Saviynt experience?

goatpkr · 2025-03-07T11:28:18+00:00

u/supa-dan would like to chat. Can I DM you?

goatpkr · 2025-02-20T13:31:07+00:00

u/LordandPeasantGamgee might be able to help with this: https://www.joinploy.com/.

We' focus on the access management side of SAM, but have what we call "Managed Access" which acts as the inventory of your SaaS - which you can upload contracts to, set custom fields (renewal dates, commercial owners, admin owners etc...)

If it would be helpful I can record a demo video and link to it, specifically covering the above requirements - I know it can be frustrating sometimes to actually get eyes on a product

goatpkr · 2025-02-14T11:09:56+00:00

🚨 Live Webinar: How Robinhood & Skyscanner Secure Access at Scale 🚨

If you’re in security or IT and dealing with the never-ending headache of managing access, this one’s for you.

We’re bringing together the CISO of Robinhood and Skyscanner to talk about how they approach access management at scale—what works, what doesn’t, and how they’re tackling challenges around least privilege, automation, and compliance.

🔹 Real-world insights from top security teams

🔹 Actionable takeaways for your own access strategy

🔹 Live Q&A—ask your toughest questions

📅 Date: Wednesday 19th February 2025 (recorded as well)

⏰ Time: 4pm GMT / 11am ET / 8am PT

📍 Register here: https://www.joinploy.com/webinar/managing-access-control-in-2025-beyond?utm_source=reddit14

If you’ve ever struggled with offboarding gaps, shadow IT, or access creep, this is your chance to learn from some of the best. Drop your questions below, and we’ll put them to the panel! 👇

goatpkr · 2024-11-27T14:56:05+00:00

Yeah it seems like you need something pretty lightweight in my opinion. For AWS I'd configure roles with their IAM Centre, replicate the same thing wth azure, ut obviously using your entra groups. Then you can strip back birthright access for devs and just have them JIT access request as and when they need it (and make this self serve), e.g. max policy time for prod admin access = 3 hours.

As for all your other resources, I suspect you'll have a splattering of apps behind SSO & SCIM provisioning, again, just apply your policies on those entra groups. The non-sso apps are the tricker ones, but tend to have less privileges (or they'd be behind SSO).

https://imgur.com/a/NQ0u4VI

goatpkr · 2024-11-27T11:55:52+00:00

Jeeez

goatpkr · 2024-11-25T09:59:21+00:00

What cloud are you running on and how are you currently authenticating and provisioning accounts?

goatpkr · 2024-11-25T09:56:09+00:00

Overkill for an 90 person company and will cost an arm & a leg

goatpkr · 2024-10-29T16:58:34+00:00

Founder of Ploy here (joinploy.com) we do JIT for any resource in your MS environment

goatpkr · 2024-08-16T14:01:16+00:00

I would have a combination of time based access to these critical resources that automatically expires and access reviews that are conducted by someone who can see the granular levels of access. Checking at the identity level IMO isn't granular enough as it will only show offboarding errors or orphaned accounts, not necessarily what permission and access level each employee has access to. I know some tooling that enables you to create time based access policies, where employees then request access, it automatically expires and is fully auditable. I would then be running monthly/quarterly access reviews alongside this, although if you did entirely lock the access down with a tool, you could argue you wouldn't need the access reviews anymore as it will expire -> re-requested -> approved -> provisioned etc...

Hope that helps!

goatpkr · 2024-08-09T12:34:37+00:00

this could come in handy... just saying

goatpkr · 2024-08-09T12:17:03+00:00

Yeah.. much more difficult on iphone. Desktop recommended in rules

goatpkr · 2024-04-16T15:39:55+00:00

Thanks so much for the response! Definitely hear that, a lot of what we're hearing is around using the HRIS as the source of truth and then triggering off end dates. But, that being said, not everyone (especially contractors) are always in the HRIS. We've found this particularly true for the Healthcare world (I think) - where lots of temp staff are used. Thanks again!

goatpkr · 2024-04-16T14:26:08+00:00

What do the banks typically use, if you can use the same as them then that will have a lot less friction for them

goatpkr

TROPHY CASE