Omada Identity Reviews

Our primary use cases are around employee life cycle processes. Employees join us, extend their contracts, move around, and leave us. Omada is connected to our HR system as well as SAP, Microsoft Exchange, and Active Directory.

We also use it for updating our employee master data and use the request management, covering about 900 employees.

We are an Omada partner and reseller.

The best feature in Omada Identity is that it enables us to implement standardized employee life cycle processes so that we don't have to create them ourselves. We can then use the standard workflows.

The breadth and scope of the solution’s IGA features also fulfill our requirements. 

We are trying to use Omada's standards and to adapt our processes. But we have had some trouble with the bad documentation. This is something that they could improve on. It has not been possible for us to analyze some of the problems so far, based on the documentation. We always need consultants. The documentation should include some implementation hints and some guidelines for implementing the processes. It's an area that could definitely be improved.

We have been using Omada Identity for about a year.

We have not had any major issues with the system so far.

We are planning to implement more and more of these standard processes and to connect more target systems to it.

We haven't submitted any support tickets to Omada so far because we have been solving our issues with consultants.

Our previous solution was developed in-house by my colleagues. We switched to Omada because the old solution did not have any standards. In addition, the components it used were end-of-life and we decided to use software that offers more standards out-of-the-box.

The initial setup was complex. We have so many different stakeholders in our company and they all have their specific requirements, but we were trying to standardize things. We have struggled with all the requirements and have tried to reduce the special implementations to a standard.

Our implementation of Omada took about half a year.

In terms of maintaining the solution, we have four people involved. Two are technical application managers who are in charge of the operation of the system. And we have two guys who are mainly dealing with the implementation of the employee processes, connecting to the target systems, as well as some scripting.

We used consultants from Omada. Our experience with them was okay.

So far, we have not saved money compared to our previous solution because we are struggling with some internal issues. We have had some trouble with our HR data, but we expect that we will save money, using Omada, by the end of this year.

Because we are a partner and an IT service provider, we have a special licensing agreement because we are planning to offer Omada Identity to our customers. Our licensing and pricing model differs from the standard.

Because we operate this on-premises and just connect it to internal systems, we have had no security issues so far.

Be sure to use Omada's standards and try to reduce special implementations. You may have to adapt your processes to reduce all the specific requirements from the stakeholders. But my advice is to reduce the special requirements to a minimum.

Also, because you're connecting the HR system to the employee master data and organizational data, all this data has to be clean. Otherwise, you will have a lot of trouble with Omada. Make sure your master data is in good shape.

Our primary use case is for the lifecycle management of employees. In addition to that, we use it to provision accounts and authorizations to target systems. We can do segregate of duties checks based on those authorizations.

The previous tool we had was an old-fashioned, highly customized tool, and their self-service management was a little bit difficult. With Omada, it's a lot easier to give responsibility to the business instead of IT, and that's one of the big changes that it has made. It's not implemented fully, because there is also a cultural change needed in our company, but Omada does make it possible and we are working on it. That's one of the biggest changes.

Before Omada, we only had SAP and one or two cloud tools but now we have around 50 cloud tools. The whole playing field has changed dramatically. The cost of ownership since we started using Omada has increased, but the landscape has changed a lot also, so it can't be compared with the costs of our old solution. 

I don't know how many audit findings, in total, we have been subject to, but Omada reduced that number. I am aware of at least one big finding that Omada helped resolve. 

The landscape is much more complex than it used to be. We had one data center, now we have multiple clouds and we have a lot more tools in the cloud. Everything is
at least in the public cloud. The landscape has changed a lot and things have become much more difficult. If we didn't change to Omada, the help desk cost would be a lot higher. That's one thing for sure.

The thing that I find most valuable is that Omada consists of building blocks, which means that you can configure almost anything you want without using custom code, making it pretty easy to do. It's possible to connect to multiple target systems and to create one role that consists of different permissions in the different target systems. So one role in Omada can make sure that you have an account in three different systems.

We can do more with Omada than the business could have imagined, especially in the area of security. There is a lot of functionality for the segregation of duties. We can make things safer. The hire-to-retire process is also implemented pretty well. With Omada, we can deliver the functionality that the business requires at the moment. In addition, we will probably be able to handle whatever the business may come up with in the coming years.

