cases for AI, and streamlining the process of generating accurate descriptions helped SailPoint improve the visibility surrounding access requests. AI tools also allow for more conversational interactions with users, allowing them to create roles or make exceptions based on plain-language request. The Identity Security Cloud platform can then normalize the requested access across relevant roles and permissions, ensuring data hygiene and consistency are maintained on an ongoing basis.

Regulatory and financial applications set the foundation

Prioritizing the onboarding and integration of regulatory and financial applications was a foundational step in SailPoint’s transformation journey. Embedding these systems into their identity security framework enabled them to standardize and automate Joiner-Mover-Leaver (JML) workflows and streamline access recertification processes across the enterprise. This automation not only reduced manual overhead, but also significantly improved audit readiness and compliance posture.

Leveraging SailPoint’s AI-driven identity governance capabilities, SailPoint accelerated role optimization and access governance. Intelligent recommendations enabled faster, more accurate access decisions, while automated revocation of risky entitlements doubled the effectiveness of certification campaigns.

These enhancements ensured that only the right individuals had access to sensitive financial systems, reducing risk and reinforcing investor confidence. As highlighted in board-level updates, the company’s Identity Security Program evolved from a tactical function into a strategic enabler—driven by automation, predictive analytics, and a product-centric operating model.

"Prioritizing onboarding and integration of regulatory and financial applications enabled us to standardize and automate JML workflows and access recertifications. This led to better outcomes for our business transformation initiatives and accelerated our IPO preparedness,” said Boysel.

Enhanced connectivity expands identity use cases

Strong data hygiene practices also allowed SailPoint to establish a greater degree of connectivity across the company’s application landscape. Connectivity enables users to unify fragmented identity processes under a single, cohesive platform, allowing them to integrate core identity security and access management capabilities across their critical business applications. Identity Security Cloud includes dozens of out-of-the-box connectors, significantly accelerating time-to-value by eliminating time-consuming manual configuration processes and enabling users to begin governing access within their critical applications and systems as quickly as possible.

“We’ve gone from a handful of connected systems to more than 50,” said Boysel. “Additionally, we’ve bundled somewhere between 20 and 40 additional applications under our Active Directory connector, managed through group entitlements. And in cases where direct integration isn’t possible, the Identity Security Cloud platform offers extensibility through workflows and REST API support, which ensures users can achieve full visibility into identity access and activity, even in complex environments with diverse systems. Faster application onboarding really helped us start generating value quickly.”

Intelligent automation helps SailPoint reach new horizons

With a broad range of connections in place and reliable data to draw upon, SailPoint has been able to further enhance its identity capabilities through intelligent automation practices. IT teams report that onboarding times have been reduced from one hour to just 10-15 minutes, saving more than 1,000 hours of manual work each year. Offboarding time has been reduced by 50%, saving another 300 hours per year, while maintained roles have been reduced by 80% and over 1,000 entitlements have been moved to self-service, further reducing the need for manual intervention. The use of normalized entitlement descriptions has also made manager approvals faster and easier, resulting in expedited ad hoc requests and saving more than 8,700 hours since implementation. Additionally, the amount of identity attribute data ingested into Identity Security Cloud and fed to downstream applications has tripled, resulting in better visibility and more accurate data.

“Automation—especially around connectivity—has seen a tenfold boost, made possible by the extensibility of Identity Security Cloud,” said Boysel. “In just the past year, we’ve seen a 284% ROI generated by TCO savings and automation benefits. We’ve achieved risk reduction across the board, and the average ticket time-to-close has decreased year-over-year as users gain access to self-service and automation functionality. Thousands of access requests no longer need manual intervention—they’re completely automated.”

SailPoint has further enhanced its identity capabilities by leveraging search-based campaigns, reducing the time and effort spent on the access certification process. By leveraging AI recommendations to further enhance efficiency and accuracy, SailPoint ensures managers can clearly see what they’re approving and better understand whether access requests are warranted or not. As these automated processes grow more advanced, allowing companies like SailPoint to make the leap from one Horizon of Identity Security to the next.

Looking to Horizon 5 and beyond

SailPoint is always looking to the future, and the identity security team is already making plans. Today, SailPoint is actively working toward a “just-in-time” access model that provides access privileges on a moment-to-moment basis. The company’s goal is to move away from standing privileges and toward a system where each identity has a clearly defined role that entitles it to perform specific functions—and then removes those entitlements when the task is complete. SailPoint is also actively exploring the potential of Agentic AI, which may soon allow customers to engage directly with AI agents to execute identity-related tasks. Whatever the future holds, SailPoint—and SailPoint Identity Security Cloud—will be ready for it.

“We’re definitely moving in the right direction,” said Boysel. “We’re already building toward Horizon 5 and beyond, looking to just-in-time access and agentic AI; our own technology is putting that goal within reach. Our rapid progress reflects the power of our platform—and in our mind, we’re still just getting started.”