One Identity Safeguard Reviews

My primary use case for One Identity Safeguard is privileged password vaulting and real-time session monitoring, which has been a game changer for managing sensitive access. I mainly use it to securely store, manage, and rotate privileged credentials across multiple environments. In my day-to-day work, I frequently need to provide temporary, controlled access to different users, including third-party vendors. In a recent project, we granted time-bound access through the privileged password vault and monitored vendor activity using session recording rather than direct password exposure. Another major advantage is One Identity Safeguard’s ability to integrate with existing systems, particularly for centralized privileged password management.

One Identity Safeguard has made a noticeable positive impact on our organization by giving us much better control and visibility over privileged access. We no longer have to worry about shared or unmanaged administrator passwords, as everything is securely stored and rotated automatically. Session recording has been especially helpful because we can see exactly what actions were performed, which has improved accountability and made audits much easier. It has also reduced manual effort for our IT and security teams, improved compliance, and lowered the overall risk of misuse or unauthorized access.

In my opinion, the strongest features of One Identity Safeguard are session monitoring, real-time session control, and the privileged password vault. The password vault has been a game changer because it provides a secure and controlled way to store, manage, and rotate sensitive credentials without exposing them to users. Session monitoring allows us to track and record privileged user activity in real time, which improves visibility and accountability. Overall, One Identity Safeguard has had a positive impact on our organization by strengthening security through centralized privileged access control and improving efficiency through automation. Real-time session monitoring has further enhanced oversight and reduced risk.

One Identity Safeguard does require some time to fully understand its features, and the initial setup could be simpler. There is a learning curve at the beginning, although it improves with regular use. If user access and control management were more intuitive, it would further enhance the overall experience. With these improvements, the platform would be even more user-friendly.

I have been using One Identity Safeguard for around a month.

One Identity Safeguard has been stable for me so far.

In my experience, One Identity Safeguard is pretty scalable.

I have not used One Identity Safeguard's customer support until now.

I did not previously use a different solution before One Identity Safeguard.

The deployment of One Identity Safeguard solution has been ongoing and is still under development. We are still deploying new changes, and it takes around three to four weeks.

We are still configuring the training required to start using One Identity Safeguard. However, it took some time for our administrators, and we are still determining how much time the end users will take to use it.

The deployment of One Identity Safeguard affected our privileged users smoothly, and it was pretty smooth.

We are still evaluating other options before choosing One Identity Safeguard, but so far, we see that One Identity Safeguard is much better.

Overall, I have found One Identity Safeguard to be a very good solution. I would rate it an eight out of ten due to its strong security capabilities, excellent automated privileged password management, and effective real-time session monitoring. User feedback within our organization has been positive so far, and we are continuing to gather more input. My advice to others considering One Identity Safeguard is to evaluate it through a trial or demo, as pricing can be an important factor depending on organizational needs. Our company’s relationship with One Identity is strictly as a customer; we are not a partner or reseller. 

Public Cloud

Our primary use case for One Identity Safeguard includes privileged password management, where it includes vaulting, rotating, and checking in and checking out privileged credentials. Secure remote access helps to grant access to Windows/Linux servers based on group membership. We also use it for session monitoring and recording, where it helps to monitor, record, and audit privileged sessions for compliance. Access request simplification plus threat detection helps to streamline requests and quickly detect threats seamlessly.

In my day-to-day work, One Identity Safeguard helps to identify anomalous behavior, a deal breaker feature for some customers. It also helps to detect threats and streamline requests and quickly detect threats.

The best features One Identity Safeguard offers are out-of-box templates, which simplify password rotation workflows and have a nice interface. It is also pretty stable.

The out-of-box templates from One Identity Safeguard make onboarding much easier for my team in day-to-day work.

One Identity Safeguard's automation of password management and incident investigations has cut manual efforts significantly.

One Identity Safeguard has positively impacted my organization by improving compliance, posture, and audit capabilities. It has cut manual efforts by 30 to 40% via automation and also decreased privileged account incidents by up to 40%.

I think One Identity Safeguard can be improved as it can be slow sometimes.

Regarding needed improvements, I want to mention that there is a lack of documentation and many plug-in problems.

