| Subcribe via RSS

SailPoint IIQ Security Best Practices

October 15th, 2012 | No Comments | Posted in IAM Development, IAM Engagement, IdM Engagement

Over the last several weeks I’ve been building out an entire Sailpoint IIQ development infrastructure on ESXi — every major version of Sailpoint IIQ since v5.2 on CentOS 6 (essentially RHEL 6), available over a number of major app server platforms for customer and development testing (eg. Tomcat, JBoss, perhaps WebLogic, etc.), including Windows Server 2K8 Active Directory, LDAP and other outlying systems. Today, as I considered the small data center I’ve been building out, I had “on-site flashbacks,” and I thought it would be a good time to talk about Sailpoint IIQ security best practices.

Easy To Forget!

We all get busy and it’s easy to forget — we’re supposed to be security professionals. A lot of you out there have a couple of forensics cases waiting in the wings, there’s that big virus scare Bob in Accounting let loose on the network on “Bring Your Son To Work Day” (yep, he plugged his son’s laptop into the network, didn’t he?! :-(), there’s the perimeter pen testing you and Jane are supposed to be doing on the 15 new apps destined this week for external rollout, there’s the latest audit report due (again!), and… oh yeah, there are these SailPoint consultants on-site the next two weeks helping you __________ your (new) IdM infrastructure, starting in dev (fill in the blank with “rollout”, “upgrade”, “assess”, “shakeout”, “test”, “customize”, or “all of the above” as it suits.)

As you may have noticed with barely concealed glee, Sailpoint IIQ is your new magnifying glass for IAG in the enterprise; it’s really good about going after the details at a minimum (based on RO connections to all your outlying systems), to say nothing of what you may be doing for certifications, reporting, provisioning and workflows — full LCM (if you’re on your way to IAG nirvana!) You’re going to nail non-compliance with this tool.

But what about the tool itself!? Have you stopped to consider the following best practices around secure Sailpoint IIQ deployment? It doesn’t do anything to fully amorize the front of the barn if other individuals in your enterprise can sneak in the back door!

What is your “threat footprint” for Sailpoint IIQ as “an enterprise application” itself?! (That’s the funny thing about Sailpoint IIQ — it audits apps, but it’s an app itself, when you think about it.) I’m not going to say a WORD about what I’ve seen anyone do. :-) Just make sure you are doing the following at some point when you’ve got Bob in Accounting up to sped on network policy and at least one of those audit reports done before your CISO has that meeting with HIS boss, the CEO. :-)
More »

Tags: , , , , , ,