Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target...
Transcript of Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target...
![Page 1: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/1.jpg)
Identity is Everything
![Page 2: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/2.jpg)
INCREASING CHALLENGES.
INCREASING COMPLEXITY.
Hybrid environments
spanning cloud, mobile,
and on-premises
Shadow IT and BYOD Regulatory pressures
Budget costs and
pressures
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 3: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/3.jpg)
General
Directorate of
Population and
Citizenship
Affairs (Turkey)
50m records
Anthem80m records
Hacking Team400GB of records
Office of
Personnel
Management22m records
IRS
330k records
1670+ data loss events
770+ million records stolen
MORE
TARGETED
ATTACKS.
MORE DATA
THEFT.Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 4: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/4.jpg)
EXPOSURE POINTS
HAVE EVOLVED
Executives and board
members are asking
“Why?”
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 5: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/5.jpg)
The Human Attack Vector – A Growing Threat
43% of data breaches are caused by insiders (Infosecurity Magazine)
![Page 6: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/6.jpg)
Employee
Contractor
Vendor
Partner
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 7: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/7.jpg)
would sell their password to a 3rd party
share credentials with other co-workers1 in 3
purchased SaaS apps without IT’s knowledge
have access to company data & applications
after termination
33%
1 in 5
42%
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
Source: SailPoint 2016 Market Pulse Survey
![Page 8: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/8.jpg)
SECURITY PARADIGMS ARE
SHIFTING FROM NETWORK-CENTRIC
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 9: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/9.jpg)
TO USER-CENTRIC
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 10: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/10.jpg)
$7.1 Billion
$4.8 Billion
2014Source: IDC
2018
48%increase
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
IAM is the #1 CISO spending
priority in the next 3-5 years,
driven by security risk
MAKING IAM A FAST- GROWING MARKET
![Page 11: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/11.jpg)
DIFFERENCE
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
THE
![Page 12: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/12.jpg)
40%International
Customers
500+customers
worldwide
Hundreds
of millions of access rights
under
management
Magic Quadrant Leader, Gartner 2016
95%Customer
Satisfaction &
Retention
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
THE RECOGNIZED
LEADER
![Page 13: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/13.jpg)
SAILPOINT’S IDENTITY MANAGEMENT
Devices
On-Premises
Apps
Infrastructure
Directory
Cloud Apps
Web Apps
Structured
Data
Unstructured
Data
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
Governance-based
approach
First open IAM platform
Optimized for hybrid
environments
Extends to structured and
unstructured data
![Page 14: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/14.jpg)
We pioneered
identity
governance
We introduced
comprehensive
cloud-based
IAM (IDaaS)
We extended
IAM
to manage
unstructured
data
We
revolutionized
provisioning
2005 2016
REDEFINING MARKETS WITH INNOVATION
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 15: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/15.jpg)
The Customer Challenge we Address:
Identity Governance and Administration
Do you KNOWwho has access to what?
Is the Access APPROPRIATE?
What DATA is Being Accessed?
Can you PROVE it ?
![Page 16: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/16.jpg)
Identity & Access Under Attack
Accounts, Passwords & Data are the Target
Corporate IT& Data Assets
Over Entitled Users
• Accumulated privileges
• Potential toxic combinations
Privileged Access• Users with “keys to kingdom”
• Poor visibility due to shared accounts
Rogue Accounts• Fake accounts created by criminals
• Undetected access and activity
Complex Data Access
• Complex effective access
• Unknown data classification
![Page 17: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/17.jpg)
Crown Jewels Are at Increasing Risk
Credit Card Numbers
Intellectual Property
Health Records
Financial Records
EmployeeRecords
![Page 18: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/18.jpg)
What is DATA really worth ?
Name
PII
John Smith
HP2123GX…
Name PII
John Smith HP2123GX…= = Name PII
John Smith HP2123GX…Name
PII
John Smith
HP2123GX…
You haven’t solved the problem if you don’t protect all the information!
Bad Guys Want it, Insiders Have it…
…a PowerPoint SummaryFrom Reports to …
![Page 19: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/19.jpg)
Sample Use Cases
Breach Avoidance and Recovery – Lock down sensitive
data, uncover weaknesses, and prevent leaks
Compliance – Covering PCI, HKMA, MAS, FSC, EU
Data Protection by exercising governance best practice
IP Protection – Cleaning up permissions and
provisioning data access
Mergers and Acquisitions – What did you buy? What information
are you sharing?
![Page 20: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/20.jpg)
Year Loss (b$) Financial Services Company
2013 CEO
2013 Undisclosed
2013 2m Account
2012Intellectual
property
2010 2.00
2007 7.20
2001 0.70
Publically Known Security Breaches
Average cost of a security breach is $7.2M
![Page 21: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/21.jpg)
Societe Generale Fraud
![Page 22: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/22.jpg)
Stage 1: ‘Visibility’ of the Current State
Identity WarehouseSystem & ServiceAccounts
Privileged Accounts
Orphan Accounts
AccountClassification
Account &Entitlement
Data
Legacy Applications
Unstructured Content
Provisioning Systems
Cloud Services
Security Systems
Directories
HR Systems
Contractor Databases
External User Sources
AuthoritativeIdentity Data
Access Certification
ReportingAnalytics
Critical Remediation
![Page 23: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/23.jpg)
Stage 2: ‘Planning’ the Desired State
Identity WarehouseSystem & ServiceAccounts
Privileged Accounts
Orphan Accounts
AccountClassification
Account &Entitlement
Data
Legacy Applications
Unstructured Content
Provisioning Systems
Cloud Services
Security Systems
Directories
HR Systems
Contractor Databases
External User Sources
AuthoritativeIdentity Data
Access Certification
ReportingAnalytics
Business Roles
IdentityRiskPolicy Model
Critical Remediation
![Page 24: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/24.jpg)
Stage 3: ‘Managing’ the Changing State
Identity WarehouseSystem & ServiceAccounts
Privileged Accounts
Orphan Accounts
AccountClassification
Account &Entitlement
Data
Legacy Applications
Unstructured Content
Provisioning Systems
Cloud Services
Security Systems
Directories
HR Systems
Contractor Databases
External User Sources
AuthoritativeIdentity Data
Access Certification
ReportingAnalytics
Critical Remediation
Business Roles
IdentityRiskPolicy Model Lifecycle
Management
Single Sign-on
Enhanced Provisioning
![Page 25: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/25.jpg)
IAM Best Practices
Core Tenants of Identity Governance & Administration
1. Integrated Approach
3. Shared Identity Context
2. User Experience
5.Risk Based Controls
6. Connectivity Approach
7. Coverage & Consistency
Cloud / SaaS Enterprise / On-premMobile
4. Model-based
Governance
![Page 26: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/26.jpg)
Deep identity management and security expertise
Marquee list of referenceable customers
Strong partner ecosystem
Industry-leading innovation
Proven commitment to customers
WHY COMPANIES CHOOSE SAILPOINT
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
![Page 27: Identity is Everything · Identity & Access Under Attack Accounts, Passwords & Data are the Target Corporate IT & Data Assets Over Entitled Users •Accumulated privileges •Potential](https://reader034.fdocuments.net/reader034/viewer/2022051808/600ef0e8a1e1964d891e954d/html5/thumbnails/27.jpg)
Thank you
Doris ChanBusiness Development [email protected]
Raymond LaiBusiness Development [email protected]