Press ReleaseCloud SecurityIdentity & AccessThreat Detection & Defense

SailPoint Protect Data Security & Manage Non-Employee Access

SailPoint Technologies, Inc., a leader in unified identity security for enterprises, unveiled a series of new features and capabilities in its Data Access Security and Non-Employee Risk Management offerings within SailPoint Identity Security Cloud. Updates to these add-on capabilities offer customers increased visibility and security across all varieties of identity types and their access to critical data, enabling a strong enterprise-class identity security program.

Data Access Security

Designed as a cloud-native solution on the Atlas platform, SailPoint Data Access Security provides customers with holistic visibility of access to unstructured data such as text files, presentations, IOT logs, PDFs, and more. SailPoint continues to expand its Data Access Security capabilities with integrated data access certification, activity monitoring, and sensitive and regulated data classification. With new resources at their fingertips, customers gain improved visibility and deeper context on critical data to help secure sensitive information as a core component of their identity security program.

Updates include:

  • Data Access Certification: Organizations now have the ability to review and certify access to sensitive, regulated, and critical data. These expanded certification capabilities help organizations easily identify over-provisioned access, meet complex compliance requirements and regulations, and ensure that only authorized users can access critical data – all while proactively managing secure access.
  • Activity Monitoring: New activity monitoring capabilities enable organizations to track and analyze activities taking place on data assets in real-time, giving security teams improved visibility along with the tools they need to identify anomalous activity. Now, organizations can monitor activities and better inform governance decisions to minimize risky access and holistically reduce their attack surface.
  • Sensitive and Regulated Data Classification: Customers can now leverage out-of-the-box data classification policies and predefined classification rules within their environment to automatically classify and catalog regulated and sensitive data. This includes personally identifiable information (PII), payment card information (PCI), medical records regulated under HIPAA, and information covered under data protection laws like GDPR. Organizations can also catalog content based on internal identifiers and dynamic policies to secure intellectual property, parented information, and classified restricted content.

Non-Employee Risk Management

SailPoint Non-Employee Risk Management enables customers to better manage identities and access for third-party non-employees, an emerging threat vector for enterprises. New updates drive better time-to-value and productivity for customers, helping to rapidly establish configurations for common non-employee identity types.

Updates include:

  • Non-Employee Risk Management QuickStart Templates: Customers can now use QuickStart templates, pre-configured setups, to address their non-employee onboarding, modifying and offboarding identity requirements to drive efficiencies. Enterprises can now instantly focus on managing non-employee identities effectively, enabling enterprises to reallocate critical IT resources.
  • New Language Expansion: Non-Employee Risk Management now offers additional language support for Traditional Chinese, Brazilian Portuguese, and Korean, providing additional global support for the non-employee identity solution.

“SailPoint’s Non-Employee Risk Management solution has given us a single source of truth for a range of identities, from fixed-term contractors to machines,” said Evan Fraser, Enterprise Architect, Absa Bank Limited. “This complements our identity management processes for employees, streamlining onboarding and provisioning while also improving security.”

Additional enhancements to SailPoint Identity Security Cloud

Recent updates to SailPoint Identity Security Cloud helps customers better manage and secure identities, with a keen focus on strengthening inactive identity management.

New features include:

  • Management of Inactive Identities: Users can now classify and define inactive identities via designated identity states within SailPoint Identity Security Cloud to better mitigate the risk of delivering access to the wrong identities. The new feature allows customers to designate identities “inactive” from select functionality in the product, improving user experience and performance. SailPoint expects customers will benefit by having an increasingly accurate view of their managed identities and better security in their solution.
  • Account User Interface (UI) Improvements: SailPoint has a redesigned Identity UI to give users a scalable and comprehensive way to manage and access items through a single pane of glass. This compact and configurable new experience offers added capabilities, such as the attribute-copy tool, and is auditor-friendly, delivering an enhanced identity management experience to all customers.

“Enterprises need a holistic view into their vast and varied identity landscape and their complex access needs across every application, and the data within those apps,” said Grady Summers, EVP, Product, SailPoint. These new Data Access Security and Non-Employee Risk Management updates further underscore our continued commitment to supporting our customers with an accelerated, enterprise-class solution, driven by the strong and dynamic governance needed to help safeguard every type of enterprise identity.”

Visit the SailPoint website for more information on building a unified identity security program.

Availability

All capabilities are currently available starting in June 2024.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *