Building your business on cloud infrastructure including AWS, Azure or Google Cloud Platform has enormous benefits. But without the right visibility and control, your organization could quickly become vulnerable to risk.
Michelle France: Welcome to the SailPoint Rethink Identity webinar series.
Michelle France: We will be discussing how to stop the number one threat to the cloud, unauthorized access.
Michelle France: I am Michelle France, the Senior Product Marketing Manager for SailPoint SaaS services and Manish Kalia, our Director of Product Management.
Michelle France: We’re going to walk you through how SailPoint is adopting a new rethink identity approaches to embrace the rapidly changing landscape of identity governance.
Michelle France: Then we’ll cover specifically how the explosion of cloud infrastructure such as AWS, Azure, and Google Cloud Platform or GCP, is one of the primary variables behind our rethink identity approach.
Michelle France: And then we will talk about how you can take advantage of cloud governance to get control of the cloud, and we will also demo our cloud governance solutions. You can see it in action and have time for some questions at the end.
Michelle France: Now identity has been around for a while. Initially, it used it primarily as a tool to help with basic provisioning, ensuring people got access to apps for what they needed, especially when they were onboarded.
Michelle France: Now, over the years, identity has really evolved into a very strategic security and compliance solution.
Michelle France: To really give organizations answers to three key questions, who has access to what, who should have access, and how they are using that access.
Michelle France: However, digital transformation has now introduced so many new variables that it’s become almost overwhelming to IT departments to keep up.
Michelle France: These new variables could include more user types such as employees, contractors, vendors and even bots, with more and more apps.
Michelle France: More sensitive data is being stored across various on prem and cloud storage repositories and now the explosion of cloud infrastructure such as AWS, Azure and GCP.
Michelle France: There’s never been a more critical time for organizations to really rethink what identity can do for them.
Michelle France: The good news is that SailPoint has anticipated these waves of change coming and we did something about it.
Michelle France: Now using AI and machine learning, we’ve been able to take the complexity out of identity, making it much easier to administer so you can focus on what really matters to your business.
Michelle France: Now, for those of you that may not be experienced with identity, you may think it’s simply about access management, but it’s so much more than that. Identity helps you control access once your users gain entry into your network so that each user can only see what is relevant to do their job.
Michelle France: Now we enable your workforce with 24/7 self service which offloads your IT help desk calls, saving you tons of money and helps drive productivity and user satisfaction.
Michelle France: Now AI and machine learning also makes it easy to know if it’s safe to grant access to someone or not.
Michelle France: It helps you quickly find risky user access and because it’s delivered from the cloud and use industry best practices, it’s quick to deploy and configure.
Michelle France: Now if you’ve already been engaged with identity, you’ve seen this evolution take place.
Michelle France: The good news for you is that AI and machine learning are big game changers for your identity and IT teams, especially if you have a large amount of identities, you’re managing.
Michelle France: It is now so much easier to create access models, enroll safely, automate IT tasks, and keep policies up to date as your organization changes.
Michelle France: And with AI recommendations, your line of business managers won’t have to guess or just rubber stamp their way through access certification campaigns. In fact, your compliance audits will be much easier to prepare for and demonstrate when auditors ask for documentation.
Michelle France: The bottom line is that people are the new security parameter, and now you can consider identity the new firewall.
Michelle France: Whether you are new to identity or an expert, you will find that AI driven identity can help you accelerate your business enable your workforce and help you achieve continuous compliance.
Michelle France: So thank you for joining today and we’ll dive into rethinking how identity can address both your cloud infrastructure and privileged access to your application workloads that run on that infrastructure.
Michelle France: Know a lot of organizations are adopting cloud infrastructure as a service or iOS platforms such as AWS, Azure and Google Cloud Platform or GCP to build and host their internal and external apps and workloads. Now these cloud platforms are really helping organizations cut costs work more innovatively and flexibly.
