Introducing Identity Outlier Score, Contextual Insights and the Access Intelligence

anahilstad
SailPoint Employee
SailPoint Employee
1 0 425

The first week in October was an exciting one for SailPoint and our customers. We were delighted to announce availability of our newest Access Insights capabilities including the Identity Outlier Score, Contextual Insights and the Access Intelligence Center. The unveiling took place at our annual Navigate conference in Austin, TX. If you’ve missed the conference, we are offering our customers the sessions on demand. You will find more information on how to access the sessions in the resources section below.

Throughout the conference, we’ve had familiar conversations with customers, industry analysts and partners who maintain the notion that organizations continue to operate without comprehensive visibility and insights to their access data. Undoubtedly, this approach leads to a passive and reactive attempt at managing identity governance. Without actionable insights into their identity data, application owners and people managers rely solely on annual certification campaigns which manage access in retrospect. The more access given to users who don’t need it, the more exposed the organization is left to impending security breaches.

In April of 2022, SailPoint introduced a new capability within Access Insights which uses machine learning algorithms to analyze an organization’s identity access relationships and automatically flags identities for additional review by administrators if they are determined to be anomalous. We have labeled users with anomalous access as identity outliers.  By flagging identity outliers, our IdentityNow Access Insights customers can proactively spot potentially risky access at the time the anomaly is detected.

Introducing the Identity Outlier Score and Contextual Insights

Spotting anomalous access is only half the battle. Businesses need deeper insights to understand why someone’s access is different from their peers and deemed to be potentially risky. Our recent launch revealed the latest Access Insights capabilities which help our customers not only identify anomalies, but also proactively manage risky access.

The identity outlier score standardizes the measurement of access anomalies across all departments in an organization. Each identity outlier has an identity outlier score between zero and 100. The higher the number, the more likely it is this individual has potentially risky access. Contextual Insights provide additional information on how an identity outlier score was determined. Each score is calculated by six factors and the factor with the highest impact will be labeled as such.

 

Outlier Score 2.png

 

Integration with SaaS Workflows

In this new release, customers have the ability to set up workflows with three possible remediation actions which are automatically set off by a trigger called "Outlier Detected” in SaaS Workflows. Each remediation action is determined by the Identity Outlier Score range. Customers may use the default pre-sets for each of the remediation actions or may choose to define score ranges based on their own business needs and risk tolerance. 

The three remediation actions include:

  • A low score range which can automatically send an email to the identity outlier’s manager notifying them that their direct report is identified to have anomalous access and provides ways to remediate or ignore;
  • A medium score range which can trigger a mini certification, using contextual insights to help managers make informed decisions as they are investigating this anomalous access;
  • A high score range which can automatically disable access for the identity outlier.

The remediation actions are used as a feedback loop into the machine learning model, allowing the access recommendations and contextual insights to be continuously improved. Customers may use these insights to make policy changes within their identity program.

Identity Data at Your Fingertips with Dashboards and Reports

The Access Intelligence Center is a data visualization tool that enables internal auditors and identity program sponsors to view out-of-the-box dashboards and reports. With the ability to drill down into the details of their identity data, the dashboards provide customers with full visibility into the identity and access activities occurring across their organization.

Access Intelligence Center.png

 

By leveraging Sailpoint’s latest innovations in machine learning and automation, our customers have the tools necessary to proactively maintain a productive and protected workforce.

Frequently Asked Questions: Identity Outliers Score, Contextual Insights, Access Intelligence Center

  1. Are these features available in IdentityIQ?
    1. No.
  2. When is SailPoint releasing these new capabilities?
    1. These features are available today. If you are interested in having access to the new releases, contact your Customer Success Manager or your Professional Services team member.
  3. Will users be able to see which entitlements are causing an identity to be an outlier?
    1. Not at this time.
  4. Will new AI customers be able to use these new capabilities?
    1. All Identity Now Access Insights customers will have access to these features. Availability should be reviewed during implementation.
  5. Where do I go to access the Access Intelligence Center?
    1. You can find the Access Intelligence Center under the Dashboard menu located within the Admin tab of IdentityNow.
  6. How do I build my own custom dashboards in the Access Intelligence Center?
    1. Authoring will be enabled for customers sometime in early 2023.
  7. How do I provide feedback on these new features?
    1. If you have feedback, we would love to hear from you! Reach out to your Customer Success Manager and have them coordinate a call with our product team.

Additional Resources

Watch this video for a short demo of the new Access Insights capabilities.

Watch the Navigate 2022 AI-driven Identity Security sessions on demand. Link – Coming soon.

Register for our next customer webinar on December 1, 2022 to learn more about these new capabilities.