SailPoint President Kevin Cunningham and CTO Darran Rolls Join Industry Experts to Address Key Topics in Identity Risk & Compliance, Role Management

AUSTIN, Texas, April 23, 2008 – Identity risk management software pioneer SailPoint Technologies, Inc. today announced the company was recognized as a finalist for the “Best Innovation” category in the European Identity Awards ceremony at the 2nd European Identity Conference (EIC) 2008 held by Kuppinger Cole & Partners on April 22, 2008. The company’s president and founder Kevin Cunningham and CTO Darran Rolls are joining other industry experts on several panels addressing identity risk, compliance and role management topics. The conference takes place April 22 – 25, 2008 at the Forum am Deutschen Museum in Munich, Germany.

EIC focuses on identity management and governance, risk and compliance disciplines and offers a combination of presentations on best practices, research, moderated industry panels and keynote sessions from top innovators. Cunningham and Rolls will each participate in a panel and will participate together in a workshop.

New School Access Compliance and Risk Management Innovation
Date and Time: Wednesday, April 23, 14:00-15:00 CET
Moderated by Sebastian Rohr, Kuppinger Cole & Partners, panelists include Darran Rolls, SailPoint; Dr. Martin Kuhlmann, Omada; Dr. Ron Rymon, Eurekify; Marko Vogel, KPMG and Marina Walser, Novell Central Europe.

When companies first sought to balance the rapid pace of business with maintaining compliance with industry and regulatory mandates, they intuitively turned to existing identity management solutions as the fastest path for addressing many of the questions that had to be resolved to demonstrate compliance. But while identity management has provided value for many of these requirements, it still leaves critical gaps that companies have been forced to fill themselves through time-consuming, manual processes or home-grown systems. For these companies, continuous compliance means continuous repetition of hard labor using manual tools. As the deluge of regulatory mandates requiring access-related controls has grown, the need for a more efficient approach to managing access compliance and related business risk has become critical for global organizations.

To address these issues, a new wave of companies has emerged to effectively address access governance. Unlike their predecessors, which pre-dated most regulations, these solutions were architected from their inception with compliance and business processes in mind, enabling a streamlined and automated approach to access compliance certification and role lifecycle management. Deployment of these next-generation solutions leads to a sustainable and auditable strategic business process that substantially reduces risk from inappropriate access. This panel will address:

  • The intersection of compliance/governance and identity and access management and what the future holds
  • Deployment of new automated, sustainable and auditable strategic business processes to substantially reduce risk
  • How organizations can achieve a company-wide access risk management & compliance model

Putting Context in Identity: Governance, Compliance, Entitlement and Roles
Date and Time: Wednesday, April 23, 15:00-16:00 CET
Moderated by Dave Kearns, Network World, panelists include Kevin Cunningham, SailPoint; Paul Heiden, BHOLD Company; and Chris Sullivan, Courion.

Pundits talk about “Identity is center” or “Identity is the base” or even “Identity is the platform” in attempting to place Identity within the correct context of electronic interactions. But Identity won’t fully deserve that core place until we can put more context into the identity transactions. It’s only through knowing the full context – the Who, What, When, Where, How and Why – of an Identity event that we can properly determine the action that should follow.

Governance facilitates Compliance just as Role management facilitates Entitlement. But context eases the management of both Governance and Roles. Context is key to more automated, less expensive, GRC solutions.

Workshop: The Role of Roles in Compliance – A Practical Approach
Date and Time: Friday, April 25, 14:00-17:30 CET
Moderated by Dr. Horst Walther, Kuppinger Cole & Partners, workshop hosts include Kevin Cunningham and Darran Rolls, SailPoint; Melvis Hadzic, Oracle; Dr. Martin Kuhlmann, Omada; Dr. Ron Rymon, Eurekify and Peter Weierich, Voelcker Informatik.

Enterprise role management is quickly becoming a critical technology for enabling organizations to verify and enforce regulatory policies and to audit the effectiveness of internal controls over user access. But due to complexity and marketplace confusion, many companies struggle to find an approach that delivers practical and timely results.

This workshop is designed to help technical leaders adopt a pragmatic strategy for managing roles as part of a successful governance, risk management, and compliance initiative. SailPoint’s Chief Technology Officer, Darran Rolls, will provide an in-depth look at role management concepts and technologies. And, he’ll offer recommendations that can help organizations achieve practical benefits with roles. Points of discussion include:

  • Introduction: What is role management?
  • Business drivers and use cases for role management
  • Where do roles fit in the world of compliance?
  • How do compliance roles relate to provisioning roles?
  • How useful is the NIST RBAC model?
  • Real-world deployment issues:
  • Engaging the business user in the process
  • Achieving flexibility, usability, and ease of deployment
  • Role model interoperability
  • Future directions for role concepts and technologies

Workshop participants will gain the theoretical and practical knowledge they need to develop clear action plans for tackling role management in their organizations and to determine the most appropriate approach for the needs of their identity infrastructure and compliance objectives.