Omada Identity Reviews

It is to get more standardization for our organization on everything related to identity, provisioning, and managing access. 

I am not working a lot within the tool myself because it is not my role.

At the moment, because we just started our journey, its benefits are very limited. We are focused. We had an in-house IGA solution over the past 25 to 30 years, so our main focus was doing a technical migration first. We have some improvements to current processes, but we are not yet fully leveraging all the capabilities that Omada can give us. We are focused on our first technical migration.

Omada can help to deploy IGA within 12 weeks by focusing on fundamentals and best practices. That was the idea. That was also something I warned them about upfront. I told them it would be a real challenge within our organization. If they start from a blank page, the 12-week initiative that they have is achievable, but for an organization that already has certain processes and a tool in place, 12 weeks is not possible. We tried, but we could not meet that. We failed, but that is not a problem with the package. It is more of a problem as an organization. During the initial conversations at the start of the projects, we did say that we would give it a try and see where we end up. We would not focus too much on 12 weeks. They have been flexible to it as well. Just because they have listed it as a 12-week initiative, it does not mean that they are not flexible to go beyond those 12 weeks.

It is set up to remove an employee's access as soon as that employee leaves our organization, but we have limited scope today. It is currently only for a subset of applications. The goal is to have all major applications or data resources integrated, and then we would achieve that scenario.

Omada Identity has had a positive effect on our security posture. We are able to remove certain accesses in a centralized control way. We are able to remove certain roles or update some of the basic roles.

Our provisioning process is definitely faster today. With the previous solution, we needed to wait for overnight synchronization and scripting to run, whereas now, it is every six hours. It is definitely faster, but we are working to improve even the six-hour schedules.

The out-of-the-box connectors that Omada provides for the applications work. They need a little bit of effort in integration and setup, but they work.

It is modern. It is meeting our requirements. Its interface is okay. I know they are working on some modernization to make it more modern.

Support-wise, working with Omada has been good. We have very good direct interactions and fast responses.

Pricing-wise, it definitely meets our expectations. As compared to other vendors, we have better pricing.

Documentation can be improved. I have already filed a few suggestions to make documentation more clear and more representative of reality.

We have been using Omada Identity for about a year and a half. This duration includes some demos and trials. It has been about a year since we went live.

We experienced an issue that led to quite some commotion. We are still working on that one to see why it happened and how we can prevent it going forward. In general, I expect that it will be a stable solution, and we will not experience such things on a regular basis.

The issue was that there was a change or an update done that triggered something in the backend of the system, if I understood correctly, which then led to updates to a lot of identities that were not yet supposed to be under the management of the Omada solution.

I would rate it an eight out of ten for stability. That issue had nothing to do with the stability of the platform. It had more to do with the backend software updates.

Because it is a SaaS solution, I expect them to manage scalability. We do not want to manage it, and that is why we chose a SaaS solution. If they see that they need to add additional resources, it is up to Omada.

It is an enterprise solution, so only enterprises will benefit from it and use it. We just did a technical migration, and we will next focus on the provisioning of accounts. It has a very limited exposure to the end users, but that will increase in the coming months and years as we continue our journey. Currently, it has our service desk people, and then there are another 10 to 15 people with very limited insights into the tool. It has not yet been rolled out to the end-user community. We have between 5,000 to 6,000 people.

I would rate it a nine out of ten for scalability.

Because we are still in the rollout stage, we mainly work directly with our customer success manager. A few tickets have been opened during the initial setup and the first go-live, and they have always responded very quickly. We have got a direct line to Omada with our customer success manager. It is like having a direct support person.

We will be able to evaluate their customer support moving forward. We also use a service provider to assist us with the integration. They will be the main contact between Omada and us going forward.

With the service provider, there are some hiccups, but they are also starting and learning about us as an organization. They have their standard way of working and handling processes. Being an R&D organization, there are some challenges, but we try to address them. We also have Omada's support. If we see something not going as smoothly as expected with the service provider, they can put pressure on them, and we can get the results.

Positive

We were using an in-house solution. We switched mainly because that solution was running on an old supported platform. We did a security audit of it and found many vulnerabilities that were hard to fix. That solution could also not deal very well with the hybrid reality that we are in. We needed capabilities to manage on-premise provisions of identities, accounts, and accesses, as well as any cloud-based, SaaS, IaaS, and other kinds of services.

Omada Identity has not yet helped us consolidate disparate systems for access management. We only have a few key systems connected, which are already a part of the existing IGA solution and processes.

