Story image

SailPoint improves security and compliance with SaaS update

18 Oct 18

Enterprise identity governance solutions provider SailPoint has unveiled a series of new features in IdentityNow, its SaaS identity governance platform.

Enhancements have been made towards both closing security and compliance gaps and simplifying identity implementations for organisations who may not have dedicated identity teams and resources. New in IdentityNow is the Dynamic Discovery Engine, an innovation that allows users to easily and quickly create policies, access reviews, dashboards and reporting.

As a result, IdentityNow customers are better able to address the mounting security and compliance challenges that all enterprises face today.

“When we started our identity governance journey, a key requirement for us was the ability to automate identity processes where we could, while improving our audit and compliance track record,” said FTD information risk management senior director Michael Boucher. 

“With SailPoint IdentityNow, we achieved important quick wins on the audit front, and now have a comprehensive identity program in place that drives stronger risk management while enabling our users with the access they need to do their jobs. We were able to accomplish this with only one dedicated person on staff.”

The new Dynamic Discovery Engine powers the following features in IdentityNow:

  • Streamlined separation-of-duty (SoD) policy management that simplifies and speeds the process of investigating access, uncovering any access-related conflicts of interest and creating automated policies that ensure compliance.
     
  • Dynamic access reviews that slice through identity data to instantly review and remediate access discrepancies, discovering application and entitlement owners in seconds and then applying a targeted certification campaign to meet compliance and audit requirements.
     
  • Personalised dashboards that provide each user a 360-degree view of all their identity-related tasks, including an intuitive view into access certifications or approval requests that need to be completed.
     
  • Sophisticated audit reporting that easily surfaces details and produces reports on who has access to what, when access was granted, and if policies have been violated. 

SailPoint chief product officer Paul Trulove says, “All companies today understand that they need solutions that proactively address security and compliance requirements, while providing visibility and control over their complex IT environments and the users who have access to them.

“Where many companies struggle with identity governance, especially for enterprises that have particularly stretched IT and security teams, is how to enable the business to grow while maintaining a strong security and compliance posture.”

Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
Dell EMC advances hybrid cloud for VMware environments
Through collaboration and joint engineering, Dell EMC and VMware are enabling organisations to derive more value from IT investments.
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”
Gartner names Bitglass a leader in cloud security
Bitglass was evaluated based on its ability to execute and its completeness of vision.
Universities seeing rise in DDoS attacks
Overall, between July and September, DDoS botnets attacked targets in 82 countries.
Security cameras – a latent botnet network?
In a comparison of 16 indoor and outdoor IP surveillance cameras, researchers found only one well-protected device.
2018’s worst malware revealed in report
Webroot has highlighted the top cyberattacks of 2018 in its latest Nastiest Malware list, which showcases the malware and attack payloads that have been most detrimental to organisations.
How phishing is evolving to outpace awareness
While email providers have made strides in flagging suspicious emails and source domains, reducing the effectiveness of attacks, attackers’ techniques have also evolved.