Omada Identity Reviews

We wanted a solution that could help us make HR the master of identities. We wanted a solution that could take that data and direct it into all our other directories and Active Directory.

We have Omada set up to remove an employee's access as soon as the employee leaves. When we started to do this, we saw that quite a few of our accounts were actually removed, meaning we had holes in our security. There were too many active accounts, compared to what should be active. That was one of the first things we saw.

Now, everybody is really aware that when a user leaves, the account should be disabled and accesses should be removed. People are getting more used to seeing that. It does something for the entire security culture, around identities, in our company.

The solution has also definitely helped us save time when provisioning access for identities. We don't have to go in and do a lot of the work that we did before. It may have saved us somewhere in the range of 10 to 30 percent of the time we spent on provisioning access.

In addition, before Omada, we used many systems and now we are using just this one system. Currently, we are mostly concerned about AD applications, but in the next year our plan is to incorporate all the systems, like our ERP. It will help us consolidate. The consolidation we have seen so far has helped reduce the time it takes to give people the access they need, but not that much, perhaps 10 percent. It's mostly AD groups at the moment. We will probably see a better number for that next year.

At a high level, the areas of the solution that are most valuable are the 

• provisioning engine
• access request.

And, of course, all of the identity-handling capabilities are the most important to us. 

Other very good aspects include the

• interface, which is easy and intuitive
• review access handling.

There are some technical bits and pieces that we have looked at that could be better. For instance, when you do a recalculation of an identity, it's hard to understand what was incorrect before you started the recalculation, and which values are actually updated.

Right now, all you see are all the new fields that are provisioned, instead of seeing only the fields that are changed. This makes it hard to understand the situation before you started it, compared to after. This is one of the key features that I'm really missing.

Also, the onboarding of applications could be easier. There could be workflows to go through the entire process of onboarding a new system or application, instead of having to go to three places to do it. 

Those are the two key improvements needed.

Also, the connectors for the applications that we use are good, but not fantastic. This is constantly improving. Recently, they added a ServiceNow integration, so there are still new connectors coming. But there are a few systems that I would like to see on the list, systems that are not there today. We have two ERP systems: SAP and something called Infor M3, and the latter is not there. It's okay, though. Maybe some of the other companies we evaluated have even more connectors, but Omada was good enough for us.

We have been using Omada for two years.

We haven't had any incidents so far. It has been extremely stable.

It's at least scalable for what we need. We are now running a few systems on it with no problems so far. It has been scaled and that was fantastic. When we start to implement more and more systems, I hope it will continue to scale just as well as it has up until now.

For us, their technical support has been fantastic.

Also, Omada definitely provides us with a clear roadmap for additional features that will be deployed. I'm so lucky that I'm part of the board that looks at new features coming out. We are among a few customers that are invited to see the roadmap, for clarity. So I really do have a good overview of what's coming in the products.

It might sound strange, as we have been using it for a couple of years already, but we are not there yet when it comes to utilizing all of the new features. There are still so many basic features that we need to implement in our organization. For example, I have looked at the analytics and we have used them a little bit. But right now, it's not a key function area for us. Going forward, I definitely think we will use it more and more.

Another example is Omada's certification surveys to recertify roles or to determine if roles are relevant. We are starting to use that now but we have not done it at the scale that you might imagine. We are at the very beginning of that process. By the time another half a year has passed, we will have done quite a lot on that.

Positive

We used a self-developed solution that was based on a lot of scripts and different GUIs and interfaces. But it wasn't a product, it was just something that we put together.

The initial deployment was straightforward. The setting up of the solution was done by Omada and it only took a couple of days. Then they came with a good description of what we needed to do and we were complete within the first week. Everything was up and running. Then we started building the business logic. That took some more time, but the actual setting up of the entire environment and having everything connected took just a few days.

Omada helped us to deploy IGA within 12 weeks. The first phase took eight to 10 weeks. When we started, it was much more about an HR product than an IT project. It was to get the organization to understand that HR needs to be the master of identities. After that, we needed a solution to take that data and turn it into something productive, and that's where we saw the first benefits of Omada.

It is implemented as a global solution. We have Omada running in the cloud. Then we have a VPN collection set up to Omada. And we have different HR systems running in our company and all of them are synchronizing their data on a daily basis to Omada through connectors. And we control AD, Azure, et cetera by the data that we receive.

On our side, there were four or five people involved from different teams. And the team from the Omada side had three people plus a project manager.

From an administrative point of view, there are 10 to 15 people using Omada. Eventually, I hope all our users will go into and do something. For now, we have 500 to 1,000 users who are doing something in the solution. This will increase more and more over time, as more accesses are ordered by the employees.

