Apply consistent governance
across your entire organization
Unified governance & connectivity.
SailPoint's identity Governance Platform lays the foundation for effective IAM within the enterprise. It establishes a single framework that centralizes identity data, captures business policy, models roles, and takes a risk-based, proactive approach to managing users and resources.
A unified governance platform allows organizations to apply consistent governance across compliance and provisioning processes, maximizing investment and eliminating the need to buy and integrate multiple products. And by including all resource connectors free as part of the Governance Platform, SailPoint facilitates management of all mission-critical resources in the enterprise – across datacenter and cloud environments.
The Identity Warehouse serves as the central repository for identity and access data across all enterprise apps in both datacenter and cloud. It transforms technical data into rich, business-relevant information that helps business users make informed and accurate access decisions.
- Provides a single view of users, accounts, and entitlements across all applications
- Correlates individual accounts and entitlements to create a multidimensional Identity Cube™, highlighting each individual and his/her associated access.
- Leverages out-of-the-box connectors or flat files to import data from any source, including user account and entitlement data from business apps, databases, platforms, SaaS apps, and other systems
- Translates technical entitlement and role data into business-friendly information by capturing valuable business context, including entitlement descriptions, that are used across IAM processes
Resource connectors speed loading of data into the Identity Warehouse and provisioning of changes to user accounts across target systems.
- Provides pre-packaged integration with enterprise applications, such as platforms, databases, directories, and business applications running in the datacenter or in the cloud
- Supports automated data aggregation of users, accounts, and entitlements from connected systems
- Automates provisioning of account and password changes
The IdentityIQ Policy Model establishes a strong governance framework through efficient definition, validation and enforcement of enterprise access policies. By leveraging a centralized policy store, enterprises can efficiently apply all types of access policies across compliance, provisioning and access management activities.
- Offers a common framework to define and implement compliance, access request, provisioning, and access management policies
- Streamlines definition and maintenance of policies across enterprise and cloud applications
- Allows policies to be reused across multiple organizational IAM processes
The Role Model makes it easy for organizations to align user access privileges with job function—providing a simpler approach for administering, requesting, reviewing, and fulfilling user access.
- Defines flexible role types that enforce "least privilege" access
- Discovers business and IT roles based on identity attributes and entitlements
- Provides automated role approvals, role certifications, role quality metrics and role analytics
- Uses "what-if" analysis to see impact of changes before they are implemented
IdentityIQ includes a configurable identity Risk Model which identifies areas of risk within the organization caused by users with inappropriate or excessive access privileges. It also enables organizations to strategically prioritize security and compliance activities to focus controls on the areas of highest risk.
- Leverages patent-pending algorithms to calculate and assign unique identity risk scores to users and systems
- Updates risk scores continuously based on changes to user access privileges and relevant compensating factors
- Enacts preventive controls across IAM processes when high-risk users or transactions are detected
SailPoint’s purpose built IAM Workflow Engine provides agile, repeatable business processes that lower deployment costs, minimize maintenance efforts, and simplify the end user experience. Uniquely, IdentityIQ leverages a data-driven process model that eliminates the need to hard-code forms and workflow. Instead, it dynamically generates business processes “on-the-fly,” based on data stored in the identity warehouse and governance models speeding deployment and reducing ongoing maintenance costs.
- Orchestrates the logical sequence of business process steps that support compliance and provisioning processes
- Offers a visual business process modeler to support the design of complex, multi-step workflow processes
- Leverages a unique data-driven model to orchestrate business processes and generation of end user forms