With the acquisition of OneLogin, they are now the leader when it comes to a unified identity platform. Every product in their portfolio serves a purpose.
Vice President, Infrastructure Security Technologies at a financial services firm with 5,001-10,000 employees
Real User
Top 10
2024-10-11T15:45:00Z
Oct 11, 2024
One Identity Manager is not for beginners due to its extensive functionality, so it requires prior experience or maturity in identity management to fully utilize its capabilities.
Solution Engineer at a consultancy with 501-1,000 employees
Reseller
Top 20
2024-08-26T18:15:00Z
Aug 26, 2024
I would rate One Identity Manager eight out of ten. The solution is good but needs more documentation and better descriptive errors. The One Identity Manager is a good starting point for beginners to customize, but the One Identity Designer offers more flexibility for creating complex automation. While the Manager is simplified and easier to understand, the Designer allows for greater customization. The Manager is sufficient for basic task customization, but for more advanced automation, the Designer is essential.
I rate One Identity Manager nine out of 10. Before implementing One Identity, you should test it and do a proof of concept. Look at your application portfolio. If you have a lot of Microsoft applications and SaaS, One Identity will be a good fit for your environment.
Senior Risk Manager at a insurance company with 10,001+ employees
Real User
Top 20
2024-08-07T15:26:00Z
Aug 7, 2024
I would rate One Identity Manager eight out of ten. Maintaining a single Identity Manager is complex, requiring a dedicated ten-person team to service the tool, resolve end-user issues, and ensure ongoing system operation.
Co-Owner at a tech services company with 1-10 employees
Real User
Top 20
2024-06-03T14:54:00Z
Jun 3, 2024
I would rate One Identity Manager eight out of ten. One Identity Manager requires one to two people for maintenance per project. I recommend using a partner to evaluate and implement One Identity Manager.
I would rate One Identity Manager seven out of ten. We don't use SAP connectors. One Identity Manager's SAP connector isn't unique; it allows connection to SAP systems like many other identity management products. While it simplifies SAP user provisioning within a centralized system, this functionality is common among competitor offerings. There's a key distinction between privileged and normal business users. While some privileged use cases can be created, an identity governance tool like One Identity Manager, Omada, Okta, SailPoint, or Aviant alone won't handle them all. These tools focus on general identity management, and for comprehensive privileged access management, we need a dedicated privileged identity manager or privileged access manager alongside them. Due to the partner's lack of experience with the solution, we received no training or post-implementation support. This highlights a challenge faced by organizations in Denmark, a small country with limited options, particularly in the area of identity access management. Our One Identity Manager partner hasn't provided the value we expected. While choosing them may have been limited due to licensing restrictions, the consultants they sent weren't helpful enough. It seems our experience might have been better with a different product or a more capable partner for the specific solution we implemented. Our company has a workforce of approximately 5,000 employees and utilizes roughly 1,000 applications, though not all are fully onboarded. This number is respectable considering the size of our country. When choosing an identity access management solution, there's no one-size-fits-all answer. It's crucial to understand your specific needs first. Consider factors like your current IAM maturity e.g., do you need privileged access management yet?, scalability requirements, deployment options cloud vs. on-premise, and partner support. Don't be swayed by what others use; focus on what works for your business and regulations. One Identity Manager can be a good option for mid-to-large companies lacking internal IAM expertise, though it may have fewer partner integrators compared to competitors like SailPoint. However, it can be a more cost-effective choice.
I would rate One Identity Manager nine out of ten. We have 3,000 front-end users in our organization. While we only have a single instance of One Identity Manager, for redundancy purposes our servers are spread across different data centers. This means if one data center experiences an outage, the application can fail over to the remaining servers in another location, ensuring continued functionality. One Identity's partner, VMDH did a good job training our staff on the solution. Six years ago, VMDH provided us with initial assistance customizing One Identity Manager. We have since developed our expert team and now primarily rely on them for our One Identity needs. We only contact VMDH in critical situations when we require immediate help from One Identity experts. In such cases, we typically reach out to One Identity directly, but if there are delays, we will then connect with them through VMDH. One Identity's partner was on standby in case we required any post-implementation support. The customer service we received from the One Identity partner was good. I found the One Identity partner to be valuable, rating them a nine out of ten. One Identity Manager is designed for low maintenance, requiring infrequent patches and updates to keep it running smoothly. One Identity Manager offers a unified approach to identity and access management. It eliminates the need to cobble together multiple products from different vendors for functionalities like Identity Access Management or Privileged Access Management. This saves your organization's time and resources.
IT Engineer at a tech services company with 10,001+ employees
Real User
Top 20
2024-05-09T20:35:00Z
May 9, 2024
I rate One Identity Manager seven out of 10. I would recommend One Identity to a small company. It requires minimum support because it's user-friendly, but you may need something more secure for a large-scale deployment.
I would rate One Identity Manager eight out of ten. It is user-friendly and the out of the box connectors make it easy to integrate with any system. Premier Support has significantly enhanced the value of our overall investment in One Identity Manager. There are several ways in which it has been beneficial. For instance, our developers appreciate the immediate support available for troubleshooting production issues. Without the expedited response times and dedicated resources offered by Premier Support, our business operations could be significantly impacted. We are confident that the standard support level would not be sufficient to address our needs on time. We have over 30 people that utilize One Identity Manager. I recommend One Identity Manager. Learning One Identity Manager can be time-consuming due to the limited availability of online resources. While other products offer abundant tutorials and guides on platforms like Google and YouTube, information for One Identity Manager is scarce and often outdated. Additionally, readily available training materials are rare. As a result, self-learning without additional support or formal training can be challenging.
I would definitely recommend implementing One Identity, but you have to understand how One Identity works and how it has been developed. You will be able to easily implement it then. One Identity is a unified solution, and most of the features are inbuilt. Before you make any customizations, you need to understand how One Identity works. That is a critical bit. Normally, developers have a development mindset. They do not think from the framework perspective, but One Identity has been implemented from a framework perspective. They have designed this solution keeping in mind the needs of enterprises and how enterprises manage their accounts, employees, and applications. You should look at it from the framework perspective and not the customization perspective. However, even if you have to make any customization, it is very easy. You just have to learn .Net and MS SQL. If you understand how One Identity works, implementation and customization are very easy. Overall, I would rate One Identity Manager an eight out of ten.
The system lacks the capability to empower application orders in the line of Business Management to independently make governance decisions for applications without requiring IT involvement. It did not assist us in realizing an Identity-centric Zero Trust model. I recommend that individuals working with this system should possess some knowledge of Microsoft SQL and be familiar with server configurations. A good understanding of SQL servers can simplify the process of comprehending and managing cloud repairs. I would rate it nine out of ten.
Technical Consultant at a tech services company with 51-200 employees
Consultant
Top 20
2024-01-05T10:55:00Z
Jan 5, 2024
We use One Identity Manager for SAP integration, but it has some limitations. Managing logically disconnected SAP accounts can be challenging, and the solution feels somewhat incomplete. As a consultant, there is often a need for additional customization to address the intricacies of SAP integration within the broader One Identity Manager framework. One Identity Manager connects to SAP accounts for identity governance. However, it is not the primary feature our clients emphasize. While useful, it is not the main driver for most organizations adopting One Identity Manager. One Identity Manager provides Identity Governance and Administration for challenging aspects of SAP, including key codes, profiles, and rules. In a broader sense, it addresses these complexities within the SAP environment. One Identity Manager is a solid choice for enterprise-level administration and governance. It effectively handles users, data, and accounts. While not perfect for privileged accounts, its integration with a complementary solution makes it a sophisticated option in the on-premise IGA landscape. The user experience of One Identity Manager is unique, but it is not straightforward for an outsider. It requires some learning, and the navigation can be challenging without guidance. Overall, it is a complex system that benefits from the expertise of consultancies like ours. Customizing One Identity Manager depends on your expertise. For experienced users, it is straightforward, but for beginners, especially in the first year, it often requires consulting with senior experts. Customization can be simplified with the right knowledge. I use the solution's business roles to map the company structure for dynamic application provisioning. The business role functionality is crucial for us and our clients. We use One Identity Manager to extend governance to cloud apps. It is essential, and I would rate its importance around seven on a scale of one to ten. Many customers, including us, find it valuable even if they don't plan to move entirely to cloud servers. One Identity Manager helps streamline aspects of application governance, particularly in making application access decisions. The effectiveness largely depends on the implementation by the consultancy. If done correctly, it can greatly enhance application governance. One Identity Manager has enabled application owners and business managers to make governance decisions without involving IT. If implemented correctly, there is minimal to zero IT involvement, allowing them to approve applications, manage access, and handle licenses directly through the One Identity Manager web UI. This aligns well with achieving an identity-centric zero-trust model. I would recommend One Identity Manager, especially for large enterprises. However, it is crucial to consult with the customer first to ensure it aligns with their specific needs and requirements. Performing a proof of concept could be beneficial to validate its suitability for their environment. Overall, I would rate the product as an eight out of ten.
