Story image

SailPoint outlines the three frontiers of identity governance at Navigate '18

16 May 18

​SailPoint says the future of identity governance lies across three frontiers: users, applications, and data. Those three frontiers were the focus of the company’s sold-out Navigate ’18, which kicked off in Austin this week.

“Data breaches and compliance aren’t the only challenges we’re facing as an industry,” says SailPoint CEO and co-founder Mark McClain.

“The very nature of our business is changing. The pressure to digitise the enterprise is growing in importance as businesses fight to keep their competitive edge and to continuously deliver value to their customers.”

SailPoint believes that user and application populations are growing and changing. At the same time, data is moving and evolving into new formats and locations.

“Identity must evolve to tackle this new world in which we live, governing access across all users, all applications and all data. SailPoint is pushing the limits of these three new identity frontiers,” McClain says.

The user frontier: expanding identities beyond humans

Enterprise identity governance programs have traditionally focused on three primary users: employees, contractors and partners. In the new business world, non-human users – such as software bots and technology like RPA (Robotic Process Automation) – introduce a new identity type. Modern enterprises must rethink identities beyond humans, understanding how these non-human entities interact with enterprise applications and data while applying proper governance controls.

The application frontier: scaling to today’s realities 

Enterprises today manage hundreds of applications that drive their business forward. This includes an increasing number of SaaS applications alongside traditional legacy applications. As business users accelerate the need for new applications, identity governance must also evolve, making it easier to onboard new applications to more nimbly enable the business.

The data frontier: securing access to data in files

In the past, most sensitive data was stored in applications and databases such as CRM, HR, and financial systems. Today, end users are downloading, extracting and copying that data into files and then storing that data in file shares, like SharePoint, and cloud storage systems, such as Box and Google Drive, often leaving the data largely unprotected. This opens up a huge area of exposure for organisations that must be addressed with identity governance, making data the third, and perhaps most critical, new frontier in identity.

“As technology and innovation are changing the way we work, the nature of business users is evolving, while the volume of applications and data are furiously increasing,” McClain says.

“SailPoint is at the forefront of developing innovative ways of providing comprehensive identity governance to secure the digital identities of all users across all applications and all data. This is our vision and the only path forward for global enterprises today.”

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.