The backend is pretty good, but the self-service request access screen, the GUI, needs improvement. It's an old-fashioned screen. Also, Omada has reports, but I wouldn't dare to show them to the business because they look like they're from 1995. I know they are working on these things and that’s good, because they’re really needed.

In addition, Omada needs to invest more in its APIs because a lot of companies have API-first strategies. Although it's not Omada's main priority, the APIs they now have are too limited. They need to invest more in making their solution accessible through APIs.

I have been using Omada since August 2017. 

Omada consists of components, some of which are very stable and some that are not. For example, Omada calculates each identity, each persona, to see what they have access to, and that's quite stable. Their import mechanism; however, is too slow and it's too fault intolerant. It crashes once in a while for various reasons. It cannot always handle wrong data input.

You can of course accept a certain error rate or fault rate, but still, sometimes if one thing fails, if there's one wrong object, all the other functionalities are also aborted, which is frustrating if you have 20 new employees starting.

We're on-prem, so scalability in the sense of plugging in extra memory is something we need to do ourselves. For the scalability of its functionality, it's pretty good. You can add new target systems, for example, and new applications. If you want to use new functionality, you can build your own processes that work well.

The only problem with its scalability is the import part because an import for a target system can take quite some time, up to three or four hours. In the end, we can run into an issue where there is more imports to be done than hours we have in a day. But overall, it's pretty scalable.

We have 6,000 employees and we now have around 800 to 1,000 external people who are not in our HR system; they are contractors. We are also managing 64 technical systems from Omada and behind that are around 500 to 600 applications.

In terms of administering Omada, we do almost everything ourselves with two to three FTEs. It's not only operations, but it's also the development of Omada. That is always ongoing because we bring on new target systems that we need to onboard into Omada. We also get different requests for new processes in Omada. We have a partner who helps us at some points, but their role is mostly QA.

If we ask for technical support, it is more because of an incident or things that are not documented properly. If we want to implement something new which isn't documented, our partner might be unable to help because of that. Then we go to Omada. 

If you are contacting them for a major issue, the support is good. If it is a more simple question, it could take up to months to be resolved.

It also depends on us. If we formulate the question correctly, in an extensive way, then most of the time we get an answer pretty quickly. But if we're a little bit vague, they don't know what to do with it and they keep it on the backlog because we don't have a service level agreement on that.

In general, support has improved and evolved in the last couple of years but a big downside of Omada is that if you have, for example, Okta, SailPoint, or Azure AD, you can Google it and find people who ask questions about it. If you Google for anything about Omada, you won't find anything. There isn't a big community. Omada introduced its hub, where you can ask questions, but it's limited to registered users. There are also different hubs for partners, customers, and Omada employees, so not all the information and all questions can be found in one place.

We used a tool called UMRA, User Management Resource Administrator. It's a tool from 2004, and it's a brilliant tool, but it's a little bit outdated. It was a custom tool with everything customized for us, and is fine if you only use Active Directory. But we now have 64 technical systems connected and it wouldn’t be possible for UMRA to handle them, or at least not as quickly as Omada can.

The initial setup should have been straightforward, but because of the SAP implementation at our company, it was still pretty complex. The initial step in the implementation was to hook up our SAP systems to Omada, set up the identity life cycle management and to connect the access rights for SAP systems. Our SAP systems are quite complex and had some technical depth to them, which we needed to solve via Omada, which was horrible. Even though it was a simple setup, it still became pretty complex.

We have seen ROI because we moved to Omada in 2018. We had a new policy that was more cloud-native, and if we did not have Omada we wouldn't have been able to facilitate that. Omada facilitated our company's move to the cloud.

In the past, each tool was the same, they all were custom-built tools, as were UMRA and Omada. But they all evolved or they created new tools. I don't have enough experience with other tools, only a little bit of experience with Okta, and there's a big difference between Okta and Omada. Okta is an authentication tool and not an Identity Governance tool. It's trying to be that, but it's not as far as Omada, it cannot do what Omada can.

My advice would be to put good people from your company in Omada because it is a complex tool and you can do a lot with it, but you won't get all the benefits out of it unless you invest in it on the technical side. Then, on the other end, the business needs to be responsible for IGA.