Service Desk Team Lead & Project Manager at Kodak
Real User
Top 5
2023-10-02T10:58:00Z
Oct 2, 2023
I would rate One Identity Manager seven out of ten. We have it deployed globally. Currently, we have 100 people using the solution but it will eventually be used by 6,000 people. The maintenance is completed by One Identity. I recommend doing a proof of concept before implementing One Identity Manager.
Consultant at a tech services company with 11-50 employees
Consultant
Top 20
2023-09-26T10:33:00Z
Sep 26, 2023
We're integrators. I'd advise others to always do a proof of concept for this or any other product they use. However, I would recommend the product to others. I'd rate the solution nine out of ten.
For enterprise-level administration and governance of users, data, and privileged accounts, One Identity Manager is average. Its privileged account management is lacking in capabilities. You have to integrate it with various other PAM tools and only then can it be used for that. One problem with almost all identity managers today is that the implementation is based on certain information. After that, if certain big changes happen in the organization, you have to reflect all of those changes in the identity management solutions by doing certain customizations or implementation activities. That takes a good amount of time. That complexity is present in almost all identity managers today. It is not very quick when it comes to making changes. Regarding Zero Trust, that is a buzzword as well as a big word. One Identity Manager alone cannot achieve an identity-centric Zero Trust model. It has to start at the network level through the identity management level, and we have to integrate it with multiple different solutions. We have not achieved Zero Trust for any organization yet. One Identity Manager is mostly suitable for identity governance capabilities but is not that suitable for access management or privileged account management. If you are evaluating this product for access management or privileged access management, you should not go with it. If you want a governance product, go ahead and use this one.
IIMB expert at a tech services company with 1,001-5,000 employees
Real User
Top 10
2023-05-25T08:41:00Z
May 25, 2023
I give One Identity Manager a nine out of ten. This is a solution I want to work with because it brings satisfaction to our users. We have a complex environment with over 50 locations, various departments, and multiple companies, each with hundreds of distinct functions. We have two individuals responsible for maintenance, updates, and access to integrators who can provide assistance if necessary. We have around 5,000 end users. I recommend that organizations wishing to utilize One Identity Manager should first provide internal training for their employees. This approach will enable them to develop their own understanding of the company and reduce dependence on external integrators.
I rate One Identity Manager eight out of 10. My recommendation to new users is to be patient because it's hard to understand without adequate documentation. It gets easier with time and practice.
Manager IAM at a computer software company with 11-50 employees
Real User
Top 5
2023-03-21T07:28:00Z
Mar 21, 2023
The requirement for maintenance and support varies depending on the situation. If it's a 24/7 operation, then three resources would be needed to cover all three shifts. However, the need for resources depends on the different aspects of maintenance, such as infrastructure installation, configuration, daily health checks, and level three support, which involves the development and making of changes. Typically, organizations have dedicated teams for these three areas, team members should be assigned accordingly based on this information. The tool is comprehensive and able to meet identity and access management needs. However, it can be complex as it contains multiple tools to address requirements in specific areas. I rate One Identity Manager an eight out of ten.
System Security Architect at a financial services firm with 10,001+ employees
Real User
Top 10
2022-12-26T20:01:00Z
Dec 26, 2022
It's a very flexible solution. You can improve or develop it based on your needs. If you have a little bit of knowledge of .Net code, you can create whatever you want. The product is so open to development. If you have some coding experience, you can do whatever you want. This is one of the most important things for us. I would rate it an eight out of ten.
Manufacturing Executive at a manufacturing company with 10,001+ employees
Real User
2022-12-13T10:46:00Z
Dec 13, 2022
I give the solution a six out of ten. I have worked with similar solutions such as Oracle One, CA, RSA, SailPoint, and IBM. Other identity manager platforms mostly use Java J2EE-based frameworks. The challenging part with One Identity Manager is that it uses the .NET Framework, for example, VBScript. It's a struggle to find the properly skilled resources in the market. VBScript is considered a niche skill right now. One Identity Manager seems to be lagging behind its competitors in terms of its out-of-the-box connectors. Almost every other identity manager product has connectors for a variety of applications, such as ServiceNow, Workday, and SAP, but One Identity Manager does not. The auditing and reporting modules of the solution definitely need to be improved. It needs to be more intuitive for business people, especially those who don't deal with IT. Each solution has its own pros and cons. Oracle has a little heavier deployment compared to One Identity Manager. However, when compared to other vendors' solutions - such as Saviynt or SailPoint that can be deployed within two to three hours, One Identity Manager requires a full day. The amount of maintenance required for the solution depends on the type of implementation. One Identity Manager is good for organizations looking for multilingual support, low-cost, and highly customizable solutions. The underlying technology of the UI is going to change. One Identity Manager is moving from VBScript and HTML to Angular with the latest version.
Senior Manager / IAM Evangelist at a tech services company with 201-500 employees
MSP
2022-11-06T16:24:00Z
Nov 6, 2022
My advice is to review your business cases and try to use most of the out-of-the-box features of the product, instead of asking a consulting company to customize the solution. Adding customizations will add some burden when you need to upgrade to the next version or make changes. They will increase the chances of failure and your progression and smoke testing. Try to reduce the amount of customization with this tool. When it comes to customizing One Identity Manager for particular needs, it's like any other tool. When the tool is implemented we try to push customers to use all of the functionality. If there is a need to customize, on a scale of one to ten, where ten is easy, customizing it is a seven. And as a tool, on its own, it does not create a privileged governance stance to close the security gap between privileged users and standard users. It needs to be integrated with another product. One Identity Manager does the user provisioning, de-provisioning, and access requests and management. But if you want a full integration with a PAM solution, Quest has a different solution called One Identity Safeguard. Safeguard is the solution for privileged access management and can be connected with One Identity Manager. By connecting the two tools, you can keep track of the submission of requests with One Identity Manager and the fulfillment of the requests in the privileged access management tool, which is Safeguard.
System Administrator at a tech services company with 10,001+ employees
Real User
2022-10-09T19:15:00Z
Oct 9, 2022
One of the variables it really depends on is the replication time that is set for it to replicate and pull all of the new changes that have been made from the user GUIs. But I work with a relatively large network, so our replication time is different from that of an average company or user. I have a very positive opinion of One Identity Manager. In all honesty, it's the best application that I've used. I give it my 100 percent recommendation.