Michelle France: Spinning up IT resources is just a click away. You can scale to your exact business needs in minutes without having to guess on capacity and you only pay for what you consume.
Michelle France: You no longer have to maintain data centers and can actually focus on your business. You can go global in minutes and deploy your applications anywhere around the world. In just a few clicks cloud IaaS platforms provide a simple way to access applications and workloads such a server storage and databases, among other things.
Michelle France: It’s become so pervasive that 84% of organizations are leveraging the cloud and almost 80% are using at least two different cloud IaaS platforms.
Michelle France: Now, beyond the ease of using these platforms. There are already there are also so many reasons why businesses would use multiple platforms. It’s very important to maintain that business flexibility and continuity.
Michelle France: By avoiding a single vendor approach if there’s an SLA or a pricing issue with a particular vendor your organization is at risk, but by avoiding dependency on a single vendor, you can quickly pivot your business when and where needed.
Michelle France: Now, each cloud platform provides a mix of features and functions that may be optimized for specific application or workload, but with a multi-cloud strategy. You can choose the vendor that is best specialized for particular use case.
Michelle France: As with the data center environment. It’s important to maintain high availability and support disaster recovery.
Michelle France: Now, if a single cloud vendor goes down or impacts performance. It’s critical to be able to route workloads to another cloud provider if needed.
Michelle France: Also with the rise of data privacy, it’s imperative that you are addressing global and regional compliance requirements.
Michelle France: Now one cloud provider may not be able to address these requirements in all regions, but with a multi-cloud approach. This can be done much easier and with lower risk.
Michelle France: So there’s really no disputing the benefits and ease of a multi-cloud strategy, but as organizations rush towards IaaS, adopting security has been left in the dust and cloud environments are starting to resemble the Wild Wild West.
Michelle France: Now the ease and efficiencies afforded by cloud IaaS, as I mentioned earlier had been a huge enabler to system architects and dev ops teams.
Michelle France: But the security and governance needs are just as important as all these benefits, so much like when social media was a new transcendent communication platform that easily joined together friends and families, the potential negative impact of data privacy was rarely if ever managed early on as adoption took off.
Michelle France: And it was not until after many high profile incidences involving social media that data privacy began to be addressed.
Michelle France: Now the accelerated adoption of cloud IaaS is following that similar pattern.
Michelle France: It’s become so easy to spin up an AWS instance that this ease is contributed to an unprecedented scale and complexity of cloud workloads, which can be in the thousands or millions.
Michelle France: So, on top of that you can have hundreds of changes every day involving the creation, deletion, or modification of objects, along with access policies and controls.
Michelle France: Access and authorization controls are very complex in the cloud, and when combined with roles objects like Active Directory, it can be very challenging to understand.
Michelle France: And many organizations just can’t keep up with the volume or complexity or this constant state of change.
Michelle France: Manually spot checking accessing cloud just doesn’t scale organizations using two or three cloud platforms, maybe relying on individual native management tools for each platform.
Michelle France: But this lack of consistent visibility controls policies. It’s not only burdensome to manage, but it also creates a situation for inconsistent security and compliance gaps.
Michelle France: So addressing this new multicolored norm, with the traditional approach simply can’t keep up.
Michelle France: This has been proven with many high profile incidences related to inappropriate or malicious access to cloud is platforms.
Michelle France: In addition to find the fallout can be, you know, a series of long lasting impact future revenues stock price brand image.
Michelle France: So organizations really need to rethink identity with an AI based approach that provides automated and intelligent governance to keep up with the scale and rapid change in the cloud.
Michelle France: Now, this starts with getting a comprehensive view of all access across each platform.
Michelle France: You can’t govern what you can’t see. So as fast as things are changing. You need continuous access visibility to know who has access to what from where and how.
Michelle France: Now, given the complexity of cloud access your best suited to rely on a consistent set of access controls to ensure that your governing access in the same manner.
