Identity-aware InfrastructureIdentity at the Center of Security, Compliance & IT Operations

Darran Rolls, CTO & CISO

SailPoint at a Glance

World’s largest, dedicated IAM vendor• Based in Austin Texas, USA• Operations in 15 countries• 300 Partners worldwide• Customers in every vertical

The leader in identity governance

Identity Governance market leadership

GartnerMagic Quadrant for IGA, 2017

ForresterWave for IMG, 2016

KuppingerCole Report, Leadership Compass, 2017

Evolution #1Delegate

Administration

Generation #2Automated

Provisioning

20041998 2018

Generation #3Identity

Governance

20 Years of Identity Management Evolution

Evolution #1Delegate

Administration

Generation #2Automated

Provisioning

20041998 2018

Generation #3Identity

Governance

20 Years of Identity Management Evolution

ü Business user focused

ü Full lifecycle

ü Embedded controls

ü Securing & managing

all access

Copyright © SailPoint Technologies, Inc. 2017. All rights reserved.

Securing & Managing Access

Securing & Managing Access

People Access Data

Unstructured

Structured

ApplicationPeople

Applications

Devices

Authentication

Bio-Metric

WebBased

SAMLBased

PasswordBased

PKIBased

OAuthBased

Authorization

ApplicationSpecific

AttributeBased

SystemDefined

VaultedCreds

GroupBased

RoleBased

Identity & Access Governance

People Access Data

Bio-Metric

WebBased

SAMLBased

PasswordBased

PKIBased

OAuthBased

ApplicationSpecific

AttributeBased

SystemDefined

VaultedCreds

GroupBased

RoleBased

Who has Access to What and Why…

Identity & Access Governance

People Access Data

Bio-Metric

WebBased

SAMLBased

PasswordBased

PKIBased

OAuthBased

ApplicationSpecific

AttributeBased

SystemDefined

VaultedCreds

GroupBased

RoleBased

Automation, Delegation and Self-service

Identity & Access Governance

People Access Data

Bio-Metric

WebBased

SAMLBased

PasswordBased

PKIBased

OAuthBased

ApplicationSpecific

AttributeBased

SystemDefined

VaultedCreds

GroupBased

RoleBased

Visibility & Control = Identity Governance

Identity

Governance

Program Objectives

NIST 800-53 Control Groups

✔

✔

✔

✔

✔

✔

✔

✔

✔

✔

Identity Governance Program Objectives

Enabling efficient & accurate user access

Protecting access to applications and data

Staying compliant amidst mounting regulations

Cloud and on-premise applications and data…

IncreasedProductivity

Lower Security Risk

SustainableCompliance

Objective #1: Increased Productivity

• Joiner MOVER & leaver controls…

• Fine-grained access control…

• Delegated administration…

• End-user self-service…

IncreasedProductivity

Objective #2: Lower Security Risk

• Understanding access risk…

• Password management…

• File & access governance…

• De-provisioning & security response…

Lower Security Risk

Objective #3: Sustainable Compliance

• Access reviews…

• Detective and preventive policy controls…

• Data ownership & responsibility…

• Reporting & analytics…

SustainableCompliance

Identity-aware Infrastructure

Copyright © SailPoint Technologies, Inc. 2017. All rights reserved.

Understanding Key Relationships

DataEntitlementAccountIdentity

Darran Rolls

ActiveDirectorydarran@sailpoint.com

Group=Accounting

\\Shares\HR(read)

\\Shares\Corp(read write)

Group=Users \\Shares\doc3(read)

RACF1232123

SYSDBA

Data Profile1

Data Profile2

SYSOPER Data Profile3

Identity Account Entitlement Data

SIEM & DLP

Applications & Infrastructure

Mobile DeviceManagement

Identity-enabled Infrastructure

Integrated ResponsiveEcosystem

DataGovernance

User Behavior Analysis

PrivilegedUser Mgmt.

GRC

IT ServiceManagement

Shared Context& Actions

Security Infrastructure Identity Governance & AdministrationOperations Infrastructure

EndpointManagement

Access Management

Privileged Account Mgmt.

SIEM

Systems Management

Service Management

GRC

Enterprise Mobility Management

User Behavior Analysis

SailPoint Open Identity Platform

23

darran.rolls@sailpoint.comwww.sailpoint.com