- Centralized life cycle management of identities: the centralized view of people requesting access to provisioning to targets and governing the access from one place
- Periodic certifications of access for compliance
Security Architect at a tech services company with 501-1,000 employees
Provides periodic certifications of access for compliance.
What is most valuable?
How has it helped my organization?
The organizational benefit is increased efficiency and simplicity so that we can manage the identify lifecycle faster and better, and so we can govern the access from a central place and make it easier.
What needs improvement?
Oracle is probably already working to make the overall user experience lighter, including the UI.
For how long have I used the solution?
I have been working with all versions over the last seven years.
Buyer's Guide
Oracle Identity Governance
October 2024
Learn what your peers think about Oracle Identity Governance. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What was my experience with deployment of the solution?
We have not encountered any deployment issues; it's manageable and easy.
What do I think about the stability of the solution?
The current version is stable. Past versions have stability issues.
What do I think about the scalability of the solution?
There are some scalability issues with every product; most of them are related to load and performance but these can be handled and they are improving day by day.
How are customer service and support?
Customer Service:
Technical support is good, depending upon the severity and relationship with Oracle; but overall, you will get an answer.
Technical Support:Technical support is 3.0/5.
How was the initial setup?
It's flexible enough but requires enough technical knowledge to set up.
Disclosure: My company has a business relationship with this vendor other than being a customer: Cyberinc is an Aurionpro company and Aurionpro is a Platinum Partner for Oracle.
IAM Architect at a tech company with 10,001+ employees
It helps in streamlining the identity lifecycle management, beginning with bringing in an employee, contractor or partner into the system until the day they leave the organization.
Valuable Features
Its value for us comes from the fact that it allows us to manage the entire identity lifecycle, including the on-boarding (provisioning), off-boarding (de-provisioning), modifications to the identities, self-service, password management, and administration of identities.
Improvements to My Organization
It helps in streamlining the identity lifecycle management, beginning with bringing in an employee, contractor or partner into the system to until the day they leave the organization.
It also streamlines many front desk operational tasks such as password management, personal and business detail updates, and it improves the governance around identity management.
Room for Improvement
Features need to be implemented that take into consideration solutions and products outside the Oracle stack. The industry is moving towards more generalization to compete in the market, and Oracle has to adapt to those changes.
Use of Solution
Personally, I have used this for a a decade now, but with my current employer and in this role, we have been using it for the last six years.
Deployment Issues
We've had very few issues with deployment, I would say. But since we have the expertise and Oracle’s support to tackle from the product perspective, things are taken care of in such cases.
Stability Issues
We've had very few issues with stability, I would say. But since we have the expertise and Oracle’s support to tackle from the product perspective, things are taken care of in such cases.
Scalability Issues
We've had very few issues with scalability, I would say. But since we have the expertise and Oracle’s support to tackle from the product perspective, things are taken care of in such cases.
Customer Service and Technical Support
Customer Service:
Customer service has been satisfactory. Oracle has a lot to improve in their customer service in and around this product.
Technical Support:Technical support has been satisfactory. Oracle has a lot to improve in their technical support in and around this product.
Initial Setup
We focused purely on what the product had to offer and the designed and architected it around those lines, which made the initial setup decently straightforward rather than complex with workflows to manage later.
Implementation Team
We implemented the solution in-house using a Managed Service Provider (MSP) to handle the keyboard activities where our internal team worked on architecting and designing the solution with short term engagement with vendor professional services (PS).
Other Solutions Considered
We have evaluated a few other market leaders in the area as part of our solution upgrade. When we did an apples-to-apples comparison, with our IT foot print, moving with OIM into the next version as well was the right decision.
Other Advice
Evaluate the product and solution against your existing IT Infrastructure and hybrid model of on-premises and off-premises applications. Based on the footprint weight, you need to implement your IAM Identity Management system.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Oracle Identity Governance
October 2024
Learn what your peers think about Oracle Identity Governance. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
IT Architecture Manager at a retailer with 10,001+ employees
Enables us to understand a customer's interests but it is missing a lot
Pros and Cons
- "Understanding what a customer is using, what they are looking for, and allowing permissions is a challenge. We use the information we get in order to understand the behavior of the customer beyond the security and to understand what they have been doing in the last month. It's a nice way to understand what is attracting the customer and what they are clicking. That could be implemented by using this kind of application."