We have the SaaS version. Its deployment was straightforward. It was pretty standard.

Its implementation took months of continuous workouts. It included setting it up in test, validating, going through some initial technical testing, and then setting it up in production. It took a couple of months.

It does not require any maintenance from our side. Because it is a SaaS solution, the maintenance is handled by Omada. We have to schedule the updates and see how they fit into our change management processes.

They communicate well about the roadmap. They have a six-week release cycle. For the last one, we did notice that the new features that were going to be implemented were not yet posted on their website on the day of the release, but a day later, everything was okay. They are overall good and as expected.

There were about ten people involved from our side. I am also including application owners. If we have to integrate with certain applications, they have to do something on their end as well.

With any security solution, it is very hard to calculate the return on investment.

It is not cheap. None of these solutions are cheap, but we have good pricing at least for now from a licensing perspective. Being an R&D organization, we have a mixture of employees and a lot of partners. We work with a lot of PhD students and universities, and there was flexibility at least to make a distinction between those two types of identities, which also had an impact on the pricing. So, its pricing is reasonable.

Do not get overwhelmed by the 12-day package that they offer. Be well prepared, not necessarily from a technical or solution perspective but also internally. Make sure you have the right people onboarded. It is not an Omada issue. It is more internal to the company. Make sure that things are in order and the right people are onboarded. Make sure you have a dedicated IAM team ready to support it before you start the journey, not during or after.

The goal of going to a platform like Omada, especially its cloud version, is to minimize customizations as much as possible and go with the standards already built into the platform. Along with Omada, we also use a third-party service provider. If we see something that does not fit our organization, we try to see if we need to change some internal processes to meet the defaults within the product, or we try to come up with other ways within the product. We want to stay away from any customizations as much as possible.

I would recommend Omada Identity. There is not a lot of choice out there.

For now, from what we have seen, I would rate Omada Identity an eight out of ten. There is always room for improvement.

We are using it for identity governance.

It provides the benefits that any IGA solution provides in a company. There is not anything new. If there was any other tool in our organization, that would have provided the same coverage.

Our Omada solution is set up to remove an employee's access as soon as that employee leaves our organization. It has made the security better. We know that once an identity is terminated, the access would be disabled so that the user cannot log in and do anything.

Omada Identity saves time. It is pretty fast. We can handle multiple access requests at the same time. It has a good filtering capability for the users to choose the resources that they need to select. It has definitely removed a lot of manual work that was being done by the help desk teams. That way, it has saved a lot of time. There are about 40% time savings.

Being a cloud solution, it is very easy to manage. An on-premises solution is not very efficient.

The support for the validity of the resources is valuable. The tool allows resource assignments within a validity period so that the managers do not have to remember to revoke the access once the work is done. That is one thing we like about Omada Identity. 

The assignment policies have been helpful for automating user life cycle management.

We have been having trouble with Omada compared to other tools in the market. They can improve its UI and make it more user-friendly. 

The architecture of the entire system should also be less complex. The way they process the data is complex. I am still trying to understand it.

They can add more types of services that we need from the compliance and audit perspective. Their out-of-the-box connectors are not enough. They can add more connectors for integrating with different products.

Omada does have a clear roadmap, but things are not delivered as promised.

My organization has been using it for 1 year.

Its stability is good. I would rate it a 9  out of 10 for stability.

We have not tried to scale it. We have more than 2,000 people in our organization. We have four people who work directly with Omada Identity. It works well for the number of users we have. I would rate it a 9 out of 10 for scalability.

Their support is good. It is not the best. They could do better in terms of response time and knowledge.

Neutral

We were using another solution, but I was not a part of the organization at the time. In my previous organization, I used SailPoint. SailPoint is much better, much easier, and more user-friendly.

It is deployed on a cloud, but I was not involved in its deployment. When I joined, Omada Identity was already there for 6 months.

We have three environments. One is for development, one is for testing, and one is for production. Omada is on the cloud, so it can be used everywhere.

It does not require any maintenance from our side.

I would recommend Omada Identity based on the requirements. If you are looking for a simpler solution, you can go for other products in the market, such as SailPoint.

They have not yet helped us to fully implement role-based access control, so we have not seen any outputs of that feature. We have not yet implemented Omada Analytics or Certification Surveys.

Omada did not help us consolidate disparate systems for access management. It also did not help to automate reviews of access requests and reroute them to the appropriate people.

Overall, I would rate Omada Identity an 8 out of 10.