In terms of maintenance, there are always new things that we do in the system, but Omada takes care of everything when it comes to patching and upgrading the environment. The only thing that we do is upgrade it when there's a new version out. We just have to go into an admin site and say, "Now we want to do the upgrade," and it's one click of a button and it's done.

We evaluated six or seven products, including One Identity Manager, SailPoint IdentityIQ, 365 Identity, and we also had a quick look at Microsoft Identity Manager, but that was not a full solution.

Among the reasons we chose Omada was that they had the identity process framework. When we started this, we were very immature in our identity journey, and having this identity process framework was a good way for us to get started. It was very clear what we needed to do.

Also, with Omada, you bought a license and you had everything. With a lot of the other products, you had to buy X, and then you had to buy Y if you wanted to implement a new feature. And there would be another cost if you wanted to implement another feature. Omada's model was very easy for us to understand: If you buy it, then you get the entire solution. That made it easy to see what the cost was going to be in the coming years.

Also, we had direct contact with Omada and we used their consulting department to help us onboard it. This was very good because we had people sitting close to the product group, in case there were questions. And they were building it correctly from the start, instead of having some local contractors coming in to help us. That was also something that was really good.

On the negative side, some of the other products might be more developed and have more features. But, Omada was very good for us to get started with.

I would definitely recommend Omada. It's a good product that absolutely does what you need. I would suggest reading through the identity process, the framework that they have created, to get an understanding of what you need to have in place before starting this project. For us, it was a long road to work with HR to get everything implemented. Having that understanding before you start is really key to a successful implementation.

It is to get more standardization for our organization on everything related to identity, provisioning, and managing access. 

I am not working a lot within the tool myself because it is not my role.

At the moment, because we just started our journey, its benefits are very limited. We are focused. We had an in-house IGA solution over the past 25 to 30 years, so our main focus was doing a technical migration first. We have some improvements to current processes, but we are not yet fully leveraging all the capabilities that Omada can give us. We are focused on our first technical migration.

Omada can help to deploy IGA within 12 weeks by focusing on fundamentals and best practices. That was the idea. That was also something I warned them about upfront. I told them it would be a real challenge within our organization. If they start from a blank page, the 12-week initiative that they have is achievable, but for an organization that already has certain processes and a tool in place, 12 weeks is not possible. We tried, but we could not meet that. We failed, but that is not a problem with the package. It is more of a problem as an organization. During the initial conversations at the start of the projects, we did say that we would give it a try and see where we end up. We would not focus too much on 12 weeks. They have been flexible to it as well. Just because they have listed it as a 12-week initiative, it does not mean that they are not flexible to go beyond those 12 weeks.

It is set up to remove an employee's access as soon as that employee leaves our organization, but we have limited scope today. It is currently only for a subset of applications. The goal is to have all major applications or data resources integrated, and then we would achieve that scenario.

Omada Identity has had a positive effect on our security posture. We are able to remove certain accesses in a centralized control way. We are able to remove certain roles or update some of the basic roles.

Our provisioning process is definitely faster today. With the previous solution, we needed to wait for overnight synchronization and scripting to run, whereas now, it is every six hours. It is definitely faster, but we are working to improve even the six-hour schedules.

The out-of-the-box connectors that Omada provides for the applications work. They need a little bit of effort in integration and setup, but they work.

It is modern. It is meeting our requirements. Its interface is okay. I know they are working on some modernization to make it more modern.

Support-wise, working with Omada has been good. We have very good direct interactions and fast responses.

Pricing-wise, it definitely meets our expectations. As compared to other vendors, we have better pricing.

Documentation can be improved. I have already filed a few suggestions to make documentation more clear and more representative of reality.

We have been using Omada Identity for about a year and a half. This duration includes some demos and trials. It has been about a year since we went live.

We experienced an issue that led to quite some commotion. We are still working on that one to see why it happened and how we can prevent it going forward. In general, I expect that it will be a stable solution, and we will not experience such things on a regular basis.

The issue was that there was a change or an update done that triggered something in the backend of the system, if I understood correctly, which then led to updates to a lot of identities that were not yet supposed to be under the management of the Omada solution.

I would rate it an eight out of ten for stability. That issue had nothing to do with the stability of the platform. It had more to do with the backend software updates.

Because it is a SaaS solution, I expect them to manage scalability. We do not want to manage it, and that is why we chose a SaaS solution. If they see that they need to add additional resources, it is up to Omada.

It is an enterprise solution, so only enterprises will benefit from it and use it. We just did a technical migration, and we will next focus on the provisioning of accounts. It has a very limited exposure to the end users, but that will increase in the coming months and years as we continue our journey. Currently, it has our service desk people, and then there are another 10 to 15 people with very limited insights into the tool. It has not yet been rolled out to the end-user community. We have between 5,000 to 6,000 people.

