putting identity @ the center of security · mark oldroyd partner enablement manager, europe...
TRANSCRIPT
Mark Oldroyd
Partner Enablement Manager, Europe
SailPoint
Putting Identity @
the Center of
Security
Who am I?
Partner
Enablement
Manager
91%increase in targeted
attacks since 2013
89%believe they are now at
risk from insider threat
1 in 7employees will sell their
login credentials for $150
43%of data breaches are
caused by insiders
71%of staff have access to
data they should not see
90%of company data is held
in unstructured content
Identity Becomes the Primary Control
INVENTORY
& COMPLIANCE
Who
Has Access?
CERTIFICATION
& ANALYTICS
POLICY
& AUTOMATION
Who
Should Have
Access?
ROLES, POLICIES &
PROVISIONING
Who
Did Have
Access?
MONITORING
& AUDIT
ACTIVITY COLLECTION,
REVIEW & ALERTING
The nature of
is evolving from
Network centric to
IDENTITYcentric
SECURITY
Network Centric Security
Network Firewall
Network Centric Security
Network Firewall
Identity Centric Security
Network Identity
Crown Jewels Are at Increasing Risk
Credit Card Numbers
Intellectual Property
Health Records
Financial Records
EmployeeRecords
OPPORTUNITY SKILLS
INSIDER BREACH?
Only IDENTITY-CENTRIC
SECURITY can Address
Insider Threats
Identity-Centric Approach to Security
Devices
On-
Premises
Apps
Infrastructure
Directory
Cloud Apps
Web Apps
Structured
Data
Unstructured
Data
Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.
All Apps
All Data
The Ideal Approach: The “Business” of Identity
Certification
& Remediation
Change AutomationRole & Risk
Modeling
Dashboards,
Analytics, Reporting
Policy EnforcementAutomated Lifecycle
EventsSelf-Service
Business Process
Management
Application
Integration
Manual
Workflow
Identity-Driven
Business
Functions
Flexible Change
Fulfillment and
Data Collection
Mobile
Integration
Single Sign-on
Data Discovery &
Classification
Service Desk
Integration
Security
Integration
Unstructured
Data
Integration
Provisioning
Integration
MDMService
Management
Traditional IAM
ToolsAdminsOn-Prem
SaaS
PAM
GRC
SIEM
NAS/SAN/FS
Collaborative
Storage
Bespoke
Provisioning
Example: PAM Integration
Bulk Import Privileged Accounts
Account/Entitlement Provisioning
Policy Enforcement & Workflow
Unified GovernanceIdentity
Solution
Privileged
Account
Management
Solution
Broad Governance for All Accounts
Discovery
Provisioning
Access Certification
Access Requests
Deep Controls for Privileged Accounts
Continuous Monitoring
Session Control
Account Control
Credential Lock Down
Cloud / SaaS / Mobile
Enterprise / On-prem
Convenience Automation Controls
Structured
& Unstructured
Data & Access
Self-Service Automation Controls Governance
The Identity Platform
The Future?
Consumer
Simple ExperienceAdministrative
Flexibility Open Platform Vendor
Collaboration
Thank you
Questions?