- "Our issues with the solution have to do with the integration with different applications. It's not easy to connect ICAO to this kind of product. It would be better to work on the extensions of the adapters for this kind of identity management solution in order to not put in the code in the product."
What is our primary use case?
Our use cases are based on CIM to connect different applications. It's centralization identity for the use of the servers to give the passwords.
How has it helped my organization?
In the case of enterprise identity for the employee, the most important thing is the consolidation of access to the application no matter what the channel is that uses the application. It unifies the way we do authorization.
For big companies, that is a nightmare to administrate because we have a lot of security problems. With CIM, we connect the customers to a channel to using different portals and with that approach, we can understand the behavior of the customer.
What is most valuable?
The centralization of IDs and passwords is the most valuable feature. They provide different applications to use the authorization.
CIM is the most used feature. Customer Identity Management is a challenge that we are working on in our company and I think it's the star of the Identity Management space. With CIM we are using the same process in order to implement it to the customer.
Understanding what a customer is using, what they are looking for, and allowing permissions is a challenge. We use the information we get in order to understand the behavior of the customer beyond the security and to understand what they have been doing in the last month. It's a nice way to understand what is attracting the customer and what they are clicking. That could be implemented by using this kind of application.
What needs improvement?
Our issues with the solution have to do with the integration with different applications. It's not easy to connect ICAO to this kind of product. It would be better to work on the extensions of the adapters for this kind of identity management solution in order to not put in the code in the product.
I have the same problem every time I implement it. It's challenging to connect different applications that are not perfect or modern. It's important to connect everything. This is an area for improvement.
Synchronizing passwords between Active Directory and Oracle is very complex because the process is not so easy. I have a lot of problems.
For how long have I used the solution?
I have been using Oracle Identity Governance for ten years.
What do I think about the stability of the solution?
The stability is not a challenge. It depends on the size of the company. If we have one million users, it could be a challenge. But if you have up to 10,000 users, it's not a problem at all.
You need to tune a lot because it's not a simple task. The product is not for everybody.I
How are customer service and technical support?
When you get people from San Francisco, the support is okay. The problem is with the partners. In Latam, the support isn't so good.
What's my experience with pricing, setup cost, and licensing?
It could certainly be less expensive. There are a lot of components. Normal licensing is a real nightmare. Oracle should make things easier for the customer to understand.
What other advice do I have?
With Oracle, you could do something for a million people but you need to make sure to do it right which isn't so easy. You need people and partners from Oracle for help. It's a good product but even good products need people to implement and maintain them especially during migration. You need senior people to help.
I would recommend Oracle for a large implementation.
My advice would be to solve the integration problem. Solve the way they interact when information is distributed. Properly distribute the customer's information. Understand that it is very difficult to implement. Make sure to understand the application and understand the legalities of the country that you're working in.
Most people start in the last stage. They pay a lot of money and the process could take three to four years. They pay a lot of money but don't use the product as a service. The problem is inexperience.
I would rate Oracle Identity Governance a six out of ten. There is a lot missing. If it's not missing, it's complex. If you want to implement something, you won't end up doing it because it's too complex or expensive.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Manager at a tech services company with 10,001+ employees
Aligns Well To Business Flow, The Connectors Are Good But It's Costly
What is most valuable?
The best part of Oracle Identity Manager is how well it will align to the business. There are features that are more generally required by business and you can easily get them with Oracle Identity Manager. If you compare it with Azure, with the latter you need to do customization and there are a lot of limitations in each of the tools. The connectors we have for Oracle Identity Manager are good, so you don't need to do custom connectors and all.
How has it helped my organization?
When I joined my project, they had been using a meta directory for identity management and application provisioning. There were around 150,000 active accounts, out of which many were redundant. They had left the organization 10 years ago. They were still active and they were paying for the maintenance of those accounts on a monthly basis. And there was no data clarity. So the moment we on-boarded Oracle Identity Manager, we started data cleansing, and started to do unmanaged account reconciliations.
With the help of support, we were able to reduce the cost of every identity which was active and was not in the organization.
