Privileged Identity Governance: Pigging Out on the Digital Frontier(s)

Joe Gottlieb

SVP, Corporate Development

SailPoint

Privileged Identity Governance:Pigging Out on the Digital Frontier(s)

Joe Gottlieb, SVP of Corporate Development, SailPoint

CSO50 Conference – 9 April 2019

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 263Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 263

Digital Transformation – Why?

Reinvent the

Customer

Experience

Invest in

Operations

Pace &

Efficiency

Invest in

Innovation

Velocity

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 264Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 264

Digital Transformation – What?

40%of IT Spend

Opportunityto Modernize

Security

Infrastructure

$2TDigital

Transformation

Spend 2019

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 265Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 265

Applications DataDigital

Identities

Digital Transformation

is driving an explosion in:

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 266Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 266

Employees

Robots!

Contractors Partners

The Identity Frontier

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 267Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 267

Terminal

…

Ephemeral Policy!Account & Password Role & Entitlement

The Policy Frontier

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 268Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 268

DevOps!

Cloud/SaaSData Center Virtual Data Center

The Paradigm Frontier

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 269

Best-of-breed Identity & Access Management

Privileged Access

Management

Identity Governance

Directory

Access Management

Access

Request

Login /

Authentication

End User /

Device

All Services & Applications:

SaaS, Cloud, On-premises

HR Application(Authoritative Source)

Change Notification

Access

Access

Governance &

Provisioning

DirectoryDirectory

Services

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 270270Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved.

Terminal

…

Ephemeral Policy!Account & Password Role & Entitlement

Broad Governance for All Accounts + Deep Controls for Privileged Accounts

SESSION RECORD & PLAYBACK

SESSION MONITORING & CONTROL

CREDENTIAL ROTATION

LIFE CYCLE MANAGEMENT / PROVISIONING

ACCESS CERTIFICATIONS

ACCESS REQUESTS

SOD POLICY ENFORCEMENT

CREDENTIAL LOCK DOWN

Employees

Robots!

Contractors Partners

DevOps!

Cloud/SaaSData Center Virtual Data Center

Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 271Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 271

Centralized visibility across all users, all accounts

and all entitlements

How best to leverage this visibility to drive new access

models for the new frontiers?

Automated lifecycle management for timely

provisioning and de-provisioning (JML!)

How best to shift privileged access management from

centralized administration to scalable governance?

SoD policy management that sees through the black

box of privileged account management

How best to evolve from periodic to business/risk-driven

certifications reflecting the new frontiers?

Ongoing recertification of privileged access in

context of risk and compliance/security cadences

How best to enhance SoD policies to embrace

ephemeral entitlements?

Benefits of Integrated IGA + PAM Some Things to Think About

272Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved.

Thank You