The integration of BeyondTrust’s Privileged Access Management Platform with SailPoint's Predictive Identity enables enterprises to successfully track, manage and secure all identities across their environment.
BeyondTrust’s Password Safe integrates with the SailPoint Predictive Identity Platform (IdentityIQ & IdentityNow), enabling organizations to effectively manage user access for both privileged and non-privileged accounts. IT organizations get full visibility into not only role assignments and user access but also all ongoing users and ongoing role changes. When changing roles, adding and removing access is provided to ensure the right person has the right access at all times to increase security and reduce risks.
The integrated solution combines BeyondTrust Password Safe’s strong controls for privileged accounts, including credential vaulting, credential rotation, session monitoring, session control and session record/playback, with SailPoint’s life cycle management of identity governance, including account and entitlement provisioning and deprovisioning, access request approvals and workflow, access certification and separation of duties policy enforcement.
In this handy infographic, we breakdown the benefits of combining Identity Governance with Privileged Access Management. By addressing the most common challenges organizations face, we look at the fundamental three questions a CISO needs to be able to answer, before providing the most effective and efficient way to automate processes, centralize management and reduce risk.
The System for Cross-domain Identity Management (SCIM) API built into the SailPoint IdentityIQ & IdetityNow PAM Modules allows privileged account vaults and associated entitlements to be visible and managed throughout the identity governance process.
This allows the automated provisioning of privileged accounts to new end users who require them based on their job function, group membership, or business role, and allows managers to recertify or remove privileged accounts on a periodic and/or event-driven basis.
Written by CISO & CTO of BeyondTrust, Morey Haber, and former CTO of SailPoint, Darran Rolls.
An identity can be attacked by the person owning the identity all the way down to the accounts and applications they execute. If it could not, there would be no purpose for this book! As an attack surface, we need to think beyond traditional ports, protocols, and services found in traditional IT security defense thinking. Identity attack vectors have a risk surface that is not only electronic but also physical and can be compromised using old-school paper communications, such as a letter from the postal service or social engineering using the plain old telephone system.