I would rate it a nine out of ten for scalability.

Because we are still in the rollout stage, we mainly work directly with our customer success manager. A few tickets have been opened during the initial setup and the first go-live, and they have always responded very quickly. We have got a direct line to Omada with our customer success manager. It is like having a direct support person.

We will be able to evaluate their customer support moving forward. We also use a service provider to assist us with the integration. They will be the main contact between Omada and us going forward.

With the service provider, there are some hiccups, but they are also starting and learning about us as an organization. They have their standard way of working and handling processes. Being an R&D organization, there are some challenges, but we try to address them. We also have Omada's support. If we see something not going as smoothly as expected with the service provider, they can put pressure on them, and we can get the results.

Positive

We were using an in-house solution. We switched mainly because that solution was running on an old supported platform. We did a security audit of it and found many vulnerabilities that were hard to fix. That solution could also not deal very well with the hybrid reality that we are in. We needed capabilities to manage on-premise provisions of identities, accounts, and accesses, as well as any cloud-based, SaaS, IaaS, and other kinds of services.

Omada Identity has not yet helped us consolidate disparate systems for access management. We only have a few key systems connected, which are already a part of the existing IGA solution and processes.

We have the SaaS version. Its deployment was straightforward. It was pretty standard.

Its implementation took months of continuous workouts. It included setting it up in test, validating, going through some initial technical testing, and then setting it up in production. It took a couple of months.

It does not require any maintenance from our side. Because it is a SaaS solution, the maintenance is handled by Omada. We have to schedule the updates and see how they fit into our change management processes.

They communicate well about the roadmap. They have a six-week release cycle. For the last one, we did notice that the new features that were going to be implemented were not yet posted on their website on the day of the release, but a day later, everything was okay. They are overall good and as expected.

There were about ten people involved from our side. I am also including application owners. If we have to integrate with certain applications, they have to do something on their end as well.

With any security solution, it is very hard to calculate the return on investment.

It is not cheap. None of these solutions are cheap, but we have good pricing at least for now from a licensing perspective. Being an R&D organization, we have a mixture of employees and a lot of partners. We work with a lot of PhD students and universities, and there was flexibility at least to make a distinction between those two types of identities, which also had an impact on the pricing. So, its pricing is reasonable.

Do not get overwhelmed by the 12-day package that they offer. Be well prepared, not necessarily from a technical or solution perspective but also internally. Make sure you have the right people onboarded. It is not an Omada issue. It is more internal to the company. Make sure that things are in order and the right people are onboarded. Make sure you have a dedicated IAM team ready to support it before you start the journey, not during or after.

The goal of going to a platform like Omada, especially its cloud version, is to minimize customizations as much as possible and go with the standards already built into the platform. Along with Omada, we also use a third-party service provider. If we see something that does not fit our organization, we try to see if we need to change some internal processes to meet the defaults within the product, or we try to come up with other ways within the product. We want to stay away from any customizations as much as possible.

I would recommend Omada Identity. There is not a lot of choice out there.

For now, from what we have seen, I would rate Omada Identity an eight out of ten. There is always room for improvement.

My use case for Omada Identity is that it's an identity and governance administration tool, and we use this for IGA as our IGA tool in the company.

What I appreciate about Omada Identity solution is that it covers most of the concepts of IGA, and the request access UI is getting better. Omada Identity has helped us consolidate solutions for access management as they provide access request concepts, access reviews, and different types of access reviews that can be used. Both important parts of any IGA solution, requesting access and reviewing access, are provided by Omada Identity.

The areas that have room for improvement in Omada Identity are the UI, the reporting as they don't have any kind of reporting currently available, and the notifications. These three are the main areas where they need to improve.

I have been using Omada Identity for more than two years.

I would rate the stability as having no downtime, but there are many bugs which we report, and we are informed that they are not going to improve those bugs, although they apologize for them.

We did not have a requirement to scale, but I have been told that it's easier to scale, so I would rate it as eight.

I would rate the support of Omada Identity as a six out of ten.

Positive

We were using Saviynt previously, and the support was not very good with Saviynt, which is why we had to move. The cost was also a factor in why we moved to Omada Identity.

We have Omada Identity set up to remove an employee as soon as they leave the organization. This does not affect our security, as that is the standard procedure we have always had where, whenever a user is terminated from the company, their access gets disabled or revoked after a few days, which is also what we implemented in Omada Identity.

Omada Identity has definitely helped us save time when provisioning access for various identities, though I cannot recall the numbers right now. It's not better than what we had with our earlier IGA solution, as we moved from the previous tool to Omada Identity, so there was not much difference from that perspective.

