Omada Identity Reviews

It is to get more standardization for our organization on everything related to identity, provisioning, and managing access. 

I am not working a lot within the tool myself because it is not my role.

At the moment, because we just started our journey, its benefits are very limited. We are focused. We had an in-house IGA solution over the past 25 to 30 years, so our main focus was doing a technical migration first. We have some improvements to current processes, but we are not yet fully leveraging all the capabilities that Omada can give us. We are focused on our first technical migration.

Omada can help to deploy IGA within 12 weeks by focusing on fundamentals and best practices. That was the idea. That was also something I warned them about upfront. I told them it would be a real challenge within our organization. If they start from a blank page, the 12-week initiative that they have is achievable, but for an organization that already has certain processes and a tool in place, 12 weeks is not possible. We tried, but we could not meet that. We failed, but that is not a problem with the package. It is more of a problem as an organization. During the initial conversations at the start of the projects, we did say that we would give it a try and see where we end up. We would not focus too much on 12 weeks. They have been flexible to it as well. Just because they have listed it as a 12-week initiative, it does not mean that they are not flexible to go beyond those 12 weeks.

It is set up to remove an employee's access as soon as that employee leaves our organization, but we have limited scope today. It is currently only for a subset of applications. The goal is to have all major applications or data resources integrated, and then we would achieve that scenario.

Omada Identity has had a positive effect on our security posture. We are able to remove certain accesses in a centralized control way. We are able to remove certain roles or update some of the basic roles.

Our provisioning process is definitely faster today. With the previous solution, we needed to wait for overnight synchronization and scripting to run, whereas now, it is every six hours. It is definitely faster, but we are working to improve even the six-hour schedules.

The out-of-the-box connectors that Omada provides for the applications work. They need a little bit of effort in integration and setup, but they work.

It is modern. It is meeting our requirements. Its interface is okay. I know they are working on some modernization to make it more modern.

Support-wise, working with Omada has been good. We have very good direct interactions and fast responses.

Pricing-wise, it definitely meets our expectations. As compared to other vendors, we have better pricing.

Documentation can be improved. I have already filed a few suggestions to make documentation more clear and more representative of reality.

We have been using Omada Identity for about a year and a half. This duration includes some demos and trials. It has been about a year since we went live.

We experienced an issue that led to quite some commotion. We are still working on that one to see why it happened and how we can prevent it going forward. In general, I expect that it will be a stable solution, and we will not experience such things on a regular basis.

The issue was that there was a change or an update done that triggered something in the backend of the system, if I understood correctly, which then led to updates to a lot of identities that were not yet supposed to be under the management of the Omada solution.

I would rate it an eight out of ten for stability. That issue had nothing to do with the stability of the platform. It had more to do with the backend software updates.

Because it is a SaaS solution, I expect them to manage scalability. We do not want to manage it, and that is why we chose a SaaS solution. If they see that they need to add additional resources, it is up to Omada.

It is an enterprise solution, so only enterprises will benefit from it and use it. We just did a technical migration, and we will next focus on the provisioning of accounts. It has a very limited exposure to the end users, but that will increase in the coming months and years as we continue our journey. Currently, it has our service desk people, and then there are another 10 to 15 people with very limited insights into the tool. It has not yet been rolled out to the end-user community. We have between 5,000 to 6,000 people.

I would rate it a nine out of ten for scalability.

Because we are still in the rollout stage, we mainly work directly with our customer success manager. A few tickets have been opened during the initial setup and the first go-live, and they have always responded very quickly. We have got a direct line to Omada with our customer success manager. It is like having a direct support person.

We will be able to evaluate their customer support moving forward. We also use a service provider to assist us with the integration. They will be the main contact between Omada and us going forward.

With the service provider, there are some hiccups, but they are also starting and learning about us as an organization. They have their standard way of working and handling processes. Being an R&D organization, there are some challenges, but we try to address them. We also have Omada's support. If we see something not going as smoothly as expected with the service provider, they can put pressure on them, and we can get the results.