In general, it doesn't matter which tool you take, it doesn't matter if you take Okta, SailPoint, or One Identity, your business needs to be responsible for IGA. It is important to invest in your IT team so that they can configure Omada because that will give you faster value from the product.

The tool alone is not the solution for everything. You need to have dedicated IT guys on it who can configure it.

What I see with Omada, but also with other companies, is that IGA is falling somewhere between IT and business. A business could be responsible and have no IT guys involved or the other way around. IGA is a complex landscape where the business is responsible for authorizations and segregation of duties and the lifecycle management, but on the other hand, the configuration of IGA tools, like Omada, also gets pretty complex.

When moving to the cloud, you need to have a faster time to market. Identity is the new security parameter and the core security parameter. You need to have people at your company who know what they are doing with Omada and who know how to configure it. They also need to know how to resolve issues if somebody gets hacked. Invest in your people to bring identity at the IGA level of your IT, and also of your business, to a higher level.

Omada offers training and they have documentation of the application on their hub, their community site. I don't think they provide certification, at least not the classic type where you can do an exam. But they have added a lot of training in the last one or two years. They didn't have a lot and now they have a lot more, so that's growing. 

I would rate Omada an eight out of ten. 

I've been working on a big project for a public sector in Sweden. We permission the identities coming from the HR system to go to the active directory.

Omada has helped to reduce the number of help desk tickets and requests by a lot. 

Omada has made a huge difference because we have the security and we have the optimization of the identities. We get the rights and value. Every person could do it by themselves. The best thing when using an identity access management system is the optimization and base security that comes with it.

The Governance and self-service that can be set up so you can use them yourself to work in the system are the most valuable features. End users can be enabled to help themselves. 

The reports are also quite easy. There are out-of-the-box reports you can use. You can set up different classifications. For a governance solution, it includes everything you would want.

We do segregation of duties. We can set up different combinations of access that we want.

PowerShell is probably easier to use. In the other products I have used, you can just provide all the shell amounts. It's more tricky with Omada.

It's user-friendly but there's room for improvement. 

The security permission inside Omada also needs improvement. It's tricky to set up.

We started using Omada almost exactly two years ago. 

The stability is quite good. I haven't seen any problems with it. 

There are around 2,000 users. Omada requires three to four employees for maintenance. 

I have also used Micro Focus IDM. Micro Focus is easier to develop but a bit trickier for a customer to use. I think that if you have automatic systems, where you just want things to happen in the background, Micro Focus is great and one step ahead of Omada. But if you want to be part of the process and make access requests, Omada is really good there. The Governance and some of the access management are really good. But the automatization flow is easier in Micro Focus.

The initial setup was complex. We did it manually because I was a senior expert. Better to do it that way, because otherwise, it's hard to get it to work. It has a complex installation procedure. 

The first time I did it, it took around two weeks. But now I can do it in a couple of days.

My strategy was to follow the installation guidance. 

It's a matter of time before our customers see ROI from Omada.

My advice would be to have a lot of information about the different states of resources because it's quite easy to do something wrong. 

I would rate Omada an eight out of ten. For it to be a ten, there should be better documentation. I think that will come in a few years when the product is bigger and there is improved documentation and more forums where you can find codes. It can also be quite hard sometimes to set up a new system.

As an Omada partner, we are integrating the Omada Identity Suite for our customers.

Our customers primarily use it to align their identity lifecycle and access management. In some cases, they also use the integrated workflow engine that Omada has to migrate existing paper-based workflows to a digital platform.

Our customers have realized several benefits from using this product. What we have seen is that they are more efficiently driving Identity and Access Management processes. Many of them that were being performed manually could be automated. This means that they save resources, such as manpower, to focus on other topics.

Omada Identity Suite benefits our clients by introducing the Least Privilege Methodology when it comes to their coverage.

The biggest benefits come from automation, reporting, and easier onboarding of new staff.

Omada has definitely helped to reduce the number of help desk tickets and requests. For example, one interesting feature is the automatic password reset. This is something that can now be done by the end-user themself, and no longer necessitates calling the head office. This is very beneficial when it comes to reducing support tickets and telephone calls.