We use Omada to track access to our system by employees, contractors, and external parties. It also helps with compliance requirements for access review. Omada is deployed on an on-prem server at the Bankdata office, and only our identity access team can use it. About 100 to 150 people have access to Omada, including our identity team and various managers. 

We previously did most of these tasks manually, but now we're more automated. Omada gives us a clearer view of user access and permissions. The solution's identity analytics help us make informed decisions faster by providing a bird's eye view. It has sped up the process of onboarding new operators, consultants, and employees. We can get them up to speed much faster because we automated a significant part of it. 

Omada has given us the tools we need to see which permissions users have and automate the review process. We no longer need to manually compile data and send out the Excel files for review. While it doesn't save us money, it helps us scale up our processes. Omada saves us about eight hours a month on provisioning user access. 

The ability to automatically cancel an employee's access when they separate has optimized our security. We don't need to wait for someone to do it manually. Omada's role certification surveys enable our managers to see what access their employees have, helping us to stay compliant and secure. We're currently doing a proof of concept for role-based access control, but we've simplified the access review process in that area. 

Omada enabled us to consolidate some of our access management systems. However, it hasn't reduced the amount of time it takes to provide users with access. That was by choice. We decided not to roll out self-service because there are some limitations. At the same time, Omada offers better visibility and faster access. We expect more efficient, user-friendly solutions soon. 

Omada's most valuable aspect is its usability.

The account management integration isn't bad, but it isn't plug-and-play like Microsoft Azure. You need some deep development knowledge to set up the connectors. Omada has out-of-the-box connectors, but it's still a little complicated. I want to connect to the system with something like a "next, next, finish" installer.  

Omada provides a clear feature roadmap, but they could be more transparent and flexible in the schedule. Omada's SmartMap can show us the way to go. However, we haven't implemented that system yet. 

I have used Omada Identity for around six years.

Omada is highly stable. 

Omada isn't scalable in an on-prem deployment because it requires a complete installation on a new server. That's our setup, and it can be quite difficult. When deployed with cloud services, Omada is quite scalable. 

I rate our support a seven out of ten. We do not get support directly from Omada. Instead, we use a partner. They're highly skilled and knowledgeable, but they need more people. 

Neutral

We previously used Microsoft. 

Deploying Omada is highly complex. We work in finance. It requires a high level of control because of regulatory compliance. When it was installed, we ran an executable and had to follow up with it. 

However, it wasn't plug-and-play because we needed more control over storage. We couldn't simply provide domain admin and database owner access to a sales account. It took us almost two years before we could deploy Omada in a production environment. The deployment team consisted of about 10 to 15 people, including our infrastructure partner. 

Omada requires some ongoing maintenance. We have to do data input differences in our connected systems. It's nothing unexpected. 

We haven't calculated an ROI yet, but we started with a mostly manual process. Since implementing Omada, we have had to add as many resources to the team. We're still keeping a close eye on what Omada does, and how it works. Still, we expect to see a return by improving our IGA team's effectiveness and making access more efficient at the end-user level.

I think Omada is fairly priced compared to other solutions.  

I rate Omada Identity an eight out of ten. It takes a lot of time, but it's worth it. It's not something that you can implement in 12 weeks and forget about. Omada requires a lot of ongoing attention. 

Omada is used for identity access management. I previously worked as a database specialist but switched jobs when I switched companies. I joined this company because I connected personally with the company culture. As part of my new role, I received training on Omada Identity Cloud, which was being taught to new hires. During my first six months with the company, I worked from the Omada office, explicitly focusing on Kubernetes to gain a technical understanding of the system.

Developing new solutions and processes within the system can be very challenging for our customers, and it often requires highly qualified professionals to assist with the process. This is why companies typically hire consultants when they need to change their systems. I started as a consultant and am now a full-time employee. As such, I can leverage my expertise to provide valuable guidance and support to our clients needing assistance with their systems.

We have just under 3,000 users spread out across multiple locations in Denmark. Departments across the county can access the system from the cloud. 

Omada streamlines onboarding by automatically granting employees access to various IT systems. We can remove an employee's access immediately after they leave the company. It improves our security because people who have left can no longer access sensitive information, such as our finances and tax data.
We have also had cases where people continued receiving a salary after they quit. Previously, someone needed to remove the employee's access manually. Now, it is done automatically.  

It also helps us with internal and external audits. The auditors ask us why users can access particular systems, and we can produce reports for them. It saves us time because we don't need to spend hours looking through various systems to determine who has been given access. Omada documents who has requested or approved access. You can see when access stopped and why. 

