You have to understand the number of users and the number of devices that are going to use the solution. I'm saying that because of my experience with the licensing part. That's my one gripe. If you approach it the way we did, starting with one business unit and you then want to scale it across the enterprise, the cost can go much higher really quickly. It's not something you'd easily scale from a licensing perspective without significant additional budget increases. Scope it accordingly, because licensing can become an issue. Also, look at your certificate authority because one of the things we did was go with another certificate authority, not believing that the Axiad solution would be sufficient. We ended up paying for another vendor to provide the CA capabilities when we could have gotten that as part of the package from Axiad. Do some analysis on the things that you already have and see what you could eliminate, things that Axiad, as a package, is going to provide. It may end up saving you money. That's the one mistake we made because we had already signed contracts with the other vendor. At the time, either Axiad didn't explain this aspect well enough or we didn't understand that they were offering CA as part of the package, so we missed out on that. For the one use case that we specifically wanted to solve for that one business unit, it has performed perfectly. I haven't seen anything that I do not like. During presales, they said it was going to do this specific functionality and, when they deployed it, it did exactly what they said it was going to do. You rarely see that nowadays where you get a capability and you don't have to play around to make it work the way you want it to. But that wasn't the case with Axiad Cloud.
Sr. Manager, Training Services at a transportation company with 10,001+ employees
Real User
2022-07-26T08:24:00Z
Jul 26, 2022
It's really about ease of use and focusing on your users. Security is always paramount, but if you give people something that is secure yet hard to use, they're going to find ways around it. With the solution we have been able to give our users, I see a lot of happy users, and our adoption is such that I don't see users trying to circumvent our processes. If someone were to tell me they've deployed multi-factor authentication for most of their use cases but not all of them, I would say that multi-factor is the best control to stop initial access in the attacker lifecycle. If done correctly, the long-term impact to users becomes a positive. If people are hesitating based on the concern that users won't like it or it's hard to use or implement, what we have found is that as long as you have support from management, you can get it done and you can prove to users that you can do it in a way that it's useful to them. The Axiad Cloud Airlock feature wasn't available when we first implemented the solution, but we're investigating its use. Our main use case for it would be to do some additional programming on our security tokens when the users first register them. The solution is a critical security control for our organization. It has visibility at the board level and is visible to every one of our users, yet it is very unusual for me to hear a negative about the Axiad solution that we've implemented. I work with very few vendors that I don't have some kind of suggestion for on how they could improve, but Axiad is one that just provides a great solution. And they continue to grow that solution to do more, but they covered all of our use cases. Using Axiad, I have learned that there are organizations out there that are engaged in helping their customers be successful on this journey. The proposal they gave us was really built around our requirements and not just, "Here's a solution." That was key to our being successful: understanding our business, understanding our use cases, and catering to those aspects. I have really seen success in this space, one that some of my peers have found it very difficult to be successful in.
Director of Information Technology Services at a government with 1,001-5,000 employees
Real User
2022-05-31T13:04:00Z
May 31, 2022
The biggest lesson I've learned using Axiad Cloud is that it has really helped to highlight some of the mistakes we made in the past. In particular, we made the mistake of deciding to do PKI ourselves, rather than outsourcing it and doing it this way via a managed service. These days, anyone who is not using multifactor authentication likely cannot demonstrate due diligence or due care in their cyber program. Everyone needs to be doing multifactor. It's been so good that even the new challenges that we've had have already been addressed by the product. It seems to be very well thought out. Are we going to encounter something where it could be better? Probably. But as of right now, it has been able to handle any problem that we have thrown at it.
Enterprise Security Architect at a retailer with 10,001+ employees
Real User
2022-02-14T21:54:00Z
Feb 14, 2022
Axiad has been great. Make sure you take a look at it if you're looking for a cloud PKI provider or for cloud certificate management. If someone has deployed multifactor authentication for most of their use cases but not all of them, I think it may be hard to switch. In that situation they should certainly take a look at Axiad, but they need to be careful because it might be more to bite off than they want or than they can handle. We haven't really had any major issues with Axiad so far, and they've provided anything that we've wanted. They have honestly been one of the best vendors we've worked with. We've had a great experience with them so far and they've really exceeded expectations.