Positive

We were using an in-house solution. We switched mainly because that solution was running on an old supported platform. We did a security audit of it and found many vulnerabilities that were hard to fix. That solution could also not deal very well with the hybrid reality that we are in. We needed capabilities to manage on-premise provisions of identities, accounts, and accesses, as well as any cloud-based, SaaS, IaaS, and other kinds of services.

Omada Identity has not yet helped us consolidate disparate systems for access management. We only have a few key systems connected, which are already a part of the existing IGA solution and processes.

We have the SaaS version. Its deployment was straightforward. It was pretty standard.

Its implementation took months of continuous workouts. It included setting it up in test, validating, going through some initial technical testing, and then setting it up in production. It took a couple of months.

It does not require any maintenance from our side. Because it is a SaaS solution, the maintenance is handled by Omada. We have to schedule the updates and see how they fit into our change management processes.

They communicate well about the roadmap. They have a six-week release cycle. For the last one, we did notice that the new features that were going to be implemented were not yet posted on their website on the day of the release, but a day later, everything was okay. They are overall good and as expected.

There were about ten people involved from our side. I am also including application owners. If we have to integrate with certain applications, they have to do something on their end as well.

With any security solution, it is very hard to calculate the return on investment.

It is not cheap. None of these solutions are cheap, but we have good pricing at least for now from a licensing perspective. Being an R&D organization, we have a mixture of employees and a lot of partners. We work with a lot of PhD students and universities, and there was flexibility at least to make a distinction between those two types of identities, which also had an impact on the pricing. So, its pricing is reasonable.

Do not get overwhelmed by the 12-day package that they offer. Be well prepared, not necessarily from a technical or solution perspective but also internally. Make sure you have the right people onboarded. It is not an Omada issue. It is more internal to the company. Make sure that things are in order and the right people are onboarded. Make sure you have a dedicated IAM team ready to support it before you start the journey, not during or after.

The goal of going to a platform like Omada, especially its cloud version, is to minimize customizations as much as possible and go with the standards already built into the platform. Along with Omada, we also use a third-party service provider. If we see something that does not fit our organization, we try to see if we need to change some internal processes to meet the defaults within the product, or we try to come up with other ways within the product. We want to stay away from any customizations as much as possible.

I would recommend Omada Identity. There is not a lot of choice out there.

For now, from what we have seen, I would rate Omada Identity an eight out of ten. There is always room for improvement.

We are using it for identity governance.

It provides the benefits that any IGA solution provides in a company. There is not anything new. If there was any other tool in our organization, that would have provided the same coverage.

Our Omada solution is set up to remove an employee's access as soon as that employee leaves our organization. It has made the security better. We know that once an identity is terminated, the access would be disabled so that the user cannot log in and do anything.

Omada Identity saves time. It is pretty fast. We can handle multiple access requests at the same time. It has a good filtering capability for the users to choose the resources that they need to select. It has definitely removed a lot of manual work that was being done by the help desk teams. That way, it has saved a lot of time. There are about 40% time savings.

Being a cloud solution, it is very easy to manage. An on-premises solution is not very efficient.

The support for the validity of the resources is valuable. The tool allows resource assignments within a validity period so that the managers do not have to remember to revoke the access once the work is done. That is one thing we like about Omada Identity. 

The assignment policies have been helpful for automating user life cycle management.

We have been having trouble with Omada compared to other tools in the market. They can improve its UI and make it more user-friendly. 

The architecture of the entire system should also be less complex. The way they process the data is complex. I am still trying to understand it.

They can add more types of services that we need from the compliance and audit perspective. Their out-of-the-box connectors are not enough. They can add more connectors for integrating with different products.

Omada does have a clear roadmap, but things are not delivered as promised.

My organization has been using it for 1 year.

Its stability is good. I would rate it a 9  out of 10 for stability.

We have not tried to scale it. We have more than 2,000 people in our organization. We have four people who work directly with Omada Identity. It works well for the number of users we have. I would rate it a 9 out of 10 for scalability.

Their support is good. It is not the best. They could do better in terms of response time and knowledge.

Neutral

We were using another solution, but I was not a part of the organization at the time. In my previous organization, I used SailPoint. SailPoint is much better, much easier, and more user-friendly.