I think One Identity Safeguard needs improvements because sometimes the support team doesn't have answers for bugs.

One Identity Safeguard is very stable.

One Identity Safeguard is deployed in my organization as a hybrid model.

One Identity Safeguard is deployed in a hybrid cloud setup.

One Identity Safeguard's scalability is very efficient; it handles my organization's growth effectively.

The customer support for One Identity Safeguard is very responsive and proactive.

I did not use another option before choosing One Identity Safeguard.

The deployment of One Identity Safeguard took two to three weeks.

The deployment of One Identity Safeguard did not affect my privileged users; it was not disruptive to them.

Not much training was required to start using One Identity Safeguard, both for those who manage it and for end users. It is self-service, and it is very easy to learn how to use it. The learning curve is smooth.

I use the virtual appliances version of One Identity Safeguard because it suits my organization well with load balancing.

I have seen a return on investment with One Identity Safeguard, leading to efficient management and lower upfront cost. It has reduced inside and external threats, which is essential for preventing privileged user damage, and decreased privileged account incidents by 40%.

One Identity Safeguard has a competitive setup cost, and the pricing is competitive.

My experience with pricing, setup cost, and licensing for One Identity Safeguard is that the pricing is very competitive.

Before choosing One Identity Safeguard, I did not really evaluate other options.

I chose eight out of 10 for One Identity Safeguard because the pricing is very competitive. It is a nice tool that helps to identify anomalous behavior, a deal breaker feature for some customers. It also helps with access request simplification plus threat detection, where it streamlines requests and quickly detects threats.

My advice for others looking into using One Identity Safeguard is that it is a serious, enterprise-grade identity safeguard. It excels at security, monitoring, and compliance, but trades off simplicity and ease of use.

One Identity Safeguard has been a cost-effective tool that has prevented major security breaches, avoided insider threats and misuse of admin privileges, and reduced audit and compliance costs. However, the initial cost plus setup effort is a bit high.

I gave this review a rating of 8 out of 10.

Hybrid Cloud

Amazon Web Services (AWS)

My main use case for One Identity Safeguard is to manage and control privileged accounts and store passwords. For example, if an IT admin needs access to a server, I use One Identity Safeguard to manage and control privileged accounts. One Identity Safeguard helps companies avoid data breaches regarding my main use case, influencing other teams and types of users who interact with it.

One best feature One Identity Safeguard offers is multi-factor authentication, which adds extra security by requiring more than one verification step. When I mention requiring more than one verification step, I am referring to multi-factor authentication, and it helps to secure systems because it will protect the data. One Identity Safeguard has positively impacted my organization by helping to increase security because of password vaulting.

Password management has improved as it is easier now; for example, I experienced improved efficiency when my IT team needs to access a production server. I have noticed measurable outcomes regarding reduced time to access servers and fewer security incidents since using One Identity Safeguard because it helps me to secure my data and it is reliable.

One Identity Safeguard could be improved, and some user tools can be enhanced. I would add more about the needed improvements related to user tools or any other area. The improvement I suggest is to add AI and smart automation; One Identity Safeguard already uses analytics to detect risks, but there is room for enhancement. I believe One Identity Safeguard can be improved by enhancing the user experience.

I have been working in my current field for one and a half years.

One Identity Safeguard is stable, and this is actually expected by most organizations, commonly compared with CyberArk.

For scalability, instead of one system handling everything, multiple systems are used.

Customer support is good and meets my expectations. I would give a rating of 4.5; I think it is good for customer support.

I have previously used a different solution and it was a good experience.

The training required to use the solution is straightforward and effective. It took about one to two weeks for deployment of the solution.

I typically integrate One Identity Safeguard with several parts of the business to make access more seamless. The integration process was balanced because of moderate challenges but manageable overall.

For ROI, I have seen a return on investment based on time saved, which is nearly a 50 to 70% reduction.

A strong and honest answer about pricing is that it shows both cost and value.

I evaluated other options before choosing One Identity Safeguard.

The feedback regarding the solution's usability and functionality is positive; from my perspective, it is easy to use. I have additional thoughts about One Identity Safeguard. I find this interview very appreciating; it is very helpful, and overall it is a good experience.