I don't remember the exact version of One Identity Manager I'm using, but it's the latest supported version. Everybody uses One Identity Manager in my company because everybody's making requests, but the average number of users of the product is between thirty thousand to forty thousand. My advice for anyone who's interested to use One Identity Manager is to find a good partner who can help you go through the product because no matter what product you buy, you need someone who can guide you. You should also have dedicated people who can learn and administer the product from the get go, not just when it's live or in production, but from the time of installation and implementation, because One Identity Manager is a great product and you need to watch how it's configured. Unlike in SailPoint and Saviynt where there's a lot of code involved, One Identity Manager is a product that has a configuration you can still understand when you're sitting next to somebody configuring it, so it's best to start learning the product from day one. You should also take notes and write documentation about what you've learned and what you did, even if you found it easy to configure, so many different people can do configurations in your place, and for you to also keep track of the versions and who did what, what this particular workflow does, and what this configuration does because if you're not doing the configuration all the time, you're going to get lost on it without documentation that you can reference and follow. I'd never give a solution a rating of ten out of ten because the perfect solution doesn't exist. I'd be rating One Identity Manager a nine, and the reason for this rating is that if you think about implementing any identity governance tool, the biggest amount of money you spend is not on technology, and the biggest amount of time you spend is when you're talking to businesses to understand processes, then translate those into the actual implementation. That would take up the most time in terms of processes. One Identity Manager helps you make it shorter because people in business can, instead of describing what's going on, if you train people right and let them go into the product and configure it because there's no technology involved, you can save yourself plenty of time responsibility-wise and access-wise, and this is what makes One Identity Manager a nine out of ten for me. My company is a customer and partner of One Identity Manager. I'm a consultant for companies that have the solution. I'm also a partner who installs and offers consulting around One Identity Manager along with other products. I'm also a partner of Saviynt, SailPoint, and Microfocus. I also have experience with Oracle and Fisher.
Founder at a marketing services firm with 11-50 employees
Real User
2022-07-31T13:24:00Z
Jul 31, 2022
I'm a freelancer, so I work for multiple customers and I work for three customers that are using One Identity Manager, so I can't give the exact number of users, but big teams use it. I'm using One Identity Manager because it's what my customers selected. My advice to anyone looking into using One Identity Manager is to start playing around on the virtual setup to get familiar with it, in particular, make a small domain, set some target systems up, and get familiar with the setup. I would rate One Identity Manager eight out of ten because it's very stable and very customizable. For the last two years, the solution has improved and cut back on technical depth, and it can stand on its own two feet, but there's still space to improve. Overall, One Identity Manager is one of the best in the market. I'm an identity and access management consultant, so I'm not a partner or a reseller of One Identity Manager.
IIMB expert at a tech services company with 1,001-5,000 employees
Real User
Top 10
2022-07-26T06:13:00Z
Jul 26, 2022
I'm using the latest version of One Identity Manager. In my company, the tool is still in the deployment stage, but within a few months, all people in the company will be users of One Identity Manager, particularly the portal. There'll be about five thousand users of the tool within my company. My advice to anyone using One Identity Manager for the first time is to make an audit on your company with an independent partner to be sure if you need the tool because One Identity Manager won't be worth it for every company. You have to match it to your needs, or else you'll never get your money's worth. For example, in a stable company or one that has similar jobs, the tool won't be used a lot. If you have three to ten job types and all of those would be the same after many years, One Identity Manager won't be the tool you need. You can just go for a cheaper tool that can do the job for you, but if you have a complex company and you have to face a lot of regulations, and if you want to adapt more quickly, One Identity Manager is a good choice. I'm rating One Identity Manager nine out of ten because it fits my need, and though it's complex, it's a learnable product. It also helps my company become more agile and also helps it face new challenges. One Identity Manager is the tool I need, and I like it. The tool helps my company and also helped the previous company I worked for, so I have no complaints about it. It's a tool I like working with. I didn't give One Identity Manager a perfect score because the connection with ServiceNow isn't there yet, so that's an area for improvement. When you send in an incident or put in a request that's not a standard request on One Identity Manager, you have to make an exception in the way your company should work, and this is another area for improvement in the tool that I also don't like. My company came up with a workaround or a solution to this, but a company such as One Identity should be able to propose a solution out-of-the-box. My company is both a customer and a partner of One Identity Manager. I say partner because a representative from One Identity comes to my company every two months and listens to feedback about the pros and cons of the tool. I say customer because my company pays for the One Identity Manager license, and if there's an issue, my company makes a request and lets the support team know what makes us unhappy.
IT Architect at a tech services company with 501-1,000 employees
Real User
2022-02-16T13:30:00Z
Feb 16, 2022
Take your time in deploying the system and know the processes you want to support with it. Knowledge of the processes you want to support is the main thing.
Look to limit customizations where you can; it can be easier to customize the tool in the short term, however, it can result in significant technical debt and effort in the future.
Director, Global Identity and Access Technologies at a financial services firm with 10,001+ employees
Real User
2020-05-21T06:24:00Z
May 21, 2020
It isn't just this product. IAM projects never come in on time or on budget. It's just the nature of the beast. But definitely have your use cases thoroughly defined. If you have those, the configuration will come rather easily. Even though customization is available, you need to be aware of the dependencies and the other features that may be negatively impacted if you don't do best practices. You want to make sure that you're using best practices and not just configuring something because that's the way it's done in your company. That could negatively impact the other features that do adhere to best practices.
Works at a tech services company with 201-500 employees
MSP
2019-10-08T20:52:00Z
Oct 8, 2019
My advice would be to implement the out-of-box product and pull in your initial data sooner rather than later. Planning is needed but I assure you that you likely don't know how much of a mess you're in, especially if you have no IAM solution already in place. The OOB data collection will help shed light on the issue you have and have yet to discover then you can craft robust solutions to tackle them. Involve HR, involve your process owners, involve your business unit leads. Ultimately, you want to use a tool like this to empower your business to make decisions and engage in self-service. It may be difficult at first but if you involve them and try to meet their needs you can turn IT from a burden into the hero of your company. Work with a partner. While the vendor has great staff and is very knowledgeable, ultimately the partners are the ones who can really help you make the magic happen. All partners have the ability to engage the vendor directly should the need arise. You can save a significant amount of cost by going this route.
Senior Manager Global IT Operations at a healthcare company with 10,001+ employees
Real User
2019-05-02T07:06:00Z
May 2, 2019
The tool is one of the best tools, out-of-the-box. It has great integration, especially for companies using SAP. On the other side, choose the right partner and don't look at only one system, but other systems as well. If a company is looking for a system to control SAP, don't focus on your SAP. Look at one system which is able to manage in general, and with good integrations. One identity is one of those systems. It is also important to have a defined process. We establish it and then, with the use of the tool, we apply it. I would rate the solution at nine out of ten. I like the out-of-the-box functionality. You don't need to do specific customizations; you can quickly use the system as it comes. And the solution has flexibility.
Systems Specialist at a financial services firm with 501-1,000 employees
Real User
2019-05-02T07:06:00Z
May 2, 2019
It's very good to have a system that handles access rights and a system that you can automate with a lot of other systems like with LDAP and Active Directory. You can probably integrate it with other things as well. For us, it has been a very nice product and we are very happy with it. The advantages come with many other things that need to be done to use Identity Manager. It takes time to create things and get new systems and features running and to teach people how to use it. We've heard about the privileged account governance features. We haven't yet started using them but I think we will soon. Overall, I would rate it at nine out of ten. There are always things to improve on, nothing is ever perfect. I like the product and I think it's nice to work with, but I don't do that too much technical stuff. For everything I do with it, I think it works fine.
Technical Support Analyst at a financial services firm with 1,001-5,000 employees
Real User
2019-04-25T11:03:00Z
Apr 25, 2019
My advice is to try this product first and then decide. In organizations with a large footprint of open source operating systems, such as Unix or Linux, security for them is a bigger concern, especially for banking. They should take advantage of using the evaluation version. Overall, I would rate this product eight out of ten.
Systems Specialist at a financial services firm with 501-1,000 employees
Real User
2019-04-22T09:21:00Z
Apr 22, 2019
Keep the scope small in the beginning, so you don't do too much. Go live and then add more features on the way because, otherwise, it can go on for years, and you never get anything done. Also, don't start to customize features too much. Try to use what comes out-of-the-box and try to implement it that way. Somebody has thought of these things already. In most companies, a lot of these things are probably done in the same way. I would rate One Identity Manager at eight out of ten. There's always room for improvement, but I'm pretty satisfied.