It is deployed on a cloud, but I was not involved in its deployment. When I joined, Omada Identity was already there for 6 months.

We have three environments. One is for development, one is for testing, and one is for production. Omada is on the cloud, so it can be used everywhere.

It does not require any maintenance from our side.

I would recommend Omada Identity based on the requirements. If you are looking for a simpler solution, you can go for other products in the market, such as SailPoint.

They have not yet helped us to fully implement role-based access control, so we have not seen any outputs of that feature. We have not yet implemented Omada Analytics or Certification Surveys.

Omada did not help us consolidate disparate systems for access management. It also did not help to automate reviews of access requests and reroute them to the appropriate people.

Overall, I would rate Omada Identity an 8 out of 10.

We are provisioning new accounts. We are deprovisioning accounts that are gone. In Omada Identity, you can connect transfers (external employees who came to work for us) very easily. We have had trouble doing this with a new front-end system, not Omada Identity, where accounts are not connected. With Omada Identity, I can connect accounts and change everything that I have to do.

We can manage access for everyone, including suppliers, partners, and maintenance staff. Now, in Active Directory, there is accountability for everyone. If someone is responsible for an account, we can see who is responsible. 

We use the main portal of Omada Identity.

We are not using the solution fully, but we are getting there slowly.

When we started with identity and access management, we cleaned up and skipped 500 accounts. Therefore, there are a lot of people who are still in our system. Using this tool, we have cleaned up a lot of accounts for ourselves as well as our partners and suppliers. So, we can manage everything now.

When we switched to Omada Identity, it was easy for everyone. The solution was so smooth. Managers can do a lot of our work processes themselves, which reduces a lot of tickets.

We can sync our administrator accounts with our normal accounts. So when an administrator no longer works for us, their account is disabled. This provides us control because when we did the admin accounts, there were a lot of admins who were already gone, but they still had an account in Active Directory.

Our test accounts are now managed and feasible.

The interface is nice. I can do so much myself. I don't need my supplier for everything. I can change emails and add attachments. 

I like it very much that it is a self-reliant solution as well as user-friendly. I made a handout for managers and other users, and it was very easy to explain how to use the system. It's not difficult. We have workflows that are so simple, and you can explain them to somebody else in a very easy way.

Omada Identity has a reporting server that we use. With emails or usernames from an application, we can create a report and check on those users in the application regularly. For example, if you send me a list of users, I will send you back information on those users, like their end dates and activity. This way, the auditor can see we are in control.

We now use multi-factor authentication (MFA). To let people working from home register for MFA, we put them in an Active Directory group where the date and group are set. If someone needs to reinstall the application, you can set a new date in Omada Identity. So, I only have to set a date, then everything necessary happens.

I would like to search on date fields, which is not possible now.

I am unable to connect our organizations' tables and our partners to create a report in the solution. Sometimes you have to connect two different tables of your report. For now, I make a report for one, then I make a report for the other. After that, I combine them in Excel, but this is time-consuming. We are waiting for the newest version to come out at the end of the month. Hopefully, the feature to connect to other applications will be available with this release. Otherwise, we will have to wait for the next one. It would be nicer if we could get it sooner.

At the end of May 2019, we got Omada Identity.

The scalability is great. It is not often that I hear that our supplier can't do something with Omada Identity.

We manage 6,500 users with Omada Identity.

Right now, I don't feel that I have any influence on the features that they are delivering to us. My supplier has also said that if they ask something, then they have to wait a very long time for it. I would like it if they would tell us, "We can't do everything at this time. Many requests have come in all at once. But, what request would you like us to prioritize?" If they could also provide time frames for requests, this would help us understand when we would get our requests.

Our suppliers and partners need to be in Omada Identity as well. That wasn't possible when we had only MIM from Microsoft. Now, I can manage partner types with the access management, creating an organizational unit and partner. Then, I can put the people who only have access in the system, so we can connect the two systems. This way, we can really manage all the people coming into our building and using our systems.

With Omada Identity, we can manage the partners and supplier accounts. This was the primary reason that we switched from MIM. We can also connect other applications, though we are still working on this.

The solution has reduced our total cost of ownership compared to our previous solution.

