SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Exclusive: SailPoint an identity security powerhouse
Thu, 23rd Nov 2023

We sat with Grady Summers, EVP of Product at SailPoint, recently to understand the security vendor.

Summers described SailPoint as an "identity security company that manages all aspects of enterprise identities." Its journey began nearly two decades ago, primarily focused on identity governance. The core idea revolved around managing the lifecycle of user access - when someone joins an organisation, transitions to a new role, or departs from the company. This focus allowed SailPoint to create a solid foundation in identity governance.

However, SailPoint's journey didn't stop there. Over the years, the company has expanded its offerings to encompass various facets of identity security, responding to the evolving needs of enterprises. The scope now includes cloud infrastructure entitlement management, data access security, and third-party identity management.

The Backbone

The SailPoint Atlas platform is the heart of SailPoint's identity security solutions. It is the bedrock upon which all SailPoint's identity security cloud products are built. Its significance lies in providing a unified set of robust capabilities across all SailPoint offerings.

The Atlas platform:

  • Automation Workflows: The platform streamlines identity management processes by automating various workflows. This ensures efficiency and reduces the burden of manual tasks, such as access provisioning.
  • Customisation: Custom forms allow organisations to tailor their identity security processes to meet their specific needs. This flexibility empowers enterprises to create solutions that align with their unique requirements.
  • Business Intelligence Tools: SailPoint Atlas incorporates a suite of business intelligence tools, enabling organisations to gain deep insights into their identity security landscape. Customised reporting and analytics provide valuable data for decision-making.
  • Data Analytics and AI: SailPoint leverages cutting-edge artificial intelligence (AI) capabilities within the platform. AI plays a crucial role in optimising identity security processes, making access decisions more efficient and automating access reviews.

SailPoint Atlas's significance lies in its ability to provide consistency and uniformity across SailPoint's product suite. This unified approach ensures that customers benefit from a common set of powerful features, regardless of the specific SailPoint product they are using.

Zero Trust

Zero trust has emerged as a prominent concept in the realm of cybersecurity. It challenges the traditional notion of trust within an organisation's network, advocating for strict access controls and continuous verification, even for trusted entities.

SailPoint plays a pivotal role in enabling the zero-trust approach. While zero trust is not a product but a holistic strategy, SailPoint's identity security solutions are an integral part of implementing this strategy effectively.

How SailPoint fits into Zero Trust:

  • Identity Repository: SailPoint serves as the repository of who should have access to what within an organisation. It defines and manages the access rights of individuals and systems based on their roles and responsibilities.
  • Access Control: SailPoint ensures that users only access the applications and data they are entitled to. By providing granular access control, SailPoint strengthens an organisation's ability to enforce the principles of least privilege.
  • Security Compliance: SailPoint's identity governance capabilities aid in ensuring that access policies align with security compliance standards. This alignment is a crucial component of zero trust.

By populating the zero trust network gateway with the necessary access information, SailPoint helps organisations establish a robust zero trust security framework.

The secret weapon

SailPoint's approach to AI stands out in the industry due to its unique blend of expertise and experience. While many companies have ventured into AI, SailPoint's differentiation lies in the depth of subject matter knowledge and industry expertise that underpin its AI capabilities.

SailPoint's AI is more than just mathematical algorithms. It encapsulates years of experience in the identity security domain.

This AI expertise manifests in several ways:

  • Access Approvals: SailPoint's AI automates access approvals, reducing the time and effort required for manual reviews. This automation not only enhances efficiency but also ensures compliance with security policies.
  • Access Review Optimisation: The AI-driven features assist in efficiently conducting access reviews by identifying outliers and unusual access patterns. This reduces the burden on administrators and improves the accuracy of reviews.
  • Identity Governance: SailPoint's AI is a critical component of its identity governance capabilities. It aids in role management and entitlement analysis, ensuring that users have access only to the resources necessary for their roles.

SailPoint's AI is more than just a technological add-on; it represents the culmination of years of expertise and industry understanding.

Unstructured Data

In a world where data is a valuable asset, organisations must extend their security measures to protect unstructured data. SailPoint has recognised this imperative and expanded its identity security solutions to include data access security.

Unstructured data, such as spreadsheets and documents, often escapes the radar of traditional security measures. SailPoint's solution classifies and monitors access to this data, providing organisations with better control and visibility over their information assets.

This expansion into data access security addresses a critical gap in the cybersecurity landscape. Many organisations have vast repositories of unstructured data that require protection, and SailPoint's solution is poised to meet this challenge.

The assessment tool

SailPoint understands that each organisation is on a unique journey in the realm of identity security. To assist organisations in assessing their current maturity and identifying areas for improvement, SailPoint has developed an assessment tool.

The assessment tool is based on the insights gained from a comprehensive survey conducted by SailPoint. This survey provides a spectrum of capability levels across hundreds of organisations. SailPoint has categorised these capabilities into distinct horizons, ranging from basic identity management processes to advanced AI-driven solutions.

Recent research from SailPoint and Accenture found that less than 70% of the identities in the organisation are covered. Organisations can use the assessment tool to evaluate their current position on the spectrum and chart a course for further improvement. It helps them gain clarity on their identity security journey and identifies specific areas that need attention.

Looking ahead

SailPoint remains at the forefront of identity security, providing organisations with comprehensive solutions to safeguard digital identities and data assets. With the SailPoint Atlas platform as the cornerstone of its offerings and a commitment to the principles of Zero Trust, SailPoint is well-equipped to assist organisations in an ever-evolving threat landscape.