Michelle France: No matter what cloud vendor, the user or workload resides. Now we’re not living in a world where there are millions and sometimes billions of points of Access that have to be managed.
Michelle France: Yesterday’s human based approach cannot keep pace with today’s sophisticated security threats and high stakes compliance requirements.
Michelle France: We must leverage an AI and machine learning to automate this access. You can shine a spotlight on high risk matters that need or detention and your organization is audit ready now. Let’s dig a little deeper into how you can discover protect and govern your cloud is x.
Michelle France: Now, as I mentioned, you can’t can’t take control of your multi cloud infrastructure without getting a complete view of your access.
Michelle France: You need to take an automated approach that reaches out across all your cloud is platforms together all the access users have to all your infrastructure and workloads.
Michelle France: Now all that access and authorization layers across ad cloud application infrastructure and data.
Michelle France: Then need to be pulled together in a single unified view and this just isn’t a one and done process access and workloads continually change. So you need to keep up with these changes.
Michelle France: With a comprehensive access map you can now apply machine learning to better understand access intent and usage across all your identities and cloud infrastructure.
Michelle France: Now has access changes which may not adhere to policies, it’s important to provide alerting in near real time have any non compliant access.
Michelle France: So once you have a holistic picture, you can actually start to protect and secure this access.
Michelle France: Now once you have visibility to the access within these cloud platforms and workloads. You can now start making sure the right security is in place, especially around privileged access.
Michelle France: You may have workloads that contain sensitive data or have applications or databases running and cloud infrastructure that must adhere to specific access control requirements.
Michelle France: Now cloud privileged users may have rights to create alerts setting change changes edit privileges and purge entire cloud environments completely outside the scope of other access controls.
Michelle France: But once you’re able to see what access is privileged in nature, you can start putting security controls in place to holistically protect this access.
Michelle France: You can consider here them by cycling credentials and limit risk by rotating keys and passwords.
Michelle France: If you’re spinning up new privilege workloads, you can automate the creation of credentials for these workloads as well.
Michelle France: And for additional security, you can record all session activities so that you have an audit trail of what users are doing and critical cloud workload work environments.
Michelle France: Now organizations have long understood the need to govern access to applications and data and it should be no different from a cloud environment standpoint. So as more and more applications and databases and storage are being deployed on cloud infrastructure.
Michelle France: It becomes even more critical that businesses, ensure that they are aid hearing to compliance requirements.
Michelle France: Now, again with the massive volume complexity and change taking place in the cloud user error and lack of insight potential malicious activity can create a significant compliance gap.
Michelle France: It’s no longer sufficient to just validate user access you know once or twice a year. It’s imperative to implement automate compliance policies so like a set of guard rails to monitor whether your environment is out of compliance.
Michelle France: And point to which users and groups are outside that compliance area in real time.
Michelle France: So using any sort of manual processes and attempt to maintain a strong state of compliance across thousands of millions of points of access just isn’t feasible. You’ll also need to provision.
Michelle France: And certify access in a standard manner as you would any other application and resource. So with a standardized process you can avoid any sort of shadow IT.
Michelle France: And even if your dev ops team tries to spin up a cloud resource, you’ll have guardrails in place to limit what can be done based on policy.
Michelle France: You also need to analyze what activity is taking place. So what’s the history of this user this account. How often is changing. Who’s interacting with it. This will help create or just policies based on the needs of the business.
Michelle France: Now, there’s no doubt that cloud is platforms are here to stay and organizations will continue to build a business on cloud infrastructure, including AWS, Azure, and GCP.
Michelle France: But before your cloud platform resembles the wild wild west or if it already does, and you need to wrangle your herd, here’s what you can do with your security and compliance rains.
Michelle France: So take a consolidated approach to managing your entire multi cloud. Cloud governance and cloud access management can help you discover and govern access to your cloud infrastructure.
Michelle France: Workload privilege management can protect your privileged access to your applications and workloads running on that infrastructure.
