Getting Started in Identity Security Cloud

Welcome to SailPoint!

To get the most out of SailPoint's SaaS offerings, review the following information about setting up your site for the first time.

Note

Identity Security Cloud is SailPoint’s next-generation identity security solution. It encompasses and builds on features and functions from IdentityNow. The product documentation covers both Identity Security Cloud and IdentityNow features.

Add Initial Administrators

Before you can begin setting up your site, you'll need one or more emergency access administrators.

• Updating Emergency Access Administrators

  Emergency access administrators can sign in to your site even if your connectivity is interrupted, which allows them to make changes and troubleshoot your site to get it working again. When you're first given access to your new tenant, SailPoint has already created one of these administrators for you, which you'll use to sign in and add more admins.

Loading Data

Identity Security Cloud manages your identity and access data, but that data comes from sources. You can connect those sources to Identity Security Cloud and link together accounts that belong to the same person in the form of an identity.

• Create Virtual Appliances

  If you want to directly connect to any of your sources to load account data, you'll need a virtual appliance (VA). Virtual appliances allow you to connect your tenant to your sources without compromising your firewall.

Creating Identities

An identity serves as a way to store all of a user's account and access data in a single place.

• Create Initial Sources

  Many organizations have a few sources that, together, have records for every user in the organization. These might be HR or directory sources, and they should be created first so that their data is considered the highest priority. You can create other sources later.

  Review our supported sources so you can choose the best sources for your environment.

• Create Identity Profiles

  Creating an identity profile turns a source into an authoritative source. It also means that any accounts aggregated from this source become identities, and any other accounts aggregated for those users can be associated with their identities.

• Load Initial Accounts

  Load accounts from those sources. This is also known as an aggregation.

Loading Other Account and Access Data

Once you've created the identities for your organization, you can add information about their other accounts and access.

• Create Additional Sources

  Configure connections to the rest of the sources in your environment and load accounts from those sources.

• Correlate Accounts to Identities

  Each account you aggregate can be associated with one of the identities you created earlier, so all of their accounts and access can be viewed in one place.

• Load Entitlement Data

  Aggregate the access data from each of your sources so that those entitlements can be managed.

Configure Security Settings

You'll want to make sure that every time an identity in your site signs in, they're the right person and they're allowed to do so. You can configure any or all of the following measures to help keep your site safer:

• Set Up Strong Authentication

  Strong authentication, sometimes called multifactor authentication, requires users to prove their identity before they can change their password.

• Configure Network and Location Settings

  You can block or allow users who are signing in from specific locations or from outside of your network.

• Configure Lockout Settings

  Decide how many times a user can enter an incorrect password before they're locked out of the system.

• Configure Session Lengths

  Decide how long a user can stay signed in to your tenant without reauthenticating, and how long they can be idle before they're signed out.

Configuring SailPoint’s Cloud Services

Now that the framework of your site has been set up, review the documentation about each cloud service you've subscribed to for more information about configuring each feature.

• Access Request
• Certifications
• Password Management
• Separation of Duties

You can track the status of Identity Security Cloud and its services at status.sailpoint.com.

You can also review the documentation for some of SailPoint's other products that can be integrated with Identity Security Cloud.

• Access Risk Management
• Cloud Access Management
• AI-Driven Identity Security
• SaaS Management

Inviting Users

Finally, if you've decided that your users should have access to your site to review certifications, manage their passwords, or complete other tasks, you can invite them to Identity Security Cloud.

After you've completed your initial setup, you're ready to dive into the more detailed aspects of managing identities and governing their access.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.