Identity is Everything

INCREASING CHALLENGES.

INCREASING COMPLEXITY.

Hybrid environments

spanning cloud, mobile,

and on-premises

Shadow IT and BYOD Regulatory pressures

Budget costs and

pressures

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

General

Directorate of

Population and

Citizenship

Affairs (Turkey)

50m records

Anthem80m records

Hacking Team400GB of records

Office of

Personnel

Management22m records

IRS

330k records

1670+ data loss events

770+ million records stolen

MORE

TARGETED

ATTACKS.

MORE DATA

THEFT.Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

EXPOSURE POINTS

HAVE EVOLVED

Executives and board

members are asking

“Why?”

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

The Human Attack Vector – A Growing Threat

43% of data breaches are caused by insiders (Infosecurity Magazine)

Employee

Contractor

Vendor

Partner

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

would sell their password to a 3rd party

share credentials with other co-workers1 in 3

purchased SaaS apps without IT’s knowledge

have access to company data & applications

after termination

33%

1 in 5

42%

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

Source: SailPoint 2016 Market Pulse Survey

SECURITY PARADIGMS ARE

SHIFTING FROM NETWORK-CENTRIC

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

TO USER-CENTRIC

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

$7.1 Billion

$4.8 Billion

2014Source: IDC

2018

48%increase

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

IAM is the #1 CISO spending

priority in the next 3-5 years,

driven by security risk

MAKING IAM A FAST- GROWING MARKET

DIFFERENCE

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

THE

40%International

Customers

500+customers

worldwide

Hundreds

of millions of access rights

under

management

Magic Quadrant Leader, Gartner 2016

95%Customer

Satisfaction &

Retention

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

THE RECOGNIZED

LEADER

SAILPOINT’S IDENTITY MANAGEMENT

Devices

On-Premises

Apps

Infrastructure

Directory

Cloud Apps

Web Apps

Structured

Data

Unstructured

Data

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

Governance-based

approach

First open IAM platform

Optimized for hybrid

environments

Extends to structured and

unstructured data

We pioneered

identity

governance

We introduced

comprehensive

cloud-based

IAM (IDaaS)

We extended

IAM

to manage

unstructured

data

We

revolutionized

provisioning

2005 2016

REDEFINING MARKETS WITH INNOVATION

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

The Customer Challenge we Address:

Identity Governance and Administration

Do you KNOWwho has access to what?

Is the Access APPROPRIATE?

What DATA is Being Accessed?

Can you PROVE it ?

Identity & Access Under Attack

Accounts, Passwords & Data are the Target

Corporate IT& Data Assets

Over Entitled Users

• Accumulated privileges

• Potential toxic combinations

Privileged Access• Users with “keys to kingdom”

• Poor visibility due to shared accounts

Rogue Accounts• Fake accounts created by criminals

• Undetected access and activity

Complex Data Access

• Complex effective access

• Unknown data classification

Crown Jewels Are at Increasing Risk

Credit Card Numbers

Intellectual Property

Health Records

Email

Financial Records

EmployeeRecords

What is DATA really worth ?

Name

PII

John Smith

HP2123GX…

Name PII

John Smith HP2123GX…= = Name PII

John Smith HP2123GX…Name

PII

John Smith

HP2123GX…

You haven’t solved the problem if you don’t protect all the information!

Bad Guys Want it, Insiders Have it…

…a PowerPoint SummaryFrom Reports to …

Sample Use Cases

Breach Avoidance and Recovery – Lock down sensitive

data, uncover weaknesses, and prevent leaks

Compliance – Covering PCI, HKMA, MAS, FSC, EU

Data Protection by exercising governance best practice

IP Protection – Cleaning up permissions and

provisioning data access

Mergers and Acquisitions – What did you buy? What information

are you sharing?

Year Loss (b$) Financial Services Company

2013 CEO

2013 Undisclosed

2013 2m Account

2012Intellectual

property

2010 2.00

2007 7.20

2001 0.70

Publically Known Security Breaches

Average cost of a security breach is $7.2M

Societe Generale Fraud

Stage 1: ‘Visibility’ of the Current State

Identity WarehouseSystem & ServiceAccounts

Privileged Accounts

Orphan Accounts

AccountClassification

Account &Entitlement

Data

Legacy Applications

Unstructured Content

Provisioning Systems

Cloud Services

Security Systems

Directories

HR Systems

Contractor Databases

External User Sources

AuthoritativeIdentity Data

Access Certification

ReportingAnalytics

Critical Remediation

Stage 2: ‘Planning’ the Desired State

Identity WarehouseSystem & ServiceAccounts

Privileged Accounts

Orphan Accounts

AccountClassification

Account &Entitlement

Data

Legacy Applications

Unstructured Content

Provisioning Systems

Cloud Services

Security Systems

Directories

HR Systems

Contractor Databases

External User Sources

AuthoritativeIdentity Data

Access Certification

ReportingAnalytics

Business Roles

IdentityRiskPolicy Model

Critical Remediation

Stage 3: ‘Managing’ the Changing State

Identity WarehouseSystem & ServiceAccounts

Privileged Accounts

Orphan Accounts

AccountClassification

Account &Entitlement

Data

Legacy Applications

Unstructured Content

Provisioning Systems

Cloud Services

Security Systems

Directories

HR Systems

Contractor Databases

External User Sources

AuthoritativeIdentity Data

Access Certification

ReportingAnalytics

Critical Remediation

Business Roles

IdentityRiskPolicy Model Lifecycle

Management

Single Sign-on

Enhanced Provisioning

IAM Best Practices

Core Tenants of Identity Governance & Administration

1. Integrated Approach

3. Shared Identity Context

2. User Experience

5.Risk Based Controls

6. Connectivity Approach

7. Coverage & Consistency

Cloud / SaaS Enterprise / On-premMobile

4. Model-based

Governance

Deep identity management and security expertise

Marquee list of referenceable customers

Strong partner ecosystem

Industry-leading innovation

Proven commitment to customers

WHY COMPANIES CHOOSE SAILPOINT

Copyright © SailPoint Technologies, Inc. 2016 All rights reserved.

Thank you

Doris ChanBusiness Development Managerdorisc@acw-group.com.hk

Raymond LaiBusiness Development Directorraymondl@acw-group.com.hk