I can provide a short poem: Locked doors, silent keys, access flows, watched and secure. This poem captures my sentiments regarding the solution. My overall review rating for One Identity Safeguard is 8.5.

On-premises

Other

My main use case for One Identity Safeguard is managing and securing privileged access on a day-to-day basis. It is used for password vaulting, controlled admin access to servers, and monitoring privileged sessions to ensure security and compliance.

Recently, I used One Identity Safeguard to retrieve a privileged account password from the vault for server access during troubleshooting. The access was time-bound and automatically logged. I also checked session activity logs to verify the actions performed, ensuring everything was secure and compliant.

Some of the best features of One Identity Safeguard in my opinion are its password vaulting, session monitoring, and detailed auditing capabilities. It securely stores privileged credentials, provides real-time monitoring and recording of admin sessions, and maintains complete audit logs, which helps in improving security and meeting compliance requirements.

One Identity Safeguard has positively impacted our organization by improving our overall security through controlled and monitored privileged access. We have reduced risk related to password misuse, and auditing has become much easier. It also helps in maintaining compliance and gives better visibility into admin activities across the environment.

Overall, One Identity Safeguard works well, but it could be improved in terms of UI simplicity and ease of navigation, especially for new users. Some configuration can feel complex, so better documentation or more intuitive workflows would help. Additionally, faster performance in session monitoring and reporting would enhance the overall experience.

A better integration with other security and monitoring tools would improve the overall experience. Also, more user-friendly reporting and a customizable dashboard would make it easier to track activities and generate insights quickly.

I have been using One Identity Safeguard for six months to one year.

One Identity Safeguard is stable in our environment.

One Identity Safeguard is highly scalable in our environment. We are able to add more users, systems, and privileged accounts without impacting performance. As our infrastructure grows, the solution continues to handle the increased load smoothly, especially for password vaulting and session monitoring, without any major changes required.

I would say the customer support for One Identity Safeguard has been generally responsive and helpful. Whenever we raise issues related to configuration or access, the support team assists with proper guidance.

Previously, we were using a more manual process for privileged access management, which involved shared credentials and less centralized control. We switched to One Identity Safeguard to improve security, implement proper access control, and gain better auditing and monitoring of privileged activities.

Deployment of One Identity Safeguard in our organization took approximately a few days to a couple of weeks, including installation, configuration, and integration with Active Directory and internal systems as well. Most of the time was spent on testing and ensuring proper access policies were applied.

Only basic training was required to start using One Identity Safeguard. For administrators, a bit more training was needed to understand configuration, policies, and session management. For end users, minimal training was required since they mainly use it for requesting and accessing privileged credentials.

We have seen ROI mainly in terms of time saving and improved efficiency with One Identity Safeguard. Administrators spend less time managing privileged access and handling password requests because most processes are now automated. It has also reduced security risks by minimizing password sharing and manual access handling, which indirectly saves costs by preventing incidents and reducing audit effort. My advice would be to plan the deployment properly and ensure clear access policies are defined before implementation. It is important to invest time in understanding the configuration and integration with Active Directory. Once set up correctly, it provides strong security, better control over privileged access, and improves auditing and compliance significantly.

I was not directly involved in the pricing, setup cost, or licensing decisions for One Identity Safeguard. However, from an operational perspective, the solution is considered a premium enterprise tool, and the licensing is managed centrally by our IT security team based on organization requirements.

Before selecting One Identity Safeguard, we evaluated a few other privileged access management solutions, including CyberArk and BeyondTrust. We chose One Identity Safeguard based on its features, integration capabilities, and ease of deployment within our existing infrastructure.

Overall feedback from users regarding One Identity Safeguard's usability and functionality has been positive. However, some users feel the interface is slightly complex initially and requires some learning. Once familiar, they find it reliable for accessing privileged accounts and monitoring sessions effectively.

Since implementing One Identity Safeguard, we have seen better control over privileged access and reduced manual password handling. It has saved time during troubleshooting by providing quick, secure access, and auditing has improved, making it easier to track activities and support compliance requirements.

The integration with Active Directory was moderately easy. The initial setup required proper configuration of trust and mapping of users' roles, which took some time. However, once configured correctly, it works smoothly and provides centralized authentication and better control over privileged access.