Michelle France: We’re providing that single pane of glass view across each platform. You can now have the leverage to take control.
Michelle France: You can monitor, access, and implement policy guardrails to provision and de-provision access and detect high risk access.
Michelle France: Compliance is already difficult before we started adopting cloud is but now it’s exponentially harder with the scale and change the cloud.
Michelle France: But by automating your compliance program with the power of AI and machine learning. You can confidently keep the compliance horse in front of the volume and variety of cloud workloads.
Michelle France: Now with cloud infrastructure, being a top of tech target, it’s even more important to limit your security risk now. By automating these privileged access and rotating credentials you ensure that your most valued data assets are safely corralled.
Michelle France: Now, we talked about how called governance can help you take control of your multi cloud heard, but let’s see an action Manish.
Manish Kalia: What I wanted to do is show you a demo of the services and action, Michelle.
Manish Kalia: Morning everyone as she was mentioning all enterprises are moving to multi cloud, which means that we have workloads running now in AWS is your GDP and his workers are growing rapidly.
Manish Kalia: One of the key challenges which becomes is being able to go and access to this workloads, because these workloads can have a lot of sensitive data.
Manish Kalia: Sensitive resources sitting on them and attackers are always targeting these workloads.
Manish Kalia: And one thing we find in this public cloud platforms like AWS, Azure and GCP is that almost all security is done and I am layer which is very unique to the cloud.
Manish Kalia: And to all kinds of policies into the who can access your sensitive privileges your assets, your data, what actions they can perform.
Manish Kalia: Is all done and I am there which is very, very unique and so that I am there becomes very important to manage and access becomes the way you secure your cloud infrastructure.
Manish Kalia: And then another key tingly seeing these platforms, is that just not just about human entities, but also a lot about machine entities.
Manish Kalia: In fact, as, as soon as you start increasing the scale of your cloud infrastructure, the number of machine identities starts, far outnumbering the number of human identities.
Manish Kalia: So what we have done is we are launching two services here to help you solve this challenge of gaining access to cloud first services, like Cloud Access Manager, and this is the user interface you’re seeing on your screen. This service will connect to your public cloud platforms, your AWS environment, and your GCP environments.
Manish Kalia: And what we first do is a discovery phase where it reconnect to these platforms using API some software is required.
Manish Kalia: You can pretty much sell them the solution and under 30 minutes it connects to your call and discovers your cloud environment.
Manish Kalia: Which means it will map out all your identities, both human and machine entities as well as map out all the access they have to any kind of a policy in your cloud.
Manish Kalia: Whether the access has been granted two groups roles or through policies which are hard to manage such as resource policies user policies.
Manish Kalia: Or, you know, organizational level policies. So it looks at all kind of iron access which is being accessed in your cloud and it maps out this access starting all the way from identity.
Manish Kalia: And also takes federated entities into account, going to the privileges which those are entities have in your cloud and then nothing to the objects which those privileges apply to. So it’s an end to end mapping of all access in your cloud environments.
Manish Kalia: Now let’s take a look at that. Let’s say we go to an identity and we dig deeper into what can this identity access.
Manish Kalia: So what you’re seeing on the screen here is a graphical view which is showing you that this specific identity.
Manish Kalia: Which could be sitting in your local cloud account, such as AWS or it could be coming from Active Directory by being a federated identity.
Manish Kalia: It is showing you what all this identity can access and as you can see in cloud, because there are so many ways of accessing.
Manish Kalia: Things to different kinds of policies, you know, it can be a very complex thing to understand what can an identity access.
Manish Kalia: And what we do is because we are building this map of access continuously, we have this full view across your multi cloud environment. And what that accesses.
Manish Kalia: And so for example if you scroll down you can see all the different assets in the cloud, which does have an entity can access.
Manish Kalia: And you can also look at not only what they can access, but how or what is the policy which is granting that access right.
