And that’s what we have just unveiled during our Navigate event in Austin this week. Our vision. Our stake in the ground. Our near and longer-term plan for how we’ll not only evolve, but how we’ll fundamentally disrupt this market. A disruption that will serve our customers’ needs best, not simply respond to the moves of our competitors. We want to ensure that our enterprise customers go down the right path, not the noisy, misdirected paths they’re being offered by those who would attempt to provide lightweight short-cuts or converged offerings that don’t set them up for long-term success. 

The path forward for the modern enterprise 

We believe there’s a very clear path forward for the modern enterprise – one that suits their complex, sophisticated needs but in a lean, autonomous and integrated way. That path forward, in our view, looks like this:  

It has to cover the entire landscape of WHO in the “who has access to what” equation. That means secure oversight over every type of enterprise identity. Long gone are the days of focusing solely on employees, often referred to as workforce identities – the definition of an enterprise identity has far surpassed that.  We’ve not only expanded to cover contractors and value chain partners with our recent addition of Non-employee Risk Management, but we’re investing heavily to ensure we can help enterprises secure the exploding arena of software bots, robotic processes, intelligent devices, and many other technologies. 

It has to cover the entire landscape of the “WHAT” in “who has access to what.” That means every type and location of technology AND data. It is mission critical that companies extend their policies and controls to all types of data so that they’re protecting all access from a centralized control point. This is where our new SailPoint Data Access Security solution is critical to extending your identity security program so that all of your access points to unstructured data are tightly controlled and managed in a holistic way using the same identity security system that controls application access.   

It has to address “privilege” as a concept, but not necessarily the way it’s been done before. Over the last 25 years, privileged access evolved as a specialized, independent discipline. But we believe it should be an extension of how you manage and control risk within the context of your identity ecosystem. Put another way, we see privileged access as just another aspect of access; it should be treated holistically in how you manage each identity’s access. Treating privilege as its own “thing” creates silos and may open up hidden or overlooked risk. It’s about ensuring you understand and manage risk across the entire spectrum of access needed, based on intelligence, through a unified control point around each identity.  

It has to be fueled by automation and machine learning. It’s clear that keeping pace with the rate of change happening across today’s modern enterprise has far surpassed human capacity. Consider AI as the enabling technology that acts as the accelerant – streamlining identity security decisions and processes so that you don’t have to rely so heavily on human intervention.  

And finally, it has to be unified. If you went back 20 years in a time machine and could map out the evolution of the identity landscape, you’d probably do it quite differently from what has actually unfolded. Who would ever think the following was the “right” way to do it?  “Our end users should go one place for normal account access. But admins should go somewhere else for privileged access. And let’s manage employees differently from how we manage contractors and manage cloud-based accounts differently from SaaS systems, which is also differently than how we manage access to our legacy applications.” It makes no sense. But we believe there’s a better way. That better way is our new SailPoint Atlas platform–a platform designed to unify this ecosystem. Whether the systems are on-prem or cloud; the accounts are privileged or non-privileged; the data is in an app in a data center or in the cloud, in a data lake, or in a document in MS SharePoint, SailPoint Atlas gives you a unified way to manage it all. One set of workflows for automation, one set of policies for control, a unified connectivity fabric, consistent APIs, and a unified data plane to make sense of it all.  

The next generation of identity security: autonomous, intelligent, extensible 

In summary, the next generation of identity security is not about the popular idea of convergence but of unification. The next generation of identity security is about an integrated, comprehensive solution. One that is simple to use and operate, yet robust enough for the complexities of the enterprise. Built with one set of unified policies for control. Addressing every type of enterprise identity, every type and location of data, while managing risk across the spectrum. And most importantly, built on a unified platform: SailPoint Atlas.  

As always, we find ourselves at a very exciting time in the trajectory of this market. We believe strongly that this unified approach is THE approach to address the complexities of the global enterprise identity challenge. Our mission, through this unified, next-gen approach is to enable each of you who work as an identity professional in your enterprise to effortlessly manage and secure your identities – at any speed, at any scale. Freeing you up to accelerate your business in unimaginable ways, with the power of identity at the core.  