The initial setup took a long time, over six months, because of our supplier. Omada said that they have an integration with CyberArk, so we wouldn't have to build anything because it was there already. We would only have to install it. Then, the supplier told us, "We have to make it," but it was already there. If it was there, I don't understand why it took so long.

I worked side-by-side with the supplier. We have a very good connection with our supplier, Traxion. We see them more as a partner. We work well together, learning from each other.

There were a lot of administrator, partner, and supplier accounts for people who were no longer working for us but still in the system. So, we reduced the number of users no longer with the company, which saved us some money on licensing.

I don't know if they looked at other suppliers or systems.

When we started, our supplier recommended using MIM at first, then Omada Identity. Now, I would recommend starting with Omada Identity and getting the entire solution, so you can do everything in Omada Identity and aren't using two systems.

I am cleaning up accounts with the help of the functional administrator. This is very easy to do.

I am a happy customer. We have our identity and access management under control with Omada Identity. I would rate this solution as a nine (out of 10). 

Our clients use it to onboard apps for provisioning, not just collections. They use Omada for provisioning to business applications, such as SAP and PeopleSoft. They use ServiceNow as the front door to that but Omada is for their accounting and their HR business applications. It's mostly used for the governance piece, certification—GRC.

Compliance is often what the issue is for our customers. They want to hurry up and get these products onboarded and set them up for provisioning for their business application, so they can meet whatever regulatory compliance controls they're trying to meet.

We're an Omada partner/vendor. We implement both their on-prem and SaaS versions.

From a security perspective, we've got customers that are failing audits or that are in danger of failing audits, because they can't do certifications. While it's not necessarily an improvement to the way their business functions, Omada certainly helps customers remain compliant with those audits. It makes them more efficient, and it's easier for them to support the audit requirements they have to remain compliant.

The solution also helps reduce total cost of ownership. In cases where they're swapping out Oracle, or they're swapping out RSA's Aveksa or IGO product, it's certainly reducing total cost of ownership. And, when we're moving clients from an on-prem, legacy IGO or IGA solution to the cloud solution, they no longer have the infrastructure issues and it's a lot easier to maintain. It's not as complex as an Oracle. Certainly, when we're replacing some of those legacy systems—IBM, Oracle, CA—it definitely reduces total cost of ownership.

Another benefit is that it has helped to reduce the number of helpdesk tickets and requests, specifically when combined with ServiceNow, which we've done in a couple of instances. In that scenario it drastically reduces the helpdesk tickets. Omada has the workflow built into it that allows a lot of work that used to be done through the helpdesk to be automated. We try to build more automation into the system in an effort to reduce the amount of support that's required for it.

It has also absolutely reduced the number of audit fines that our customers receive. A few of our Omada customers have either had audit findings, or did a pre-audit and knew the findings were coming, or they were trying to clean up from an audit finding by using the solution to do so. We see a reduction in audit fines in at least half of the cases where we implement the product.

The most valuable feature in Omada is the governance. We work with other products and other product vendors, but the sweet spot in the market for Omada is where things are heavy on governance.

I would like to see them expand the functionality of the tool to continue to be competitive with the monsters out there. For example, they could add functionality on the authentication side, functionality that Octa and SailPoint have. But they should do that while maintaining the same simplicity that makes Omada a product of choice today.

We've been working with Omada for four or five years now.

We have a lot of choices out there in the market to spend our time on. We've chosen Omada as one of the products that we support. It has been very stable. We haven't seen any issues related to stability so far.

When it comes to scalability of Omada's cloud-native SaaS solution, we've used it with a Fortune 10 customer and a Fortune 100 customer. It's definitely scalable. The fact is, we're connecting it to SAP which is running the internal organizations of some of these companies. It's a new product, so it probably hasn't gone through enough Fortune 500 companies to say that it has been fully tested at that scale, but the customers that we work with are pretty significant customers.

In terms of our customers increasing usage of Omada, if they've gone through the process, they have a prioritization of the applications that need to be onboarded to an IGA tool. Once they get those high-priority applications onboarded, there's the never-ending list of additional applications to get onboarded. The priority for onboarding applications could be business-related, it could be audit-finding related, or it could be SOX-related. The client makes that determination. 

