SailPoint IdentityIQ Documentation 8.2 Upgrade

SailPoint IdentityIQ 8.2 was recently released so here’s documentation of some items of interest:

SailPoint IdentityIQ Documentation Point 1: PAM Container Management & Multi Environment Support

The PAM Module in IIQ 8.2 allows you to manage who owns your organization’s vaults and safes using LCM Provisioning, the new version also allows for multiple PAM vendors/environments in an IIQ environment at the same time, allowing for non-production instances or migration projects to be governed in your IIQ production instance simultaneously

SailPoint IdentityIQ Documentation Point 2: Access Request Requires Commentary

SailPoint IdentityIQ 8.2 now gives you the option to require that your end-users provide reasoning when asking to add or remove access from managed applications. It can help give you insight into why end-users require additional access that wasn’t automatically assigned based on their HR data

SailPoint IdentityIQ Documentation Point 3: Rapid Setup Enhancement

IIQ 8.2 provides a custom workflow in addition to the UI-driven Attribute Sync configuration as seen in previous versions, this allows for additional customization that may be required by your organization prior to updating endpoints.

The drawback to the Rapid Setup is that the Rehire feature is still not an available LCE Event in IIQ 8.2

SailPoint IdentityIQ Documentation Point 4: Identity Trigger Thresholds

IIQ 8.2 will allow you to set a maximum of the number of executions of a given event. Excellent means of introducing a new LCM Event into production without the risk of running incorrectly through and end-user population within your organization

SailPoint IdentityIQ Documentation Point 5: Identity AI Roles & Recommendations

IIQ 8.2 taps into Identity AI’s machine learning to recommend, as well as, create roles to be used by end-users in both Self Service Access Request and Joiner LCM Events

SailPoint IdentityIQ Documentation Point 6: Reporting Enhancements

Enhancements in the ability to report on Role configurations and how IIQ has leveraged recommendations provided by Identity AI

SailPoint IdentityIQ Documentation Point 7: Cloud Access Manager (CAM)

The CAM module in IIQ 8.2 gives your organization granular abilities to manage your end user’s access in your cloud providers (AWS, Azure, Google, etc). Grant and remove access in IIQ 8.2 based on the entitlements and roles managed within this module

SailPoint IdentityIQ Documentation Point 8: AD Connector Update

IIQ environments using the guide as the Native Identifier for AD groups will have to revert back to using DNS in IIQ 8.2. SailPoint has pulled this type of architecture from the connector and may revisit this design in a future release

SailPoint IdentityIQ Documentation Point 9 :Upgrade Observation

When upgrading to IIQ 8.2, the upgrade will add two new searchable fields onto every single account within the environment (Disabled and Locked). If an environment has millions of accounts within its database this could mean for a longer than a desirable outage. Be considerate to load test upgrading IIQ 8.2 prior to production