The post The power of unified identity security appeared first on SailPoint.

Today is one step forward in that direction with our acquisition of SecZetta. By bringing their technology onto our market-leading identity security platform, we’re once again delivering the most comprehensive approach to identity that our customers expect (and critically need) from us as they address emerging and evolving areas of identity-related risk across their business.   

Taking a step back – why SecZetta? Well, nearly half of today’s enterprises are made up of non-employees (contractors, partners, consultants, bots – you name it). To date, this has been an underserved identity population, and many organizations have not factored this growing group of identities into their approach to identity security. With SecZetta, we can move fast to address the needs of non-employee lifecycle management, accelerating our time-to-market and ability to readily solve our customers’ needs as they evolve. This announcement underscores our relentless focus on better serving our customers by consistently advancing our identity security platform that discovers, manages and secures all identities across the modern enterprise.

Once SecZetta’s solutions are fully integrated into SailPoint’s Identity Security Cloud with our advanced AI capabilities, SailPoint will deliver a unified platform to customers – providing context-rich identity information with the right level of intelligence needed to answer the “who should have access to what”, “when” and “why” questions for all identities and their technological access needs, regardless of whether they are an employee or not.

I’m proud of the rapid growth we’ve experienced over the past few years as more enterprises recognize just how business essential identity security – and SailPoint – has become to enterprise security overall. Considering nearly all cybersecurity incidents today stem from a breached identity at the root, no organization can afford to look at identity security as a “luxury buy” – it’s a “must-buy”. That’s been acknowledged and validated by the strength of our business, and the conviction Thoma Bravo has in our success over the next few years together.  

My confidence in SailPoint’s potential and what we are building has never been stronger. This is just the beginning!

Read the press release for more information on our recent acquisition of SecZetta.

The post Delivering a comprehensive approach to identity security appeared first on SailPoint.

The impact of this change is significant: We are now in a position to accelerate innovation across our business, enabling us to more effectively address the rapidly evolving needs of enterprise customers for identity security.  SailPoint’s solution sits at the very core of securing the modern enterprise today, and our mission in the months and years ahead is daunting but achievable: To become the de facto identity platform of choice for the modern enterprise.  

The flexibility and agility that the private markets provide will help us achieve this mission faster. We already have extensive domain knowledge and identity security depth. We have a strong vision for the next generation of enterprise-grade identity security. We bring high energy and deep passion to solving some very complex identity security challenges for our customers, working with them to achieve their success. When paired with the positive changes that come with Thoma Bravo’s expertise and additional resources, these elements position SailPoint at the core of identity security for enterprise customers around the globe.     

That said, there are a lot of things that make SailPoint special, and that won’t change: our core values will remain a constant, continuing to guide us at every turn of this new chapter. Leading with integrity and innovation, our team of individuals works together to make an impact every single day – this is SailPoint at our roots. With these values as our guide, we are laser-focused on delivering business essential identity security solutions to the most complex and prominent organizations in the world.  

Let me be the first to welcome you into this next chapter for SailPoint. We are identity security innovators and guardians, ready to embrace this transformative and powerful change to the benefit of every single one of our current and future customers worldwide.  

The post The Next Chapter  appeared first on SailPoint.

Early in my life, I was introduced to a list of characteristics that were penned by the ancient Saint Paul, a first-century contemporary and follower of Jesus. It always fascinated me that this list—Love, Joy, Peace, Patience, Kindness, Goodness, Faithfulness, Gentleness, and Self-Control—ended with the phrase “against such things there is no law.” As I got older, it occurred to me that we have a bunch of rules in our society against a lot of things, so I figured this list might be worth revisiting to see if, in fact, it was true that these things were universally admirable. In short, I think Paul was right. And further, I believe these traits not only serve us well in life but also at work.