Look at one or two videos online on the One Identity YouTube channel. Get in touch with some of their people and possible get a short preview of their products. That is the easiest way, so you can set up a test environment pretty fast be shown how simple the processes work. One Identity has a very strong community combined with the tool. They also have a very good relationship between partners, customers, and themselves. It is easy to extend the product for custom purposes.
I think it's one of the best solutions on the market. It is a big task to implement alone, so ask a lot of questions if looking to implement. You can see and do a quite a lot. It is really open in that way, but going out and trying to do stuff which it isn't meant to do, that's much harder. I wouldn't go there. However, it's gives you a good framework to work and build on. The policy and role management features work. They are getting better all the time. I don't really have a better experience from other solutions. I am just learning the privileged account governance features and how they work. We don't have SAP internally. We offer it as a service, as a company, to our customers, but we don't use it. We are managed service providers, so we cannot have our own private cloud.
Product Specialist at a retailer with 10,001+ employees
Real User
2019-04-10T07:57:00Z
Apr 10, 2019
Think through what is most important and your strategy, especially your cloud strategy. Look at the different competitors in the market, including this one. Our cloud strategy is impacting what we decide to roll out. We have not implemented the privileged account governance features yet.
The solution is used very often in the market. There are a lot of satisfied customers using the product. They are a lot of partners who can help you implement it, if you are interested. We know few other products in this industry. The flexibility, long term plan, and roadmap are very good. Also, its future is looking good.
It isn't that hard of a product to use. It's actually very easy to set up. Your business case is much easier than you think, forget the word complex. Just use the product as it is meant to be used, and it will make your life easier. It will also make your customers much happier, reducing the time to implement something or making the company grow. I have done some basic SAP integrations just using the out-of-the-box connectors. After connecting it, the customers with their own technical teams go in and clean up SAP. The customers that I am working with haven't moved to the cloud yet or are just starting move to the cloud. I am pleased to see many steps are being taken to make cloud integration much easier from version 8 and up. I am interested in finding more out about the privileged account governance features.
Principal Consultant at a tech services company with 1,001-5,000 employees
Consultant
2019-04-10T07:57:00Z
Apr 10, 2019
Compare all the solutions and all the things that you can do on them: How easy you can set it up and how fast it can grow. Because identity management will grow with you, and you have to have a product which can grow with your organization.
It will impact the cloud strategy of a lot of customers in the future. We just started to implement this feature for customers, so it should have a huge impact in the future. We have not integrated the solution with SAP.
COO at a comms service provider with 11-50 employees
Real User
2019-04-04T06:32:00Z
Apr 4, 2019
Implementation and integration with SAP went well from the Identity side, but we have had internal problems with the data. However, we have been solving that for four years now.
Build a strong team for this solution because there will be a lot of issues that you will have to go through, especially on your HR database. Build a team that knows how to listen and how to act. The SAP integration process was quite interesting. You have to search for the answers in the right department with the right people. After that, it becomes easy. We are currently not on the cloud.
Solution Designer at a manufacturing company with 10,001+ employees
Real User
2019-04-04T06:32:00Z
Apr 4, 2019
The product is a nine out of ten because 80 to 90 percent of our requirements are out-of-the-box. Consider the speed of implementation, amount of customization, and the authentications if you are comparing between tools. Operations is also a topic: Is it easy to operate and is there a dedicated operational team? We have integrated with SAP because SAP has connected systems. I like the integrated approach of the privileged account governance features.
Service Owner Identity & Access Management at a financial services firm with 10,001+ employees
Real User
2019-04-04T06:32:00Z
Apr 4, 2019
It's a good product which provides great opportunities. Regarding the policy and role management features, I hear they're good. I don't know that part as well, but I have heard from the engineers they're pretty okay. We have integrated One Identity Manager with SAP, but we're moving from SAP as an HR system to the Workday system. We're in the middle of that integration right now. The original integration with SAP was done before I started using the product, but I from what I heard it was pretty okay. But you have to have a lot of knowledge of One Identity Manager before you can start implementing it, and knowledge of it is a bit of a problem. The solution hasn't yet impacted our cloud strategy because we are not working hard on cloud strategy right. We're thinking about moving some pieces but we have not yet implemented it. We know that version 8 is much better than the version 7 we use. But the version we use is about a seven out of ten because we have had some real difficulties with the integration part, from the old systems.
Manager Global Identity & Access Management at a healthcare company with 10,001+ employees
Real User
2019-04-04T06:32:00Z
Apr 4, 2019
Check the big picture and what exactly the company needs. Choose the partner wisely. It's always important to make a successful implementation. One Identity Manager is good because it allows you to choose at a granular level exactly what you need for the business. This is not how it's implemented currently with us, but especially in compliance GDPR and privacy settings, you can have more granular permissions on privileged accounts and be able to monitor who makes changes on the accounts in IDN. We only have very basic functions now. However, the solution will have an impact on the roadmap of the company and on our company's roadmap of IT solutions to come.
Lead Technology Manager at a financial services firm with 10,001+ employees
Real User
2019-04-04T06:32:00Z
Apr 4, 2019
Think about what the out-of-the-box features are in the product and how those map into your business requirements. Perhaps look at revisiting the business requirements to better fit with the product. We integrated the solution with SAP, given that we already had a significant SAP deployment for our financial services. Because I wasn't involved in that I can't comment on how that process went. In terms of our cloud strategy, One Identity Manager hasn't impacted it. The solution will fit within that strategy. I would rate it at eight out of ten. It meets most of our business requirements. We can deliver functionality the users want, but it does need some improvements, in the performance and support for a DevOps-type quick SOC release.
For this or any other similar solution, make sure you have the maturity to go forward with an identity management project. If you are at that point, this solution is a good option to look at because it's really flexible. It makes it possible to do a lot of things. We are getting comfortable with the solution. We're just at the very beginning. We are in production but not for the whole company, so we are not enjoying all the benefits of the solution. In terms of the privileged account governance features, we are not there yet. We are now investigating them and they look fine but, we are progressing slowly. The solution has helped to simplify compliance, but not as much as we would like because we haven't implemented all the options, all the features yet. We are in the middle of that. We have integrated the solution with SAP, we need to get identities from it. The integration process with SAP has been the worst. It has been really difficult because our SAP is really customized. The standard connector hasn't been enough, so we have had to create a new connector and it's been really difficult. I would rate it at eight out of ten. It's pretty new but they are making a great effort to be the best and to focus on the user.
While our journey to find a solution was tiring and we invested a lot of work and knowledge, our expectations have been reached and even exceeded. It's really good to invest time and money in a solution which offers you something that all users, not just IT, can use. Sometimes, the solution is flexible. However, the customer should sometimes be flexible to the solution, as well. Those who worked on this implementation now spend less time on user rights, etc. While it lowered their workload with this solution, they are now working on something else.
Evaluate how you can do the rollout, how will you approach the rollout, and if you have other application. Check how you are going to do the rollout and plan for it, then evaluate the products against it. It has increased our help desk calls a lot. We probably have between 60 and 100 access calls related to access management processes in One Identity Manager a day. One Identity Manager has not impacted our cloud strategy and its management.
Senior Product Manager for Identity & Access Management at a non-tech company with 10,001+ employees
Real User
2019-04-04T06:32:00Z
Apr 4, 2019
Define what you are researching. Write down use cases you need. Then, ask for a demo with you data, so you can see actual results. We are working on our IT cloud strategy. We are starting to do cloud provisioning integrated with our identity management. We use it for compliance, but not directly for GDPR. We are using the policy and role management features.
