SailPoint IdentityIQ
SailPoint IdentityIQ
Sailpoint IdentityIQ is an intelligent identity platform for enterprise customers, and it delivers a wide variety of IAM processes.
Sailpoint IIQ
strengthen security protocols and minimize risks like unauthorised access.
improve compliance and audit performance
Deliver fast and efficient access
Automations like password management and account unlocking reduce operational cost
The primary source of employee information for your enterprise, such as a Human Resources application.
A non-authoritative source may contain some accurate information about identities but is not considered the system of record for information about the identity itself.
In SailPoint, an Identity Cube is a virtual representation of an identity that encompasses all the data and attributes associated with that identity. An Identity cube contains identity data, such as identity attributes, accounts, and entitlements.
Property of an identity, object, account, entitlement, application, etc.
For example: username, job titles, and department.
Type of access or permissions a user has in an application.
Users can request access to resources or applications through SailPoint's self-service access request feature. These requests go through an approval process and are provisioned accordingly.
On-boarding of data from applications, directories, and databases.
Ensures the right data gets mapped to the right identity.
Correlation rules are used to map the right data to the right identity.
Regular aggregation and correlation is the key to keeping identities up-to-date.
Connectors in SailPoint are used to establish connections to various data sources and applications, such as Active Directory, LDAP directories, databases, and cloud services. These connectors facilitate data synchronization and access management.
Workflows in SailPoint are used to automate and streamline identity management processes, such as onboarding, offboarding, and access requests. Workflows define the sequence of actions to be taken when managing an identity.
SailPoint supports role-based access control, a method of managing access permissions based on a user's role or job function within an organization.
This refers to the entire journey of an identity within an organization, from the point of onboarding to offboarding or termination. SailPoint helps manage this lifecycle to ensure that users have the appropriate access at each stage.
Lifecycle events are activities that happen during the normal course of a person's employment.
Lifecycle events are joiners, movers, and leavers.
Joiners - new people joining the company
Movers - changes in the company like promotions
Leavers - people who are exiting the company
Lifecycle events trigger a response in SailPoint IdentityIQ.
Birthright Access is a term that refers to the concept of granting certain baseline or default access rights and entitlements to users when they are initially provisioned in an organization's systems. It's a common practice to provide users with a set of essential access privileges as part of their onboarding process. These access rights are typically necessary for employees to perform their core job functions. Birthright access ensures that users have the minimum necessary access to start working effectively from day one.
In SailPoint IdentityIQ (IIQ), a connector is a software component that serves as an interface between the SailPoint platform and external systems, applications, directories, databases, or services. Connectors are essential for integrating SailPoint IIQ with various target systems and data sources, allowing the platform to perform identity and access management functions, such as user provisioning, de-provisioning, synchronization, and access certification, across a diverse range of environments.
SailPoint provides the capability to conduct access certification campaigns, which involve reviewing and verifying that users have the correct access permissions. Unwanted access can be revoked. This is an important step in ensuring compliance and security. Access certification is a periodic review process.
Users can request access to resources or applications through SailPoint's self-service access request feature. These requests go through an approval process and are provisioned accordingly.
Automated provisioning in SailPoint IdentityIQ (IIQ) is a key feature that enables organizations to automate the process of granting and managing user access to various systems, applications, and resources.
Password management in SailPoint, as part of its IdentityIQ (IIQ) platform, encompasses features and policies that ensure the security and integrity of user passwords within an organization. It allows organizations to define and enforce password policies, implement self-service password resets, synchronize passwords across systems, and provide single sign-on (SSO) capabilities. SailPoint supports multi-factor authentication (MFA), password expiration notifications, and password reset workflows while also maintaining a history of previous passwords to prevent reuse. It offers features like password vault integration for privileged accounts and password policy violation detection. Audit and reporting capabilities are available to track and document password-related activities for compliance and security audits. Password management in SailPoint enhances security, improves user experience, and promotes password policy compliance.
Policy management in SailPoint refers to the creation, enforcement, and monitoring of access and identity management policies within an organization's SailPoint IdentityIQ (IIQ) implementation. These policies are a fundamental part of identity and access governance, helping to ensure that users have the appropriate levels of access and adhere to security, compliance, and business rules.
Advanced analytics is a search mechanism that enables specific queries on data stored in IIQ.
IdentityIQ includes an extensive list of standard reports that can be used for data analysis and verification.