In comparing Omada Identity with my previous vendor, I mention the support, but overall, it is not better. I have worked on different tools such as SailPoint in my previous organization, and this company had Saviynt, making it clear that Omada Identity is definitely not better than both Saviynt or SailPoint, so we are struggling and having issues with everything.

Omada Identity is deployed on cloud, specifically Azure. Around 4,500 users work with Omada Identity. From an infrastructure perspective, the solution does not require any maintenance. The updates and releases for Omada Identity are easy to perform.

Omada Identity has helped automate reviews of access requests and reroute them to appropriate people, but they have a standard workflow that we use. They lack in notifications, as the emails sent to the reviewers do not have sufficient information about what the review is for, nor do they have a way to communicate via Slack or Teams.

I use Omada Identity certification surveys to recertify roles or determine them with managerial surveys done quarterly. We use Omada Identity to run managerial surveys, access owner surveys, and transfer of ownership surveys.

Regarding connectivity, Omada Identity has good packages which allow us to connect to almost any application, and I would rate it as nine out of ten. The out-of-the-box connectors provided by Omada Identity are good enough to connect to any applications we want.

If Omada Identity is cost efficient and an organization has a lower number of employees who use birthright policies instead of access requests, I would recommend it. However, if they rely heavily on access requests and approvals, I would not recommend it, as the UI and reporting are not that great. If someone is looking for extensive reporting for audit purposes, I wouldn't recommend this product.

I would rate Omada Identity overall as seven out of ten.

We used Omada Identity to control the entitlement catalog of most or all of the access rights in the company. The main use of the solution was to control the catalog that determines the possible accesses and who has them. That's the foundation to get control over the existing accesses.

Omada Identity has benefits that are in common with all of the IGA vendors that Omada competes with. The benefits of Omada Identity include a holistic way of viewing access, the ability to give people access, and automation.

There seem to be many different and complex ways to do things in Omada Identity. I would like to simplify how configuration is done and also have fewer different ways of doing things. The solution should be made more agile for customers to own or configure.

Omada Identity needs to invest more in analytics capabilities. Currently, identity and access analytics are add-ons that you do in Power BI on the side. It's not a part of the product, and it's not directly accessible to the customers. I would like to see identity analytics capabilities in Omada Identity.

I worked with Omada Identity for half a year.

My team had contacted Omada Identity's technical support for a few things, and I think they were generally satisfied.

Before Omada Identity, I worked mainly with Oracle and CA Identity Manager, who are not a big part of the market.

The main advantage of Omada Identity that needs to be mentioned is that for a SaaS solution sold to a European company, it is compliant with GDPR. None of the other companies can comply with GDPR as a SaaS service because they are either US-based or use non-European personnel to administer the SaaS solution.

I don't have the details about the solution's deployment since I wasn't directly involved in the setup. I just know that it wasn't as smooth and straightforward as we had hoped for.

We got help from Omada professional services to implement the solution. They were absolutely helpful and knowledgeable. We had senior resources from Omada who really knew what they were doing. Omada Identity's deployment took two months.

Omada Identity is very reasonably and competitively priced.

Omada Identity has a pretty simple licensing model, with not so many things to pay extra for. Compared to other solutions with different prices for different modules, it's easy to plan and pay for Omada Identity.

I haven't directly worked with any of the current big vendors, such as Saviynt or SailPoint. I've only evaluated them.

Omada Identity is quite good at providing a clear roadmap for getting additional features deployed. We've always been able to have good discussions with Omada's product managers about the features we would like to have. It's a good environment for discussion, and I've heard from others that Omada is good at listening to customers and getting features into production within a year or so.

Omada partially helped us to deploy IGA. However, the company I was working for needed to take more charge and do things a bit differently. It was not possible for Omada to do that for us. Omada did help, and it was not Omada's fault that it took longer.

It's too early to say if the solution's identity analytics has affected the manual overhead involved with our identity management. It should have had a positive effect because it should be easier to request more things automatically. Since that's not in production yet, we couldn't measure the effect, but it looked promising.

Our Omada solution is set up to remove an employee's access as soon as that employee leaves our organization. This setup has positively affected our organization's security because we have less overall access.

Omada Identity was deployed as a SaaS solution in our organization.

I think Omada Identity is flexible enough to be used by both smaller and bigger companies.

Based on what I've seen, Omada's out-of-the-box connectors are more than sufficient.

I advise users to assess their data quality and make a clear cleanup plan before using the solution because Omada is not well-suited as a cleanup tool.

Overall, I rate Omada Identity a seven out of ten.

