Skip to Main Content

SailPoint and Box: Weaving Identity Governance into Your Cloud Content Management Strategy

Almost every organization is finally embracing the cloud, especially since it has proven that it provides greater business agility, cost savings, and productivity. Not only are companies moving their applications to the cloud at an unprecedented rate, but they are also migrating their most valuable resource – data.

There’s no arguing that the volume of unstructured data (e.g., documents, PDFs, presentations, etc.) stored in files continues to explode. According to Gartner, upwards of 80% of enterprise data is now comprised in this unstructured format. Enterprises are now leveraging cloud content platforms as a core repository to not only store data, but to better support collaboration, efficiency, and productivity.

Many organizations are accelerating their digital transformation with Box’s cloud content management solution, which provides a single place to securely store, manage, and collaborate on their content for employees as well as customers, partners and vendors.

For a smooth transition to the cloud, as well as to realize all of the benefits, organizations should prepare their existing content and develop a strategy for how access will be managed. All too often companies overlook the necessity and value of first preparing their data for the cloud, and end up migrating some of the problems they already had. Lack of visibility to potentially sensitive content can create security gaps and compliance concerns. The typical enterprise now manages millions of files and folders, and left unchecked, issues can arise where unauthorized users have access to sensitive, personal or other proprietary data. This is equally important for those who choose a hybrid approach that maintains data both in Box and on-premises file stores, and should ensure both sets of data are secured with a consistent set of access controls.

To help address these challenges, SailPoint has developed an integration that enables enterprises to securely prepare their data for migration to the cloud, as well as better protect access to it once there.

“Enterprises across industries are moving their most critical content to the cloud. The integration between SailPoint and Box facilitates an easy, secure migration of content, ensuring that content classifications and access rules follow the content to the cloud,” said Scott Porter, VP of Business Development at Box. “The integration also allows management of access to new content created in Box, ensuring that the right people have access to the right content.”

Build Upon a Foundation of Identity Governance

Taking on these challenges requires an approach centered around identity. As a core component of SailPoint’s Identity Governance platform, IdentityIQ File Access Manager enables you to discover where sensitive data resides, apply appropriate access controls, and support hybrid environments. By integrating with Box, IdentityIQ File Access Manager can help prepare your data to be ‘cloud-ready’ and help ensure that you make a smooth transition to the cloud. This identity-centric approach provides a number of capabilities to further enhance the security and compliance of your content in Box.

Gain Greater Data Visibility

Data stored in files inevitably contains a variety of sensitive financial, customer, business and personal data. By identifying and classifying data prior to migration you can gain clearer visibility across your data assets, and optimize what data should be moved to Box. This insight is crucial in addressing compliance regulations related to personally-identifiable information (PII) such as GDPR and HIPAA.

 Clean Up Permissions

Whether your organization has thousands or millions of files, IdentityIQ File Access Manager can collect and analyze permissions to these files for deeper insight into who has access. With the ability to align and fix inappropriate access issues, you can proactively mitigate security risk to your content.

Establish Data Ownership

Rather than leaving access decisions to IT, you can empower data owners who have the most intelligence about the data to take on a key role in managing access. Using a crowd-sourced approach, the most active users can nominate the true data owner. As users come and go you can ensure they have the right access to the right data in Box throughout their lifecycle.

Support Hybrid Environments

For those companies that prefer to take a phased approach to cloud adoption, or operate in a hybrid environment, IdentityIQ File Access Manager can concurrently govern access to content stored in Box as well as on-premises repositories including file shares, NAS storage, mail systems, and collaboration portals. Whether the data resides within your data center or in Box, it can all be governed by a centralized set of controls and policies. In addition, IdentityIQ File Access Manager can be deployed to your on-premises datacenter or hosted in AWS or Azure.

Bringing it All Together with SailPoint and Box

Addressing each of these elements can optimize and streamline your transition to Box and help mitigate security and compliance risk. “Many enterprises are fork lifting massive volumes of data to the cloud and exposing themselves to significant risk by not taking the necessary steps to understand what is in their data, and who should have access to it,” adds Mike Siegel, SailPoint’s SVP of Software.  “The visibility, access controls, and integration enabled by IdentityIQ File Access Manager provide additional security insight when it comes to managing and governing data in Box.”

To find out more about how enterprises are weaving identity governance into their cloud content management strategy, come visit us at BoxWorks in San Francisco on August 29-30.

You can also register to attend an upcoming live demo here to learn more about how IdentityIQ File Access Manager can help secure and govern access to your most valuable resource – data in Box.


Discussion