We've integrated the product with CyberArk and ServiceNow, to automate some of the helpdesk support that is typically required. Most of our customers are at the stage where they're saying, "Hey, let's get this Oracle HR product onboarded as our system of record, and work from there to onboard the other apps." Most customers, even the small customers, have an endless list of applications that need to be onboarded, once they have onboarded their highest priority applications.

We have relationships with Omada from the chief revenue officer, all the way down. When we really need to make something happen, we can put that call in and make it happen.

But from what I know from our customers that have used Omada's technical support, they seem to believe those guys to be as adequate as any of the competitors in the space.

The complexity of the initial deployment of Omada depends on the customer. But one of the reasons we chose to become a product vendor for Omada is because of the simplicity. It's the perfect fit for a lot of customers that don't need the complexity of an Oracle, or of a CA, or even a SailPoint. That's one of the main factors that attracted us to the product.

The implementation strategy is going to depend on the customer and where they are in the process. The pre-implementation strategy is to find customers that meet what we've defined as the sweet spot of customers, where Omada is the best fit for them. They are customers that are looking for this, this, and this, they're this size, and they're at this stage in their maturity model. We like Omada for the SMB market because you can get your hands around an implementation. You can get them on the cloud version and get them up and running pretty quickly. 

If it's a customer that doesn't require a lot of complex workflows, it's a simple product to get installed and get up and running. However, it still does have the heft to be able to support some of the more complex custom configurations and workflows, if they need that in the future.

There is no such thing as an "average deployment," but 90 days would not be a stretch for getting some of our clients up and running and getting an app or two onboarded, with some pre-built-in workflows.

The number of staff required for deployment is also deployment-specific, but we'll typically have a team of between two to ten people, depending on the size of the deployment and what the customer wants to do.

Some of our legacy clients—and when I say legacy, I'm talking about two to three years ago—are using the on-prem version. Whether a client goes with the SaaS or the on-prem really depends on what the customer is looking for. A lot of customers are going for SaaS because of the "flash-to-bang." The pitch is that with one of the starter packs, you can get them up and running with a system of record in a shorter amount of time than with the on-prem version. That's typically the preference. Customers want to get up and running. They're running from an audit, they're running to meet compliance, they're running for a deadline. They typically want to go SaaS so they can get some quick wins under their belts. The on-prem takes a little bit more coordination with their onsite technical and security guys.

The ROI that we see is the "flash-to-bang." You can get in there and get the implementation up and running. 

There is definitely also ROI, that I can't quantify, in getting clients compliant with findings and in getting their highest priority applications up and onboarded.

Where we do see a lot of ROI is with the cloud version in particular. When we do these implementations, we require time from the customer's internal IT staff. With COVID, those guys have been busy making sure folks can work remotely and protecting themselves from all the different threat vectors that have presented themselves during COVID. The cloud version requires the least amount of time of the internal IT staff, so there is definitely ROI there.

Omada continues to be very competitive on pricing, especially on the Omada cloud product.

In terms of the solution's IGA features, I'm not going to say Omada's are pretty broad but there is enough breadth there to support some large customers that are using that product. It's definitely compatible, in terms of breadth, with other products out there in the market.

We support SailPoint. We've done a little work with Saviynt. We've worked with some of the legacy solutions, like Oracle OIG and RSA. We're familiar with other IGO and IGA solutions in the market.

Compared to some of the more complex tools, with Omada you can cut the implementation time in half, or even more than that. We look for the customers that fit that Omada mold. For the customers that don't have the complex workflows, and where you don't have to wade through 37,000 guys in their IT shop to make something happen, it's certainly a much easier product to get installed. That's why we like it.

But there is competition. All these vendors are now offering cloud solutions, like SailPoint's IdentityNow. Saviynt is a cloud-based solution. But when it comes to some of the legacy ones, you can certainly reduce your implementation time by 50 percent or more.

And on the pure governance part, Omada is definitely maintaining some of the same functionality as the other vendors out there in the market. It's not going to have all of the functionality of the SailPoint on-prem version. But it's more than adequate for the average customer.

