Home Security SailPoint turning to AI to improve identity governance

SailPoint turning to AI to improve identity governance

Identity governance specialist is adding AI to its mix.

SailPoint's business is identity governance for on-premises and cloud systems, global vice-president for product management Paul Trulove (pictured) told iTWire.

The company sees identity and access management as being central to security, so SailPoint's platform is designed to work with other security products such as privileged account management and security information and event management (SIEM) products.

Identity management and privileged account management have traditionally been seen as two separate technologies, but much can be gained by "putting identity at the centre of enterprise security".

For example, CyberArk's Privileged Account Security Solution acts as a "vault", he explained, allowing users to check out privileged account credentials, watching what they do, and then checking the credentials back in.

What security teams want to do, he said, is control CyberArk from SailPoint in order to obtain full visibility of who did what. So SailPoint has provided APIs for this type of integration.

Integration with ITSM systems such as ServiceNow is also provided, allowing for situations where human intervention is needed to correct an issue.

The next step will be to start applying AI to identity governance. A forthcoming product called Identity AI will take historical access records and perform peer group analysis to initially look for unusual situations.

Trulove gave the example of an employee who had recently been promoted but still had the access rights associated with their previous role even though this was no longer appropriate.

It will subsequently look for behavioural outliers, such as an individual requesting access that no peer has previously sought. This will allow the automatic escalation of high-risk situations, while routine requests will be processed with or without human intervention as appropriate.

The AI will also be fed by other systems such as SIEM, allowing it to determine baselines and detect outliers. For example, 95% of accesses to a certain system might occur during normal business hours, so the security team would be alerted to a spike in weekend access. It might indicate inappropriate or malicious use of the system, or it could be something as innocent as the employee visiting a branch or customer in Tel Aviv, where Sunday is a normal working day.

Over time, the AI will learn about behaviours that are approved, allowing it to automatically mitigate those that aren't.

"It's really about risk mitigation and proactive responses," Trulove said.

SailPoint has had a presence in Australia since 2008. Local customers include leading life insurer TAL (more than 1800 identities under management), the top five banks (a combined 250,000 identities; SailPoint is generally coy about naming customers, but that clearly includes ANZ, CBA, NAB, Westpac and either Bendigo and Adelaide or Macquarie), and the "largest retailer" (200,000 identities; presumably Woolworths), two major energy companies, and four Commonwealth Government organisations.

There is increasing interest from higher education and other sectors that need to protect personal information, Trulove observed.

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.