In general, we use Omada Identity for managing the lifecycle of identity access. This includes onboarding new employees and granting them access to various resources within our company, such as File Share or Ship Insight, among others. Additionally, for organizational transfers, when employees change departments or switch to a subsidiary, we rely on the old identity lifecycle management for the workforce.

Omada Identity provides a clear roadmap for deploying additional features. We maintain regular communication with Omada, engaging in daily contact. They organize various meetings, team meetings, and Omada user groups where they provide us with insights regarding their upcoming plans. 

The Roadmap helps us to get additional features into production. Omada has a user voice portal where customers can vote on different feature requests, contributing to the advancement of the roadmap. Omada listens to the customer and responds to our requests. 

Before we had Omada Identity, we had developed our own solution, which was somewhat redundant from a process standpoint. Consequently, there was a lack of connection between systems. We faced a shortage of connections and connectors to other IT systems. Omada Identity presented a significant improvement for our IT department. For instance, SAP and our HR system were not integrated with our identity access management systems at all. Therefore, every onboarding, offboarding, or organizational transfer required manual entry into both SAP or HR system and the IdentityX management system. However, with the implementation of the Omada Identity Suite and its connector, these processes now occur automatically.

Omada Identity Analytics enables us to make informed decisions more quickly than we could without it. Previously, we lacked any form of reporting. Our previous version had its own developed Identity Management system, but there was no reporting capability. In the past, we had to extract data from CSV and Excel files. Since implementing Omada Identity, we have extensively utilized the reporting and Key Performance Indicators along with the compliance dashboard to identify unapproved access. This is particularly important for access management and understanding what is happening in the background. We can now easily identify instances where there are no approvals or instances of non-compliant access permissions that have been manually granted by an administrator, bypassing the IM process. This has been tremendously helpful. Additionally, we now have the ability to provide heads of departments or team leaders with specific reports on their employees and their access permissions, which was not possible before.

The manual overhead from an IT perspective is practically nonexistent now unless we need to deploy another report. Previously, when we didn't have it at all, the IT workload perspective was at 100 percent. Currently, I would estimate it to be around five percent. However, this five percent only applies if there are questions regarding specific reports or KPIs, or if a new KPI or report needs to be defined or created. But when it comes to generating them, the workload is reduced to zero. The type of work has shifted from creating reports, KPIs, and views to the current situation, whereas before it also involved creating exports and delivering them to the department head or team leader.

Omada Identity Analytics has helped to reduce the cost of our IGA program. Every manager or project leader can generate their own report with just a click of a button, without having to wait for filing a service ticket. Instead of relying on a support person to pull the ticket, create the report, and send it back, there is now minimal back and forth to ensure the answer is appropriate for the question, thus saving time.

Omada Identity is configured to revoke an employee's access immediately upon their departure from our organization. If an employee encounters an issue during the day or engages in activities that violate company policy and are non-compliant, there is an emergency lockout procedure in place to swiftly restrict access to their account.

We frequently utilize Omada certification surveys to certify positions and ascertain their relevance to our audit requirements, such as ISO or TFAX, as well as when an employee undergoes a role or department change.

The recertification is primarily based on resource levels. There are only a few roles assigned by HR. For example, if the head of a department has specific access to certain resources such as mailing lists or SharePoint sites. However, if they lose this title, they will automatically lose these permissions or access. This is the only aspect related to roles. Everything else is based on explicit resource permissions. Therefore, it requires explicit requests and approvals, and it also needs to be explicitly recertified. 

Omada Identity helps us maintain compliance and security. We no longer encounter the classic scenario where a student or someone moves between departments, collecting permissions from each department along the way. As a result, we don't end up with the most powerful employee in the company. This is because every time someone changes departments, a recertification process is initiated to verify if their access is still appropriate for their current or future role. Additionally, this system helps us identify obsolete resources. We can now see resources that have been inaccessible to individuals for months. This enables us to reach out to the resource owner and inquire if it is still necessary to maintain access to a particular File Share or SharePoint site, given that nobody has accessed it for the past three months or so.

Omada Identity helps save time on provisioning access for identities. Because we have a better ability to utilize connectors, such as those for SAP or Azure Active Directory, we have been able to connect an increasing number of systems over the past two and a half years. This is a significant improvement compared to our previous capabilities thanks to the ability to set up connectors. I understand that this improvement is not unique to Omada, but it has greatly enhanced our operations compared to what we had before. The process of connecting, provisioning, and de-provisioning is all automated.

