{"id":1688,"date":"2024-12-19T10:40:04","date_gmt":"2024-12-19T05:10:04","guid":{"rendered":"https:\/\/www.enhisecure.com\/isecureblog\/?p=1688"},"modified":"2024-12-19T12:26:07","modified_gmt":"2024-12-19T06:56:07","slug":"machine-identity-management-in-sailpoint-identity-security-cloud","status":"publish","type":"post","link":"https:\/\/www.enhisecure.com\/isecureblog\/2024\/12\/19\/machine-identity-management-in-sailpoint-identity-security-cloud\/","title":{"rendered":"Machine Identity Management in SailPoint Identity Security Cloud"},"content":{"rendered":"\n<h2 class=\"wp-block-heading has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-0901cb80037837cfd631bb733f09da39\">Introduction<\/h2>\n\n\n\n<p class=\"has-text-align-left\">The age of AI and automation is here. With organizations all around the globe leveraging Artificial Intelligence and Machine Learning, more and more tasks and processes previously done manually, are now being automated. This leads to the creation of several machine accounts dealing with Robotic Process Automation (RPA), privileged service accounts for authenticating requests from an external system, and the like. Consequently, organizations are spending more time and resources managing the access held by these non-human accounts in every application, which can often lead to complicated situations as there is no centralized view of the same.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-0703eaf1f7645d3ed3f7e1c9ca23028e\">Why Machine Identity Management?<\/h2>\n\n\n\n<p>As described above, organizations are automating mundane processes, and thus more machine accounts are being created. These accounts can be difficult to manage and govern in a standalone environment, considering the lack of ownership and effective ways to control and manage their access. The following are some statistical insights on machine accounts shared by <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a>: &#8211;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>83%<\/strong> organizations experienced at least one machine account takeover in the past year<\/li>\n\n\n\n<li><strong>72% <\/strong>Identity Security Professionals say <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/machine_identities.html\">machine identities<\/a> are more difficult to manage than <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/accounts\/identities.html\">human identities<\/a><\/li>\n\n\n\n<li><strong>68% <\/strong>Identity Security Professionals say <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/machine_identities.html\">machine identities<\/a> require more manual maintenance over <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/accounts\/identities.html\">human identities<\/a><\/li>\n\n\n\n<li><strong>69% <\/strong>organizations have at least twice as many <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/machine_identities.html\">machine identities<\/a> as they have <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/accounts\/identities.html\">human identities<\/a><\/li>\n<\/ul>\n\n\n\n<p>This gives a clear picture as to how AI, Automated Scripts and Robotic Processes are taking over the workplace, which signifies the difficulty as well as importance of <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/configuring_accounts.html\">managing these machine accounts<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-7bebb7ffab19a04439ced7babdf0186f\">The solution &#8211; SailPoint Machine Identity Security<\/h2>\n\n\n\n<p>This is where <a href=\"https:\/\/www.sailpoint.com\">SailPoint\u2019s<\/a> <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/index.html\">Machine Identity Security<\/a> jumps in. It offers a robust set of features to:-<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Discover any accurately configured machine account on any source<\/li>\n\n\n\n<li>Classify the accounts as machine accounts, by using an account attribute\/set of attributes (eg, in <a href=\"https:\/\/documentation.sailpoint.com\/connectors\/active_directory\/help\/integrating_active_directory\/intro.html\">Active Directory<\/a>, if there are machine accounts containing the word \u201cbot\u201d in their sAMAccountName, we can use this account attribute to classify these accounts as machine accounts in <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a>)<\/li>\n\n\n\n<li>Assign a human owner to a machine account. This identity will be responsible for reviewing the access held by the machine account in a <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/certs\/index.html\">certification campaign<\/a><\/li>\n\n\n\n<li>Correlate the machine accounts to <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/machine_identities.html\">machine identities<\/a><\/li>\n\n\n\n<li>Certify the machine account\u2019s access using <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/certs\/index.html\">Certification Campaigns<\/a><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"579\" data-id=\"1691\" src=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2024\/12\/Screenshot-2024-12-19-094445-1024x579.png\" alt=\"\" class=\"wp-image-1691\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2024\/12\/Screenshot-2024-12-19-094445-1024x579.png 