Omada Identity Suite has a very powerful workflow engine. It is used for requesting access for approval to everything that's around Access Management and for re-certification purposes. It is easy to set or reset the state for accessing resources.

In terms of the breadth and scope of the features, in the current version, they are trying to cover access management and identity governance for the whole company. Over the past years, they have broadened the features to include new functionality based on customer feedback and reviews. We routinely give Omada suggestions as to what can be improved, either in terms of adding modules or some other aspect that has not been covered very well. Based on that, they have come up with certain exciting new features. For example, they have built new interfaces and new ways of configuring the system.

At the same time, they have also built up more functionality to add business values. Specifically, they developed a practice framework of processes that can be rolled out in a company very easily. It was created based on experience that they gained from past projects and customers.

What I would most like to see added to the product is role management, especially enterprise or business role management, and the processes around that.

I would like to see some kind of role-mining functionalities to help existing Access Management processes. For example, business roles and existing role models could be identified and imported into Omada. There are definitely some possibilities for improvement in this area.

I have been working with Omada Identity since 2007, between 13 and 14 years ago.

Over the many years that I have worked with this product, the operation has always been stable. Especially when a new version is released, there are sometimes bugs. In cases like these, the support response times could be improved.

In the latest version, there have been big improvements with scalability. If you add more compute then you can scale this solution without limits.

I would rate the support a seven out of ten.

Sometimes, the time it takes to respond to a ticket is too long. Also, it can take a long time to provide a fix. Things have improved recently but if I consider my entire experience with them, the time we spend waiting for a resolution is too long.

I have not been a part of many migration projects, so I cannot speak about the experience of transitioning from another product.

I have experience with One Identity Manager and NetIQ Identity Manager. The user interface is much more flexible in Omada Identity, which makes it easier to use and configure. This is definitely a pro.

The con is that some products provide better connectivity with other systems. For example, NetIQ Identity Manager brings some connectivity, especially with the mainframe systems that are seen in the financial industries. Such connectivity does not come out of the box with Omada. There is also a provisioning engine from NetIQ, for example, which is more stable and more flexible than the Omada solution.

With respect to the IGA functionality, Omada has more flexibility than NetIQ. You can customize, adapt, and configure it to a greater degree and with less effort.

In terms of the installation, the initial setup of the suite and the components is very straightforward and well documented.

When it comes to the introduction of the Identity and Access processes with Omada, it can be very complex and it can also be very straightforward. It depends on the complexity of the processes that the customer demands. Omada has a best practices paper that explains how to set up various types of projects. When you follow that process, starting with some basic setup, then moving on to the improvements and continuing to roll out iteratively, I think it's very straightforward.

In terms of the time required for deployment, it again depends on the complexity of the processes that need to be integrated. You can have projects where it is fully deployed within weeks, and you can have bigger projects for bigger companies with more complex processes that can take a year or even longer to deploy.

Our implementation strategy begins with the need for a business concept. After that, we do some requirements engineering and talk about existing processes with the customer. Together, we decide what to migrate and what to introduce.

We then begin with a basic setup to introduce the first phase of the project. From that point, we use an iterative or agile approach to onboard more applications.

My advice for anybody who is implementing this product is that it's a good policy to follow Omada's best practice strategy, with not too many customizations. I suggest sticking to Omada's standard model and approach with respect to implementation. This is what we recommend to our customers.

I would rate this solution an eight out of ten.

The primary use cases are identity lifecycle, provisioning, and authorizations to our IT infrastructure. We use it for provisioning to our SAP platform. We also need it to make a survey of the IT authorizations. We need to make sure that our managers can review the authorizations of the employees in our company. 

We have a couple of secondary use cases as well, such as segregation of duties on provisionings to make sure that we have correct approval flows for authorizations. 

The automatic provisioning of a lot of authorizations has definitely lightened the load on the manual part of authorization management. It has not directly caused savings in our operations, but our administrators have seen a dip in the number of manual tasks they had to do. So, that's a direct business value for us from the platform.

It has helped in reducing the number of helpdesk tickets and requests by at least 30%.

