The overall purpose for using this product is for identity management, which is our core requirement.
We adjusted the number of authorizations given to a person. Before, it used to just collect and collect under people. Now, we can adjust and remove authorizations so they don't just stack up. It's reduced the number of authorizations assigned.
The workflow has improved from request to assignment. We've been able to accelerate the speed significantly.
I like the workflow engine and the deep integration with SAP products, including SAP authorizations. In the market, there aren't many products that can deliver this feature. The possibility of customizations is a significant aspect that makes this product stand out from others.
Additionally, the number of connectors they support is commendable. Reducing the number of authorizations given to people on average is beneficial. Previously, individuals had accumulated authorizations as they moved between departments over their careers.
Now, there's an attestation process when a person moves to a new department, allowing managers to decide on reassigning authorizations. This has led to fewer authorizations being assigned, which is one of its most important benefits. Moreover, the time taken from an authorization request to an assignment has also been accelerated.
One Identity Manager connects SAP accounts to employee identities under governance. We have an HCM connector, and we have built up the complete life cycle of an identity. TThis means when a person leaves the company or has a transition to another department, we also have processes implemented that we take care that they lose the authorization.
The solution provides IGA for difficult-to-manage aspects of SAP, like profiles, rules, etc. We use transaction codes and activities, and so on, on the lowest sub-authorization level for segregation and security checks. We assign roles, composite roles and single roles.
In terms of user experience and intuitiveness, there is always an issue from one product to another. In the beginning, the users may find it a bit complicated. However, they get new functions and a fancier UI. Overal, it provides a good impression.
It's easy to customize. The product has a huge number of possibilities or ways you could go. That said, you need good knowledge of the product. It's complex. This product needs a deep understanding of how the product works and how the implementation needs to be done. You need an external partner with good experience.
We make use of the product's business roles. We try to catch 80% of the authorizations so only 20% of authorization would need to be requested.
We have connected cloud applications, including SAP cloud systems. These extensions to governance are very important. They need to be integrated. Our aim is to integrate every system where management takes place under one solution.
One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. Now, we can identify when users have no need anymore to have certain authorizations on a special system or special groups. Our user life cycle takes care of this. When they are not in the department anymore, they won't have access. It makes access to special systems more secure.
It does help with licensing. If two licenses are similar, we can look at the settings and make sure that users are getting more licenses than we need, and when they leave, the license can be removed. It helps save license costs.
The solution helps with application auditing and compliance as well as access decisions.
We've been able to achieve an identity-centric zero-trust model. We have other applications around this, however, we are able to give authorizations only to one person and so that no one has more than they need to avoid security risks. People only get authorizations to that which is a user's core functions.
We have more complex approval processes for normal authorizations.
The user interface is good, however, there is space for improvement. Specifically, the way information is presented in the system could be refined so that users are not overwhelmed with technical details. They require more business information. We believe there is substantial room for enhancement in this area.
There is also room for improvement in how we integrate systems. In some instances, we could achieve deeper integration. However, it requires effort, and we must decide if it makes financial sense.
The downside of the product is it is complex and you need an implementation partner to help you develop it. You can't do it on your own.
I have used the solution for over four years.
We missed functions in SAP, and there was no further development to meet our needs. There was also no future strategy, and they have discontinued the development of this product. This made us decide that this was not the product for the future.
The deployment was easy in some aspects and complex in others.
There is maintenance needed in the form of upgrades and daily maintenance of one to two hours a day.
Our partner helped with the implementation. It was, at points, a complex migration and implementation, and we are satisfied with the collaboration.
We are in the upper quarter regarding cost, so it's expensive. However, it is definitely a product with the best future perspective. In terms of function and support, it offers a fair price yet remains an expensive product.
We're a medium-sized company with locations across several countries. We have around 50,000 external and internal users.
One Identity Manager was the right decision in comparison to other market products. With other products, we would not have made such a good decision.
We had a partner that provided training, coaching and implementation assistance. They were more focused on integration and helped with complex customizations and post-implementation support. We don't need as much support anymore.
Overall, I rate the product an eight out of ten. I'd recommend it to other users. It was the right decision for us to go with this product in the end.