Manish Kalia: So all of that information is mapped out in real time, which also means that as those things are changing in your cloud environment which could be changing on a day to day or an hourly basis, all the changes are being reflected in terms of access in your cloud.
Manish Kalia: So not only do we map the objects which can be accessed by our different identities, but also what entitlements or privileges, they have in that environment.
Manish Kalia: Now in cloud. You can literally have thousands of privileges, which you need to manage and they’re very granular and very hard often to understand
Manish Kalia: So we not only capture all those privileges which these entities have access to. But also, we look at how is that, how are those privileges being used historically, so you can see the historical usage here.
Manish Kalia: And you can look at privileges, which are being had been granted to that particular identity, but which are unused and obviously the goal of least privilege or zero trust security is to really right size access for your identity. So we help you there too. And we’ll go a little deeper into it later on.
Manish Kalia: So we are mapping out access for all entities is not only human attendees, but also machine entities like virtual machines lambda functions and helping you get visibility in this discovery phase on what can they access
Manish Kalia: You can also look at Acts from the other side where let’s say there’s a specific high value object in your environment, such as a data bucket or encryption key and you’re trying to understand who all can access this object. And this is very important for scenarios like compliance audit where you’re trying to investigate access patterns.
Manish Kalia: So all of this is automated. Not only can you look at this information on the UI, you can have a powerful search experience on it.
Manish Kalia: For example, you can go and search for any user who has access to, let’s say, any kind of s3 data with a specific tag.
Manish Kalia: And these could be your tags, which your organization is using. And for example, you want to find out across your multi cloud workloads which users have access to object stores.
Manish Kalia: Such as S3 and manage multi cloud environment which had the PCI tag on them and it is as simple as that, to query your complex cloud entitlements and policies and find those identities which had that access.
Manish Kalia: Not only can you find this information very fast. But you can also create guardrails to monitor for this. And the reason that’s important is cloud is all about automation.
Manish Kalia: And it’s not it’s not practical to keep on manually searching for things you need to have automated ways of discovering access which is high risk.
Manish Kalia: So let’s say you wanted to monitor for any new users who are getting access to your sensitive PCI data, you can just save any search query you do as a guardrail and think of it as a saved search just like you have a safe Google search and what we are looking at monitor for St data with PCI tag.
Manish Kalia: And what you’re really doing is you’re saying, I want to be notified if any new identity gets the faxes and you’re just not saving this guardrail and that’s really how simple and straightforward, it becomes to create your own guardrails here.
Manish Kalia: And monitor your infrastructure cloud infrastructure for unsafe access in real time.
Manish Kalia: Now we include the law we include a lot of these guardrails pre built in the product, whether it is for monitoring monitoring things like shadow access data access privileged access all of these are invalid guardrails, and one to set up the product they started monitoring your cloud infrastructure.
Manish Kalia: In real time identifying hires calculus patents. But as you saw, it’s very easy to create your own guardrails which map to your unique audit controls.
Manish Kalia: Are where you can create your own queries and Satan them. We also have AI based monitoring, which is looking at every entity and mapping out and learning.
Manish Kalia: How the user access and the goal really is to identify any suspicious activity, whether that’s users who are suddenly using their access beyond what they normally do.
Manish Kalia: Or it’s finding identities were which are being you know exploited and they’re connecting to your cloud infrastructure from locations which are suspicious.
Manish Kalia: Or, you know, looking at areas where users may be using some privileges, which are high risk.
Manish Kalia: So all of these are different threat models which AI has built in it, learn them automatically for real identity by looking at the usage data for each identity and helps you keep the risk of cloud low.
Manish Kalia: Finally, we also look at least privilege, where we map out for each entity. What is the sensitive privileges, which this entity has which are not being used.
Manish Kalia: And again, this is to help you right size access and take away access which is posing a risky or cloud infrastructure. So to Cloud Access Manager service we allow you to not only discover all your access but also go on it using both guardrails, as well as automated monitoring.
