Delivering Dynamic Governance to Potentially High-Risk Users

The SailPoint Blog
| SailPoint | Market Views

Authored by: Eric Yuan, Vice President, Global Strategic Partners, SailPoint

Detecting risk in an organization is harder than ever before. With a mostly virtual workforce accessing, creating, and storing company and customer confidential information both locally and in cloud storage solutions, the threat surface is more expansive than ever before. Sure, IT has risk monitoring software which bombards them with information. But making sense of risk data, and better yet, choosing the best defense to secure your organization can be daunting. A recent Identity Defined Security Alliance (IDSA) report showed that 94% of organizations have experienced an identity-related breach, yet according to that same report 99% of those breaches were completely preventable meaning that knowing whose access could expose the business to undo risk is the most critical information needed today.

So, what if an enterprise could automate the detection and mitigation of these risky users, including bots, while at the same time, providing greater context, dynamically adjusting to better protect critical systems and data?

Look no further.

To address these threats in an even more proactive and intelligent way, SailPoint has expanded its integration with Microsoft Azure Active Directory (Azure AD) which can now feed the Azure AD Identity Protection risk score into the SailPoint Identity Platform.

Let me give you an example of how this works; with his first cup of coffee in hand, Matt logs on to his computer in Austin, Texas to check his Teams channels, like he does every morning. Sitting at a café in Paris, another user logs in using Matt’s credentials at the same time. With the integration of SailPoint and Microsoft Azure AD, this atypical travel and likely nefarious security risk is flagged to the administrator within the SailPoint Identity Platform. IT can now remediate the situation by choosing to cut off access, force multi-factor authentication, get in touch with Matt via phone or email, or even force a password change.

When the risk is detected, through SailPoint’s expanded integration with Microsoft Azure AD Identity Protection, SailPoint can launch a re-certification or verification of a person’s access to systems. A re-certification can also occur when a major change in their risk profile is spotted increasing the scrutiny over new access requests or changes made to existing access. This added protection gives our customers increased visibility, context and control over a potential high-risk user and limits exposure due to inappropriate or unnecessary access to apps and data. Being able to make these changes quickly is critical to securing today’s digital enterprise.

This is why security must be thought of as a team sport with identity as the central player.

Internal and external risky users, moving to the cloud, global access and accelerated digital transformation are all why we are seeing a need to emphasize teaming up and enhancing the security community to help customers and their IT teams be setup for success. With this being said, SailPoint is excited to be part of Microsoft Intelligent Security Association (MISA), a validated, ready-to-employ ecosystem to help customers understand best of breed solutions. MISA’s goal is to build the foundation of a security ecosystem by bringing together top cyber companies to enhance cooperation and expand security capabilities across the Microsoft ecosystem. SailPoint has joined MISA and is dedicated to continuing collaboration with Microsoft to provide our mutual customers tested identity-driven Azure integrations.

“The Microsoft Intelligent Security Association has grown into a vibrant ecosystem comprised of the most reliable and trusted security software vendors across the globe. Our members, like SailPoint, share Microsoft’s commitment to collaboration within the cybersecurity community to improve our customers’ ability to predict, detect, and respond to security threats faster.” – Rani Lofstrom, Senior Product Marketing Manager, Microsoft Security

As customers rapidly migrate to the cloud and further enable remote employee productivity, SailPoint will continue to extend integrations and build upon our continued collaboration efforts with Microsoft. Providing the most comprehensive identity security across all data, applications, and cloud resources for Microsoft platforms for our customers. See how SailPoint can help mitigate the risk threatening your business.

To learn more about managing Identity Access for Microsoft Azure Active Directory through SailPoint, be sure to check out our Microsoft Azure Active Directory integration page.