SailPoint Identity Security Cloud Reviews

We use this product for identity governance. There is the basic identity creation in the lifecycle followed by certification. I'm a company manager and implementer and we are customers of SailPoint.  

I think the certification module is perhaps one of the most valuable features. The options are pretty intuitive and you can usually set up the certification easily without much time or resource investment. It consists of two parts, both of which are useful. I like the pre-built out-of-the-box connectors that have a plug-and-play kind of feature. Identity IQ is easy to integrate with other systems and offers a lot of options. 

The only issue I have with the product is that there are modules that need to be bought separately, and that makes the product prohibitive for some of the customers that I've worked with, particularly in the middle-tier range. The solution itself is expensive and then when you add the cost of the modules it becomes too much. They could provide something similar to what Okta offers and I believe this would give the company a lot more traction in the mid-size range of companies. I'd like to see SailPoint support for custom-based connectors.

I've been using this solution for three years. 

The solution is stable. There are a few bugs here and there, but that's expected for any kind of implementation that we do. It's a risk associated with each and every product. It's not the worst we've seen but there's definitely scope for improvement.

SailPoint is easy to scale.  They give you the bandwidth for that. 

The technical support is good. There are various levels of technical support that you can access depending on the licensing model you purchase. 

Positive

The initial setup is pretty simple and a straightforward mechanism. It does require some knowledge on how to set up and a basic understanding of networking protocols and other things, which is pretty complex. It's not something that's easy to learn and I think SailPoint could look at bringing out intuitive-based migration> There are 10 people in my team who deal with implementation and deployment and the time it takes generally depends on the scale of the setup. One of our larger projects took around three months. 

Licensing costs are high and since we're not an official partner, we're unable to offer any discounts to our customers. Companies often choose an alternative solution that is significantly cheaper and covers 90% of their use cases. I would expect SailPoint to be more price sensitive and have the capability to cater to even small clients and provide them with features necessary in their daily IM use cases. It would expose SailPoint to a larger audience and they'd have a larger implementation market.

I have evaluated a couple of other solutions. Okta is a pure access management product. They have recently launched their Identity Governance suite. Okta and Cisco are more into access management with more focus on providing MFA and access regulation in the traditional sense, rather than going into the governance side of things. SailPoint, on the other hand, is more into identity governance with their workflows more natively able to support use cases with certification. These are two different genres of product so you can't make a direct comparison. If you have Okta or Cisco Duo, you cannot expect it to do a certification. If you have SailPoint, you cannot expect it to do an MFA for you. The market is moving towards a combined product that does everything and I expect each of these products to basically expand more to support all the other use cases. 

Prior to purchase, be sure that SailPoint can solve all your use cases. Otherwise, you'll be unhappy with the amount of money that you're spending. 

I rate this solution seven out of 10. 

I am more like a consultant helping customers use SailPoint Identity Security Cloud and do not represent the client.

The organization's operational expenses do get reduced, roughly by fifteen percent. The service integration with products like Microsoft's and SAP's is effective.

The governance features, such as certification and provisioning, are the most beneficial for enhancing security.

The interface can improve, and the product could become a little cheaper.

I have been using SailPoint Identity Security Cloud for ten years.

In terms of stability, SailPoint Identity Security Cloud is rated eight out of ten. It's quite stable.

Regarding scalability, I would rate it an eight out of ten.

Technical support is responsive and helpful, and I would rate them seven out of ten.

Neutral

The installation is not done by us; it is handled by SailPoint professional services, and we only do the configuration.

SailPoint manages the installation, while we configure the solution.

Organizations have seen a reduction in operational expenses by about fifteen percent.

SailPoint Identity Security Cloud is considered expensive, and the kinds of customizations many of our clients expect are not allowed.

We are working with Microsoft and Saviynt, among other vendors.

I'd rate the solution eight out of ten.

Less than half of my customers use the solution within the government for certification, identity process, and optimization of the roles and requirements for other areas. For the rest of my other customers, they are using the solution for their core systems. For example, they are doing vertical financial analytics. 

This solution has made my client's customers' journeys a lot better.

The most valuable feature for our customers and for us is the identity data warehouse. For financial analytics, this is the way to make the clusters better. 

The report functionality and dashboard of the access manager could be improved.

In the future, there should be improvements integrating into cloud ecosystems, such as AWS or Azure. At the moment we have to purchase many different solutions to have a fully operational intelligent identity package. There are some features lacking in identity and the DevOps solutions.