Manish Kalia: And to compliment this service. We have a second service, which is the workload privilege manager.
Manish Kalia: And so the Cloud Access Manager is securing your public cloud, which is your AWS zero real GCP environments, the public cloud is there.
Manish Kalia: But remember, you’re also running a lot of workloads and virtual machines on top of this public cloud, and it’s equally important to secure access to them as well.
Manish Kalia: And that’s what the workload privilege manager service does it maps out and all your workloads your virtual machine, your Linux, Windows VM.
Manish Kalia: Which are running on this public cloud environment and let you secure access to them to SSH to RDP. So let’s say you have a specific virtual machine.
Manish Kalia: There are different types of access, you can grant to your users to these virtual machines, whether it’s privileged access or standard access, we take care of setting up the access provisioning the keys rotating the keys securing the keys. We also let you monitor all of the activity which is happening in those and access sessions, such as you know where you’re looking at, for example, a specific access and you want to look at what what what activity did that used to do.
Manish Kalia: All of that is monitored here and this provides you one place to not only provision this access but also monitoring. So for example, let’s say, a user has since been granted access to a specific virtual machine.
Manish Kalia: You can connect to that virtual machine from from this environment and now he has an ability to get and into that virtual machine in the cloud.
Manish Kalia: And let’s say he’s doing some activity. All of this information will then be taken by the system and is presented as reports which you can monitor.
Manish Kalia: So we are giving you a method of not only securing that access but continuously ensuring your audit and compliance and ensuring that your virtual machines and workloads, which are running on top of the public cloud are protected.
Manish Kalia: And the one of the challenges here is also the scale of these workloads can be very, very high.
Manish Kalia: And so it’s critical that when you’re setting up access and provisioning your keys to these workloads that you use automated methods. And so one of the key unique values for the platform is the automation piece. We deliver in terms of setting up credentials and all of these different workloads, which are constantly spinning up and down in your current environment.
Manish Kalia: So with that, I want to pause and thank you for attending this webinar but also wanted to open up the floor for any questions you have regarding managing and getting access to your cloud environments.
SailPoint Marketing: Looks like we got a few questions here and I’ll go ahead and kick one off. Is this a SaaS or software solution?
Manish Kalia: Great, great question. Yes, this is the to the SaaS based solution. So it’s a SaaS based offering but you know it’s delivered from the cloud. However, we are building integrations with both IdentityIQ energy now so you can you can use your existing idea platforms to go on and get the benefit of the services.
SailPoint Marketing: Awesome.
SailPoint Marketing: How does this solution use AI and machine learning?
Manish Kalia: This solution uses AI and machine learning to solve the problem of not only mapping out who has access to what in your cloud environment, but also learning the usage profiles for every entity by looking at their historical usage data.
Manish Kalia: And doing things like peer group analysis on that as well as using machine learning models to train based on that data and identify suspicious activity high risk access being granted in your environment.
SailPoint Marketing: Awesome.
SailPoint Marketing: Do vendors like Amazon provides similar capabilities to secure workloads?
Manish Kalia: Some platforms provide some basic tools in terms of managing your policies and so on. But you know where it becomes a big challenge? Providing very granular access going in, and protection, all in one suite which is not only multi-cloud, but is also has all those governance capabilities related to IGA.
Manish Kalia: So yeah, they provide basic solutions, but you know if you want an enterprise solution for managing access across your multi-cloud environment, then it becomes a challenge. And we are essentially helping you address that challenge.
SailPoint Marketing: Awesome.
SailPoint Marketing: So I have another question. Can you elaborate on the ML model that we are using?
Manish Kalia: Sure. I mean, you know, machine learning has many different models. And so, you know, we use multiple models. Obviously we use some of the newer techniques like deep learning, but we also use a lot of old models library.