Omada's surveys have simplified the process of assigning roles. We know that if we send 200 questions to one manager, he will accept everything. I don't have time to review 200 permissions. Based on the questions sent to one manager, we try to minimize that by grouping them as roles. You only have to approve six roles instead of 200 granular permissions. Omada has helped us to do that. 

We have to do this a few times every year. If we add a new role or access within a role, it must be approved by the access owner. We have fixed rules that every access has to be reviewed at least once a year. Some are done every three months. We prefer role-based access control, but you also need to do some at the granular level. However, we want to wrap everything into roles if we can. It makes things easier for the managers to understand. 

Omada worked well when I started at this company, but now we are provisioning identities even more efficiently. At other companies where I've worked, getting the proper access might take up to two weeks. Here, everything works on the first day. 

Omada's user interface is elegant and easy to work with. I like Omada's ability to automatically generate accounts for new hires and allow them access to all required systems by established policies. Around 80 percent of workers can start working immediately on their first day without requesting further access. 

No two-week waiting period is required to obtain the proper accounts and memberships in various AD groups. Many clients are unaware of our behind-the-scenes work because the system functions effortlessly, making us an indispensable partner.

Omada provides a clear roadmap for additional features. We use it to plan for the future and align it with our internal roadmap. We integrate many systems with Omada and need to plan for integrating new ones. They introduced advanced reporting and analytics in the latest version, but we're behind and haven't implemented that yet.

When making a process, you should be able to use some coding to do some advanced calculations. The calculations you can currently do are too basic. I would also like some additional script features. 

I have been using Omada Identity Cloud for approximately five years.

Omada is stable. It's always running, but I think we share resources with other customers. One resource pool is in Azure. It's slow at times but never crashed. 

I believe Omada is scalable. The product has had built-in connectors for integrating with our solutions for many years. The new ones may lack some features that you might require. It depends on the age of the implementation. We've had situations where we couldn't use the out-of-the-box connector because it was too simple, so we built our own. 

I rate Omada's support a nine out of ten. They respond in under an hour if we have a serious issue. 

Positive

Omada's solution is in the cloud, but it integrates with an on-prem agent. It was deployed when I joined the company, but I was told that a new Omada project can take one or two years. 

The integration is potentially complex because you might need to connect it with hundreds of other systems. However, you can quickly migrate data from your HR system and connect it to your Active Directory. The standard installation is straightforward but grows in complexity with each new system you integrate.

After deployment, the only maintenance is regular system updates. You can schedule those with your sales team. I prefer the cloud version because the on-prem solution requires you to do everything yourself. You have detailed knowledge of databases, operating systems, and communication between the various servers. 

We messed up the data a few weeks ago, but restoring a backup snapshot from the previous hour was easy. We rolled back the database by an hour and were up and running in under 30 minutes. It's easy and convenient for us.

I rate Omada Identity Cloud an eight out of ten. In most cases, whenever I have an issue with Omada or a feature I would like to see, I check the roadmap and realize it's already in the pipeline. Omada is constantly improving, so I give it an eight. 

They listen to their customers. You can submit a suggestion to their ideas portal, and other customers can vote it up. They prioritize new features based on the users' votes. 

I advise new Omada users to understand your data before implementing the solution. When you put people on the project, it should be people who know the HR data and the internal architecture.

We use Omada Identity Cloud to onboard and offboard user accounts and manage permissions. We are using the cloud version.

We are able to onboard new user accounts much faster by automating the process and standardizing our operations globally. Previously, there were many individual processes and manual admin interactions. We also see a lot of cost savings and benefits because of automation and standardization. 

It decreases the work for admins while boosting user productivity. I would estimate that we've reduced admin work by about 30 percent. Omada's identity analytics also help us make informed decisions more efficiently and reduce the cost of our IGA program a little. We can also automate the disabling of user accounts when employees leave to prevent unauthorized access.

Process automation is the most valuable feature.

Omada could communicate better with us about the product roadmap. We haven't gotten any updates about it. The user interface is often a bit difficult to understand. It isn't optimized for small screens, so it doesn't display all of the information clearly, so users need to scroll a lot. 

The configuration could also be simpler for our admins. For example, it could have some configuration assistance or preset out-of-the-box functionality because it's complicated to enable new features. 

I have been using Identity Cloud since January 2022.

Omada is somewhere in the middle in terms of stability. Generally, all the services are running well, but we've had a few serious issues that had a significant impact on our company. I would rate them six out of 10 for stability.

