LEADERSHIP SHOWCASE

30 access to data when a stakeholder joins an organization or moves departments , and the rescinding of this when it ’ s no longer needed . “ People now , not just employees but contractors and business partners who can look a lot like employees , they ’ re certainly insiders who can access your systems and data .

“ Today , the interesting challenge is around non-human identities ,” he adds . “ These are software bots or robotic processes where software is effectively imitating the behavior of people , in AI and other applications . Today , it ’ s not uncommon for a loan to be processed initially by software bots that categorize and evaluate , and then go to humans for the next step … The same things we worry about with people and their access now also apply to non-humans .”

In 2004 , when SailPoint was being conceived , joiner / mover / leaver and the associated issues were top of mind : namely , process management and identity . “ That was the emerging challenge of compliance and governance ,” says McClain .

Following the Sarbanes-Oxley act of

— Mark McClain , CEO , SailPoint

the early 2000s , data access became an increasing concern – and today we are familiar with the same issues due to the EU ’ s GDPR . “ People got nervous that the wrong people had access to data and could tamper with it – so the beginnings or governance and compliance in the industry were around making sure the right people had access to the right information .”

In McClain ’ s view , the industry evolved the wrong way around , automating before looking at security elements . SailPoint , however , decided to remedy this by looking at how well a client ’ s current state matches its desired state in terms of cybersecurity .

OCTOBER 2018