Separation of Duties Overview
Identity Security Cloud's Separation of Duties (SoD) service provides visibility into the access everyone in your organization has so you can easily track violations of your internal policies and see where your greatest risks lie.
Generate reports of violations for remediation and to maintain a clear view of your organization's access patterns, both as they are and as they should be.
Separation of Duties helps you:
- Provide an internal control to mitigate risk - Manage your exposure to hazards by correcting violations that surface.
- Gain visibility into where risk occurs - Leverage the breadth of your governance data to see your riskiest access and your riskiest combinations of access.
- Be aware of violations, but allow exceptions - Identify which violations need to be corrected and which can be allowed.
Configuring the Basics
-
Get started in Identity Security Cloud before you configure Separation of Duties.
-
Learn about the fields you can search on and the data they contain.
Constructing Policies
-
Create Separation of Duties policies to build lists of conflicting access. Identities in your org with access in one list aren't allowed to have access within the other list.
-
Use a search query to build a general policy that can uncover data problems so you can correct them.
Maintain Separation of Duties
-
Download a violation list to easily track and respond to violations.
-
Subscribe to a policy to receive email notifications about violations.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.