What needs improvement?
One thing is the size of the infrastructure that is required for Oracle to implement. In addition, the maintenance cost and pricing.
With an Oracle implementation, we need to have a high availability of infrastructure where you need a minimum of four servers. Compared to SalePoint or with Microsoft Identity Manager, the infrastructure cost is notably less.
With a project for Oracle Identity Manager, the implementation cost is along the lines of a year. If you have 10 connectors or eight connectors and you have workflows, the implementation cost will usually go from eight months to 12 months, minimum. Whereas if you implement a SAP solution or a product like SalePoint, the implementation cost or time is reduced from 12 months to eight months, or even six months.
For how long have I used the solution?
Six to seven years.
What do I think about the stability of the solution?
Yes. First, the audit engine. They have not advanced their audit engines from where they started. In version 9.1 it was same issue on the JMS Queues. The audit engine was getting in to queues. I had two clients whose audit engine queue was more than a million. They were not able to process those records because the audit engine was taking too much time and the reconciliation and the amount of data which we used to import was huge.
And after getting in to a year of implementation or two years of implementation, UPA tables get to a stage where they are not able to process the records. We start getting timeouts while processing the records and Oracle was not able to troubleshoot the issue.
Second, is the availability. The moment you install Oracle Identity Manager, the biggest problem is system performance. Even if you go with 8GB or 10GB of RAM, eventually after a week or so, you need a restart for it to survive, even in production. You can see logs where things are failing and the server is responding very slowly.
These things happen often with Oracle but when you compare with SIM or SalePoint, you will not see the system usage or system CPU usage to that extent.
What do I think about the scalability of the solution?
I have done implementations up to 150k. We were provisioning 20 connectors. To be very frank, the experience I had was provisioning and reconciliation was on the scheduler.
Nowadays, if you compare scalability with cloud-based solutions, where you can implement Oracle in a SAP solution, you can extend the scalability. It is auto scalable. But if you need to extend to one or more server, it's not possible. It's not easy in any client-based environment. Scalability is something which is not possible in Oracle or as simple as any SAP solution at the moment.
So there are pros and cons of cloud-based solutions. For cloud-based solutions, you can extend to where there is no issue on the performance. But the limitation is you can't customize everything based on the client's requirements. With Oracle, that was the advantage, but the scalability was still a concern. Until last year it was a concern.
How are customer service and technical support?
There is the team which handles the incident. And any major issue goes to a second level and then there is an AT which comes into the picture when there is a major issue and your client has a platinum partnership with Oracle. So, in scenarios where you are getting involved with the level-one team or level-two team, they come up with bookish knowledge and they will ask you questions. For instance, for small issues they will ask with you thousands of parameters in your web logic or in your OIM or in your database. And eventually when things are not getting resolved, then we move it to level-two and then AT. And that is when you actually should get results.
One of my client's audit issues was happening from almost nine months. And my previous client was the biggest client for Oracle, a premium client for Oracle, but still they were not able to resolve the issue.
Which solution did I use previously and why did I switch?
I have only worked on Oracle. For the last year I have not been getting any clients who are ready to implement Oracle. So, that's the challenge for me. That's why I moved from Oracle to other solutions.
How was the initial setup?
Initial setup was very complex when compared to others. Oracle is way more complex than any other implementation. SalePoint and Microsoft Identity Manager are simpler.
What's my experience with pricing, setup cost, and licensing?
If I rate the cost, Oracle is the costliest at the moment. And there is no competition around Oracle and other tools. Oracle is somewhere in millions while a product like SalePoint is much less. So, I am not sure how to rate it. From a service provider perspective, or custom integration perspective, clients are proposing Oracle. So, if I propose Oracle, the only friction I get is the cost. It's too much for the client. Any small client will not be happy to use Oracle at the moment.
Which other solutions did I evaluate?
If I had to pick an identity management team, I would definitely pick Oracle. It's my favorite. From an implementation point of view, being a developer, I still prefer Oracle over anything else. But if I look at the market and see where things are going, I would go with SalePoint at the moment. SalePoint, or if you have any SAP solutions, I would go with Okta.
What other advice do I have?
