What is our primary use case?
We use the solution for access certification, the configuration of duties, and role mining.
What is most valuable?
All three functionalities, access certification, the configuration of duties, and role mining - especially role mining - are very advanced compared with the competition.
The solution is intuitive and easy to use.
The product is easy to install.
I have found the stability to be quite good.
According to past experience, it scales well.
What needs improvement?
I'd like for better integration with the rest of the identity suite of Micro Focus. For example, I know that in the role up of the solution, they expect to use a common product, a very tight integrated solution with both functionalities, Identity Management and Identity Governance. Both products are separate with connectors between each other, which is a disadvantage as they were both developed by the same vendor. Therefore, they should be, from the beginning, part of an integrated solution. They need to offer something that is fully integrated, which will be very good for customers.
The product could use more advanced features related to Identity Intelligence.
Micro Focus has a product where they combine identity functionalities. Interset which is a data mining tool is a very big flash solution, which combines with the Identity Framework and gives users Identity Intelligence. Micro Focus is starting down this path of showing or gaining more advanced features, which is very good. I expect to see an evolution on this front.
For how long have I used the solution?
We have been a Micro Focus partner for more than ten years now, however, Identity Governance, we only implemented about four years ago. We had Identity Manager before that and we started with that nearly 10 years ago. It is an older product.
What do I think about the stability of the solution?
The solution is stable. there are no bugs or glitches. It doesn't crash or freeze. It's reliable.
Since the first product we implemented, we have customers that we support via contract where they can call us in case the product fails or something happens. They rarely call us. They usually ask about how to improve new integrations, however, we rarely had support issues with this product in the past - and definitely nothing in relation to stability.
What do I think about the scalability of the solution?
The largest implementation we made with this product was in a bank in Chile and they had more than 12,000 identities. It scaled very well. We were a little worried at first as we had never done something that big. However, it scaled perfectly. There was no problem. I don't know if it would hold up if we implemented it in a bigger customer, for example, someone with 100,000 identities. I don't know for sure how it would behave in this case. That said, I've never had an issue.
How was the initial setup?
In initial implementation is very easy. It's not too difficult.
We usually deliver this kind of project with a team of three people. One project manager is typically involved just in the project management task and then one functional guy, as we have to interact sometimes with the business side and the access certification, et cetera. You have to tell them about the purpose and the interface and how we expect them to respond. Then, there are one or two technical people needed that implement the software at the beginning and then integrate each application of the customer. We usually have a mix of compromise and cloud applications and different flavors and types of architectures. Each project depends on how many applications the customer wants to integrate. Sometimes you need two or three technical people working in parallel just to achieve on the timeline of the project.
What was our ROI?
With Identity Governance, you have less risk of fraud. It's not a question of how many managers return the costs of efficiency. If you want to improve inefficiency, you have to go to Identity Management. However, with Governance, the return you get is related to the fraud you prevent. Therefore, you definitely have a return on investment as you avoid trouble in the future.
What other advice do I have?
We are partners.
We are using the latest version of the solution, which may be version 4.5.
This solution is a very good first step where you don't need to have all the processes formally defined or all the privileges well assigned. It doesn't matter as it allows you to gain visibility and start deleting the unnecessary privileges and to start erasing accounts or deleting accounts that no longer are necessary. You can do this due to the fact that you can match every identity to the corresponding employee profile. For example, if an account doesn't exist in human resources, then you can delete it as an orphan account easily. It allows our customers or any organization to mature in the path of implementing in a second step, an Identity Manager, which is the second tool that they can add. Once they have the privileges well defined, and they start to formally automate all the processes.
How you govern the user life cycle is the second step. We usually suggest clients start with Identity Governance and then continue with Identity Management just to automate. That said, usually, the customers are not mature enough to automate as they don't want to automate something that is badly defined. If you have a mess in your systems, you first have to clean and then automate. Identity Governance is very good for cleaning.
I'd rate the solution at an eight out of ten.
*Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