With my big 6-0 birthday looming this spring, I have found myself reflecting on many “big” topics about Life & Work—and what I’ve learned that might be useful to folks earlier along in their journey. So, I decided it might be helpful to some of you to share my musings in a series of posts, using these attributes from Saint Paul as my base.

I’ll start with the first: Love. (In other words, I thought I would start with something “easy” …or at least as “easy” as Love can be in Life & Work!). Love, which is most often viewed as an emotion, is usually accepted as the idea of a strong affection/attachment for something/someone. However, if you stop and think about it a little bit more deeply, it often involves not just emotion, but the idea of some willing, active level of sacrifice for the good of the object of Love.

There are myriad examples. Not only have people been known to give their very lives for Love of country or spouse or friend; they also routinely go out of their way to provide care for a pet, drive a bit further for their favorite pizza, or travel out of town at great expense to see their favorite team play a game. So, our Love of something not only captures our emotions but also routinely affects our will, leading us to sacrifice at one level or another, big and small.

But before I digress too far down this philosophical path, let’s return to the idea of applying these thoughts at work. At one level, it seems straightforward: those who are happiest with a job or career generally “Love” their work. And, it isn’t easy to Love your work if you don’t at least enjoy your colleagues to a large degree (although I’ve certainly met people who managed to like their work and barely tolerate their co-workers!). But again, thinking a bit deeper, it seems that the idea of a “healthy” Love for work and colleagues comes right back to the ideas of affection (emotion) and sacrifice (will).  

Love, while often requiring us to give of ourselves, seems to be at the core of everything we consider good and noble. We celebrate the Love we have for our families and friends, our pets, and our teams and rarely hesitate to sacrifice for their good. But to apply this in a Monday-Friday sense, I believe that work itself can, and should, be good and noble.

For those struggling to make their next career move or get their career off the ground, I want to offer this piece of advice: If you want to enjoy your work truly, find a field and career that you care about a great deal – work you love. Because once you’re in it, it may “cost you” at times. You’ll very likely find yourself demonstrating “Love” in the workplace by sacrificing occasionally to prove that you really care about your customers, partners, and colleagues. 

In our company, I hope to routinely demonstrate my Love for my work and my colleagues by not only expressing my affection and admiration for them as people, but also by sacrificing some of my time and energy for the good of the company and my teammates. When I do, I experience a much greater level of fulfillment, making me the kind of fellow worker people want on their teams. I’m fortunate to see this all day, every day, with my friends and colleagues at SailPoint. They Love their work, and they Love each other. It’s a great place to spend the bulk of my waking hours during the week.

In summary, my counsel is simple: Love your work. Love your colleagues. Enjoy them, and tell them how much you appreciate them. Regularly. When the situation warrants (and it often does), sacrifice to make them and the work you do together better. When all has been said and done, it’s just a better way to live at work.

The post Thoughts on Life & Work: Love appeared first on SailPoint.

This desire to lead by example has been important over the last year or so while the world around us was anything but predictable.  A few examples:

• If I wanted my team to show themselves some grace during the work week, I needed to show them the way. This is one of the reasons we introduced “Free2Focus,” a practice that Abby Payne and her team conceived and rolled out across the business last year. Twice-per-week, the SailPoint Crew is asked to avoid booking meetings for a couple of hours. Not only does this attempt to address Zoom fatigue, but also gives our crew the chance to catch their breath in whatever way suits them best, whether that’s taking a walk, helping with their children’s schooling, or just turning off the camera for a bit.
• Similarly, one of my biggest goals during the pandemic was to make sure our crew stayed connected and team-oriented.  This was pretty challenging as the old methods of hallway chatter, in-person “meet and greets” and happy hours weren’t possible. I made a focused effort to be visible as a leader – joining team meetings on Zoom, engaging in Slack in the various channels we created specifically for connecting and lifting one another up (SAILon, for example), hosting “View from Mark” video snippets to let crew members know what was going on around the company, and finally, scheduling specific times to simply reach out to folks for a chat.   
• And finally, showing intention with how I, as a business leader, and we, as a company, support and step up to make progress together towards social justice and racial inequality.  In addition to our own internal efforts around diversity, inclusion and belonging, we also partnered with the National Urban League and Notley Tide by signing an open letter as part of Austin’s technology community. And most recently, I am proud to announce that I have formally joined over 2000 organizations by committing to the  CEO Action for Diversity & Inclusion program.