1024w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2024\/12\/Screenshot-2024-12-19-094445-300x170.png 300w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2024\/12\/Screenshot-2024-12-19-094445-1536x868.png 1536w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2024\/12\/Screenshot-2024-12-19-094445.png 1918w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>The diagram above depicts <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a> <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/index.html\">Machine Identity Security<\/a>, which aggregates machine accounts from various applications such as <a href=\"https:\/\/documentation.sailpoint.com\/connectors\/active_directory\/help\/integrating_active_directory\/intro.html\">Active Directory<\/a>, SAP and <a href=\"https:\/\/documentation.sailpoint.com\/connectors\/webservices\/help\/\">Web Service<\/a> and manages them under a single platform i.e., <a href=\"https:\/\/www.sailpoint.com\/products\/identity-security-cloud\">Identity Security Cloud<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-cyan-blue-color has-text-color has-link-color wp-elements-de1c27ea7585be481e170c8efbc673fc\">Advantages<\/h2>\n\n\n\n<p>There are several advantages to using <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a> <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/index.html\">Machine Identity Security<\/a>: &#8211;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>It provides clear visibility and insights on all machine accounts across various applications.<\/li>\n\n\n\n<li>It provides tools to automate the management of machine accounts. This eliminates the need to maintain and manage these accounts and their access manually, such as on excel sheets.<\/li>\n\n\n\n<li>Human owners can be assigned to machine accounts, ensuring accountability, risk detection and mitigation.<\/li>\n\n\n\n<li>Access reviews via <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/certs\/index.html\">Certification Campaigns<\/a> help ensure that machine accounts follow the principle of Least Privileged Access Control.<\/li>\n<\/ul>\n\n\n\n<p><strong>Let&#8217;s have a close look at how <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a> <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/index.html\">Machine Identity Security<\/a> works in the following video: &#8211;<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"ENH iSecure: SailPoint IdentityNow Machine Identity Security - Presentation\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/7y9uw6yWzZc?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><strong>The following video is a deep dive demonstration of <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a> <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/index.html\">Machine Identity Security<\/a>: &#8211;<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"ENH iSecure: SailPoint IdentityNow Machine Identity Security - Demo\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/yQ7uZUywBAk?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>Hope this blog gave you some insights into how you can use <a href=\"https:\/\/www.sailpoint.com\">SailPoint<\/a> <a href=\"https:\/\/documentation.sailpoint.com\/saas\/help\/machine\/index.html\">Machine Identity Security<\/a> to effectively classify, manage and govern machine accounts from any source. Please share your thoughts and feedback in the comment box below.<\/p>\n\n\n\n<p>Please follow our socials to stay up to date with the latest technology content.<\/p>\n\n\n\n<p>Thank you!<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction The age of AI and automation is here. With organizations all around the globe leveraging Artificial Intelligence and Machine Learning, more and more tasks and processes previously done manually, are now being automated. This leads to the creation of several machine accounts dealing with Robotic Process Automation (RPA), privileged service accounts for authenticating requests [&hellip;]<\/p>\n","protected":false},"author":42,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,14,16],"tags":[236,127,62,112,235,237,11],"class_list":["post-1688","post","type-post","status-publish","format-standard","hentry","category-identity-governance","category-sailpoint","category-technology","tag-artificial-intelligence","tag-iam","tag-identity-governance","tag-identitynow","tag-identitysecuritycloud","tag-machineidentitymanagement","tag-sailpoint"],"_links":{"self":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/1688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/comments?post=1688"}],"version-history":[{"count":14,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/1688\/revisions"}],"predecessor-version":[{"id":1724,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/1688\/revisions\/1724"}],"wp:attachment":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/media?parent=1688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/categories?post=1688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/tags?post=1688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}