Nowadays, what people do is they look for queries, they look for solutions on the internet and they implement them. That will take more time implementing because they don't understand what they are doing. They need to understand the tool before they implement any solution. This is something I tell my juniors as well who work under me. You can't just bypass the basics and get the solution and implement it.
So, if you talk about implementation aligned to the business, Oracle is best. The only tool which I can compare with Oracle at the moment is SalePoint. Other than that, there is no tool which can compete with Oracle from a business implementation standpoint, where it is aligned to the work flows, the customization, which we can do in Oracle.
Regarding performance, I have used SalePoint and it is better than Oracle. And infrastructure cost, which is aligned to the Oracle suite. There are so many things which you need to do on an Oracle implementation, whereas SalePoint is just a small plug-in which you can implement anywhere.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Founder at a tech company with 51-200 employees
Provides us with an integrated platform for all governance products.
What is most valuable?
It provides us with an integrated platform for all governance products. We now have the ability to have a complete end to end solution with a UI framework that makes customization an easy task.
How has it helped my organization?
The audit became a breeze as the entire provisioning approval process has been brought under the the gamut of OIM. All SOX audits became very easy as the entire audit information required is available from OIM system with respect to user access control.
What needs improvement?
The product suite is abundantly heavy & complex and requires a lot of simplification. I feel that this simplification is highly important. Also, the lifecycle management of the application is very very substandard and also has to be improved significantly.
For how long have I used the solution?
I have been using this product for three years.
What was my experience with deployment of the solution?
There were no issues with the deployment.
What do I think about the stability of the solution?
We had no issues with the performance.
What do I think about the scalability of the solution?
Scalability is costly as the system resources are consumed very quickly.
How are customer service and technical support?
It's average.
Which solution did I use previously and why did I switch?
I had not used a similar product to this previously.
How was the initial setup?
It is complex as the entire implementation takes a lot of efforts from the business, in partucular technology and the main implementation teams.
What about the implementation team?
Although vendors are less equipped with quality implementation teams. However it is, for an initial period, advised to have an experienced implementation partner.
Which other solutions did I evaluate?
There were no other options looked at.
What other advice do I have?
Please choose your solution carefully and plan the infrastructure with entire applications in place.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solutions Architect with 1,001-5,000 employees
It is stable and works under high load. It has a connector for most of the legacy products.
What is most valuable?
Oracle Identity Manager’s most valuable feature is that it is a pretty stable product, and it works on a high load. It also has a connector for most of the legacy products, so it connects pretty much smoothly: so provisioning is pretty good with this product.
How has it helped my organization?
Oracle Identity Manager helps to organize, control, and maintain the user IDs and user access keys for an organization. It also has an Activity Manager, for handling situations such as an employee leaving the company.
What needs improvement?
The look and feel could be improved. I have worked with and looked at different products. The look and feel of those were pretty good or better than this product.
What do I think about the stability of the solution?
This is a stable product, but the look and feel is not that great.
What do I think about the scalability of the solution?
It is pretty good on scalability as well.
How are customer service and technical support?
Technical support is good. Most of the support is online, and they take their time. It should be a little bit more of an active response, geared to stabilizing the situation and helping clients fix their issues.
Which solution did I use previously and why did I switch?
We were using something, which was acquired by Oracle and then we migrated to Oracle. We also have a lot of data to process, and Oracle performs well for that.
How was the initial setup?
Considering the market, it is pretty straightforward to set up.
What other advice do I have?
Try the different products and you will feel the difference. It may be a little difficult to go with this product, but it does help developing at a later phase, so there they will get advantage. So if they really want to compare, compare it full-fledged, considering all points, not only the top one or two points; then decide whether it is good.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Co Founder at a computer software company with 51-200 employees
The self-service tool for end-user access request and password change has reduced helpdesk calls. The underlying architecture of the product is quite complex.
What is most valuable?
The following is a list of features that I have observed being used by my client that I have implemented:
1. User identity provisioning & lifecycle management
2. User Identity Profile/Attribute management
3. Self-Service Tool for end-user access request & password change
4. Role and Entitlement provisioning in target application/s
5. Auto de-provisioning of user identities
6. Audit capabilities & Report generation
How has it helped my organization?