We are currently working on integrating it with SAP, but we are customizing a lot of things to fit with the current company's requirements. Their requirements are quite different from the out-of-the-box settings. Next month is the first SAP system go-live. After the SAP onboarding, we will look at the cloud. I have fixed some bugs in the code for the Office 365 onboarding earlier. That was a very early version with custom connectors to Office 365, version 6. But in terms of a cloud connector, we have not started to work on it yet, in the latest versions.
IT Business Process Specialist at a manufacturing company with 5,001-10,000 employees
Real User
2019-04-03T06:21:00Z
Apr 3, 2019
If you want real-time management, it can be done within three to five working days with this product. That is how we do things today, so we have a process in place and do it with internal resources. Bring your processors in under your control. Define what you want and when it works in Excel, then you are ready to buy the solution. It doesn't really matter which solution you would buy, as long as you have things under control. The policy and role management features are very powerful, but it is hard to make the organization use them in the proper way. We have not implemented the privileged account governance features. From the back-end perspective (provisioning engine), I would give it a nine out of ten. However, from the web front-end, I would give it a five out of ten.
Don't work too much in the beginning. Focus on what's really necessary and important. Forget the luxuries you have. There are old processes that are really great for some people and look like pieces of artwork. However, the maintenance of them is really expensive. So, know what you really need, what is your business case, and what is important for you. Keep it simple and structured. Then, you will be happy with a solution like One Identity Manager. You have to understand the concepts of the software. Then, you can be productive and be happy with it. We were able, with this solution, to go pretty fast from an on-premise AD and Exchange environment to a hybrid setup with a lot of stuff in the cloud. Right now, we're not really using the privileged account governance features. It looks promising. In our organization, it looks promising, but we're not going to go there right now because its another responsibility for someone else in the company. So, while it looks good, we don't have the capacity to go there now.
One Identity Manager is a value-added and trusted active directory management and user provisioning software solution. One Identity Manager administers and protects an organization’s data and users, minimizes threats, and ensures that compliance regulations are consistently satisfied. Users will have access to the data and applications they need when they need them. One Identity can be used on premises, in the cloud, and also with hybrid options. One Identity Manager is able to easily...
With the acquisition of OneLogin, they are now the leader when it comes to a unified identity platform. Every product in their portfolio serves a purpose.
One Identity Manager is not for beginners due to its extensive functionality, so it requires prior experience or maturity in identity management to fully utilize its capabilities.
I would rate One Identity Manager eight out of ten. The solution is good but needs more documentation and better descriptive errors. The One Identity Manager is a good starting point for beginners to customize, but the One Identity Designer offers more flexibility for creating complex automation. While the Manager is simplified and easier to understand, the Designer allows for greater customization. The Manager is sufficient for basic task customization, but for more advanced automation, the Designer is essential.
I rate One Identity Manager nine out of 10. Before implementing One Identity, you should test it and do a proof of concept. Look at your application portfolio. If you have a lot of Microsoft applications and SaaS, One Identity will be a good fit for your environment.
I would rate One Identity Manager eight out of ten. Maintaining a single Identity Manager is complex, requiring a dedicated ten-person team to service the tool, resolve end-user issues, and ensure ongoing system operation.
I would rate One Identity Manager eight out of ten. We are a service provider, and we provide the license to our customers.
I rate One Identity Manager eight out of 10.
I rate One Identity Manager eight out of 10.
I would rate One Identity Manager eight out of ten. One Identity Manager requires one to two people for maintenance per project. I recommend using a partner to evaluate and implement One Identity Manager.
I would rate One Identity Manager seven out of ten. We don't use SAP connectors. One Identity Manager's SAP connector isn't unique; it allows connection to SAP systems like many other identity management products. While it simplifies SAP user provisioning within a centralized system, this functionality is common among competitor offerings. There's a key distinction between privileged and normal business users. While some privileged use cases can be created, an identity governance tool like One Identity Manager, Omada, Okta, SailPoint, or Aviant alone won't handle them all. These tools focus on general identity management, and for comprehensive privileged access management, we need a dedicated privileged identity manager or privileged access manager alongside them. Due to the partner's lack of experience with the solution, we received no training or post-implementation support. This highlights a challenge faced by organizations in Denmark, a small country with limited options, particularly in the area of identity access management. Our One Identity Manager partner hasn't provided the value we expected. While choosing them may have been limited due to licensing restrictions, the consultants they sent weren't helpful enough. It seems our experience might have been better with a different product or a more capable partner for the specific solution we implemented. Our company has a workforce of approximately 5,000 employees and utilizes roughly 1,000 applications, though not all are fully onboarded. This number is respectable considering the size of our country. When choosing an identity access management solution, there's no one-size-fits-all answer. It's crucial to understand your specific needs first. Consider factors like your current IAM maturity e.g., do you need privileged access management yet?, scalability requirements, deployment options cloud vs. on-premise, and partner support. Don't be swayed by what others use; focus on what works for your business and regulations. One Identity Manager can be a good option for mid-to-large companies lacking internal IAM expertise, though it may have fewer partner integrators compared to competitors like SailPoint. However, it can be a more cost-effective choice.
I would rate One Identity Manager nine out of ten. We have 3,000 front-end users in our organization. While we only have a single instance of One Identity Manager, for redundancy purposes our servers are spread across different data centers. This means if one data center experiences an outage, the application can fail over to the remaining servers in another location, ensuring continued functionality. One Identity's partner, VMDH did a good job training our staff on the solution. Six years ago, VMDH provided us with initial assistance customizing One Identity Manager. We have since developed our expert team and now primarily rely on them for our One Identity needs. We only contact VMDH in critical situations when we require immediate help from One Identity experts. In such cases, we typically reach out to One Identity directly, but if there are delays, we will then connect with them through VMDH. One Identity's partner was on standby in case we required any post-implementation support. The customer service we received from the One Identity partner was good. I found the One Identity partner to be valuable, rating them a nine out of ten. One Identity Manager is designed for low maintenance, requiring infrequent patches and updates to keep it running smoothly. One Identity Manager offers a unified approach to identity and access management. It eliminates the need to cobble together multiple products from different vendors for functionalities like Identity Access Management or Privileged Access Management. This saves your organization's time and resources.
I rate One Identity Manager seven out of 10. I would recommend One Identity to a small company. It requires minimum support because it's user-friendly, but you may need something more secure for a large-scale deployment.
I would rate One Identity Manager eight out of ten. It is user-friendly and the out of the box connectors make it easy to integrate with any system. Premier Support has significantly enhanced the value of our overall investment in One Identity Manager. There are several ways in which it has been beneficial. For instance, our developers appreciate the immediate support available for troubleshooting production issues. Without the expedited response times and dedicated resources offered by Premier Support, our business operations could be significantly impacted. We are confident that the standard support level would not be sufficient to address our needs on time. We have over 30 people that utilize One Identity Manager. I recommend One Identity Manager. Learning One Identity Manager can be time-consuming due to the limited availability of online resources. While other products offer abundant tutorials and guides on platforms like Google and YouTube, information for One Identity Manager is scarce and often outdated. Additionally, readily available training materials are rare. As a result, self-learning without additional support or formal training can be challenging.
Overall, I would rate One Identity Manager an eight out of ten.
I would definitely recommend implementing One Identity, but you have to understand how One Identity works and how it has been developed. You will be able to easily implement it then. One Identity is a unified solution, and most of the features are inbuilt. Before you make any customizations, you need to understand how One Identity works. That is a critical bit. Normally, developers have a development mindset. They do not think from the framework perspective, but One Identity has been implemented from a framework perspective. They have designed this solution keeping in mind the needs of enterprises and how enterprises manage their accounts, employees, and applications. You should look at it from the framework perspective and not the customization perspective. However, even if you have to make any customization, it is very easy. You just have to learn .Net and MS SQL. If you understand how One Identity works, implementation and customization are very easy. Overall, I would rate One Identity Manager an eight out of ten.