Omada Identity is more sophisticated than the previous version, so we transferred the access request reviews to Omada. As a result, we now have the ability to incorporate more approval steps for medium-level permissions. This process is automated through the workflow. While we had this capability before, it doesn't represent a significant gain for us. The only advantage we have now is the inclusion of multiple improvement steps that were previously absent. For instance, the head of a department and someone from the finance team can both provide oversight since this involves financial reporting and control. Additionally, these steps must be approved by someone from the controlling or finance department.

The most valuable feature for us is the ability to set up connectors to various IT systems and offer a wide range of supported connectors. These predefined connectors include ones for SAP or Azure Active Directory. Moreover, if these are insufficient, we have the option to create our own connectors by scripting using different script languages.

The web GUI can be improved. 

I have been using Omada Identity for two and a half years.

The technical support team has specific response times. Additionally, we have an Omada consultant present on our site every day. In case the discussion with the support team veers off track, the consultant steps in to redirect it. Moreover, they have access to internal information and can communicate with the support team internally. Having these on-site consultants gives us an advantage, as we are not solely dependent on tech support.

Neutral

We switched from our previous solution because we wanted to eliminate the platform. Our previous solution was driven by IBM Lotus Notes, and we had a significant project years ago when we transitioned from IBM. At that time, we moved from IBM Lotus Notes, which included email, shared collaboration, and identity access management, to Outlook, Skype Teams, and SharePoint. The decision to move away from the IBM Lotus Notes platform was primarily driven by the need for a different platform. 

Due to our prior experience with the system, which had thousands of users and resources, the migration process was relatively straightforward for us. Since it was not related to the grid field, we had all our necessary resources. We had to migrate both our system and our processes, including company policies for onboarding employees and the necessary steps that should occur, such as setting up an executive account. Overall, the migration process was relatively straightforward due to our existing processes and the commitment of our management.

I give Omada Identity an eight out of ten.

The user-facing web front end has some confusing features. For instance, while the website is loading, it does not block user input. This means we can type while the website is loading, but everything we typed is lost once the loading is finished. So, to simplify, both the web front end and the user-facing interface need improvement. Omada is aware of this and acknowledges it. Although it may not be openly discussed, the people behind the product are dedicated to making it better. It's actually a compliment that the people are more impressive than the product itself, and it should always be this way. They are actively working on addressing the issues and we have seen some improvements over the years. In the last couple of months, they introduced a new user interface, but there is still room for further enhancement.

We use Omada Identity for role-based access control when the roles are coming from HR, the head of a department, the project manager, and a few others. These are the only roles we currently have and use. However, I wouldn't blame Omada for this. It is because our organization has not yet defined these company roles. Currently, we are in the process of identifying the first responders within the company. These roles include IT service desk agents and similar positions, but they are still being developed from the company side. Once that is completed, we will discuss it with Omada and, in fact, we have already begun the setup process in Identity Suite over the past few weeks. But for now, it is mainly driven by HR.

We have centralized IdentityX management for the entire organization. This was the case before the introduction of Omada Identity, and it continues to be the case with Omada Identity. There are certain situations, particularly those involving high confidentiality and secure financing matters, where we do not use Omada for provisioning and de-provisioning. For instance, we do not utilize it for high-privileged domain administrative accounts. The reason for this is that if we were to do so, the consultants working with us on a daily basis would have implicit full permissions to our critical systems. Hence, we have imposed an access level limit. In cases where we do not fully integrate Omada Identity, we manually set and provide the highest level of permissions, in line with company policy.

For training reasons, we were unable to keep pace with the accelerated development in the warehouse. We lacked the necessary system connectors, and HR was handling onboarding in the HR system and our IAM solution. Developing an HR connector internally proved to be beyond our capabilities, as it falls outside our core competence in the current business cases. Therefore, this becomes an additional reason for considering the Omada Identity platform.

The comprehensiveness of Omada's out-of-the-box connectors for the applications we use is, for the most part, satisfactory. They generally perform their intended functions effectively. If we have specific requirements, they accommodate them by allowing us to input our username, password, or tenant ID for Azure Active Directory. They continue to fulfill their designated tasks without issues. Therefore, there are no complaints about this aspect. However, if we have additional requirements, we may need to make adjustments accordingly. Nevertheless, for the most part, we can configure everything within the web portal without resorting to complex modifications in files or the database.

We use Omada to track access to our system by employees, contractors, and external parties. It also helps with compliance requirements for access review. Omada is deployed on an on-prem server at the Bankdata office, and only our identity access team can use it. About 100 to 150 people have access to Omada, including our identity team and various managers. 

We previously did most of these tasks manually, but now we're more automated. Omada gives us a clearer view of user access and permissions. The solution's identity analytics help us make informed decisions faster by providing a bird's eye view. It has sped up the process of onboarding new operators, consultants, and employees. We can get them up to speed much faster because we automated a significant part of it. 

