Story image

SailPoint updates IdentityIQ to expand definition of digital identities

24 Aug 18

Identity governance company SailPoint has announced updates with IdentityIQ to help organisations embrace developments in identity governance, which address the explosion of new users, applications and data-driven by digital transformation.

With IdentityIQ 7.3, SailPoint expands the definition of identities beyond humans, providing the ability to govern non-human identities such as software bots, including robotic process automation (RPA) bots.

With the new IdentityIQ Accelerator Pack, SailPoint enables organisations to rapidly onboard the thousands of applications their business users now rely on into IdentityIQ, significantly accelerating their identity governance deployment and time-to-value.

IdentityIQ 7.3 also deepens the functionality for governing access to mission-critical Amazon Web Services (AWS) and SAP environments, ensuring they are secured in the same way as the rest of an organisation’s infrastructure.

Enterprises are increasingly relying on software bots and other types of non-human identities to drive business efficiencies and to keep pace with digital transformation.

Until now, these bots have largely been left unmanaged by identity governance programs, leaving organisations exposed to security and compliance risks. 

Now, IdentityIQ enables organisations to govern bots and their access to all enterprise applications and data by enforcing processes like requesting, approving and certifying access as well as extending access-based policy definitions to these non-human users.

“We continue to see an increase in the usage of bots in our IT environment and it is important to be able to manage and govern them just as we manage and govern their human counterparts,” says Manulife security operations, enterprise technology and services director Sheri Munro.

“These technologies create operational efficiencies for us, but we must incorporate them into our identity governance strategy to ensure we remain secure and compliant.”

IdentityIQ’s new Accelerator Pack empowers enterprises to rapidly scale their implementation across the increasingly broad and hybrid application environment.

Through pre-configured options and best practice use cases, enterprises can now onboard new applications and configure governance processes in a matter of hours versus weeks.

The Accelerator Pack also allows business analysts to easily take on the technical tasks of an IdentityIQ deployment, decreasing the time and cost to deploy and reducing the need for highly technical identity governance resources.

Importantly, the Accelerator Pack provides “break-glass” functionality and allows organisations to take instant, targeted action in the event of a data breach, immediately terminating an identity and re-provisioning access once it has been determined a threat no longer exists.

Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
Dell EMC advances hybrid cloud for VMware environments
Through collaboration and joint engineering, Dell EMC and VMware are enabling organisations to derive more value from IT investments.
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”
Gartner names Bitglass a leader in cloud security
Bitglass was evaluated based on its ability to execute and its completeness of vision.
Universities seeing rise in DDoS attacks
Overall, between July and September, DDoS botnets attacked targets in 82 countries.
Security cameras – a latent botnet network?
In a comparison of 16 indoor and outdoor IP surveillance cameras, researchers found only one well-protected device.
2018’s worst malware revealed in report
Webroot has highlighted the top cyberattacks of 2018 in its latest Nastiest Malware list, which showcases the malware and attack payloads that have been most detrimental to organisations.
How phishing is evolving to outpace awareness
While email providers have made strides in flagging suspicious emails and source domains, reducing the effectiveness of attacks, attackers’ techniques have also evolved.