The system lacks the capability to empower application orders in the line of Business Management to independently make governance decisions for applications without requiring IT involvement. It did not assist us in realizing an Identity-centric Zero Trust model. I recommend that individuals working with this system should possess some knowledge of Microsoft SQL and be familiar with server configurations. A good understanding of SQL servers can simplify the process of comprehending and managing cloud repairs. I would rate it nine out of ten.
We use One Identity Manager for SAP integration, but it has some limitations. Managing logically disconnected SAP accounts can be challenging, and the solution feels somewhat incomplete. As a consultant, there is often a need for additional customization to address the intricacies of SAP integration within the broader One Identity Manager framework. One Identity Manager connects to SAP accounts for identity governance. However, it is not the primary feature our clients emphasize. While useful, it is not the main driver for most organizations adopting One Identity Manager. One Identity Manager provides Identity Governance and Administration for challenging aspects of SAP, including key codes, profiles, and rules. In a broader sense, it addresses these complexities within the SAP environment. One Identity Manager is a solid choice for enterprise-level administration and governance. It effectively handles users, data, and accounts. While not perfect for privileged accounts, its integration with a complementary solution makes it a sophisticated option in the on-premise IGA landscape. The user experience of One Identity Manager is unique, but it is not straightforward for an outsider. It requires some learning, and the navigation can be challenging without guidance. Overall, it is a complex system that benefits from the expertise of consultancies like ours. Customizing One Identity Manager depends on your expertise. For experienced users, it is straightforward, but for beginners, especially in the first year, it often requires consulting with senior experts. Customization can be simplified with the right knowledge. I use the solution's business roles to map the company structure for dynamic application provisioning. The business role functionality is crucial for us and our clients. We use One Identity Manager to extend governance to cloud apps. It is essential, and I would rate its importance around seven on a scale of one to ten. Many customers, including us, find it valuable even if they don't plan to move entirely to cloud servers. One Identity Manager helps streamline aspects of application governance, particularly in making application access decisions. The effectiveness largely depends on the implementation by the consultancy. If done correctly, it can greatly enhance application governance. One Identity Manager has enabled application owners and business managers to make governance decisions without involving IT. If implemented correctly, there is minimal to zero IT involvement, allowing them to approve applications, manage access, and handle licenses directly through the One Identity Manager web UI. This aligns well with achieving an identity-centric zero-trust model. I would recommend One Identity Manager, especially for large enterprises. However, it is crucial to consult with the customer first to ensure it aligns with their specific needs and requirements. Performing a proof of concept could be beneficial to validate its suitability for their environment. Overall, I would rate the product as an eight out of ten.
I'd rate the solution eight out of ten. I'm a customer of the vendor.
I rate One Identity Manager seven out of 10.
I would rate One Identity Manager seven out of ten. We have it deployed globally. Currently, we have 100 people using the solution but it will eventually be used by 6,000 people. The maintenance is completed by One Identity. I recommend doing a proof of concept before implementing One Identity Manager.
I totally recommend it. If you want to implement life cycle and governance, for sure, it's the best solution.
We're integrators. I'd advise others to always do a proof of concept for this or any other product they use. However, I would recommend the product to others. I'd rate the solution nine out of ten.
One Identity Manager is the best product in the market. We are implementing OneLogin right now. Overall, I rate One Identity Manager ten out of ten.
For enterprise-level administration and governance of users, data, and privileged accounts, One Identity Manager is average. Its privileged account management is lacking in capabilities. You have to integrate it with various other PAM tools and only then can it be used for that. One problem with almost all identity managers today is that the implementation is based on certain information. After that, if certain big changes happen in the organization, you have to reflect all of those changes in the identity management solutions by doing certain customizations or implementation activities. That takes a good amount of time. That complexity is present in almost all identity managers today. It is not very quick when it comes to making changes. Regarding Zero Trust, that is a buzzword as well as a big word. One Identity Manager alone cannot achieve an identity-centric Zero Trust model. It has to start at the network level through the identity management level, and we have to integrate it with multiple different solutions. We have not achieved Zero Trust for any organization yet. One Identity Manager is mostly suitable for identity governance capabilities but is not that suitable for access management or privileged account management. If you are evaluating this product for access management or privileged access management, you should not go with it. If you want a governance product, go ahead and use this one.
I give One Identity Manager a nine out of ten. This is a solution I want to work with because it brings satisfaction to our users. We have a complex environment with over 50 locations, various departments, and multiple companies, each with hundreds of distinct functions. We have two individuals responsible for maintenance, updates, and access to integrators who can provide assistance if necessary. We have around 5,000 end users. I recommend that organizations wishing to utilize One Identity Manager should first provide internal training for their employees. This approach will enable them to develop their own understanding of the company and reduce dependence on external integrators.
I rate One Identity Manager eight out of 10. My recommendation to new users is to be patient because it's hard to understand without adequate documentation. It gets easier with time and practice.
The requirement for maintenance and support varies depending on the situation. If it's a 24/7 operation, then three resources would be needed to cover all three shifts. However, the need for resources depends on the different aspects of maintenance, such as infrastructure installation, configuration, daily health checks, and level three support, which involves the development and making of changes. Typically, organizations have dedicated teams for these three areas, team members should be assigned accordingly based on this information. The tool is comprehensive and able to meet identity and access management needs. However, it can be complex as it contains multiple tools to address requirements in specific areas. I rate One Identity Manager an eight out of ten.
It's a very flexible solution. You can improve or develop it based on your needs. If you have a little bit of knowledge of .Net code, you can create whatever you want. The product is so open to development. If you have some coding experience, you can do whatever you want. This is one of the most important things for us. I would rate it an eight out of ten.
I give the solution a six out of ten. I have worked with similar solutions such as Oracle One, CA, RSA, SailPoint, and IBM. Other identity manager platforms mostly use Java J2EE-based frameworks. The challenging part with One Identity Manager is that it uses the .NET Framework, for example, VBScript. It's a struggle to find the properly skilled resources in the market. VBScript is considered a niche skill right now. One Identity Manager seems to be lagging behind its competitors in terms of its out-of-the-box connectors. Almost every other identity manager product has connectors for a variety of applications, such as ServiceNow, Workday, and SAP, but One Identity Manager does not. The auditing and reporting modules of the solution definitely need to be improved. It needs to be more intuitive for business people, especially those who don't deal with IT. Each solution has its own pros and cons. Oracle has a little heavier deployment compared to One Identity Manager. However, when compared to other vendors' solutions - such as Saviynt or SailPoint that can be deployed within two to three hours, One Identity Manager requires a full day. The amount of maintenance required for the solution depends on the type of implementation. One Identity Manager is good for organizations looking for multilingual support, low-cost, and highly customizable solutions. The underlying technology of the UI is going to change. One Identity Manager is moving from VBScript and HTML to Angular with the latest version.
My advice is to review your business cases and try to use most of the out-of-the-box features of the product, instead of asking a consulting company to customize the solution. Adding customizations will add some burden when you need to upgrade to the next version or make changes. They will increase the chances of failure and your progression and smoke testing. Try to reduce the amount of customization with this tool. When it comes to customizing One Identity Manager for particular needs, it's like any other tool. When the tool is implemented we try to push customers to use all of the functionality. If there is a need to customize, on a scale of one to ten, where ten is easy, customizing it is a seven. And as a tool, on its own, it does not create a privileged governance stance to close the security gap between privileged users and standard users. It needs to be integrated with another product. One Identity Manager does the user provisioning, de-provisioning, and access requests and management. But if you want a full integration with a PAM solution, Quest has a different solution called One Identity Safeguard. Safeguard is the solution for privileged access management and can be connected with One Identity Manager. By connecting the two tools, you can keep track of the submission of requests with One Identity Manager and the fulfillment of the requests in the privileged access management tool, which is Safeguard.
One of the variables it really depends on is the replication time that is set for it to replicate and pull all of the new changes that have been made from the user GUIs. But I work with a relatively large network, so our replication time is different from that of an average company or user. I have a very positive opinion of One Identity Manager. In all honesty, it's the best application that I've used. I give it my 100 percent recommendation.