I would rate this review an overall score of eight.

On-premises

Other

One Identity Safeguard is used to secure privileged access management, credential vaulting, and session monitoring because we are an IT-based company that handles the IT infrastructure of our clients, making it very important to keep everything secure.

One Identity Safeguard vaults privileged service accounts and provides time-bound access, ensuring that all administrative actions are tracked, reviewed, and easily monitored. We also use One Identity Safeguard to securely check admin credentials for customer servers. All access is automatically recorded and monitored through session auditing, which helps us comply with our customers' requirements.

We centrally manage privileged credentials, enforce secure access workflows, and record privileged sessions to maintain compliance and strengthen the IT security we deliver to our customers.

The best feature for us is the secure password vaulting, session recording, and automated approval workflows, because this gives us strong control over privileged access and helps us stay compliant both within our organization and with respect to customer compliance. The second feature that stands out is the real-time session monitoring and automatic credential rotation.

Automatic credential rotation helps our team by removing the need for manual changes to privileged passwords, reducing the risk of stale or shared credentials and ensuring that every access is controlled and compliant. It saves time and reduces risk since passwords are rotated after every use, so no one keeps passwords for long-term access. This prevents misuse and limits the impact of credential leaks.

We have found that we are able to comply with all security standards through the password rotation, which has helped us improve our security posture by centrally managing all privileged action accounts and enforcing strict access control to these accounts. Since the session monitoring feature and audit trail are available, we can see what changes were made by the user, who used this, how many times, and what was done in this session. We have also seen a reduction in IT operations because of password credential rotation and password management, which has reduced our manual work and increased our efficiency and security.

Our manual intervention has decreased because of the time we were taking for password management, and we have increased security with roughly a twenty to thirty percent decrease in IT calls, allowing the IT team to do other jobs because the load of password management has decreased. We have increased accountability since every privileged action is now traceable, which significantly strengthens our internal security control, and we have been able to get the compliance checks done much faster.

We have saved time since we do not have to manually manage passwords because One Identity Safeguard has automated that process. We have saved approximately thirty to forty percent of our time, and our team is spending more time on critical issues rather than managing passwords. This has reduced repetitive IT tasks and allowed our team to focus on more significant projects, and it has also reduced the risk of breaches and costly security penalties.

We have always received positive feedback from our team. The password rotation feature of this product is appreciated by all users, and they like this because they have saved time using this product, since they were previously wasting time on password management and manual interventions.

One Identity Safeguard should provide more documentation and training to the team. They can also provide better integration flexibility with more built-in connectors, and easy API workflows would help integrate more with our custom tools. They should provide a faster user interface, as we have noticed that the user interface acts slow when there are a large number of accounts or concurrent sessions going on.

Not every product can be perfect. For example, some parts of the user interface can feel a bit slow when there is a large number of concurrent sessions going on, and the integration with certain third-party tools requires more extensive implementation and configuration. These reasons made me give it an eight instead of a ten, but these are not major issues and just keep it from being completely flawless.

We have been using One Identity Safeguard for two years.

One Identity Safeguard is currently stable, and we have not found any issues. Since its implementation, we have not faced any major issues, and there has been no downtime.

One Identity Safeguard is scalable. We are implementing it globally, starting from one line of business, and now we are expanding, so it is scalable without any issues.

I cannot speak much about the pricing because I am from the technical team and pricing is looked at by the sales team in our organization. However, I can speak about the support, which is very good with faster response times, and the team helps us every time with minimal downtime if we face any issues.

We are satisfied with customer support. The support team is technically very strong and responsive.

Positive

We were using CyberArk, but we switched to One Identity Safeguard because it was costly. Everything was good with CyberArk, but we needed to scale, and the licensing costs were high.

We have deployed One Identity Safeguard in a phased manner. We deployed it for one line of business first, then for the second line, and we are planning to deploy it for other lines of business as well. The deployment for one line of business took approximately one month.

The privileged users adapted easily, and the deployment was done without disturbing our existing environment and setup, so there was no disruption, and the work went smoothly alongside the deployment.