Omada has given us the tools we need to see which permissions users have and automate the review process. We no longer need to manually compile data and send out the Excel files for review. While it doesn't save us money, it helps us scale up our processes. Omada saves us about eight hours a month on provisioning user access. 

The ability to automatically cancel an employee's access when they separate has optimized our security. We don't need to wait for someone to do it manually. Omada's role certification surveys enable our managers to see what access their employees have, helping us to stay compliant and secure. We're currently doing a proof of concept for role-based access control, but we've simplified the access review process in that area. 

Omada enabled us to consolidate some of our access management systems. However, it hasn't reduced the amount of time it takes to provide users with access. That was by choice. We decided not to roll out self-service because there are some limitations. At the same time, Omada offers better visibility and faster access. We expect more efficient, user-friendly solutions soon. 

Omada's most valuable aspect is its usability.

The account management integration isn't bad, but it isn't plug-and-play like Microsoft Azure. You need some deep development knowledge to set up the connectors. Omada has out-of-the-box connectors, but it's still a little complicated. I want to connect to the system with something like a "next, next, finish" installer.  

Omada provides a clear feature roadmap, but they could be more transparent and flexible in the schedule. Omada's SmartMap can show us the way to go. However, we haven't implemented that system yet. 

I have used Omada Identity for around six years.

Omada is highly stable. 

Omada isn't scalable in an on-prem deployment because it requires a complete installation on a new server. That's our setup, and it can be quite difficult. When deployed with cloud services, Omada is quite scalable. 

I rate our support a seven out of ten. We do not get support directly from Omada. Instead, we use a partner. They're highly skilled and knowledgeable, but they need more people. 

Neutral

We previously used Microsoft. 

Deploying Omada is highly complex. We work in finance. It requires a high level of control because of regulatory compliance. When it was installed, we ran an executable and had to follow up with it. 

However, it wasn't plug-and-play because we needed more control over storage. We couldn't simply provide domain admin and database owner access to a sales account. It took us almost two years before we could deploy Omada in a production environment. The deployment team consisted of about 10 to 15 people, including our infrastructure partner. 

Omada requires some ongoing maintenance. We have to do data input differences in our connected systems. It's nothing unexpected. 

We haven't calculated an ROI yet, but we started with a mostly manual process. Since implementing Omada, we have had to add as many resources to the team. We're still keeping a close eye on what Omada does, and how it works. Still, we expect to see a return by improving our IGA team's effectiveness and making access more efficient at the end-user level.

I think Omada is fairly priced compared to other solutions.  

I rate Omada Identity an eight out of ten. It takes a lot of time, but it's worth it. It's not something that you can implement in 12 weeks and forget about. Omada requires a lot of ongoing attention. 

Omada is used for identity access management. I previously worked as a database specialist but switched jobs when I switched companies. I joined this company because I connected personally with the company culture. As part of my new role, I received training on Omada Identity Cloud, which was being taught to new hires. During my first six months with the company, I worked from the Omada office, explicitly focusing on Kubernetes to gain a technical understanding of the system.

Developing new solutions and processes within the system can be very challenging for our customers, and it often requires highly qualified professionals to assist with the process. This is why companies typically hire consultants when they need to change their systems. I started as a consultant and am now a full-time employee. As such, I can leverage my expertise to provide valuable guidance and support to our clients needing assistance with their systems.

We have just under 3,000 users spread out across multiple locations in Denmark. Departments across the county can access the system from the cloud. 

Omada streamlines onboarding by automatically granting employees access to various IT systems. We can remove an employee's access immediately after they leave the company. It improves our security because people who have left can no longer access sensitive information, such as our finances and tax data.
We have also had cases where people continued receiving a salary after they quit. Previously, someone needed to remove the employee's access manually. Now, it is done automatically.  

It also helps us with internal and external audits. The auditors ask us why users can access particular systems, and we can produce reports for them. It saves us time because we don't need to spend hours looking through various systems to determine who has been given access. Omada documents who has requested or approved access. You can see when access stopped and why. 

Omada's surveys have simplified the process of assigning roles. We know that if we send 200 questions to one manager, he will accept everything. I don't have time to review 200 permissions. Based on the questions sent to one manager, we try to minimize that by grouping them as roles. You only have to approve six roles instead of 200 granular permissions. Omada has helped us to do that. 

We have to do this a few times every year. If we add a new role or access within a role, it must be approved by the access owner. We have fixed rules that every access has to be reviewed at least once a year. Some are done every three months. We prefer role-based access control, but you also need to do some at the granular level. However, we want to wrap everything into roles if we can. It makes things easier for the managers to understand. 

