“Our mission is to transform identity management into a strategic enabler for businesses,” reveals Sanjeevi Kumar, Sales Lead, India, Saviynt

In an exclusive conversation with CXO News & APAC News Network, Sanjeevi Kumar, Sales Lead, India, Saviynt explains the dynamics of the Saviynt Identity Cloud and its impact on Indian enterprises.

What are the solutions and services currently in the Saviynt portfolio in India?

Saviynt’s entire product portfolio and support services are available in India. The Identity Cloud by Saviynt is the industry’s leading converged identity platform, providing a single solution for identity security. We have specific product lines within The Identity Cloud include Identity Governance and Administration (IGA), Privileged Access Management (PAM), Application Access Governance, and external identity governance and risk management for all identities across on-premises, multi-cloud, and hybrid environments.

Additionally, Saviynt offers a range of services to support implementations and compliance needs, an application exchange with hundreds of available connectors from Saviynt and our global partner community, and solutions exchange to help customers improve operational efficiency with solutions from local, regional, and global systems integrators. We also provide training and certification courses to help users maximize their investment.

Which are the key verticals where Saviynt is witnessing maximum traction currently in India?

Identity-based attacks are prevalent across all verticals, and unfortunately, the bad actors don’t discriminate. We have seen strong demand for our solutions from the manufacturing, healthcare, and ITS sectors. Identity-based attacks have emerged as the predominant cybersecurity threat facing organizations today. According to the 2023 Threat Hunting Report by CrowdStrike, there has been a significant increase in identity-based intrusions, particularly a 583% rise in Kerberoasting attacks, which target Microsoft Active Directory service accounts to obtain valid credentials. This trend underscores the critical need for robust identity protection measures.

We understand the demand for identity security controls in India. According to a report by the Identity Defined Security Alliance (IDSA), 84% of respondents said their organization had experienced an identity-related breach, with 78% citing a direct business impact as a result. With the risks of compromised identities at an all-time high, identity and access management has become a board-level priority for many companies. India is no exception, and we are seeing increased traction in sectors such as BFSI (Banking, Financial Services, and Insurance), IT/ITES, healthcare, and government.

With most enterprises today working in an extended ecosystem involving suppliers and partners, how does the Saviynt Identity Cloud ensure security in that environment?

Despite the widespread use of third-party contractors, vendors, seasonal workers, and agencies, most organizations don’t fully understand the scope of external security risks in their supply chain. About 60% of companies do not know how many external users they have.

Traditionally, third-party governance is managed manually by the department that owns the operational supplier relationship. However, the IT department and legacy IGA solutions are not designed to manage non-employees. Allowing outsiders into the network poses a significant risk, increasing the chances of unauthorized access to sensitive data or systems. Third parties, being beyond organizational control, can easily share their credentials (willingly or accidentally) with hackers, who can then gain entry into the system. Proper governance is essential to protect companies from potential breaches and maintain competitiveness. Therefore, third-party access governance is critical for network safety.

Saviynt’s external identity and risk management capabilities help secure organizational supply chains, partners, and other third-party relationships, such as contractors. Saviynt provides right-time, right-level external access to ensure external users have a seamless experience with access only to the information they need to complete their tasks. The Identity Cloud allows organizations to quickly onboard, provision, monitor, audit, and remove time-bound relationships with least-privileged access enforcement. Internal sponsors ensure every third party is onboarded consistently and reviewed regularly. The platform manages both human and non-human identities, regardless of location, and ensures continuous compliance with relevant regulations and frameworks.

What are the key pillars on which Saviynt’s GTM strategy rests in India? What are some of the key initiatives under this strategy?

At Saviynt, our mission is to transform identity management into a strategic enabler for businesses. We are dedicated to advancing cybersecurity through our innovative identity and governance solutions, whether the identities are human, machine, employee, or third-party, ensuring a seamless and highly secure experience for our customers. India is a strategic focus for us and to address the unique needs and opportunities of the market, we have implemented several strategic initiatives within our GTM strategy:

Market understanding and segmentation:

We recognize the growing demand for identity governance solutions in India, driven by the security and compliance needs of various industries. By identifying key sectors with high adoption potential, such as BFSI, healthcare, and IT/ITES, we segment the market based on industry verticals, company size, and compliance requirements. This targeted approach allows us to tailor our solutions to meet the specific needs of each segment effectively.

Compliance:

Ensuring compliance with local regulations, such as the Personal Data Protection Bill (PDPB) and other relevant IT and data security laws, is a significant focus for us. By helping customers across all industries adhere to these regulations, we position ourselves as a trusted partner for businesses concerned about regulatory compliance, thereby enhancing our market appeal.

Strategic partnerships:

We form strategic alliances with local system integrators, global IT service providers, and consulting firms that have an established presence and customer base in India. These partnerships facilitate the consulting, implementation, and support of our solutions. Additionally, we collaborate with other technology vendors to offer integrated solutions, further enhancing the value proposition of our identity governance offerings.

Robust distribution network:

Understanding local market dynamics is crucial. We have an established network of channel partners and resellers across India. This network ensures that our solutions are accessible to a broader audience, thereby driving growth and market penetration.

Customer education and support:

We offer extensive training programs and workshops to educate customers about the benefits and functionalities of identity governance solutions. This initiative helps drive adoption and ensures that customers can effectively utilize our solutions. Our robust customer support, backed by a local presence, enhances customer satisfaction and loyalty, fostering long-term relationships.

Regulatory and security assurance:

Our security measures and local data centers provide assurances about data sovereignty to our customers. Through our trust portal, we emphasize the robust security features of our solutions, addressing concerns about data breaches and cyber threats. Achieving relevant certifications and endorsements from recognized Indian and global bodies builds credibility and trust among potential customers.