The only advice I would give is the same advice I give anywhere: Know your requirements and then make sure that the Omada product is the product that best fits your requirements. If it does, you can get it in and up and running in a more reasonable amount of time than some of the competitors on the market.

What I've learned from using the solution is that Omada has a certain place in the market. When we find a customer that has the set of requirements that Omada is a really good fit for, we can get them up and running pretty quickly, without their having to spend a ton of money, and without their having to spend a ton of their internal IT resource time. Omada is probably marketing to everybody, but for us, there's a certain customer where we say, "Okay, they're heavy on this, they're light on this, they want this, they have this issue, that issue, and this requirement. Okay, perfect fit for Omada." When we find that, we end up with really happy customers because we can show them some progress in 30, 60, or 90 days, as opposed to a two-year deployment in other cases.

Everything is related to identity governance, such as

• Certification
• Joiner, Mover, and Leaver (JML) use cases
  
• Access request for use cases
• Provisioning use cases
• Workflow.

In a fully implemented Omada Identity solution, all these use cases are equally important.

We have on-prem Omada customers, then we also have the Omada SaaS customers. We always work with the latest version of this solution.

Our customers have benefited from Omada Identity automating the certification process. Most of our customers were using manual methods for user access certification. With Omada Identity, you can automate almost all of it, which means that certification now becomes on demand. You don't have to wait for two or three months to execute a certification timeframe. Instead, you can do certifications as often as you want. 

Another benefit is automated provisioning of user accounts when you replace manual provisioning. 

Omada Identity has reduced the number of audit fines that some of our customers have received by more than 80 percent.

Omada Identity is a very feature-rich solution. Its features are designed based on a methodology called identity plus.

For our customers who prefer having a SaaS solution, they also prefer a cloud-native solution. This is a big requirement for them.

The Omada Identity SaaS version isn't as flexible as Omada Identity on-premise. It is expected behavior though. Often, customers under estimate the level of controls and flexibility when moving to SaaS. We want customers to carefully evaluate and analyze each use case and/or requirement. 

We work closely with Omada and understand the roadmap, which addresses what market is demanding, incrementally in each release.

It has been about three years that we have been implementing Omada Identity for customers.

We haven't had any scalability issues with our customers. Omada Identity has been scalable to our customer requirements. It's a high-capacity solution, so large environments (more than 2000 users) is not a problem for Omada Identity. 

Omada is at par with the industry standard at this point for scalability. They aren't extraordinary yet, but they are working on it. They are probably at par with their competitors.

The Omada product documentation could use a good uplift. Some documentation is outdated as well as other documentation can be less descriptive than it should be.

There are some initial challenges when it comes to support. However, I am very happy to see it drastically improving. 

If you are using the provided connectors and configuration out-of-the-box, then it is straightforward. However, if you require custom connectors or configurations, that setup is can get complex. 

An average deployment takes three to six months.

Our implementation strategy varies based on the customer's requirements.

We provide deployment and post-deployment support. In a deployment scenario, there will be one or more implementation engineers along with an architect and project manager. Then, in the post-deployment support, we have architects and engineers.

The initial total cost of ownership to implement Omada Identity is not small. The TCO for the implementation is comparable to other solutions. However, the cost of maintaining the solution is at par or lower than competitors, including adding more features or maintaining the system after the initial deployment/installation to make sure that they are available for users to use or extending the functionalities of those activities. Those maintenance costs are lower than other vendors.

It has reduced the number of our help desk tickets from 25 to 75 percent.

Compared to competitors, Omada Identity is either equal or more feature-rich than comparable solutions, e.g., RSA Identity Governance and Lifecycle (IGL), SailPoint IdentityIQ, and Oracle Identity Governance, because of its identity plus methodology. 

Omada workflow designer is a feature for which we have gotten very good feedback. Ease of configuration is also something Omada Identity does better than others in the market. However, customizability is something where Omada is not as good as its competitors.

The time that it takes to get up and running with this solution compared to RSA and SailPoint is almost similar.

Carefully evaluate your use cases before starting an implementation. Have an identity management program defined before starting technical implementation. That would be my most important advice. 

Define your use cases clearly. 

