SailPoint IdentityIQ 8.2 was recently released so here’s documentation of some items of interest:
SailPoint IdentityIQ Documentation Point 1: PAM Container Management & Multi Environment Support
The PAM Module in IIQ 8.2 allows you to manage who owns your organization’s vaults and safes using LCM Provisioning, the new version also allows for multiple PAM vendors/environments in an IIQ environment at the same time, allowing for non-production instances or migration projects to be governed in your IIQ production instance simultaneously
SailPoint IdentityIQ Documentation Point 2: Access Request Requires Commentary
SailPoint IdentityIQ 8.2 now gives you the option to require that your end-users provide reasoning when asking to add or remove access from managed applications. It can help give you insight into why end-users require additional access that wasn’t automatically assigned based on their HR data
SailPoint IdentityIQ Documentation Point 3: Rapid Setup Enhancement
IIQ 8.2 provides a custom workflow in addition to the UI-driven Attribute Sync configuration as seen in previous versions, this allows for additional customization that may be required by your organization prior to updating endpoints.
The drawback to the Rapid Setup is that the Rehire feature is still not an available LCE Event in IIQ 8.2
SailPoint IdentityIQ Documentation Point 4: Identity Trigger Thresholds
IIQ 8.2 will allow you to set a maximum of the number of executions of a given event. Excellent means of introducing a new LCM Event into production without the risk of running incorrectly through and end-user population within your organization
SailPoint IdentityIQ Documentation Point 5: Identity AI Roles & Recommendations
IIQ 8.2 taps into Identity AI’s machine learning to recommend, as well as, create roles to be used by end-users in both Self Service Access Request and Joiner LCM Events
SailPoint IdentityIQ Documentation Point 6: Reporting Enhancements
Enhancements in the ability to report on Role configurations and how IIQ has leveraged recommendations provided by Identity AI
SailPoint IdentityIQ Documentation Point 7: Cloud Access Manager (CAM)
The CAM module in IIQ 8.2 gives your organization granular abilities to manage your end user’s access in your cloud providers (AWS, Azure, Google, etc). Grant and remove access in IIQ 8.2 based on the entitlements and roles managed within this module
SailPoint IdentityIQ Documentation Point 8: AD Connector Update
IIQ environments using the guide as the Native Identifier for AD groups will have to revert back to using DNS in IIQ 8.2. SailPoint has pulled this type of architecture from the connector and may revisit this design in a future release
SailPoint IdentityIQ Documentation Point 9 :Upgrade Observation
When upgrading to IIQ 8.2, the upgrade will add two new searchable fields onto every single account within the environment (Disabled and Locked). If an environment has millions of accounts within its database this could mean for a longer than a desirable outage. Be considerate to load test upgrading IIQ 8.2 prior to production