I have been using the solution for two years.

The solution is stable.

We did not have an issue with scaling the solution. My customers range from medium to large scale businesses using this solution.

The customer support process is slow at times because they do not have proper language support for my clients in Latin America speaking Spanish. There is good support for English but not Spanish.

The solution was easy to install for me but might not be for someone who is not used to the
methodology.

We have three implementation consultants, one project manager, and two engineers as part of our deployment team. The number of people sent to a project depends on the environment in which the solution is being implemented. For example, The relation is one person per three systems, if you need to make more than 20 in three months, we will have to supply more people. The implementation took approximately six months.

For the ordinary maintenance activities for administration solutions, we provide normally one person to support four customers.

The price of the solution could improve, it is not priced well for smaller businesses to afford. We have one customer that has 2,000 identities and another one with 8,000.

We have evaluated Oracle, IBM, and Micro Trend solutions. 

The methodology is very important, the methodology guides me and the customer to obtain the goal. Between all these solutions, this is the biggest difference. Additionally, the facility to build the data warehouse identity in order to have real identity governance is important. More specifically, the facility to create integration with the system and the way to make the governance of the data connectors are important because in other solutions you have to develop the code for the connectors. This includes low-level coding and business rules that have to be put in the DAT code, it takes a lot of time to have the functionality that you desire.

This is a mature solution, you can easily configure the connectors using a GUI interface. It makes the process a lot simpler. The business rules are model-specific and governed to reach the goals. This solution is straightforward to implement than another technology.

I have my doubts about what is the best way to set up this solution. It is not only an issue with this solution but for others as well. We have two flavors of the solutions, software-as-a-service(SaaS) and on-premise. None of our customers is ready to choose one of those because if you are on-premise, generally, it is fully featured. It is easier to integrate with another system but it is not going to satisfy the customers that want a solution on the Cloud.

On the other hand, SaaS or Cloud solution may be better for you but you might have a lot of legacy systems that are not ready to work perfectly with a SaaS solution. At this point, the main issue is to figure out what solution is best at the present time, on-premise or SaaS. This decision can be very difficult.

You need to be careful with the decisions you make because if you choose an on-premise solution right now you most likely are going to be on the cloud in three years. You need to keep this in mind. The industry is going in that direction.

I rate SailPoint IdentityIQ a nine out of ten.

We use the solution to certify account access. SailPoint is handling compliance for account certification.

They have certifications assigned to owners.  Different appliances like Windows and Unix assign these certifications. They need to initiate certification every six months for Windows and Linux to ensure they have certified those accounts on the operating systems. Then, they will authenticate with the account owner. The account owner will then perform the initial check to determine if they should keep those accounts within the organization. Afterward, they will complete their subscription and return to their direct manager for position verification. If there are no errors or discrepancies in their source certification, the manager will sign off, and the entire association will be closed. Then, the observation owner will generate the report. This report serves as evidence for internal auditors to prove they completed the certification. It's like a search engine flow.

The UI is complex, but the background functionality is robust and well-designed to perform SailPoint IdentityIQ certifications.

The benefit of using SailPoint IdentityIQ is that it significantly reduces the workload for certification processes. Before implementing IdentityIQ, the corporation relied heavily on manual methods to gather accounts and permissions for review. Each host machine had to be checked manually to ensure account collection accuracy, followed by manually identifying accounts for certification. This entire process was labor-intensive, with human involvement at every step.

It took about a month to gather notification data and initiate the certification process. Tracking the status of certifications was challenging since it was managed through Excel, making it difficult to determine completion percentages. Once all certifications were completed,  SailPoint shifted through Excel sheets to finalize reports.

With IdentityIQ, the process is streamlined, reducing the time required for certification, and it also has an automated aggregation of accounts, assets, and groups. There's no opportunity for human error or intentional concealment of accounts, enhancing security.

SailPoint IdentityIQ could offer more options, such as free online training for partners.

I have been using SailPoint IdentityIQ for 3 years.

The product is stable.

The solution is scalable.

The support team is quite responsive and understanding. Initially, they provide prompt responses, but their answers can be quite general. They could offer more precise guidance on addressing specific issues.

Neutral

The initial setup is not straightforward and takes around a month to complete. Two persons are required to deploy the solution. An experienced person is needed to use IdentityIQ.

The implementation involves installing the application and the database on different machines. Then, we will proceed with the integration based on the data we receive from SailPoint. After that, we will discuss with the customer the connections they need to close accounts and the rules for creating accounts. 

