Risk-based Approach to Identity Governance Bridges IT and Business Policy Gaps
Anaheim, California, Sept. 8, 2008 – SailPoint Technologies, Inc.today announced SailPoint IdentityIQ 3.0, an identity governance solution that alleviates the cost, complexity and burden of security and compliance by providing 360-degree visibility into and control over identity data throughout the entire enterprise. IdentityIQ uses advanced data mining and analytics – or “Identity Intelligence” – to give enterprises the business insights needed to strengthen IT controls and reduce risk associated with user access to sensitive data and applications.
IdentityIQ (formerly known as Compliance IQ) combines business roles and policies with technical data mined from across the IT environment, providing meaningful, business-relevant identity information in easy-to-read reports and dashboards. It allows business people and IT staff to monitor and control user access across departments, business units and geographies.
SailPoint’s risk-based approach enables enterprises to identify vulnerabilities associated with user access and strengthen the controls necessary to mitigate those vulnerabilities. With IdentityIQ 3.0, SailPoint is the first vendor to deliver in a single solution the critical requirements for successful identity governance:
- identity intelligence for complete visibility into an organization’s identity data;
- roles that make identity data more easily understood by business people;
- automated controls that map IT access privileges to enforceable business policy; and
- a risk management framework to help organizations focus and prioritize controls.
“Reviewing access privileges for tens of thousands of employees is highly labor-intensive, so Mycroft is working with customers to streamline the process,” said Elizabeth Butwin Mann, president of Mycroft, Inc. “Using SailPoint IdentityIQ, we’re helping clients automate certifications and provide the business context to make accurate decisions about who should have access to critical IT resources. This approach enables companies to minimize risk while keeping business processes running smoothly.”
IdentityIQ 3.0 includes enhanced web-based business interfaces with drag-and-drop customizability, as well as updated reporting and analytics capabilities. Key features of IdentityIQ 3.0 are:
- Business-friendly Access Request – a self-service interface designed to empower business users to request or change access privileges as needed. IdentityIQ includes an embedded policy framework and approval workflow to proactively ensure that requested access aligns with a company’s business policy.
- Adaptive Role Modeling – a flexible role framework for defining business and IT roles that map to any organization’s unique business structure, rather than requiring organizations to conform to a vendor’s prescribed model for roles.
- Intelligent Access Review – the ability to detect changes in user access, such as new privileges, policy violations or increases in risk profiles, simplifying and improving regular access certification activities and allowing managers to address problems as needed.
“Our global customers want to proactively approach compliance and potential security threats while implementing a sustainable, ongoing process for continued identity governance,” said Kevin Cunningham, president and cofounder of SailPoint. “For any identity governance strategy to be successful, we must bridge the gap between technical controls, managed by the IT department, and business policy, defined within business units. IdentityIQ 3.0 allows business managers to assign employee access privileges across their enterprise, and provides approval workflows to ensure those privileges map to business policy.”
SailPoint Technologies, Inc. develops identity governance software that helps organizations gain control over user access to critical systems and data, streamline costly IT compliance processes and reduce the risks of fraud, corporate data loss or theft and failed audits. Founded in December 2005, SailPoint is based in Austin, Texas.
Mycroft is a premier provider of IT infrastructure services, including managed services, identity management and IT security, and IT process improvement. The company has US offices in New York, St. Louis and Long Beach, CA, and services Europe from its office in the U.K. For more information, visit www.mycroftinc.com.