ELIMINATE STANDING ACCESS

Eliminate standing access with high performance, context-aware policies.

More than 80% of organizations have suffered an identity-related breach in the last 12 months. How you prepare and react for that inevitability is what makes or breaks the severity of that event. SGNL makes eliminating standing access to avoid that potential nightmare simple.

“By 2026, 70% of identity-first security strategies will fail unless organizations adopt context-based access policies that are continuous and consistent.”

Gartner, Identity-First Security Maximizes Cybersecurity Effectiveness
By Rebecca Archambault, Felix Gaehtgens, James Hoover, Ant Allan, 7 December 2022

These graphs illustrate the differences between standing access and Zero Standing Privilege

In a Zero Standing Privilege environment like that shown in the chart with the discrete bars, access is blocked unless a policy evaluation explicitly allows it (i.e you can only access during work hours and not during weekends and off hours), leaving no privileged access for threat actors to exploit or misuse.

In this secondary graph representing standing access over time, some level of access is always available by utilizing the user’s credentials.

The total amount of access is very different across the two graphs with cumulative access being far less in the Zero Standing Privilege environment .

Advanced authorization designed for the enterprise

Performance

SGNL’s dynamic access platform is built with a microservices-based architecture, bringing the level of scalability, performance and reliability required by enterprise customers. Coupled with our enterprise identity graph we can provide API response times of under 100ms at the 95th percentile.

Whether deployed for 500 or 500,000 users or managing 10 policies or 10,000, the SGNL platform is designed to handle the operational scale of today’s enterprise.

Easy to use

SGNL’s innovative policy management system makes it simple to reuse policies across your systems. This approach allows the application owners to build and maintain policies in a simple, human readable format while allowing identity and security teams to establish global controls and policies.

Flexibility

The SGNL platform is offered in two formats:

  • A fully cloud-based, highly-available SaaS solution operating in multiple regions, or
  • An on-prem Kubernetes appliance that can be installed in your own datacenter or cloud VPC.

In either case the result is a reliable solution that you can depend on.

Systems of focus

Achieving Zero Standing Privilege is an ideal, but must be approached incrementally. So where should you start? We suggest focusing on:

Policy and application owners

Build and apply reusable human readable policies across multiple services. Version control policies and run them in simulation to ensure no business disruption.

Identity architects

Assemble the building blocks that can be leveraged to create policies. Gain an understanding of the sources of truth that the policies depend on.

Compliance and audit

Gather insights into access request denials and approvals. Integrate with your existing SIEM for log aggregation and reporting.

See SGNL Policies in Action

Get a demo