I rate Omada eight out of 10 for scalability. There are many connectors to services, so it's good to have them. At the same time, configuring these connectors requires more effort than expected.

We rate Omada support 7 out of 10

Neutral

The initial setup is highly complex. Full deployment took around a year. Including preparation, planning, design, and implementation, it was about a year and three months.

We were supported by the Omada project team.

We haven't seen much cost savings yet, so the return on investment could be better. We still have many issues with the IdM system and high consulting costs to maintain and administer this tool.

We did a market study and also checked out some competitors, including Sailpoint and Saviynt. 

We rate Omada Identity Cloud six out of 10. Overall, it's a good solution, but you need to be aware of the effort it takes to implement and maintain the system. We recommend carefully estimating and considering the cost of the implementation and maintenance, to allocate enough resources.
You need to carefully plan and test before going live.

Companies I work with use Omada Identity for compliance and governance purposes. They use the solution to have control over all of their business processes in terms of access control.

For me, the best feature of Omada Identity is its web interface because it's really easy for users to understand.

Omada Identity has two main issues that need to be solved or improved the most. One is its setup or installation process because it's complex and cumbersome. I'm talking about the process for on-premises deployment because I've never tried the cloud version of Omada Identity. Setting up the cloud version should be much easier.

The second area for improvement in Omada Identity is that it's piggybacking on Microsoft's complex way of having all kinds of add-ons, extensions, or setups, whether small or large, such as the new SQL Server, and it's cumbersome to make sure that everything works. Omada Identity is a complex solution and could still be improved.

What I'm expecting in the next version of the solution is a makeover of its user interface. It's supposed to be available in the new version of Omada Identity.

As for additional features, what I'd like to see in the future from the solution is a visual designer of all processes, for example, a visual designer of all the task mappings. I've seen it in Novell Identity Manager before, and it was way easier to understand.

I've been using Omada Identity since 2018.

Omada Identity is a stable solution.

My company had no problems with the scalability of Omada Identity. I've experienced it in a large-scale setting, and the solution works.

My team contacts Omada Identity technical support whenever there's an error or a hiccup. There's a ticketing system you can use for raising issues. On a scale of one to five, where one is bad and five is excellent, my rating for Omada Identity support overall is a four.

The company I first worked with in 2018 looked into the Gartner reports and saw that Omada Identity was good in both of the required categories, plus the solution was under a Danish company and my client was Danish which was a plus, so the company went with Omada Identity.

Omada Identity has a complex setup. How long the deployment takes would depend on how you planned the installation. My best experience was when everything ran smoothly after I had been very thorough and I've taken care of requirements. If you do the planning upfront, the process of installing Omada Identity is rather quick, and you don't get errors, and deployment would take a week or so.

You need to make sure that everything works. Often, when I install the solution, there's more than one system such as the production environment, the test environment, the development environment, the education environment, etc., so planning the setup of Omada Identity takes a long time, but that's okay, and in larger organizations, you're often not alone when installing the solution.

Planning the installation of Omada Identity is mandatory because then you need to have the SQL team working on the databases, the network team handling the firewalls, the web team taking care of the information server, etc., so a lot of people are often involved in larger organizations.

My client deals directly with the Omada Identity team in terms of licensing. I never look at pricing, so I'm not aware of how much the solution costs, but it's worth the money. Often, when you begin to use Omada Identity and it takes a while to set up, it'll be irreversible, and you'd depend on and focus more on the functionality of the solution, rather than its price tag.

I'm a consultant, and the company I'm serving right now uses Omada Identity version 12. I do have hands-on experience with the solution, from version 11 to version 14.

The two companies I serve that use Omada Identity deployed it on-premises.

My client has more than 6,500 hundred users of Omada Identity.

My advice to anyone interested in using Omada Identity is to first contact a consultant who can help you decide on how you'll use the solution. Will you deploy it on the cloud or on-premises? Which systems will be onboarded? What's your workflow and how will you map tasks? How will you define events? You'll have a lot of decisions to make and if you're not knowledgeable about Omada Identity, it'll be hard for you to make the right decisions. You need to know about the product before you can gain the full advantage from it.

If I would rate my overall experience with Omada Identity, I'd give it an eight out of ten. I'm not giving it a ten because it's too complex as a solution, though it does what it intends to do.

I'm a partner of Omada Identity.

We are using it for rights and roles of our users. When we hire a new employee in our municipality, we have their information exported to Omada and, based on which department they are hired for, they will get roles and rights for the IT systems. That's what we use it for right now. We have plans to do more with it, but identity management is a life-long task to enjoy.