Have all parties involved. Not having management buy-in almost always led to difficulties in the project.

Omada has defined and documented the Identity Plus Process based on their experience. This is an excellent reference guide to implement an Identity program.

Everything considered, I would rate this solution as an eight out of 10.

As an Omada partner, we are integrating the Omada Identity Suite for our customers.

Our customers primarily use it to align their identity lifecycle and access management. In some cases, they also use the integrated workflow engine that Omada has to migrate existing paper-based workflows to a digital platform.

Our customers have realized several benefits from using this product. What we have seen is that they are more efficiently driving Identity and Access Management processes. Many of them that were being performed manually could be automated. This means that they save resources, such as manpower, to focus on other topics.

Omada Identity Suite benefits our clients by introducing the Least Privilege Methodology when it comes to their coverage.

The biggest benefits come from automation, reporting, and easier onboarding of new staff.

Omada has definitely helped to reduce the number of help desk tickets and requests. For example, one interesting feature is the automatic password reset. This is something that can now be done by the end-user themself, and no longer necessitates calling the head office. This is very beneficial when it comes to reducing support tickets and telephone calls.

Omada Identity Suite has a very powerful workflow engine. It is used for requesting access for approval to everything that's around Access Management and for re-certification purposes. It is easy to set or reset the state for accessing resources.

In terms of the breadth and scope of the features, in the current version, they are trying to cover access management and identity governance for the whole company. Over the past years, they have broadened the features to include new functionality based on customer feedback and reviews. We routinely give Omada suggestions as to what can be improved, either in terms of adding modules or some other aspect that has not been covered very well. Based on that, they have come up with certain exciting new features. For example, they have built new interfaces and new ways of configuring the system.

At the same time, they have also built up more functionality to add business values. Specifically, they developed a practice framework of processes that can be rolled out in a company very easily. It was created based on experience that they gained from past projects and customers.

What I would most like to see added to the product is role management, especially enterprise or business role management, and the processes around that.

I would like to see some kind of role-mining functionalities to help existing Access Management processes. For example, business roles and existing role models could be identified and imported into Omada. There are definitely some possibilities for improvement in this area.

I have been working with Omada Identity since 2007, between 13 and 14 years ago.

Over the many years that I have worked with this product, the operation has always been stable. Especially when a new version is released, there are sometimes bugs. In cases like these, the support response times could be improved.

In the latest version, there have been big improvements with scalability. If you add more compute then you can scale this solution without limits.

I would rate the support a seven out of ten.

Sometimes, the time it takes to respond to a ticket is too long. Also, it can take a long time to provide a fix. Things have improved recently but if I consider my entire experience with them, the time we spend waiting for a resolution is too long.

I have not been a part of many migration projects, so I cannot speak about the experience of transitioning from another product.

I have experience with One Identity Manager and NetIQ Identity Manager. The user interface is much more flexible in Omada Identity, which makes it easier to use and configure. This is definitely a pro.

The con is that some products provide better connectivity with other systems. For example, NetIQ Identity Manager brings some connectivity, especially with the mainframe systems that are seen in the financial industries. Such connectivity does not come out of the box with Omada. There is also a provisioning engine from NetIQ, for example, which is more stable and more flexible than the Omada solution.

With respect to the IGA functionality, Omada has more flexibility than NetIQ. You can customize, adapt, and configure it to a greater degree and with less effort.

In terms of the installation, the initial setup of the suite and the components is very straightforward and well documented.

When it comes to the introduction of the Identity and Access processes with Omada, it can be very complex and it can also be very straightforward. It depends on the complexity of the processes that the customer demands. Omada has a best practices paper that explains how to set up various types of projects. When you follow that process, starting with some basic setup, then moving on to the improvements and continuing to roll out iteratively, I think it's very straightforward.

In terms of the time required for deployment, it again depends on the complexity of the processes that need to be integrated. You can have projects where it is fully deployed within weeks, and you can have bigger projects for bigger companies with more complex processes that can take a year or even longer to deploy.

Our implementation strategy begins with the need for a business concept. After that, we do some requirements engineering and talk about existing processes with the customer. Together, we decide what to migrate and what to introduce.

