The power of unified identity security

The SailPoint Blog
| Mark McClain | Market Views

Today’s identity security challenges are massively different than they were even a handful of years ago, never mind a decade or two ago. The way we work has evolved. The centrality of identities to both the enablement and security of today’s enterprise has increased significantly. The threat landscape is more dynamic than ever, and nearly always comes down to a compromised identity as the trigger point for the majority of breaches today. It’s all gotten so much more interwoven, complex and accelerated. What worked a decade or two ago to secure enterprise identities clearly won’t work now to address today’s security challenges.

And that’s what we have just unveiled during our Navigate event in Austin this week. Our vision. Our stake in the ground. Our near and longer-term plan for how we’ll not only evolve, but how we’ll fundamentally disrupt this market. A disruption that will serve our customers’ needs best, not simply respond to the moves of our competitors. We want to ensure that our enterprise customers go down the right path, not the noisy, misdirected paths they’re being offered by those who would attempt to provide lightweight short-cuts or converged offerings that don’t set them up for long-term success.

The path forward for the modern enterprise

We believe there’s a very clear path forward for the modern enterprise – one that suits their complex, sophisticated needs but in a lean, autonomous and integrated way. That path forward, in our view, looks like this:

It has to cover the entire landscape of WHO in the “who has access to what” equation. That means secure oversight over every type of enterprise identity. Long gone are the days of focusing solely on employees, often referred to as workforce identities – the definition of an enterprise identity has far surpassed that. We’ve not only expanded to cover contractors and value chain partners with our recent addition of Non-employee Risk Management, but we’re investing heavily to ensure we can help enterprises secure the exploding arena of software bots, robotic processes, intelligent devices, and many other technologies.

It has to cover the entire landscape of the “WHAT” in “who has access to what.” That means every type and location of technology AND data. It is mission critical that companies extend their policies and controls to all types of data so that they’re protecting all access from a centralized control point. This is where our new SailPoint Data Access Security solution is critical to extending your identity security program so that all of your access points to unstructured data are tightly controlled and managed in a holistic way using the same identity security system that controls application access.

It has to address “privilege” as a concept, but not necessarily the way it’s been done before. Over the last 25 years, privileged access evolved as a specialized, independent discipline. But we believe it should be an extension of how you manage and control risk within the context of your identity ecosystem. Put another way, we see privileged access as just another aspect of access; it should be treated holistically in how you manage each identity’s access. Treating privilege as its own “thing” creates silos and may open up hidden or overlooked risk. It’s about ensuring you understand and manage risk across the entire spectrum of access needed, based on intelligence, through a unified control point around each identity.

It has to be fueled by automation and machine learning. It’s clear that keeping pace with the rate of change happening across today’s modern enterprise has far surpassed human capacity. Consider AI as the enabling technology that acts as the accelerant – streamlining identity security decisions and processes so that you don’t have to rely so heavily on human intervention.

And finally, it has to be unified. If you went back 20 years in a time machine and could map out the evolution of the identity landscape, you’d probably do it quite differently from what has actually unfolded. Who would ever think the following was the “right” way to do it? “Our end users should go one place for normal account access. But admins should go somewhere else for privileged access. And let’s manage employees differently from how we manage contractors and manage cloud-based accounts differently from SaaS systems, which is also differently than how we manage access to our legacy applications.” It makes no sense. But we believe there’s a better way. That better way is our new SailPoint Atlas platform–a platform designed to unify this ecosystem. Whether the systems are on-prem or cloud; the accounts are privileged or non-privileged; the data is in an app in a data center or in the cloud, in a data lake, or in a document in MS SharePoint, SailPoint Atlas gives you a unified way to manage it all. One set of workflows for automation, one set of policies for control, a unified connectivity fabric, consistent APIs, and a unified data plane to make sense of it all.

The next generation of identity security: autonomous, intelligent, extensible

In summary, the next generation of identity security is not about the popular idea of convergence but of unification. The next generation of identity security is about anintegrated, comprehensive solution. One that is simple to use and operate, yet robust enough for the complexities of the enterprise. Built with one set of unified policies for control. Addressing every type of enterprise identity, every type and location of data, while managing risk across the spectrum. And most importantly, built on a unified platform: SailPoint Atlas

As always, we find ourselves at a very exciting time in the trajectory of this market. We believe strongly that this unified approach is THE approach to address the complexities of the global enterprise identity challenge. Our mission, through this unified, next-gen approach is to enable each of you who work as an identity professional in your enterprise to effortlessly manage and secure your identities – at any speed, at any scale. Freeing you up to accelerate your business in unimaginable ways, with the power of identity at the core.