Philips improves security posture with identity security
Philips is a leading health technology company focused on improving peoples lives and enabling better outcomes across the health continuum.
Challenge
Identity and security are top of mind for Philips as they make the transformation to becoming a digital company. They needed an identity solution that would not only improve their security posture and reduce risk but could scale with the growing business. At Philips, choosing an identity platform that could be deployed in the cloud was critical.
Solution
With SailPoint, Philips has:
- centralized their identity platform on AWS for increased flexibility and scalability
- reduced risk by improving their security posture
- improved the end user experience
- reduced operational costs
Identity is critical for Philips to become a digital company and is a center of security. It helps us to grow, to manage the access-related risks and enable the business to delight our customers.
Michiel Stoop, Business Process Owner and Domain lead for Logical Access Control, Philips
Improves security posture by leveraging identity security
For Philips, improving people’s lives starts with enabling employees – both safely and securely. Before Philips moved to the cloud, SailPoint was running in a physical data center at one of their service providers. Philips made a strategic decision to move their physical data centers to the cloud and AWS was the preferred solution for infrastructure as a service.
Identity journey
Imagine being a leading health technology company focused on improving people’s lives and enabling better outcomes across the health continuum. For good companies to bring great technology to life, employees need to be able to think, act, pivot and jump when needed. Philips is laser-focused on delivering quality technology and have worked hard to enable their business to run as quickly as possible, even during acquisitions and divestitures, all while maintaining their security posture and a low-risk profile.
How does Philips do it? Let’s look at how they are keeping innovation and security their top priority as they transform into a digital company.
The importance of identity security to Philips
As a data driven organization, they put great care around data and access integrity, which is one of the fundamental principles to identity security and the zero-trust model they follow. “Identity security is critical for Philips to become a digital company and is at the center of our security strategy, shared Michiel Stoop, Business Process Owner and Domain lead for Logical Access Control at Philips. “The main driver is to reduce risk and improve our security which will help us grow and enable the business to delight our customers.”
In the digital world we live in, everything is interconnected. That puts business, people, partners and our customers at risk with anyone who wants to access business critical information. “With identity, we’re stepping up our game to keep the bad guys out and make it easier for the good guys to excel and innovate,” Stoop shared. “How are we doing this at Philips? With this program we moved from a decentralized to a centralized management process and now control who has access to our information. We ensure that the right people, get the right resources, at the right time for the right reasons.” Other benefits for Philips have been an improvement to the user experience, strengthening their regulatory compliance and a reduction in operational costs.
Identity security is critical for Philips to become a digital company, and is at the center of our security strategy. The main driver is to reduce risk and improve our security which will help us grow and enable the business to delight our customers.
Michiel Stoop, Business Process Owner & Domain Lead for Logical Access Control at Philips
Identity security powered by the cloud
Before Philips moved to the cloud, SailPoint was running in a physical data center at one of their service providers. Philips made a strategic decision to move their physical data centers to the cloud and AWS was the preferred solution for infrastructure as a service. “We moved SailPoint to Amazon Web Services (AWS) to improve performance and have more flexibility and scalability. Now we can scale our infrastructure quickly based on resource uses and future demand,” Stoop shared.
Once we onboard all critical applications, we will start to make use of the risk-based and AI capabilities SailPoint offers.
Michiel Stoop, Business Process Owner & Domain Lead for Logical Access Control at Philips
Establishing an identity program
Stoop is a wealth of knowledge. His experience building a global, cloud identity security program is vast and it would be a shame to keep his advice for building an identity program to ourselves. “Identity programs can be a challenge if the purpose is not clear to your stakeholders. I would clearly define what the objective of the program is, identify key stakeholders and get their buy-in to ensure a proper governance model is defined.”
Stoop also recommended ensuring your identity security processes are adopted by the organization and that it fits with out-of-the-box capabilities your vendor offers. “Do not build any customizations or do a 1:1 replacement with your existing IAM solution. It’s better to start a new journey that fits with your objective and the future goals of your business. Make use of Professional Service teams to ensure quality and best practices are followed and interact with other customers to learn how they started their journey and learn from their pitfalls,” Stoop shared.