Manish Kalia: And the goal really in all machine learning is look at the data, which you have available and using that data, you’re essentially learning the usage patterns of different entities in your system in you using those to identify activity or access, which is a normal which could be based on things like looking at the peers are looking at certain different kinds of steps within the environment. So we’re using a lot of cutting edge techniques there and, you know, happy to sort of dig deeper in a follow up conversation on that.
SailPoint Marketing: If we don’t address any questions we will follow up with everyone after this webinar course I have another question here. If we go with cloud governance, do we still need individual connectors that come with IQ for us or AWS, etc.?
Manish Kalia: So, great question. The cloud governance services multi-cloud. It supports managing your environments across AWS and during GDP and so it includes all the connectors you need for doing that. And it’s a one solution which addresses all three contact forms.
SailPoint Marketing: Awesome. Next question we have is a bit different. It’s it just a different product from IdentityIQ, or can it be installed as an additional module of IIQ to be accessible from the IIQ console.
Manish Kalia: Great question, as I mentioned, this is a SaaS service, but what we are doing is we are making integrating it with you as well as any now.
Manish Kalia: So yes, you will be able to leverage the capabilities which this service springs in your IIQ platforms right there, and then some. So the short answer is yes, it will integrate with IIQ to help you leverage those capabilities.
SailPoint Marketing: Next question is, how can I tune the threat alerts to minimize the noise, especially false positives?
Manish Kalia: So just to kind of break that down into two parts, we have two kinds of monitoring you do in the product.
Manish Kalia: One is based on searches, which are the guardrails, and the second is based on anomaly detection.
Manish Kalia: And in some cases, we are helping you really control what you’re looking for. What you want to monitor in your current environment.
Manish Kalia: With guardrails, you know, you can critique your specific queries which you want to search for access patterns in their environment and get results and get findings, which are matching those. So it’s very, very specific for enemies to model. We use a lot of techniques to reduce noise and this includes things as not only learning user profiles or activity profiles for individual identities, but using things like peer group analysis to kind of make sure that we are not learning one pattern. So there’s a lot of work which already has gone in, in that area. And we are continuously brewing those algorithms and some of those areas.
SailPoint Marketing: Awesome, thank you so much for sharing. Another question for you. When the guardrail query detects a new identity during monitoring is there any way to tie that to a SailPoint approved access request ticket if one exists?
Manish Kalia: That’s a great question. So one of the things we are actively building right now is exactly those kind of deeper integration workflows on certification access requests.
Manish Kalia: And so the service provides the standard sort of processes and workflows we have in our identity platforms like IdentityIQ and IdentityNow, so that’s what we are building on and that integration will be coming soon later this year, and those are the kind of scenarios which will be able to enable.
SailPoint Marketing: Awesome.
SailPoint Marketing: One more question. How is the license structure for cloud governance?
Manish Kalia: So the cloud governance service is basically helping you go and access your cloud environment. And so the licensing is largely based on the size of cloud environment as well as the amount of identities which are getting access to the cloud environment for privileged activity or other areas.
Manish Kalia: So we’re happy to provide more details on that based on you know your unique needs. So as I mentioned, we have two services their, Cloud Access Manager and workload privilege manager. And so, yeah, happy to go into the second level of detail, but at a higher higher level, it is it is basically, we look at the size of cloud environment as well as the mono identities, we sneak privileged access to that environment.
SailPoint Marketing: Awesome. And I think last question, is this product different from an IdentityAI?
SailPoint Marketing: They’re complementary products and IdentityAI is really helping us automate some of the traditional cumbersome processes in our IGA processes like certifications and so on.
Manish Kalia: Cloud Access Manager and workload privileged managers specifically are helping access new cloud platforms, and so they’re very complimentary and their work with each other.
SailPoint Marketing: Awesome.
SailPoint Marketing: Thank you so much. And I think that wraps up the webinar for today.
SailPoint Marketing: Have a great day everyone.
You might also be interested in:
Find out how SailPoint can help your organization.