The solution is on-premises.

When it comes to IT audits and reviews, before we had Omada there were a lot of findings about employee accounts that were not properly shut down. They were not in the municipality anymore, but they still had an account that was active. And as soon as the auditor found one, he would go further and dig more. Every time he was here, he found something. We had to spend a lot of energy trying to make this situation better. But as soon as we got up an IDM system that automatically shuts down the Active Directory accounts of people who are not employees anymore, this problem totally went away. We don't have this as an issue anymore. And the auditor is very pleased when he hears that we have an identity management system that automatically closes down these accounts.

The solution has helped to reduce the number of helpdesk tickets and requests. While I don't have exact numbers, our statistics show that the number of tickets is going down. However, that's not only because of Omada. There are other areas where we have improved and become more professional and have helped our users.

The most valuable functionality of the solution for us is that when employees stop working for the municipality, they are automatically disabled in Active Directory. Omada controls that 100 percent. They are disabled for 30 days, and after that time Omada deletes the Active Directory account. The same type of thing happens when we employ new people. Their information is automatically imported to Omada and they are equipped with the roles and rights so they can do their jobs. Those are the two main benefits we have at the moment.

The identity governance and administration features are also really good in Omada. There are a lot of possibilities for controlling access rights. We are only using a little bit of all the possibilities in the platform right now, but of course we want to go further and use more of the functionality.

Generally, I find the whole solution to be very good. But the way errors in the system are handled could be improved. If you find an error and you need it fixed, you have to upgrade. It's not like they say, "Okay, we'll fix this problem for you." You have to upgrade. The last time we upgraded, because there was an error in a previous version, we had to pay 150,000 Danish Krone (about $24,000 at the time of this review) to upgrade our systems. This is a very big issue for us because 150,000 Krone is a lot of money. And because we have production, test, and developer environments, we had to upgrade them all. The fact that we can't have an error fixed but, rather, we have to upgrade, annoys us a little. That means that we have to pay to get errors fixed that Omada has made in programming the system. I hope they change this way of looking at things.

We have used Omada Identity since 2018.

We are now at 14.0.6 and its runs very good, - we have no problems.

The scalability of the solution is fine. There are a lot of possibilities to scale from a small business to a big business. You can use part of the system or use the more advanced functionality for creating roles.

We currently have 5,633 employees in the system, and there are 59,000 citizens in our municipality.

We're looking to expand our use of Omada Identity by providing more functionality to the users and the managers in our municipality. Right now, Omada is running in the background. Nobody actually knows that it's there. It's doing its job and people are happy, but no one in our business has access to the platform. We want to make it more visible and to exploit some functionality for the managers, for example, so that they can do more themselves. We also want to have managers do access reviews for all roles they are responsible for. That way, they can say, "Okay, this employee has access to this, this, and this, which is okay. But he also has this right of access and he doesn't need it anymore." This type of access review is something we are still planning to implement, but we are not there yet.

Before Omada, we had a solution called NetIQ. That platform was very expensive and there were modules that we didn't buy. If we were to continue with that system, first we would have had to upgrade it, and that would be very expensive, and we would also have had to buy some extra modules, which were very expensive. So instead of just blindfolding ourselves and ordering an upgrade, we examined the market for IDM systems. We took the best-known and looked at their ratings in industry reviews to see which were at the high-end. We invited them for an interview and a demo of their systems, and Omada scored the highest. That's why we choose them.

When we started with this system, it was Omada that hired some temporary project managers to implement the solution at our place, and they did not do a good job. We found out later that something was just not implemented. For example, if we rehire a former employee, we have no process to handle that in the system. We only found out about this after the original implementation. Today, they use their dealers to implement the system. I don't think Omada itself implements nowadays. Maybe it's better that way, but we were not satisfied with the way that it was implemented originally.

Our deployment was a long story because, in the middle of the implementation, Omada gave up and said, "You can go further with a dealer called ICY Security." They handed over the implementation to this dealer. It's difficult to say exactly how long it took, but if I have to give you a number, we are talking about between six and eight months.

Up until now, it has been our dealer, ICY Security, that has maintained the system. We recently took over maintenance of the system and the databases ourselves. But if there is development needed, it will still be our dealer that helps us with this. The whole area of identity management is complex, but ICY Security is doing a good job to help us grow in this system.

It's a fair price for the on-premises system. Compared with what we had before, it's much cheaper and we get all the modules in one. 