I rate this solution a six out of ten.
I don't remember the exact version of One Identity Manager I'm using, but it's the latest supported version. Everybody uses One Identity Manager in my company because everybody's making requests, but the average number of users of the product is between thirty thousand to forty thousand. My advice for anyone who's interested to use One Identity Manager is to find a good partner who can help you go through the product because no matter what product you buy, you need someone who can guide you. You should also have dedicated people who can learn and administer the product from the get go, not just when it's live or in production, but from the time of installation and implementation, because One Identity Manager is a great product and you need to watch how it's configured. Unlike in SailPoint and Saviynt where there's a lot of code involved, One Identity Manager is a product that has a configuration you can still understand when you're sitting next to somebody configuring it, so it's best to start learning the product from day one. You should also take notes and write documentation about what you've learned and what you did, even if you found it easy to configure, so many different people can do configurations in your place, and for you to also keep track of the versions and who did what, what this particular workflow does, and what this configuration does because if you're not doing the configuration all the time, you're going to get lost on it without documentation that you can reference and follow. I'd never give a solution a rating of ten out of ten because the perfect solution doesn't exist. I'd be rating One Identity Manager a nine, and the reason for this rating is that if you think about implementing any identity governance tool, the biggest amount of money you spend is not on technology, and the biggest amount of time you spend is when you're talking to businesses to understand processes, then translate those into the actual implementation. That would take up the most time in terms of processes. One Identity Manager helps you make it shorter because people in business can, instead of describing what's going on, if you train people right and let them go into the product and configure it because there's no technology involved, you can save yourself plenty of time responsibility-wise and access-wise, and this is what makes One Identity Manager a nine out of ten for me. My company is a customer and partner of One Identity Manager. I'm a consultant for companies that have the solution. I'm also a partner who installs and offers consulting around One Identity Manager along with other products. I'm also a partner of Saviynt, SailPoint, and Microfocus. I also have experience with Oracle and Fisher.
I'm a freelancer, so I work for multiple customers and I work for three customers that are using One Identity Manager, so I can't give the exact number of users, but big teams use it. I'm using One Identity Manager because it's what my customers selected. My advice to anyone looking into using One Identity Manager is to start playing around on the virtual setup to get familiar with it, in particular, make a small domain, set some target systems up, and get familiar with the setup. I would rate One Identity Manager eight out of ten because it's very stable and very customizable. For the last two years, the solution has improved and cut back on technical depth, and it can stand on its own two feet, but there's still space to improve. Overall, One Identity Manager is one of the best in the market. I'm an identity and access management consultant, so I'm not a partner or a reseller of One Identity Manager.
I rate this solution a six out of ten.
I'm using the latest version of One Identity Manager. In my company, the tool is still in the deployment stage, but within a few months, all people in the company will be users of One Identity Manager, particularly the portal. There'll be about five thousand users of the tool within my company. My advice to anyone using One Identity Manager for the first time is to make an audit on your company with an independent partner to be sure if you need the tool because One Identity Manager won't be worth it for every company. You have to match it to your needs, or else you'll never get your money's worth. For example, in a stable company or one that has similar jobs, the tool won't be used a lot. If you have three to ten job types and all of those would be the same after many years, One Identity Manager won't be the tool you need. You can just go for a cheaper tool that can do the job for you, but if you have a complex company and you have to face a lot of regulations, and if you want to adapt more quickly, One Identity Manager is a good choice. I'm rating One Identity Manager nine out of ten because it fits my need, and though it's complex, it's a learnable product. It also helps my company become more agile and also helps it face new challenges. One Identity Manager is the tool I need, and I like it. The tool helps my company and also helped the previous company I worked for, so I have no complaints about it. It's a tool I like working with. I didn't give One Identity Manager a perfect score because the connection with ServiceNow isn't there yet, so that's an area for improvement. When you send in an incident or put in a request that's not a standard request on One Identity Manager, you have to make an exception in the way your company should work, and this is another area for improvement in the tool that I also don't like. My company came up with a workaround or a solution to this, but a company such as One Identity should be able to propose a solution out-of-the-box. My company is both a customer and a partner of One Identity Manager. I say partner because a representative from One Identity comes to my company every two months and listens to feedback about the pros and cons of the tool. I say customer because my company pays for the One Identity Manager license, and if there's an issue, my company makes a request and lets the support team know what makes us unhappy.
Take your time in deploying the system and know the processes you want to support with it. Knowledge of the processes you want to support is the main thing.
Look to limit customizations where you can; it can be easier to customize the tool in the short term, however, it can result in significant technical debt and effort in the future.
It isn't just this product. IAM projects never come in on time or on budget. It's just the nature of the beast. But definitely have your use cases thoroughly defined. If you have those, the configuration will come rather easily. Even though customization is available, you need to be aware of the dependencies and the other features that may be negatively impacted if you don't do best practices. You want to make sure that you're using best practices and not just configuring something because that's the way it's done in your company. That could negatively impact the other features that do adhere to best practices.
My advice would be to implement the out-of-box product and pull in your initial data sooner rather than later. Planning is needed but I assure you that you likely don't know how much of a mess you're in, especially if you have no IAM solution already in place. The OOB data collection will help shed light on the issue you have and have yet to discover then you can craft robust solutions to tackle them. Involve HR, involve your process owners, involve your business unit leads. Ultimately, you want to use a tool like this to empower your business to make decisions and engage in self-service. It may be difficult at first but if you involve them and try to meet their needs you can turn IT from a burden into the hero of your company. Work with a partner. While the vendor has great staff and is very knowledgeable, ultimately the partners are the ones who can really help you make the magic happen. All partners have the ability to engage the vendor directly should the need arise. You can save a significant amount of cost by going this route.
The tool is one of the best tools, out-of-the-box. It has great integration, especially for companies using SAP. On the other side, choose the right partner and don't look at only one system, but other systems as well. If a company is looking for a system to control SAP, don't focus on your SAP. Look at one system which is able to manage in general, and with good integrations. One identity is one of those systems. It is also important to have a defined process. We establish it and then, with the use of the tool, we apply it. I would rate the solution at nine out of ten. I like the out-of-the-box functionality. You don't need to do specific customizations; you can quickly use the system as it comes. And the solution has flexibility.
It's very good to have a system that handles access rights and a system that you can automate with a lot of other systems like with LDAP and Active Directory. You can probably integrate it with other things as well. For us, it has been a very nice product and we are very happy with it. The advantages come with many other things that need to be done to use Identity Manager. It takes time to create things and get new systems and features running and to teach people how to use it. We've heard about the privileged account governance features. We haven't yet started using them but I think we will soon. Overall, I would rate it at nine out of ten. There are always things to improve on, nothing is ever perfect. I like the product and I think it's nice to work with, but I don't do that too much technical stuff. For everything I do with it, I think it works fine.
My advice is to try this product first and then decide. In organizations with a large footprint of open source operating systems, such as Unix or Linux, security for them is a bigger concern, especially for banking. They should take advantage of using the evaluation version. Overall, I would rate this product eight out of ten.
Keep the scope small in the beginning, so you don't do too much. Go live and then add more features on the way because, otherwise, it can go on for years, and you never get anything done. Also, don't start to customize features too much. Try to use what comes out-of-the-box and try to implement it that way. Somebody has thought of these things already. In most companies, a lot of these things are probably done in the same way. I would rate One Identity Manager at eight out of ten. There's always room for improvement, but I'm pretty satisfied.
Look at one or two videos online on the One Identity YouTube channel. Get in touch with some of their people and possible get a short preview of their products. That is the easiest way, so you can set up a test environment pretty fast be shown how simple the processes work. One Identity has a very strong community combined with the tool. They also have a very good relationship between partners, customers, and themselves. It is easy to extend the product for custom purposes.