Axiad Cloud provides a comprehensive credential management system that secures digital identities across users, machines, assets, and interactions for enterprises and public-sector organizations. Axiad Cloud helps customers maximize their cybersecurity investments by seamlessly adding modern authentication and credential management processes into existing IAM workflows. This simplifies the management of disparate Identity and Access Management (IAM) solutions that must work in cloud-based,...
You have to understand the number of users and the number of devices that are going to use the solution. I'm saying that because of my experience with the licensing part. That's my one gripe. If you approach it the way we did, starting with one business unit and you then want to scale it across the enterprise, the cost can go much higher really quickly. It's not something you'd easily scale from a licensing perspective without significant additional budget increases. Scope it accordingly, because licensing can become an issue. Also, look at your certificate authority because one of the things we did was go with another certificate authority, not believing that the Axiad solution would be sufficient. We ended up paying for another vendor to provide the CA capabilities when we could have gotten that as part of the package from Axiad. Do some analysis on the things that you already have and see what you could eliminate, things that Axiad, as a package, is going to provide. It may end up saving you money. That's the one mistake we made because we had already signed contracts with the other vendor. At the time, either Axiad didn't explain this aspect well enough or we didn't understand that they were offering CA as part of the package, so we missed out on that. For the one use case that we specifically wanted to solve for that one business unit, it has performed perfectly. I haven't seen anything that I do not like. During presales, they said it was going to do this specific functionality and, when they deployed it, it did exactly what they said it was going to do. You rarely see that nowadays where you get a capability and you don't have to play around to make it work the way you want it to. But that wasn't the case with Axiad Cloud.
It's really about ease of use and focusing on your users. Security is always paramount, but if you give people something that is secure yet hard to use, they're going to find ways around it. With the solution we have been able to give our users, I see a lot of happy users, and our adoption is such that I don't see users trying to circumvent our processes. If someone were to tell me they've deployed multi-factor authentication for most of their use cases but not all of them, I would say that multi-factor is the best control to stop initial access in the attacker lifecycle. If done correctly, the long-term impact to users becomes a positive. If people are hesitating based on the concern that users won't like it or it's hard to use or implement, what we have found is that as long as you have support from management, you can get it done and you can prove to users that you can do it in a way that it's useful to them. The Axiad Cloud Airlock feature wasn't available when we first implemented the solution, but we're investigating its use. Our main use case for it would be to do some additional programming on our security tokens when the users first register them. The solution is a critical security control for our organization. It has visibility at the board level and is visible to every one of our users, yet it is very unusual for me to hear a negative about the Axiad solution that we've implemented. I work with very few vendors that I don't have some kind of suggestion for on how they could improve, but Axiad is one that just provides a great solution. And they continue to grow that solution to do more, but they covered all of our use cases. Using Axiad, I have learned that there are organizations out there that are engaged in helping their customers be successful on this journey. The proposal they gave us was really built around our requirements and not just, "Here's a solution." That was key to our being successful: understanding our business, understanding our use cases, and catering to those aspects. I have really seen success in this space, one that some of my peers have found it very difficult to be successful in.
The biggest lesson I've learned using Axiad Cloud is that it has really helped to highlight some of the mistakes we made in the past. In particular, we made the mistake of deciding to do PKI ourselves, rather than outsourcing it and doing it this way via a managed service. These days, anyone who is not using multifactor authentication likely cannot demonstrate due diligence or due care in their cyber program. Everyone needs to be doing multifactor. It's been so good that even the new challenges that we've had have already been addressed by the product. It seems to be very well thought out. Are we going to encounter something where it could be better? Probably. But as of right now, it has been able to handle any problem that we have thrown at it.
Axiad has been great. Make sure you take a look at it if you're looking for a cloud PKI provider or for cloud certificate management. If someone has deployed multifactor authentication for most of their use cases but not all of them, I think it may be hard to switch. In that situation they should certainly take a look at Axiad, but they need to be careful because it might be more to bite off than they want or than they can handle. We haven't really had any major issues with Axiad so far, and they've provided anything that we've wanted. They have honestly been one of the best vendors we've worked with. We've had a great experience with them so far and they've really exceeded expectations.