We tried to go with the cloud, but it was far too expensive. We calculated the costs and to go cloud, it would mean four times the expense for us. That was more than we could get budget for. We have had meetings with Omada to tell them that we want to go cloud, because that's our strategy in many other fields, but that the price is way too expensive. We have told them they have to reconsider the price for it because they will never get any customers to go cloud when it's that expensive.

Among the solutions we looked at were SailPoint IdentityIQ, Micro Focus NetIQ, KMD IDM, Ca and 2ndC/Atea.

In scoring the solutions, we focused on user-friendliness. The NetIQ system that we had before was very fixed. You couldn't design it as you wanted. If you adjusted a screen the way you wanted it, there was often something that didn't function. We didn't have the ability to customize it the way we wanted. As a result, the usability of the system was very bad. It was so bad that we couldn't give it to our managers and say, "Here's a platform you can use for self-service." That's why user-friendliness was a significant part of our scoring.

We also wanted to be able to adjust the system ourselves without having to hire consultants. With NetIQ, we had no clue how to do stuff in the system. It was so difficult that we had to call external help every time, and that was not for free. We had to pay every time. Our wish was that, in the next system, we would be able to do minor adjustments ourselves.

And, of course, price was also an issue, not that we needed to buy the cheapest one, but pricing was a parameter that we were looking at. In terms of a reduced total cost of ownership as a result of choosing Omada, I don't have a specific number. Some things are difficult to put a value on. But for sure, we have a better system, a more user-friendly system, and the cost for licenses is much lower. Also, the way that Omada sells the system is that you get the whole package. It's not that you have to buy a module here, and if you need more functionality, you have to buy another module there. You get it all in one purchase. That has also reduced the total cost because we have all the modules.

As for the time it took to get up and running with Omada compared to NetIQ, it's a hard thing to compare because NetIQ was our first IDM system. Before the NetIQ deployment, we had to do a lot of preparation to go into identity management. Implementing Omada was easier, but mostly because we knew more about identity management at that point compared to when we implemented NetIQ.

Finally, identity governance and administration functionality are a lot easier to manage in Omada than in NetIQ. Much easier.

Make sure that all processes are dealt with in Omada. We had some processes that were not described and, therefore, we had problems afterward. The implementation of the system is very important. For example, be sure to have valid and correct data. Garbage in, garbage out. All the work before you push the "Go" button is very important. I think we may have underestimated that when we were implementing Omada.

The primary use cases are identity lifecycle, provisioning, and authorizations to our IT infrastructure. We use it for provisioning to our SAP platform. We also need it to make a survey of the IT authorizations. We need to make sure that our managers can review the authorizations of the employees in our company. 

We have a couple of secondary use cases as well, such as segregation of duties on provisionings to make sure that we have correct approval flows for authorizations. 

The automatic provisioning of a lot of authorizations has definitely lightened the load on the manual part of authorization management. It has not directly caused savings in our operations, but our administrators have seen a dip in the number of manual tasks they had to do. So, that's a direct business value for us from the platform.

It has helped in reducing the number of helpdesk tickets and requests by at least 30%.

The identity lifecycle support is definitely valuable because we are a complex organization, and there is a lot of onboarding, movement, and offboarding in our organization. We have 31,000 users, and there are a lot of users who are constantly onboarding, offboarding, and moving. So, we need to make sure that these activities are supported. In old times, we used to do everything manually. Everyone was onboarded, offboarded, or moved manually. So, from a business point of view and an economics point of view, identity lifecycle is most valuable. From a security point of view, access review is the most important feature for us.

Our internal customers are quite happy with the product, and we receive a lot of positive feedback. Its identity-governance and administration features are very broad. It can support a lot of use cases. I don't think we use a broad part of the product, but it is a very broad platform that can be used for a lot of different things.

It provides a lot of flexibility for our security operations. We can combine the security operations of the product with other security operations, such as logging, surveillance of our infrastructures, and things like that. I sit in the security office primarily, and identity governance is a part of our operations in security. So, it provides a lot of flexibility for a lot of different use cases.

Error handling can be improved. From an on-premise perspective, internal support can be improved. It is quite a technical and difficult application to maintain. A very specialized skill set is required to operate and maintain it, which is the most difficult part. The process to upgrade versions is also quite tricky.

One thing that we are not so happy about is the user interface. It is a bit dated. I know that they are working on that, but the user interface is quite dated. Currently, it is a little bit difficult to customize the user interface to the need of the business, which is a little bit disappointing. It needs it to be a little bit easier to operate, and it should have a better user interface.