Once this process is complete, we will check for related accounts and generate a report accordingly. This report will be sent to the responsible owner, who will be identified through SailPoint. We will assist the customer in assigning those accounts to the correct owner. Following that, we'll assist in setting up the business decision template and help the customer launch their subscription, guiding them through each step and aiding the manager in signing off on certifications.

The capabilities for intelligence analysis are quite flexible, allowing users to generate the required reports quickly. It's pretty adaptable in terms of report generation and audit search.

The IQ Connector is supported by most major packaged software, making it convenient to acquire the connector from the SailPoint marketplace. The integration process is relatively straightforward.

Maintenance is easy. 

Overall, I rate the solution a nine out of ten.

I use the solution in my company just to open some roles for new people or maybe those who need more particulars, so we just search for the roles and apply them to those. My company had dealt with some particular comments, like who had why the tool is needed and its justification in the business. , after which the managers approved it or whoever was in the top positions. It is basically for managing user access at the end of the day.

The solution's most valuable feature is its ease of use. It has functionality that allows me to search for or compare with others.

I don't use SailPoint that much because I have a particular role in my company. Considering the time since I last used the tool, it doesn't need anything more.

The product is unable to share suggestions with users. For example, if I put something like ABC, the tool will not be able to say something that is related to it. In some other tools, if I just start with the initials, it will show me the whole thing, but with SailPoint Identity Security Cloud, I couldn't find it. If I am just searching for a role, like PR or something, or if I write PR, it should provide me with some suggestive rules, which may be two, three, five, or whatever the role numbers. I have to write the full name, and then it will appear.

I have been using SailPoint Identity Security Cloud for two years. I don't remember the version of the solution since the client who uses it will have to update it by themselves.

I did not experience any breakdowns or bugs in the product.

More than 100 people in my team use the product.

Our company's client, who uses the product, takes care of the technical support for the solution.

The product's initial setup phase is not so difficult, so it is easy. There are no installation-related issues with the product.

The solution is deployed on an on-premises model.

As per my knowledge, it runs on a paid partnership model, but I am not sure about it.

One should definitely use the product since there are no prerequisites or things that you should know. The tool is very easy to use, and there is nothing in it that you should find very difficult to understand or learn.

It is easy for a beginner to learn to use the product for the first time.

I rate the product an eight out of ten.

We use SailPoint IdentityIQ for identity governance and access management. There is no other vendor as good as this product. 

I find the built-in connectors, lifecycle management, certification, and recertification features to be the most valuable.

Access management could be improved. SailPoint is known for its IT identity governance capabilities, but its access management features in one platform.

Comparing SailPoint's access management to that of competitors like CyberArk and Okta, there's a clear gap.

Additionally, regarding privilege access management, there's potential for improvement. If SailPoint can develop a connector for RPAQ, they could also extend their capabilities by adding more access management features and modules.

I have been using it for three years. I am currently using version 8.3.

We actually have a lot of challenges with some of our applications. Some of them are not working properly, and the issues are not fixed. We are encountering some problems.

Scalability is hard, especially when you are doing it in real time. But, it would be eliminated once we have the first version of IdentityNow. So, the main goal for now is just to eliminate maintenance costs or run the entire infrastructure. That's why we plan to migrate it to the SaaS version of SailPoint.

We have more than 10,000 end users. We use it daily, 24/7 operation.

Initially, I had difficulties, but with time, I gained experience. Especially integrating legacy applications like ARPAQ. Over time, it became easier, but integrating legacy apps remains a typical issue.

In terms of user experience, I don't have any complaints.  We are planning to migrate to the cloud.

We did it in-house with the help of a third-party vendor experienced in deploying SailPoint.

The deployment took a couple of weeks in a test environment before going into production.

We require maybe around four people because, in our company, we have different roles and responsibilities. So, from another perspective, from the system administrator, we require around four resources.

It is affordable licensing. 

Currently, we are looking for another option, which is EmpowerID.

Overall, I would rate the solution a nine out of ten. If you want to start, go better directly to the cloud, instead of installing it on-prem.

The whole package is useful. It matches the item to the management, so I can't pinpoint any specific individual feature.

We are satisfied with the product overall. But the challenging point has been that we are buying the service and support from CyberIAM, but the SailPoint has remained unchanged. The average support has been a big disappointment.

