Software offers identity risk management solution.
Press Release Summary:
Providing multi-dimensional views of identity data, Compliance IQ v2.0 helps reduce risks associated with controlling/managing user access to sensitive applications and data. Software offers rapid risk modeling and analytics, user access certifications, automated policy enforcement, and user activity monitoring. Software also measures risk levels of corporate IT resources, allowing application and data owners to measure asset risk and proactively address it.
Original Press Release:
SailPoint Delivers Next Generation Identity Risk Management with Compliance IQ 2.0
AUSTIN, Texas, Dec. 5 -- SailPoint Technologies, Inc. today released Compliance IQ 2.0, the latest version of the company's breakthrough identity risk management software that reduces the complexity, costs and risks associated with controlling and managing user access to sensitive applications and data. With new risk management features and tools to help IT and business managers collaborate on managing risks associated with user access, Version 2.0 accelerates organizations' ability to put in place proactive risk management practices while tackling the practical issues associated with identity and access compliance.
In spite of billions in compliance spending by public and private enterprises across industries, breaches involving insiders who expose consumer data, intellectual property and government intelligence have dominated headlines in recent months. The frequency of these breaches indicates the extent to which enterprises are struggling to secure user access to information and applications within the organization.
"When a typical large enterprise has tens of thousands of users and thousands of applications, basic identity audit and compliance tasks like certifying which users have access to critical applications and data are monumental," said Lori Rowland, Burton Group. "Organizations that master these tactical matters are poised to tackle the next big challenge and opportunity for most enterprises - collaborating with business managers to determine acceptable levels of risk for users and IT resources."
SailPoint Compliance IQ
Compliance IQ helps organizations achieve and demonstrate strong, consistent control over user access to critical systems and data in an automated and sustainable way. By providing rich, multi-dimensional views of identity data, Compliance IQ enables enterprises to understand what systems and data their users can access; determine if users' access aligns with their job functions and with corporate and regulatory policies; automate certification of users' access; and assess the relative risk each user's access represents to the business. Compliance IQ capabilities include risk modeling and analytics, user access certifications, role management, automated policy enforcement and user activity monitoring.
Making Risk Management Attainable
The extended risk model in Compliance IQ 2.0 helps enterprises - no matter what level of identity governance maturity they have achieved - focus access controls and monitoring according to business risk.
o Rapid Risk Modeling: The product's graphical risk configuration
templates enable quick and easy definition and customization of the
factors that contribute to identity risk. Once the risk model is
configured, organizations can begin compiling risk metrics to improve
the effectiveness of controls and ultimately the security of the
business.
o Resource-Level Risk Management: Unique to Compliance IQ 2.0,
resource-level risk management measures the risk levels of corporate IT
resources - applications, databases and file shares - allowing
application and data owners to measure asset risk and proactively
address it with improved controls. Like the risk scores Compliance IQ
assigns to user identities, Version 2.0 now also gives risk scores to
IT assets based on attributes such as number of orphaned, dormant,
service-level or super-user accounts; high risk users with access; and
policy violations detected.
o Risk Advisor: The new risk advisor feature strengthens IT controls by
proactively alerting business managers and application owners to
changes in identity and resource risk scores and providing mitigation
or remediation advice, e.g., removing access privileges, performing an
on-demand access certification for a user or initiating activity
monitoring for a user or a group of users.
o Extensible Risk Model: Compliance IQ 2.0 allows organizations to extend
the identity and resource risk models by incorporating new,
customizable factors into risk calculations. For example, Compliance IQ
can integrate with corporate directories or human resource systems to
factor attributes such as geographic location or temporary worker
status into the risk score for a given user.
"Our risk-based approach to compliance and governance has been extremely well received by the market," said SailPoint CEO Mark McClain. "We will continue investing in next-generation technology to bring identity risk management into the mainstream as a core IT discipline. With Compliance IQ 2.0, we want to help our customers see risk management as something that's possible today rather than some far-off vision for the future."
Simplifying Compliance and Providing Business Context
New features in Compliance IQ 2.0 make it easier for companies to manage identity audit and compliance with richer business context, making technical data more understandable to executives and business users performing compliance oversight.
o Collaborative Role Definition: New to Compliance IQ 2.0 is the unique
ability for business managers to define new roles while certifying
access privileges - a feature that allows organizations to adjust
roles as the business evolves and to accomplish role definition
incrementally. With this capability, Compliance IQ broadens its
comprehensive range of options for creating business roles, including
directed role mining, undirected role mining and role modeling.
o Business Context for Entitlements: In the same way business roles
define collections of IT privileges in meaningful business terms,
Version 2.0 introduces the ability to assign business friendly
descriptors to entitlements being managed by Compliance IQ. These
descriptors ease the process of access certification for business users
while ensuring greater reliability and accuracy.
o Role Lifecycle Management: The solution's role lifecycle management
features provide easy-to-use workflow for approving roles once they are
created or modified and for reviewing and verifying roles on a periodic
basis to ensure business roles remain accurate. New what-if analysis
allows role approvers to see how proposed changes will impact users
before changes are implemented.
Availability
SailPoint Compliance IQ 2.0 is available immediately. For more information, visit http://www.sailpoint.com/.
About SailPoint
SailPoint Technologies, Inc. (http://www.sailpoint.com/) develops identity risk management software that helps organizations gain control over user access to critical systems and data, streamline costly IT compliance processes and reduce the risks of fraud, corporate data loss or theft and failed audits. Founded in December 2005, SailPoint is based in Austin, Texas.
Source: SailPoint Technologies, Inc.
Web site: http://www.sailpoint.com/
