Introduction to SailPoint Technologies

Written By:
Content Copyright © 2023 Bloor. All Rights Reserved.
Also posted on: Bloor blogs

Introduction to SailPoint Technologies banner

SailPoint Technologies provides identity management solutions. Privately owned, SailPoint was founded in 2005 with its headquarters in Austin, Texas. The company has around three thousand customers in total, including global organisations like GE, Toyota, Sanofi and Allianz.

SailPoint Data Access Security focuses on managing access to unstructured data e.g. Excel files etc rather than the structured data stored in traditional databases and corporate applications. Around 80% of the data in a company is unstructured, according to various analysts. There is a challenge in how to manage access to this data across the lifecycle of an employee, from hiring and onboarding to them leaving or retiring, during which time they may have different roles, may work in different departments and physical buildings, and need access to quite different files, which themselves may move around. It is also important to understand what data is actually sensitive and what is not, and this may not be immediately apparent from a file name or its metadata. With a data breach costing $4.5 million on average, getting a handle on data access is clearly an important issue for any large organisation.

SailPoint has several products, all related to data identity and access. At its heart is an identity security platform that acts as a policy layer for all unstructured data. There is an initial process of exploration, where a catalog is made of corporate files and applications and who has access to them, creating a map of permissions and access. Certain data can be identified as sensitive and needing tighter control than others, and this may require searching for certain keywords within files. Once a map of files and locations (whether on-premise or cloud) and identities is established then a company can set up policies to manage this, including setting permissions access and monitoring actual usage and access to files, including the ability to report policy violations or abnormal usage of data e.g. if a person in marketing suddenly starts to access HR data then that can be flagged and reported for possible investigation. The software also identifies areas where there may be attention needed e.g. files with sensitive data without password protection or files that are simply not used in practice, and potentially could be archived. The software can be used to manage access over time, for example onboarding new employees, dealing with the access permission associated with departmental moves, or revoking access to leavers. The software can also produce reports that can demonstrate policy compliance to auditors, as well as having dashboards that allow a company to quickly see such things as policy exceptions or alerts for unusual activity.

SailPoint acts as a policy layer, so does not directly compete with security products that provide physical access, like Microsoft Azure Active Directory; indeed, it can be linked up to such products so that policy changes are reflected automatically in permissions at the file level. Instead, it competes directly with products such as Varonis. At the time of writing the company has almost two hundred connectors and integrations with other technologies. In the identity governance market, SailPoint competes to one degree or another with products from Oracle and IBM as well as specialist vendors such as Omada, One Identity and AlertEnterprise.

SailPoint has a data governance component but takes an identity-centric approach. One intriguing capability is a feature that monitors actual usage of data and from these patterns suggests candidates for data ownership. Users can vote on these candidates, the idea being to speed up the process of assigning data ownership and getting greater engagement. Of course, such recommendations can be overridden, but anything that can speed up the process of getting ownership of data embedded within an organisation is worth a look.

SailPoint are just releasing a software as a service, AWS-based SAAS data governance solution, which sits side by side with its on-premise tool that had a few hundred customers. A plausible future direction for the company would be to expand its scope to cover the management of structured data in addition to the unstructured data that it currently focuses on. Identity management and data access are an increasingly important area for companies, especially those in regulated industries. SailPoint has established itself as a market leader in its niche, and is well worth considering for any organisation that wishes to gain better control of its policies around data access and identity.