We then begin with a basic setup to introduce the first phase of the project. From that point, we use an iterative or agile approach to onboard more applications.

My advice for anybody who is implementing this product is that it's a good policy to follow Omada's best practice strategy, with not too many customizations. I suggest sticking to Omada's standard model and approach with respect to implementation. This is what we recommend to our customers.

I would rate this solution an eight out of ten.

I am the functional manager. I use the solution for user access management.

The product provides good security. Every access is secure. We saw the benefits of the solution right after the deployment.

The administrative features and SoD are valuable.

It would be nice if we could use queries. It is not possible to customize reports on Omada Identity. Everything is fixed. We can only use the standard options. It would be very nice if we could write queries using the SQL database.

I have been using the solution for 2.5 years.

The tool is stable.

The tool's scalability is fine.

My team contacts the support team. The support is slow.

Neutral

I worked with One Identity before. We could customize reporting using One Identity. Omada Identity and One Identity have their positives and negatives. Omada is a better tool. However, some features are not very good. The reporting takes more work on Omada.

The deployment is not easy. It takes too long. My colleagues always have issues after deployment.

My colleagues deployed the product in my organization.

The reporting is very poor. It is impossible to see which people are under what rules. Omada is set up to remove employees' access as soon as they leave our organization. It works very well.

I use Omada for role-based access control. We can create roles for the team or members of the organization. When they leave the organization, the role is removed automatically. It is beneficial to us.

Even though I use Omada, I still need the other systems we use. Omada helps automate reviews of access requests and reroutes them to the appropriate people. I use Omada Connectivity Community, but not much.

Overall, I rate the product a 7 out of 10.

Our primary use cases are around employee life cycle processes. Employees join us, extend their contracts, move around, and leave us. Omada is connected to our HR system as well as SAP, Microsoft Exchange, and Active Directory.

We also use it for updating our employee master data and use the request management, covering about 900 employees.

We are an Omada partner and reseller.

The best feature in Omada Identity is that it enables us to implement standardized employee life cycle processes so that we don't have to create them ourselves. We can then use the standard workflows.

The breadth and scope of the solution’s IGA features also fulfill our requirements. 

We are trying to use Omada's standards and to adapt our processes. But we have had some trouble with the bad documentation. This is something that they could improve on. It has not been possible for us to analyze some of the problems so far, based on the documentation. We always need consultants. The documentation should include some implementation hints and some guidelines for implementing the processes. It's an area that could definitely be improved.

We have been using Omada Identity for about a year.

We have not had any major issues with the system so far.

We are planning to implement more and more of these standard processes and to connect more target systems to it.

We haven't submitted any support tickets to Omada so far because we have been solving our issues with consultants.

Our previous solution was developed in-house by my colleagues. We switched to Omada because the old solution did not have any standards. In addition, the components it used were end-of-life and we decided to use software that offers more standards out-of-the-box.

The initial setup was complex. We have so many different stakeholders in our company and they all have their specific requirements, but we were trying to standardize things. We have struggled with all the requirements and have tried to reduce the special implementations to a standard.

Our implementation of Omada took about half a year.

In terms of maintaining the solution, we have four people involved. Two are technical application managers who are in charge of the operation of the system. And we have two guys who are mainly dealing with the implementation of the employee processes, connecting to the target systems, as well as some scripting.

We used consultants from Omada. Our experience with them was okay.

So far, we have not saved money compared to our previous solution because we are struggling with some internal issues. We have had some trouble with our HR data, but we expect that we will save money, using Omada, by the end of this year.

Because we are a partner and an IT service provider, we have a special licensing agreement because we are planning to offer Omada Identity to our customers. Our licensing and pricing model differs from the standard.

Because we operate this on-premises and just connect it to internal systems, we have had no security issues so far.

Be sure to use Omada's standards and try to reduce special implementations. You may have to adapt your processes to reduce all the specific requirements from the stakeholders. But my advice is to reduce the special requirements to a minimum.

Also, because you're connecting the HR system to the employee master data and organizational data, all this data has to be clean. Otherwise, you will have a lot of trouble with Omada. Make sure your master data is in good shape.