Making Identity Security a Core Enterprise Essential

Image credit: iStockphoto/metamorworks

How well do you know your employee, partner, and customer?

The answer was more straightforward when a security perimeter protected your corporate network, ringed with firewalls, and laced with intrusion prevention systems. Your security team monitored the intranet traffic with the prevailing assumption that anyone within this perimeter is deemed trustworthy unless proven otherwise.

COVID-19 gave a rude wake-up call. While perimeters still matter, they became porous as data traffic went outside and employees worked remotely. So, security vendors and even governments started promoting zero trust. Here, the assumption is that no one is trusted unless verified.

The problem with zero trust is that it is not a neat product that security deploys and forgets. It’s an enterprisewide concept, and like any concept, it requires collaboration with other parts of the company, like DevOps teams — not what security teams are known for. The bigger problem, however, is where companies should begin driving the zero trust concept, especially when many are already managing complex architectures.

Here, SailPoint has an answer. It believes every zero trust concept should begin with identity security. And to help companies to take their first steps, it is rolling out two new product suites that set the new security standard for identity security.

“With today’s hybrid workforce, a traditional security perimeter is no longer a viable option. In order to combat cyber threats and boost efficiency, enterprises need a robust identity security solution that integrates with existing systems and workflows, which as a result, saves costs, provides extensive visibility, and supports a solid security strategy,” said Chern-Yue Boey, senior vice president for Asia-Pacific at SailPoint.

“With these new product offerings, enterprises are in complete control to govern access and can easily adapt to the evolving needs of the business while staying ahead of identity-related risks.”

The tale of two solutions

The first solution is SailPoint Identity Security Cloud Business.

The company calls it a collection of “essential identity security capabilities to start an identity security journey built with AI and ML.” It offers a great starting point for those looking to drive their identity security journey.

The second is SailPoint Identity Security Cloud Business Plus. It comes with all the features of the first solution but uses AI and ML to discover, secure, and manage identities across an entire hybrid infrastructure — ideal for companies that manage complex architectures grown over the years.

The cloud approach makes it easier for customers to purchase SailPoint identity security offerings. It also increases their ROI as they can start making good on their investment from day one without the deployment hassle.

“Over the last two years, conversations I’ve had with customers and prospects all struck a similar tone: today’s systems are complex, businesses are moving incredibly fast, and visibility can be hard, if not impossible,” said Grady Summers, executive vice president of product for SailPoint.

“Identity security processes and decisions that used to take years now are achieved in a matter of minutes and can largely be done without human intervention. This is next-level identity security, securing our customers’ business at the core.”

Beefing up current solutions

SailPoint also introduced new capabilities for security teams to become more proactive about threats facing their businesses.

One major update is Identity Outliers. This feature uses AI and ML analysis to discover anomalous identities using a single dashboard. This allows security teams to take appropriate action to remediate all or specific types of outlier identities.

Access Modeling is another feature that autonomously builds new roles that impact each organization’s unique business situation. It allows security teams to understand suggested roles and the access models needed to make intelligent, guided decisions on continuously improving these models.

Lastly, File Access Manager (FAM) easily integrates an all-new AI-and NLP-driven privacy engine to capture PII data across unstructured resources. With FAM, privacy and security teams can swiftly process automation for Data Subject Access Requests and right-to-be-forgotten requirements — standard in GDPR and CCPR regimes.

“At AmeriGas, our team operates under the notion that enterprise security begins with a clear grounding in identity security. With SailPoint as a fundamental part of our identity strategy, we can tap into the comprehensive and intelligent approach they provide to drive a stronger security posture that empowers us to focus on our overall goals for the business,” said Christopher Martin, manager for identity & access security at AmeriGas.

It’s about time

The current announcements make it easier for companies to jumpstart their identity security journey and follow the zero trust concept. And they couldn’t come sooner.

This is especially crucial as companies are beginning to face supply chain attacks, open source zero-day vulnerabilities, and the danger of IoT devices overwhelming current defenses.

Essentially, it moves your identity security from your first line of defense to the last.

Image credit: iStockphoto/metamorworks