Story image

SailPoint releases first identity annual report

14 Dec 2018

Enterprise identity governance provider Sailpoint Technologies has released the 2018 Identity Report, a benchmark for the industry.

In 2017, SailPoint launched a free assessment tool to help identify areas of exposure for companies, which automatically computed an “Identity Score” based on its results. 

After analysing hundreds of completed self-assessments and the correlating Identity Scores, SailPoint found that while the majority of organisations have an identity program in place, there is still much work to be done to address holes in their security programs. 

SailPoint corporate marketing vice president Kari Hanson says, “IT leaders are struggling to secure an increasingly complex IT environment, driven by the need to govern a diverse population of users, now including non-human users like software bots, as well as an explosion of both applications and data.”

“Our goal with the Identity Report, coupled with individual Identity Scores, is to provide IT leaders with a roadmap to systematically improve their security and compliance programs.”

In order to adapt to their own digital transformation, organisations are now starting to put access control front and centre in their security strategy to properly monitor who has access to what applications and data.

SailPoint’s Identity Report showed that 54% of organisations have an identity program in place.

However, SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.

Just 20% of organisations have visibility over all of their users, and seven percent have no visibility over their users at all.

Not only is this a compliance requirement for organisations today, but this puts IT teams in the impossible position of trying to secure what they cannot see.

Further, 88% of organisations are not properly governing access to data stored in files, including such common formats as Excel and PowerPoint.

In fact, only one in 10 organisations are monitoring and governing their users’ access to data in files. By leaving the corporate data stored in files and folders unmonitored and ungoverned, organisations are leaving a gaping hole in their security programs.

While the Identity Report exposes areas of risk, it also highlights an opportunity for most organisations.

Today, only 10% of organisations have fully automated identity processes in place, although many companies are working toward increased efficiencies.

For already-lean IT teams, an identity governance platform provides the visibility and control required to automate employee-driven processes like password management and access request.

This frees IT staff to focus on other risk areas and ensures employee productivity.

“The ultimate goal of any identity program is to efficiently deliver access to users, securely and confidently,” says Hanson.

“When enterprises are able to see, understand and govern their users’ access to all business applications and data, they are better protected against potential threats.

“This turns identity into a business enabler for organisations, helping them to properly secure and govern all of their digital identities at the speed of business today.”

 

Versent acquires AI specialist Contexti
Versent announced its acquisition of Sydney-based, actionable insights business, Contexti.
8x8 launches X series contact centre cloud solution in A/NZ
“With X Series, organisations throughout Australia and New Zealand can now integrate all of their employee communications and contact centre solutions on one cloud platform.”
Aerohive achieves ISO/IEC 27001 cloud platform certification
Aerohive is the first cloud-managed networking vendor recognized by a global standard for commitment to information security management systems.
Better data management: Whose job is it?
An Experian executive’s practical advice on how to structure data-management roles within a modern business environment.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
Platform9 and Intersect partner to bring unified cloud to A/NZ
“For Intersect, Platform9 represents the single most strategic solution to a set of challenges we see expanding across the board."
Gartner: AI to reduce project management workload
80% of the work performed project management teams will be taken over by AI by 2030, starting this year.