We did not face any significant challenges because the vendor team helped us with the integration, so the ease of integration was quite simple. We only had basic use cases like creating tickets for access requests, which are relatively straightforward, and there were not many complex integrations done. It was easy to integrate and the vendor team helped us with a step-by-step checklist for the integration with our existing SIEM and ITSM tools.

The pricing, costing, and licensing type is quite low compared to other products, so One Identity Safeguard is cheaper than other products, and the functions it has are worth the cost.

I was not part of the evaluation team, but the evaluation team must have evaluated other products. One example of an option that I personally evaluated was BeyondTrust Privileged Access Management.

One thing other organizations should know about One Identity Safeguard is that it integrates well with the existing identity system, which is a very great point for other organizations to know before purchasing it because it makes it easier to deploy in their environment without changing the current workflow or existing network.

One Identity Safeguard provides heterogeneous integration with our existing products or legacy products, and the API integration is very helpful because it allows us to automate the onboarding of privileged accounts and integrate it with our existing ITSM tools, which is a really good thing about this product.

I would advise others looking into using One Identity Safeguard to choose this product because it is cheaper but provides great outcomes, and the security features are robust. I have given this product an overall rating of nine out of ten.

Public Cloud

Amazon Web Services (AWS)

In our organization, the primary use of One Identity Safeguard is managing and securing privileged access, and we mainly use it to store and protect sensitive credentials like admin passwords, ensuring that they are not exposed or misused. It also helps in monitoring privileged sessions, allowing us to track and audit activities performed by administrators or high-level users. This adds a stronger layer of security and compliance, as all credential access is controlled, recorded, and reviewed when needed. Overall, it plays a key role in protecting sensitive systems and reducing the risk of insider or outsider threats.

A common example of how we use One Identity Safeguard to secure privileged access is when a system administrator needs access to a production server. Instead of sharing or knowing the actual admin password, they request access through One Identity Safeguard, which securely provides a temporary credential for a session without exposing the password. This system automatically records an entire session, including actions performed on the server. If anything unusual happens, such as an unauthorized change or risky commands, the session logs and recording can be viewed by a security team, ensuring that privileged access is tightly controlled, fully monitored, and auditable at all times.

One additional point about our main use case is that we use One Identity Safeguard not just for securing access but also for enforcing strict governance and accountability across teams. For example, we apply role-based access control and approval workflows, so any privileged access request must be approved before it is granted.

The best features of One Identity Safeguard mainly revolve around strong security, visibility, and control over privileged access. One of the most valuable features is its password management, where sensitive credentials are securely stored, automatically rotated, and accessed only through a controlled workflow, reducing the risk of misuse. Another standout feature is session monitoring and recording, which captures every action taken during privileged sessions.

The session monitoring and recording feature in One Identity Safeguard has been extremely valuable for our team, especially from a security and compliance perspective. We use it quite regularly whenever an administrator accesses critical systems. Every privileged session is recorded in detail, covering screen activity, commands executed, and user behavior, so we have a complete audit trail. This has helped us quickly investigate incidents, verify actions taken on sensitive systems, and ensure that all activities follow internal policies.

One Identity Safeguard has had a very positive impact on our organization, especially in terms of security, efficiency, and visibility. It has helped us centralize and control privileged access and provided a structured secure approach. As a result, we now have much better visibility into accessing credentialed systems and the actions performed, which has improved accountability and compliance.

One Identity Safeguard has significantly improved accountability and compliance by giving us complete visibility of all privileged activities. Every access requires approval, and a session is logged and recorded, which means we always have a great audit trail of who accessed what and when. This has made internal and external audits much smoother, as we can quickly provide evidence without manually tracking.

One Identity Safeguard is a strong PAM solution, but there are definitely a few areas where it could be improved based on practical experience and known limitations. One key area is performance and resource usage, especially when advanced features like session recording or OCR are enabled. These features consume significant CPU and storage, and in some cases, may slow down connections or processing time if not optimized properly. Improving efficiency here would make the platform smoother and more scalable.

One additional improvement that would be helpful in One Identity Safeguard is better integration flexibility with modern cloud and DevOps tools. While it supports many systems, connecting with newer platforms for automation workflows in dynamic environments can sometimes require extra effort or customization.

I have been using One Identity Safeguard for two years.

