Top Secret

We are looking to use Sailpoint's Access Certification product for access reviews across platforms, including mainframe.  Per our management, we will not installing any connectors from Sailpoint.  We know they can receive a flat file with user access info but what they showed us doesn't really lend itself to how whohas or cfile outputs display.  Thus my request via this community - to find out if there are any Top Secret customers using Sailpoint for Access Certification by using a flat file?

------------------------------
Thanks! 
Susan
------------------------------

Susan, a few years ago a largish bank hired me to work the Top-Secret side of a big RBAC project.  They contracted with Sailpoint to provide services for the same purpose, and I ended up working with the Sailpoint folks quite a lot at first.

The people were professional and dedicated, but it quickly became clear that (at the time) they did not really have a handle on the complexities of mainframe security.  I went over the CFILE format with them, and they were very willing to learn.  But I think they were unprepared and dismayed at the range of resource classes they would have to deal with.

As the project advanced I had less to do with Sailpoint and more with the bank's internal AD and TSS folks, so I don't know what sort of solution Sailpoint eventually provided.  My impression is that my client was satisfied with the outcome, and I would be pleased to learn that Sailpoint has a solid handle these days on TSS and the CFILE.  But I'm not optimistic.

I still have contacts at the client.  If you're interested in talking to them, I'll find out whether they're willing to share with you their experiences and their current thoughts on Sailpoint.
Original Message:
Sent: 03-05-2020 09:27 AM
From: Susan Zimmerman
Subject: Sailpoint Access Certification

We are looking to use Sailpoint's Access Certification product for access reviews across platforms, including mainframe.  Per our management, we will not installing any connectors from Sailpoint.  We know they can receive a flat file with user access info but what they showed us doesn't really lend itself to how whohas or cfile outputs display.  Thus my request via this community - to find out if there are any Top Secret customers using Sailpoint for Access Certification by using a flat file?

------------------------------
Thanks!
Susan
------------------------------

I've sent off a few emails, to see whether anyone over there is willing to opine.  If I get an affirmative, I won't want to post their contact info here; drop me a line at my Gmail address (robhbridges) and I'll let you know.
Original Message:
Sent: 03-05-2020 10:44 AM
From: Robert Bridges
Subject: Sailpoint Access Certification

Susan, a few years ago a largish bank hired me to work the Top-Secret side of a big RBAC project.  They contracted with Sailpoint to provide services for the same purpose, and I ended up working with the Sailpoint folks quite a lot at first.

The people were professional and dedicated, but it quickly became clear that (at the time) they did not really have a handle on the complexities of mainframe security.  I went over the CFILE format with them, and they were very willing to learn.  But I think they were unprepared and dismayed at the range of resource classes they would have to deal with.

As the project advanced I had less to do with Sailpoint and more with the bank's internal AD and TSS folks, so I don't know what sort of solution Sailpoint eventually provided.  My impression is that my client was satisfied with the outcome, and I would be pleased to learn that Sailpoint has a solid handle these days on TSS and the CFILE.  But I'm not optimistic.

I still have contacts at the client.  If you're interested in talking to them, I'll find out whether they're willing to share with you their experiences and their current thoughts on Sailpoint.
Original Message:
Sent: 03-05-2020 09:27 AM
From: Susan Zimmerman
Subject: Sailpoint Access Certification

We are looking to use Sailpoint's Access Certification product for access reviews across platforms, including mainframe.  Per our management, we will not installing any connectors from Sailpoint.  We know they can receive a flat file with user access info but what they showed us doesn't really lend itself to how whohas or cfile outputs display.  Thus my request via this community - to find out if there are any Top Secret customers using Sailpoint for Access Certification by using a flat file?

------------------------------
Thanks!
Susan
------------------------------