Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Privileged Identity Governance: Pigging Out on the Digital Frontier(s)
Joe Gottlieb
SVP, Corporate Development
SailPoint
Privileged Identity Governance:Pigging Out on the Digital Frontier(s)
Joe Gottlieb, SVP of Corporate Development, SailPoint
CSO50 Conference – 9 April 2019
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 263Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 263
Digital Transformation – Why?
Reinvent the
Customer
Experience
Invest in
Operations
Pace &
Efficiency
Invest in
Innovation
Velocity
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 264Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 264
Digital Transformation – What?
40%of IT Spend
Opportunityto Modernize
Security
Infrastructure
$2TDigital
Transformation
Spend 2019
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 265Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 265
Applications DataDigital
Identities
Digital Transformation
is driving an explosion in:
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 266Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 266
Employees
Robots!
Contractors Partners
The Identity Frontier
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 267Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 267
Terminal
…
Ephemeral Policy!Account & Password Role & Entitlement
The Policy Frontier
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 268Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 268
DevOps!
Cloud/SaaSData Center Virtual Data Center
The Paradigm Frontier
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 269
Best-of-breed Identity & Access Management
Privileged Access
Management
Identity Governance
Directory
Access Management
Access
Request
Login /
Authentication
End User /
Device
All Services & Applications:
SaaS, Cloud, On-premises
HR Application(Authoritative Source)
Change Notification
Access
Access
Governance &
Provisioning
DirectoryDirectory
Services
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 270270Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved.
Terminal
…
Ephemeral Policy!Account & Password Role & Entitlement
Broad Governance for All Accounts + Deep Controls for Privileged Accounts
SESSION RECORD & PLAYBACK
SESSION MONITORING & CONTROL
CREDENTIAL ROTATION
LIFE CYCLE MANAGEMENT / PROVISIONING
ACCESS CERTIFICATIONS
ACCESS REQUESTS
SOD POLICY ENFORCEMENT
CREDENTIAL LOCK DOWN
Employees
Robots!
Contractors Partners
DevOps!
Cloud/SaaSData Center Virtual Data Center
Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 271Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved. 271
Centralized visibility across all users, all accounts
and all entitlements
How best to leverage this visibility to drive new access
models for the new frontiers?
Automated lifecycle management for timely
provisioning and de-provisioning (JML!)
How best to shift privileged access management from
centralized administration to scalable governance?
SoD policy management that sees through the black
box of privileged account management
How best to evolve from periodic to business/risk-driven
certifications reflecting the new frontiers?
Ongoing recertification of privileged access in
context of risk and compliance/security cadences
How best to enhance SoD policies to embrace
ephemeral entitlements?
Benefits of Integrated IGA + PAM Some Things to Think About
272Copyright © SailPoint Technologies Holdings, Inc. 2019. All rights reserved.
Thank You