Another problem we face is that we have around 450 to 500 data applications in our environment, and everyone wants customized identity management for their specific application. It takes a huge amount of time to onboard all of them, and maybe that's the only weakness.

I have been working with SailPoint IdentityIQ for two years. We have been implementing it for over two years now, but we are still in the process of getting all of our legacy applications on board.

It is a stable product.

It is a scalable product.

We are only the second customer in Europe who is using the consulting services. The majority of the service is with customers on the US side, and we have been fighting on this topic for at least 18 months, which has been quite a downside. But otherwise, technically, the platform is really good. We have had a lot of service breaks because of the lack of support.

Neutral

The platform deployment was pretty easy. But when you start to onboard the applications, it becomes more complex. The whole configuration depends on the application architecture and how you should set it up. All the cases are different, and that can be quite challenging.

All of the good products, like SailPoint, are expensive. But when you qualify the cost and then have to weigh the benefits and opportunities it gives you, it's a bit difficult to say whether it's expensive. SailPoint is expensive on the market but also produces real value.

We had some smaller implementations with different products, but not similar ones.

We presented our project to a vendor and then did a proof of concept with several products before selecting SailPoint IdentityIQ.

It is suitable for both small and enterprise-level companies. I would advise reaching out to a company that has already implemented it and asking their experts how they feel about using it. Once you get benchmarking information, it becomes easy to make the decision.

Overall, I would rate it an eight out of ten. There is room for improvement with regard to their technical support and complex configuration.

I'm a consultant. I work with companies to evaluate it and sometimes help them implement it as well.

I'm using the most recent version. It's somewhere around version 8.

The big one now is that they're adding AI and machine learning to figure out automated approvals and make recommendations to their reviewers. So, if I bring up Doug McPherson and it says he has access to this application, the system will make a review based on peer group analysis. That's one of the biggest new things. The problem used to be that people would get everything loaded on, and they created too much work for themselves. Now, they can use these policies and start to let the machine pick the less risky things. If it says it should be approved, then automatically approve it. It's definitely a time saver for a lot of people.

It has got a great user interface, and it just does the job.

It tends to be more expensive, but at the end of the day, it works.

I have been using it for probably 15 years. 

Its stability is very good. It's running so well now. I'd rate it a nine out of ten in terms of stability.

Its scalability is awesome. They've got customers with over a million users, so it'll scale to what you need. It has a very scalable architecture.

I'm a consultant, and I implement it for clients. I've worked with clients from 5,000 users and up to about 400,000 users.

I'd rate them really high. They have a group called Expert Services. They rely on third parties like me or the big four, like the Deloittes and the PWs, to do the implementation, but they maintain a group that they call their Expert Services. It has about a hundred people you can go to for the hardest things. If you were on the edge of performance issues and any other issues, you can bring in their experts. It's a really good team. It's more expensive than the other guys, but it's worth it.

IdentityIQ is difficult to begin with, but compared to its competitors, it'd be an eight out of ten in terms of ease of setup.

The deployment duration varies. They've got examples of people being up and running in a month. For massive companies with hundreds or thousands of employees, it takes a couple of years to get fully implemented, but they've got ways where you can implement it almost by a business unit, so you can be up and running and then slowly, you add the rest of the company to the implementation.

In terms of the number of people required, the actual SailPoint team would be three to four people, and then they use the business analysts in the company to help onboard the application. That's a really nice methodology where I can spread the workload over a bunch of people instead of having to rely on one person and get those backlogs and lineups form. For example, I can have a business analyst from the business units I'm working with help me onboard applications. That really speeds it up.

In terms of the deployment model, they have a SaaS version, but you can do it on-prem, and you can also do it with the hybrid model.

It depends on your company, but I've seen ROIs in 14 to 18 months. So, it's great.

It's all competitive. Initially, the prices look a bit higher, but once it gets into a competitive situation, they meet the market. I'd rate it an eight out of ten in terms of pricing. It tends to be more expensive, but it works.

They've got such a big lead in the market from a capabilities point of view. They're going after the cloud, so they're doing a lot in the cloud management area and making that easier for clients to implement it for managing the applications in the cloud space or all their SaaS applications. That's one of the big areas. They just did the acquisition of SecZetta, which provides management for third parties. For partners and third parties you work with, it can help automate the management of access to those people.

I'd rate it a nine out of ten because what it does is hard. The work that they implement isn't simple because the companies are so big. It works and does the job. It's not the product that causes problems; it's generally working with the company and its processes, but the product is bulletproof.