Their technical support is good, but there is room for improvement. It is not an easy product to support. They helped us set it up a little bit, but it gets difficult for them to handle more complex problems.

I have been using this solution for the last year.

The product itself is quite stable. The problem is that it is quite complex with all the integrations, which is applicable to all IGA solutions. There is a lot of need for surveillance on the solution itself, but it is not because of the solution itself. It is because of all the integrations. So, the solution itself is quite stable, but the integrations make it quite vulnerable to all kinds of stuff.

It seems quite scalable in terms of performance and in terms of the ability to scale itself.

Their technical support is good, but there is room for improvement. One problem that we have discussed with Omada several times is their handling of a customer-specific problem and a solution-specific problem. The coordination between their technical support and their backend developers can be better. It becomes an issue when a problem is more complex. It is not an easy product to support. They helped us set it up a little bit, but it gets difficult for them to handle more complex problems.

It was an internally developed solution. We switched to Omada because our previous solution didn't support governance. It was only for ordering new authorizations, and the level of automation was limited.

It was a complex process in terms of technicality and the amount of effort needed for setting it up from Omada's point of view.

We started in August 2018, and we finally deployed the solution and were ready for production in June 2020. So, it took 18 months.

We had to deploy or onboard a part of our infrastructure at once. We onboarded a couple of applications and our SAP solution on day one. Omada would probably call it the big bang, but it was definitely not the big bang. We deployed a lot of functionalities at once, but it was a very limited part of our total application portfolio that we deployed with Omada. It is not yet done. The first one and a half or two years will go into implementing the rest of our application portfolio in the solution.

We used Omada itself as an implementation partner. The consultants themselves were quite adept at handling the product. From a technical standpoint, they were definitely above average. From a project management point of view, we would have liked to see some improvements. This is from the perspective of a very large customer. The problem for us was handling an organization of our size. If I have to choose again, instead of Omada, I would choose an implementation partner who is more used to handling large enterprises. That was definitely a pain point for us.

It is quite a technical and difficult application to maintain. It is a standard solution, but some parts of the solution make it difficult to upgrade and maintain the solution. A very specialized skill set is required to operate and maintain it. You should either pay Omada or another consultancy firm to maintain the solution, or you should have internal resources for maintaining the solution. 

We have around 10 people who are directly involved in its maintenance. They are on the business side, such as for onboarding new applications, front-end problem-solving, and incident-handling, as well as on the operations side, such as for ensuring data validation, handling integrations, and things like that. 

It is very difficult to say at this point. We are a municipal organization, and we do not, as such, do a very systematic review on the return on investment. I would say we have seen a positive ROI, but I'm not sure.

It is also very difficult to say whether it has reduced the total cost of ownership. My gut feeling is that it has, but we have not made a precise estimate of what economic impact it has had on us.

Our business is regulated and subject to audit fines, but again, it is too difficult to estimate whether it has reduced the number of audit fines we have received. It is too early to estimate that, but I would guess it has.

From an on-prem point of view, the cost is quite transparent and reasonable. The direct cost is primarily for licenses and maintenance on licenses.

We evaluated other solutions. I don't remember them all. We did a market analysis where we considered SailPoint. We definitely reached out to Microsoft as well but not for their identity solution as such. We reached out to them for their future solutions in this environment.

We only did a market analysis. Being in the public sector, we have a very strictly EU-regulated process for procurement. So, it is quite difficult to do a look-and-feel kind of selection of tools.

I was not directly involved in the market analysis. As far as I know, our tender showed that from a technical standpoint, all evaluated solutions were comparable in functions and features for our intent and purpose. They were not identical, but they were comparable in functions and features.

Any business interested in using this product needs to make sure that they are ready to either pay Omada or another consultancy firm to maintain the solution, or they should have the internal resources for maintaining the solution. It is quite a difficult solution in terms of maintenance.

It is very important to make sure that the master data is correct and is controlled by processes rather than humans. This is very important. We thought that we had a very good understanding of our master data, and it was mostly supported by processes and not by people, but we certainly were caught a bit by some of the things. So, having control over your master data is the most important thing. 

If you are a reasonable-sized organization, you should be very careful and make sure that the implementation partner has the correct implementation model that suits your need. You need to make sure that you have the correct support, or the means to find the correct support, for the application itself when you go live. These are definitely the three most important things.

I would rate Omada Identity a seven out of 10. There is definitely room for improvement, but it is not a bad product. It is a good product, and seven, in my book, is for a good product.