Managing Employee Access to Sensitive Company InformationBy Andrea Villar | Mon, 01/18/2021 - 05:00
Q: What is SailPoint’s key strength?
A: SailPoint is the leader in identity security for the cloud enterprise. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, ensuring workers have the right access to do their job – no more, no less.
We are very focused on always innovating and improving our solutions. In recent years, we have been implementing artificial intelligence and machine learning to make solutions faster and more effective. Effectiveness is demonstrated by our very high client retention rate of 95 percent. When we implement a solution with a client, we adapt it to their needs and always seek feedback to see where we can further optimize our products.
Q: What is the methodology behind your identity governance solutions?
A: We first map the identity of all employees in the company and create profiles for each of them. We then align the access each person has with their profile. Thereafter, the process remains dynamic as the role of employees in companies might change. The idea is that a person enters their identity credentials and then automatically has access to only the areas for which they are authorized. Our system produces an alert when the behavior of an individual does not align with their profile. This alert can trigger a reaction that blocks this individual from reaching the areas of the company not open to them. This is AI and ML-driven technology. In an organization with thousands of employees, an unauthorized breach by an employee is very easily overlooked without this kind of technology in place. We offer different products depending on the type of connections employees are using.
Q: How has the pandemic influenced the relevance of identity governance in organizations?
A: The pandemic has definitely had a major impact on the importance of our solutions. Cybersecurity has moved from priority No. 5 or 6 to priority No. 1 for many companies. In the past, perimeter security protecting a corporate network was critical. Today, employees are working from outside the corporate network, making elements like onsite firewalls more obsolete. The fact that employees are now often on a personal computer, using a personal or even public Wi-Fi, has made their devices more vulnerable to intrusions. In fact, the number of cyberattacks has risen significantly over the last year precisely because people are easier targets now. Our identity governance solutions ensure that certain areas of the company’s digital infrastructure remain shielded from many more vectors of attack. This also provides better visibility when something irregular happens. This can happen, for example, when a malicious actor has attained the credentials of an employee and after having been inside the company for a while, starts to make lateral moves to try and steal sensitive information.
Q: Some say that too much security can be an impediment to usability. What is your view?
A: The more security, the more productivity. What is important is to have the right back end infrastructure to ensure fast, customized usership. At SailPoint, we are very focused on rapid implementation. Our clients do not have the time to wait a year. Especially now, business growth is dependent on digital services and products and companies require robust security solutions. One of our main tasks is to integrate the different systems of our client with our solution. Often, our client’s systems are initially only partially integrated.
Q: On which sectors are you focusing the most?
A: There is no specific sector. We are strong in the financial sector, in retail, logistics, government and the health sector, among others. During the pandemic, businesses that are using internet as a motor for growth sought out our solutions. This includes e-commerce but also telemedicine, for example. There are many new businesses that emerged because of the pandemic.
Q: Many startups, like fintech, struggle to invest in cybersecurity but do want to meet the regulatory norms. How can they overcome this issue?
A: While traditional banks tend to have digital infrastructure that is still more on-premise, startups like fintech practically all use cloud for their data management. This is faster and less costly. These cloud providers offer security solutions. This is the channel where we come in.
Q: What services do you want to improve in 2021?
A: SailPoint works with many global companies that are our commercial partners. In Mexico, we work with four local companies that distribute and integrate our product. Our objective is to increase collaboration between these local cybersecurity companies and those more focused on auditing and compliance. This will allow them to provide an attractive package to clients.
Q: What do you look for in new commercial partners?
A: We look for teams that have strong technical training in cybersecurity issues, as well as applications like SHP, ServiceNow, Oracle and other management platforms. In addition, these companies should be experienced in consultancy and project implementation to work with different levels of our client’s organizations, from the CEO to the IT specialists, to integrate the solutions.