Omada worked well when I started at this company, but now we are provisioning identities even more efficiently. At other companies where I've worked, getting the proper access might take up to two weeks. Here, everything works on the first day. 

Omada's user interface is elegant and easy to work with. I like Omada's ability to automatically generate accounts for new hires and allow them access to all required systems by established policies. Around 80 percent of workers can start working immediately on their first day without requesting further access. 

No two-week waiting period is required to obtain the proper accounts and memberships in various AD groups. Many clients are unaware of our behind-the-scenes work because the system functions effortlessly, making us an indispensable partner.

Omada provides a clear roadmap for additional features. We use it to plan for the future and align it with our internal roadmap. We integrate many systems with Omada and need to plan for integrating new ones. They introduced advanced reporting and analytics in the latest version, but we're behind and haven't implemented that yet.

When making a process, you should be able to use some coding to do some advanced calculations. The calculations you can currently do are too basic. I would also like some additional script features. 

I have been using Omada Identity Cloud for approximately five years.

Omada is stable. It's always running, but I think we share resources with other customers. One resource pool is in Azure. It's slow at times but never crashed. 

I believe Omada is scalable. The product has had built-in connectors for integrating with our solutions for many years. The new ones may lack some features that you might require. It depends on the age of the implementation. We've had situations where we couldn't use the out-of-the-box connector because it was too simple, so we built our own. 

I rate Omada's support a nine out of ten. They respond in under an hour if we have a serious issue. 

Positive

Omada's solution is in the cloud, but it integrates with an on-prem agent. It was deployed when I joined the company, but I was told that a new Omada project can take one or two years. 

The integration is potentially complex because you might need to connect it with hundreds of other systems. However, you can quickly migrate data from your HR system and connect it to your Active Directory. The standard installation is straightforward but grows in complexity with each new system you integrate.

After deployment, the only maintenance is regular system updates. You can schedule those with your sales team. I prefer the cloud version because the on-prem solution requires you to do everything yourself. You have detailed knowledge of databases, operating systems, and communication between the various servers. 

We messed up the data a few weeks ago, but restoring a backup snapshot from the previous hour was easy. We rolled back the database by an hour and were up and running in under 30 minutes. It's easy and convenient for us.

I rate Omada Identity Cloud an eight out of ten. In most cases, whenever I have an issue with Omada or a feature I would like to see, I check the roadmap and realize it's already in the pipeline. Omada is constantly improving, so I give it an eight. 

They listen to their customers. You can submit a suggestion to their ideas portal, and other customers can vote it up. They prioritize new features based on the users' votes. 

I advise new Omada users to understand your data before implementing the solution. When you put people on the project, it should be people who know the HR data and the internal architecture.

We use Omada Identity Cloud to onboard and offboard user accounts and manage permissions. We are using the cloud version.

We are able to onboard new user accounts much faster by automating the process and standardizing our operations globally. Previously, there were many individual processes and manual admin interactions. We also see a lot of cost savings and benefits because of automation and standardization. 

It decreases the work for admins while boosting user productivity. I would estimate that we've reduced admin work by about 30 percent. Omada's identity analytics also help us make informed decisions more efficiently and reduce the cost of our IGA program a little. We can also automate the disabling of user accounts when employees leave to prevent unauthorized access.

Process automation is the most valuable feature.

Omada could communicate better with us about the product roadmap. We haven't gotten any updates about it. The user interface is often a bit difficult to understand. It isn't optimized for small screens, so it doesn't display all of the information clearly, so users need to scroll a lot. 

The configuration could also be simpler for our admins. For example, it could have some configuration assistance or preset out-of-the-box functionality because it's complicated to enable new features. 

I have been using Identity Cloud since January 2022.

Omada is somewhere in the middle in terms of stability. Generally, all the services are running well, but we've had a few serious issues that had a significant impact on our company. I would rate them six out of 10 for stability.

I rate Omada eight out of 10 for scalability. There are many connectors to services, so it's good to have them. At the same time, configuring these connectors requires more effort than expected.

We rate Omada support 7 out of 10

Neutral

The initial setup is highly complex. Full deployment took around a year. Including preparation, planning, design, and implementation, it was about a year and three months.

We were supported by the Omada project team.

We haven't seen much cost savings yet, so the return on investment could be better. We still have many issues with the IdM system and high consulting costs to maintain and administer this tool.

We did a market study and also checked out some competitors, including Sailpoint and Saviynt. 

We rate Omada Identity Cloud six out of 10. Overall, it's a good solution, but you need to be aware of the effort it takes to implement and maintain the system. We recommend carefully estimating and considering the cost of the implementation and maintenance, to allocate enough resources.
You need to carefully plan and test before going live.