One Identity Safeguard is stable.

One Identity Safeguard is highly scalable, and that is a core strength in enterprise environments. It is designed for scale through clustering and a distributed architecture, allowing multiple appliances to work together as a single system. For example, organizations can add multiple One Identity Safeguard appliances to handle an increasing number of users, privileged accounts, and session traffic without impacting performance.

Customer support for One Identity Safeguard has been generally reliable based on our experience. On the positive side, the customer team is knowledgeable and technically strong, especially when dealing with configuration issues, session monitoring, or password-related queries. For standard or well-defined issues, responses are usually helpful and resolve problems efficiently.

We evaluated a few other privileged access management (PAM) solutions before implementing One Identity Safeguard, including CyberArk and other enterprise PAM tools in the same space.

The deployment of One Identity Safeguard was relatively quick compared to many other IAM and PAM solutions because it is delivered as a pre-configured appliance, either physical or virtual. The initial setup can be done quite fast, which helps to reduce the time to value.

The deployment of One Identity Safeguard was fairly smooth overall with minimal disruption for privileged users. During the initial rollout, there was a short adjustment period where users had to request access through the system instead of directly using credentials, which slightly changed their workflow. However, once they became familiar with the process, it actually improved their experience by simplifying access and removing the need to remember or manage sensitive passwords.

The training required for One Identity Safeguard was quite manageable and varied by role. For end-users and privileged users, training was minimal, and basic guidance was enough for them to understand how to request access and start sessions since the interface is fairly straightforward for daily use.

We have seen a clear return on investment with One Identity Safeguard, mainly driven by time savings, reduced manual effort, and fewer security-related incidents. One of the biggest measurable improvements has been in IT workload reduction. After implementing One Identity Safeguard, we saw a significant drop in manual tasks including password handling, privileged access approvals, and incident troubleshooting.

My advice to others looking into using One Identity Safeguard is that we have seen a clear return on investment, mainly derived from saved operational efficiency and reduced security overhead. A simple way to explain it is time saved, faster administration, fewer security incidents, and efficiency gained.

Overall, One Identity Safeguard stands out as a strong and well-built privileged access management solution, especially for organizations that want tighter control over admin activity without slowing down operations. I would rate this product a nine out of ten.

Public Cloud

Amazon Web Services (AWS)

My main use case of One Identity Safeguard is to manage and secure privileged access in our IT environment. We use it for password vaulting, automatic credential rotation, and monitoring administrator sessions on servers, network devices, and critical systems.

The best features of One Identity Safeguard are password vaulting and automatic rotation, session monitoring and recording, real-time alerting and threat detection, just-in-time and least privilege access, and centralized management and reporting.

One Identity Safeguard's real-time alerting helps us quickly identify any unusual or unauthorized activity, such as failed login attempts or access outside of business hours. For example, if someone attempts to access a privileged account unexpectedly, we get an alert immediately and can take action.

One Identity Safeguard has had a very positive impact on our organization. It has significantly improved our security by protecting privileged accounts, which are a main target for attacks. With features such as password vaulting and session monitoring, we now have full control and visibility over admin activities. It also helps with compliance and auditing. All user actions are recorded and easily available for review. This makes audits much faster and more efficient.

The UI can be more user-friendly. The initial setup is slightly complex. Integration with some tools can be improved.

A few additional improvements could make One Identity Safeguard even better. Along with the UI, the reporting could be more customizable to filter for specific reporting needs. Sometimes it takes extra steps to get the exact report we want.

I have been using One Identity Safeguard for the last two years.

One Identity Safeguard is now stable.

The scalability of One Identity Safeguard is very good. The solution supports clustering and load distribution, so as demand increases, we can expand the environment without major changes.

Customer support for One Identity Safeguard is generally good. In our experience, the support team is knowledgeable and able to resolve most issues.

We were using a basic manual approach and some native tools for managing privileged access. However, they lacked centralized control, proper auditing, and security features. We switched to One Identity Safeguard to get a more secure and centralized solution with features such as password vaulting, session monitoring, and automated credential management.

The initial setup was quick, but additional time was needed for configuration. There was minimal disruption because we implemented it in phases. Initially, a small group of users was onboarded for testing, and once everything was stable, we gradually rolled it out to other users.