I have seen an organization benefit through the automation of mundane repeat tasks related to setting up user identities, and managing user access as per a defined role. One of the key business driving factors for OIM implementation has been SOX compliance. End User Self-Service like password reset and access request is another feature that helps to reduce helpdesk calls.
What needs improvement?
The underlying architecture of the product is quite complex and hard to maintain and troubleshoot. Self-Service capabilities are quite limited, and the out-of-box capabilities are limited and customizations are quite complex.
For how long have I used the solution?
I’ve been using it for four years.
What was my experience with deployment of the solution?
Releases prior to 11gR2 PS2 were hard to deploy due to lot of shipped bugs. Every implementation was like dealing with an endless series of patches.
What do I think about the stability of the solution?
Once you get it working right, it turns out to be quite stable. 11gR2 PS2 can be considered as the first bug free stable release.
What do I think about the scalability of the solution?
Scalability has never been an issue.
How are customer service and technical support?
Technical support is horrible. It is faster to find the resolution ourselves than rely on support. Product team engagement has been helpful but it’s hard to get direct access to the product team resources. They are good at responding as per SLA without issue resolution.
Which solution did I use previously and why did I switch?
I have worked with Microsoft FIM and SailPoint IQ as well. This was not by choice but the client environment was a multiple identity management platform. Silo based deployment had resulted in a solution that meant that there were multiple identity management solutions supporting the company’s global needs.
How was the initial setup?
It was complex, primarily due to dependencies on various underlying technologies like Java, WebLogic, SOA, Database, and BI for reporting etc. Version compatibility was critical and any mismatch could lead to partially functional implementation. Things got better with 11gR2 PS2.
What about the implementation team?
I was part of vendor team responsible for implementing the solution.
What other advice do I have?
One thing for sure, is that it is the most comprehensive solution out there in the market. During the preliminary stages when the concept of Identity Management was not well defined, every vendor came up with a product offering solution for very specific use cases. Now, the offerings are quite mature but they still have trace and limitations bound to their origins. If you are looking for a simple, and quick, tool to get started with, there are many options out there in the market but then there are limitations that require customization or creating features from scratch.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Principal Engineer at a tech services company with 1,001-5,000 employees
It automates onboarding and other manual business processes. Connectors to cloud-based applications would help.
What is most valuable?
It has more for our in-house systems like ERP, Active Directory, and Exchange and the integration of IDM with all those systems. It was very customizable. We do all our customizations in Java.
How has it helped my organization?
We have used this product to automate our manual business processes, like onboarding and other processes.
What needs improvement?
Everybody's been moving onto the cloud, and it's not a cloud-based solution. That is one of the things that is missing. There are competitors that are moving ahead in the market. They have some powerful connectors for cloud applications like Workday. We don’t have any feature for connecting to Workday. It should be a cloud-based solution with connections to cloud applications.
What do I think about the stability of the solution?
It was pretty stable. With the volume of data that we have at this point, it was stable.
What do I think about the scalability of the solution?
We don't have large volumes of data. From a scaling point of view, we didn’t face any issues.
How is customer service and technical support?
For a couple of issues, we reached Oracle technical support and we raised issues with them and they were very supportive.
How was the initial setup?
Initial setup was not too complicated: easy to medium.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Oracle Identity Governance Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
Microsoft Entra ID
Cisco Identity Services Engine (ISE)
CyberArk Privileged Access Manager
SailPoint Identity Security Cloud
Omada Identity
Okta Workforce Identity
Fortinet FortiAuthenticator
Ping Identity Platform
One Identity Manager
RSA SecurID
Microsoft Identity Manager
BeyondTrust Endpoint Privilege Management
Buyer's Guide
Download our free Oracle Identity Governance Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Sailpoint IdentityIQ vs Oracle identity Governance
- Looking for an Identity and Access Management product for an energy and utility organization
- Which Identity and Access Management solution do you use?
- Sailpoint IdentityIQ vs Oracle identity Governance
- OpenIAM vs Ping identity
- Which is the best legacy IDM solution for SAP GRC?
- What are some tips for effective identity and access management to prevent insider data breaches?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- How to convince a client that Identity and Access Management (IdAM) is essential for risk elimination?
- What access management tools would you recommend to help with GDPR compliance?