On this last point, leading by example is hugely important to me. And while much of this falls into the camp of the “SailPoint Way” – we appreciate and embrace our people, every single person matters – I personally feel very strongly about this one. It’s only when we open the door for our people to be their true, authentic selves, that we get the full benefit of what each individual brings to the table. And that’s what makes the SailPoint Crew so incredibly special – it is full of talented, smart, humble and hungry people who bring a genuine desire to leave a mark, make an impact, and enact change. And that is most certainly not something that happens overnight, nor does it happen without leaders who walk the walk, leading by example every step of the way.

The post Leading by Example: The Trickle-Down Effect appeared first on SailPoint.

A changing perimeter

Today’s business is surrounded by a perimeter, but that perimeter is no longer the traditional network security “moat” that keeps the adversaries out. Today’s perimeter is all about identity. These identities comprise everything from full or part-time employees, to contractors, business partners or even software bots today. And with each one, comes hundreds, if not thousands of different points of access as these workers connect to the systems, tools and cloud resources needed to do their job. Every identity and every connection point becomes a point of risk if not properly secured.

This is the identity thread that some organizations have missed –until recently. If you are simply opening the door to enable your workforce without also wrapping the right security controls around every single one of your identity access points, you’ve just opened your business to a significant level of potential risk.

For many, there’s been an assumption that by enabling your workforce, connecting them to the technology they need to do their job with strong authentication, like MFA, that you’re safe. But to truly secure your perimeter – your workforce – you need to balance the enabling of your people with securing their access to technology. This requires taking it a few steps further beyond simply granting access.

The Identity Security Inflection Point

Let’s play out what could happen if an organization went down the enablement path, where the company only focuses on the granting of access.

Say a typical employee requires access to upwards of, in some cases, hundreds of applications, data and business resources to do to their job. This includes both the more traditional software-based applications and the influx of SaaS apps most companies now have to manage.

Just because a worker requests access to certain files, systems and applications, doesn’t mean they should just get it based on a cursory approval. In fact, it begs a slew of very important questions:

• Who is this worker requesting access and what is their role in the business?
• Should they have access?
• What should they be able to do with their access?
• How long will they need that access?
• What if their role changes, should their access privileges also change, be refined, or even removed?

And those are just the most basic questions on the list.

The problem is – if you’re simply granting access without having the ability to easily and quickly address each of these questions (and more), you’ve just opened your business to a flood of potential exposure.

But truly, all it takes is one.

One compromised worker.

One point of access that has been compromised.

One point of exposure.

That’s all it takes for an adversary to breach today’s modern enterprise.

A false sense of security

You see, granting access in the name of keeping the business moving forward without taking into account if/how/why your workforce has the access they have, is a fatal flaw for organizations today. You don’t want to travel that road alone.

In fact, we believe that enablement without control introduces a false sense of security.

You’ve allowed all of these workers into the proverbial building, but without a layer of identity security controls in place to ensure that access is necessary, that it falls in line with security policy and is relevant to that worker’s job and role, you’re exposed. And you might not even realize it until it’s too late. 

It’s time to rethink the notion that the granting of access is enough. It’s really only just the beginning. To truly secure the modern enterprise, we have to move beyond that false sense of security and truly secure every identity and every access point. The only way to achieve “full security” is by ensuring that every worker and every point of access they have is protected with identity security. That’s the secure path forward.

The post False Sense of Security appeared first on SailPoint.