The integration process for One Identity Safeguard was moderate. Basic integrations, such as Active Directory and standard systems, were relatively straightforward and well-documented. However, the more advanced integrations required some custom setup, additional configuration, and some troubleshooting. Overall, it is not very difficult, but it does require some technical knowledge and planning to implement smoothly.

We can see a good return on investment with One Identity Safeguard. It has saved a lot of time by automating tasks such as password management and access approvals, which were earlier done manually. It has reduced the workload on our IT team. We have also reduced security risk, which is very important. Additionally, audit preparation time has decreased from hours or days of manual log collection to just a few minutes using the built-in reports.

Our experience with the pricing and licensing of One Identity Safeguard was moderate. The solution is not the cheapest, but it offers strong security features, so the cost is justified. Licensing is usually based on the number of users or accounts, which is straightforward to understand.

Before choosing One Identity Safeguard, we evaluated a few other PAM solutions, such as CyberArk Privileged Access Manager and BeyondTrust Privileged Access Management. We compared them based on features, ease of deployment, flexibility, and cost. We selected One Identity Safeguard because it provided a good balance of security features.

My advice to others considering One Identity Safeguard would be to plan the deployment properly and start with a clear understanding of your privileged access requirements.

On-premises

Other

My main use case for One Identity Safeguard is for privileged access management to control, monitor, and secure access to critical systems, servers, and applications used by administrators and IT teams.

A quick specific example of how I use it for privileged access management in my environment is that when an administrator needs access to a critical server, they request access through One Identity Safeguard instead of using shared credentials. The system grants time-bound, approved access, rotates the password automatically after the session, and records the entire activity.

The best features One Identity Safeguard offers include Privileged Password Vaulting as the first one. The strongest features are Session Recording and Password Vaulting with rotation and Just-in-Time Access, which together give strong control and visibility and audit readiness.

The Session Recording feature specifically helps my team and makes things easier for audits or investigations by giving a clear, time-stamped playback of privileged activities. It removes guesswork, speeds up audits, and ensures full accountability for admin actions.

One Identity Safeguard has positively impacted my organization by improving our security posture, eliminating shared privileged credentials, increasing visibility into admin activity, and making compliance audits faster and more reliable.

One Identity Safeguard could be improved by simplifying the user interface and initial configuration process, especially for first-time users. More customizable reporting and clear in-app guidance would also help teams onboard faster and get deeper insights without additional effort.

I have been using One Identity Safeguard for about one year.

One Identity Safeguard is very stable and can handle the workload easily; I have not seen any downtime.

One Identity Safeguard scales well as the environment grows. It handles increasing numbers of privileged accounts, sessions, and cloud targets without performance issues, making it suitable for expanding and hybrid infrastructure.

Customer support has been responsive and knowledgeable, being effective at resolving technical issues.

Negative

The integration with my cloud environment and infrastructure systems was moderately easy. Core cloud and infrastructure integrations were straightforward with proper documentation, while fine-tuning policies and access workflows required some initial effort. Once configured, the integrations have been stable and reliable.

Administrators required moderate training to understand configuration, policies, and workflows, while end users needed minimal training since access requests and approvals are straightforward. Overall, onboarding was manageable with some initial guidance.

I have seen a return on investment through reduced audit effort and fewer security incidents related to privileged access, along with significant time savings for IT and security teams by automating access control and password management.

My experience with pricing, setup cost, and licensing is that pricing is on the higher side, but aligns with the security and compliance value it provides. Setup costs were mainly related to initial configuration and training, and licensing was straightforward.

I evaluated other options such as CyberArk and BeyondTrust before choosing One Identity Safeguard.

User feedback has been generally positive around the solution's security and session recording and access control capabilities. However, some users have mentioned that the interface and initial learning curve could be more intuitive, especially for new or non-specialist users.

My advice for others looking into using One Identity Safeguard is to clearly define your privileged access use cases and policies before implementation. It gives stronger security and audit capabilities, but investing time in proper planning, setup, and training will help you get the most value from the solution. I would rate this review a 7.

Hybrid Cloud

Amazon Web Services (AWS)