Innovation and continuous improvement:

We are committed to continuous innovation and adaptation of our solutions to meet evolving customer needs and technological advancements. By establishing a robust feedback mechanism, we gather insights from customers and partners to continuously improve and tailor our offerings, ensuring we remain at the forefront of the identity governance market.

How is the Saviynt partner organization structured? What are the measurable parameters on which you track the success of the three outcomes of the partner program?

Saviynt’s consistent strong growth is powered by our partner network. The Saviynt partner organization is dedicated to building long-term, mutually beneficial partnerships through open communication, shared resources, joint problem-solving, and a commitment to each other’s success. Our partner program is designed to build strategic alignment and lay the foundation for future growth through enhanced incentives and intense customer focus. We segment partners into categories such as resellers, system integrators, managed service providers (MSPs), technology alliance partners, and distributors. We have a dedicated partner team that helps enable our regional and global partners, develop joint go-to-market programs, and support partner growth.

As a “partner-first” organization, we empower our partners by providing them with the tools, resources, and support they need to succeed. This includes training programs, access to technical expertise, marketing support, and sales enablement resources. Partners feel valued and supported in their journey to deliver value to customers.

We have a worldwide network of regional, national, and global solution integrators to help support customers. Based on an organization’s specific needs, Saviynt can recommend a partner or several partners to help deliver on the promise of The Identity Cloud if the customer doesn’t already have an integration partner. Saviynt also has technical alliances with key industry vendors such as Microsoft, AWS, Google, ServiceNow, Workday, and others.

To track the success of the partner program, we have defined measurable parameters aligned with growth, engagement, and satisfaction. We measure growth by revenue generated through partner channels, track new customers acquired and market expansion, and monitor the sales pipeline value and volume sourced by partners. For engagement, we assess the number of partners completing training and certification programs and evaluate the effectiveness of co-marketing campaigns through metrics such as leads generated and ROI. We also conduct regular surveys to gauge partner satisfaction using Net Promoter Score (NPS), measure support response times, and track partner retention and renewal rates. Regular performance reviews with partners help discuss progress, challenges, and opportunities for improvement, and feedback channels are established to continuously refine the program.

What are the best practices that you would recommend for an organization in its identity management journey?

Identity has evolved significantly in recent times, from being a compliance-focused discipline to becoming a crucial business enabler. Here are some of the best practices that I can recommend.

1. Assign ownership and accountability: Many identity management projects fail due to a lack of alignment, overly broad goals, and ill-defined metrics. It’s crucial to collaborate with different application owners and business unit managers to understand their business needs.

2. Right-size user roles: Effective role-based access control (RBAC) saves time and provides an efficient way to manage your user base.

3. Curate metrics to drive efficiency: It’s essential to have the right metrics in place that align with your strategic goals. Collaborate with business teams to define consistent, reasonable, and quantifiable metrics, leveraging their knowledge to ensure alignment and investment in success.

4. Make better decisions with risk-based context: Modern identity platforms can automate processes to evaluate contextual identity information such as roles, positions, and groups, and assess potential access risks. If the risk is within tolerable limits, access is granted for a set period and then automatically decommissioned. This approach drives smarter, safer decisions and frees up resources for higher-value projects.

5. Stick to the principle of least privilege: Users should have access only to the resources necessary to complete their jobs. This minimizes risk by limiting potential damage if a user’s credentials are compromised. Time-limited access through automated tools helps manage dynamic user roles and prevents lingering permissions.

6. Avoid building your program with point solutions: The identity landscape is continuously evolving, and the number of identities organizations need to manage is growing. Building a program with point solutions increases implementation and operational costs while complicating management, compliance, and reporting.

7. Identify a solution that can grow with you and future-proof your program: Many organizations don’t need a full-blown solution immediately. Find a platform that allows you to add and remove capabilities as needed, letting you build your program in manageable pieces and demonstrate incremental success. Converged platforms provide centralized management for all identity security capabilities, reducing capital and operational expenses.

What are going to be Saviynt’s key focus areas in the next 12-18 months?

Over the next 12-18 months, our key focus areas will revolve around leveraging AI and machine learning to transform identity security. By integrating these technologies, we aim to enhance the efficiency of identity management, reduce governance costs, and improve overall risk management.

We are investing in AI to achieve a 50% reduction in operational inefficiencies through our Recommendations Engine, which makes identity management more intelligent and efficient. Additionally, 60% of organizations are looking to simplify their identity governance workflows. To address this, we are focusing on creating a seamless user experience with Gen-AI technologies, making interactions with identity platforms more conversational and reducing the time needed for tasks like requesting and certifying access.

Cloud security remains a significant barrier for 59% of customers, so we are enhancing our cloud security investments with AWS, Azure, and GCP integrations to ensure robust security for our clients’ cloud environments. Our latest product announcements reflect these advancements.

Another critical focus area for us is helping companies achieve identity security in their digital transformation through adopting identity-first security practices. This approach emphasizes the importance of identity-centric controls to prevent, detect, respond to, and recover from security incidents. Strong reporting capabilities are essential here, as they help us understand and remediate any anomalous activities effectively.

The principles of Zero Trust and least privilege are also gaining traction. These models are crucial for managing and securing identities, especially in complex multi-cloud and hybrid environments. Managing access for third-, fourth-, and even nth-parties is becoming increasingly important to mitigate supply chain risks. Governance and compliance remain foundational pillars. We are enhancing governance strategies to cover all levels of third-party access, ensuring comprehensive identity management. Adhering to regulatory requirements and improving visibility and control over access is paramount.

Lastly, the impact of generative AI and advanced data science can’t be overstated. These technologies are poised to disrupt IAM by offering new user and administrative experiences, improving identity security, and boosting operational effectiveness.

Rajneesh De, APAC News Network