I think it's one of the best solutions on the market. It is a big task to implement alone, so ask a lot of questions if looking to implement. You can see and do a quite a lot. It is really open in that way, but going out and trying to do stuff which it isn't meant to do, that's much harder. I wouldn't go there. However, it's gives you a good framework to work and build on. The policy and role management features work. They are getting better all the time. I don't really have a better experience from other solutions. I am just learning the privileged account governance features and how they work. We don't have SAP internally. We offer it as a service, as a company, to our customers, but we don't use it. We are managed service providers, so we cannot have our own private cloud.
Think through what is most important and your strategy, especially your cloud strategy. Look at the different competitors in the market, including this one. Our cloud strategy is impacting what we decide to roll out. We have not implemented the privileged account governance features yet.
The solution is used very often in the market. There are a lot of satisfied customers using the product. They are a lot of partners who can help you implement it, if you are interested. We know few other products in this industry. The flexibility, long term plan, and roadmap are very good. Also, its future is looking good.
It isn't that hard of a product to use. It's actually very easy to set up. Your business case is much easier than you think, forget the word complex. Just use the product as it is meant to be used, and it will make your life easier. It will also make your customers much happier, reducing the time to implement something or making the company grow. I have done some basic SAP integrations just using the out-of-the-box connectors. After connecting it, the customers with their own technical teams go in and clean up SAP. The customers that I am working with haven't moved to the cloud yet or are just starting move to the cloud. I am pleased to see many steps are being taken to make cloud integration much easier from version 8 and up. I am interested in finding more out about the privileged account governance features.
Compare all the solutions and all the things that you can do on them: How easy you can set it up and how fast it can grow. Because identity management will grow with you, and you have to have a product which can grow with your organization.
It will impact the cloud strategy of a lot of customers in the future. We just started to implement this feature for customers, so it should have a huge impact in the future. We have not integrated the solution with SAP.
We are trying to achieve more targeted systems in the future. We do not use the policy and role management features. We have not integrated with SAP.
We are satisfied with the product.
Implementation and integration with SAP went well from the Identity side, but we have had internal problems with the data. However, we have been solving that for four years now.
Build a strong team for this solution because there will be a lot of issues that you will have to go through, especially on your HR database. Build a team that knows how to listen and how to act. The SAP integration process was quite interesting. You have to search for the answers in the right department with the right people. After that, it becomes easy. We are currently not on the cloud.
The product is a nine out of ten because 80 to 90 percent of our requirements are out-of-the-box. Consider the speed of implementation, amount of customization, and the authentications if you are comparing between tools. Operations is also a topic: Is it easy to operate and is there a dedicated operational team? We have integrated with SAP because SAP has connected systems. I like the integrated approach of the privileged account governance features.
It's a good product which provides great opportunities. Regarding the policy and role management features, I hear they're good. I don't know that part as well, but I have heard from the engineers they're pretty okay. We have integrated One Identity Manager with SAP, but we're moving from SAP as an HR system to the Workday system. We're in the middle of that integration right now. The original integration with SAP was done before I started using the product, but I from what I heard it was pretty okay. But you have to have a lot of knowledge of One Identity Manager before you can start implementing it, and knowledge of it is a bit of a problem. The solution hasn't yet impacted our cloud strategy because we are not working hard on cloud strategy right. We're thinking about moving some pieces but we have not yet implemented it. We know that version 8 is much better than the version 7 we use. But the version we use is about a seven out of ten because we have had some real difficulties with the integration part, from the old systems.
I would rate it as a seven out of ten, because there is definitely room for improvement.
Check the big picture and what exactly the company needs. Choose the partner wisely. It's always important to make a successful implementation. One Identity Manager is good because it allows you to choose at a granular level exactly what you need for the business. This is not how it's implemented currently with us, but especially in compliance GDPR and privacy settings, you can have more granular permissions on privileged accounts and be able to monitor who makes changes on the accounts in IDN. We only have very basic functions now. However, the solution will have an impact on the roadmap of the company and on our company's roadmap of IT solutions to come.
Think about what the out-of-the-box features are in the product and how those map into your business requirements. Perhaps look at revisiting the business requirements to better fit with the product. We integrated the solution with SAP, given that we already had a significant SAP deployment for our financial services. Because I wasn't involved in that I can't comment on how that process went. In terms of our cloud strategy, One Identity Manager hasn't impacted it. The solution will fit within that strategy. I would rate it at eight out of ten. It meets most of our business requirements. We can deliver functionality the users want, but it does need some improvements, in the performance and support for a DevOps-type quick SOC release.
For this or any other similar solution, make sure you have the maturity to go forward with an identity management project. If you are at that point, this solution is a good option to look at because it's really flexible. It makes it possible to do a lot of things. We are getting comfortable with the solution. We're just at the very beginning. We are in production but not for the whole company, so we are not enjoying all the benefits of the solution. In terms of the privileged account governance features, we are not there yet. We are now investigating them and they look fine but, we are progressing slowly. The solution has helped to simplify compliance, but not as much as we would like because we haven't implemented all the options, all the features yet. We are in the middle of that. We have integrated the solution with SAP, we need to get identities from it. The integration process with SAP has been the worst. It has been really difficult because our SAP is really customized. The standard connector hasn't been enough, so we have had to create a new connector and it's been really difficult. I would rate it at eight out of ten. It's pretty new but they are making a great effort to be the best and to focus on the user.
While our journey to find a solution was tiring and we invested a lot of work and knowledge, our expectations have been reached and even exceeded. It's really good to invest time and money in a solution which offers you something that all users, not just IT, can use. Sometimes, the solution is flexible. However, the customer should sometimes be flexible to the solution, as well. Those who worked on this implementation now spend less time on user rights, etc. While it lowered their workload with this solution, they are now working on something else.
Evaluate how you can do the rollout, how will you approach the rollout, and if you have other application. Check how you are going to do the rollout and plan for it, then evaluate the products against it. It has increased our help desk calls a lot. We probably have between 60 and 100 access calls related to access management processes in One Identity Manager a day. One Identity Manager has not impacted our cloud strategy and its management.
Define what you are researching. Write down use cases you need. Then, ask for a demo with you data, so you can see actual results. We are working on our IT cloud strategy. We are starting to do cloud provisioning integrated with our identity management. We use it for compliance, but not directly for GDPR. We are using the policy and role management features.
We are currently working on integrating it with SAP, but we are customizing a lot of things to fit with the current company's requirements. Their requirements are quite different from the out-of-the-box settings. Next month is the first SAP system go-live. After the SAP onboarding, we will look at the cloud. I have fixed some bugs in the code for the Office 365 onboarding earlier. That was a very early version with custom connectors to Office 365, version 6. But in terms of a cloud connector, we have not started to work on it yet, in the latest versions.
If you want real-time management, it can be done within three to five working days with this product. That is how we do things today, so we have a process in place and do it with internal resources. Bring your processors in under your control. Define what you want and when it works in Excel, then you are ready to buy the solution. It doesn't really matter which solution you would buy, as long as you have things under control. The policy and role management features are very powerful, but it is hard to make the organization use them in the proper way. We have not implemented the privileged account governance features. From the back-end perspective (provisioning engine), I would give it a nine out of ten. However, from the web front-end, I would give it a five out of ten.
Don't work too much in the beginning. Focus on what's really necessary and important. Forget the luxuries you have. There are old processes that are really great for some people and look like pieces of artwork. However, the maintenance of them is really expensive. So, know what you really need, what is your business case, and what is important for you. Keep it simple and structured. Then, you will be happy with a solution like One Identity Manager. You have to understand the concepts of the software. Then, you can be productive and be happy with it. We were able, with this solution, to go pretty fast from an on-premise AD and Exchange environment to a hybrid setup with a lot of stuff in the cloud. Right now, we're not really using the privileged account governance features. It looks promising. In our organization, it looks promising, but we're not going to go there right now because its another responsibility for someone else in the company. So, while it looks good, we don't have the capacity to go there now.