The identity lifecycle support is definitely valuable because we are a complex organization, and there is a lot of onboarding, movement, and offboarding in our organization. We have 31,000 users, and there are a lot of users who are constantly onboarding, offboarding, and moving. So, we need to make sure that these activities are supported. In old times, we used to do everything manually. Everyone was onboarded, offboarded, or moved manually. So, from a business point of view and an economics point of view, identity lifecycle is most valuable. From a security point of view, access review is the most important feature for us.

Our internal customers are quite happy with the product, and we receive a lot of positive feedback. Its identity-governance and administration features are very broad. It can support a lot of use cases. I don't think we use a broad part of the product, but it is a very broad platform that can be used for a lot of different things.

It provides a lot of flexibility for our security operations. We can combine the security operations of the product with other security operations, such as logging, surveillance of our infrastructures, and things like that. I sit in the security office primarily, and identity governance is a part of our operations in security. So, it provides a lot of flexibility for a lot of different use cases.

Error handling can be improved. From an on-premise perspective, internal support can be improved. It is quite a technical and difficult application to maintain. A very specialized skill set is required to operate and maintain it, which is the most difficult part. The process to upgrade versions is also quite tricky.

One thing that we are not so happy about is the user interface. It is a bit dated. I know that they are working on that, but the user interface is quite dated. Currently, it is a little bit difficult to customize the user interface to the need of the business, which is a little bit disappointing. It needs it to be a little bit easier to operate, and it should have a better user interface.

Their technical support is good, but there is room for improvement. It is not an easy product to support. They helped us set it up a little bit, but it gets difficult for them to handle more complex problems.

I have been using this solution for the last year.

The product itself is quite stable. The problem is that it is quite complex with all the integrations, which is applicable to all IGA solutions. There is a lot of need for surveillance on the solution itself, but it is not because of the solution itself. It is because of all the integrations. So, the solution itself is quite stable, but the integrations make it quite vulnerable to all kinds of stuff.

It seems quite scalable in terms of performance and in terms of the ability to scale itself.

Their technical support is good, but there is room for improvement. One problem that we have discussed with Omada several times is their handling of a customer-specific problem and a solution-specific problem. The coordination between their technical support and their backend developers can be better. It becomes an issue when a problem is more complex. It is not an easy product to support. They helped us set it up a little bit, but it gets difficult for them to handle more complex problems.

It was an internally developed solution. We switched to Omada because our previous solution didn't support governance. It was only for ordering new authorizations, and the level of automation was limited.

It was a complex process in terms of technicality and the amount of effort needed for setting it up from Omada's point of view.

We started in August 2018, and we finally deployed the solution and were ready for production in June 2020. So, it took 18 months.

We had to deploy or onboard a part of our infrastructure at once. We onboarded a couple of applications and our SAP solution on day one. Omada would probably call it the big bang, but it was definitely not the big bang. We deployed a lot of functionalities at once, but it was a very limited part of our total application portfolio that we deployed with Omada. It is not yet done. The first one and a half or two years will go into implementing the rest of our application portfolio in the solution.

We used Omada itself as an implementation partner. The consultants themselves were quite adept at handling the product. From a technical standpoint, they were definitely above average. From a project management point of view, we would have liked to see some improvements. This is from the perspective of a very large customer. The problem for us was handling an organization of our size. If I have to choose again, instead of Omada, I would choose an implementation partner who is more used to handling large enterprises. That was definitely a pain point for us.

It is quite a technical and difficult application to maintain. It is a standard solution, but some parts of the solution make it difficult to upgrade and maintain the solution. A very specialized skill set is required to operate and maintain it. You should either pay Omada or another consultancy firm to maintain the solution, or you should have internal resources for maintaining the solution. 

We have around 10 people who are directly involved in its maintenance. They are on the business side, such as for onboarding new applications, front-end problem-solving, and incident-handling, as well as on the operations side, such as for ensuring data validation, handling integrations, and things like that. 

It is very difficult to say at this point. We are a municipal organization, and we do not, as such, do a very systematic review on the return on investment. I would say we have seen a positive ROI, but I'm not sure.

It is also very difficult to say whether it has reduced the total cost of ownership. My gut feeling is that it has, but we have not made a precise estimate of what economic impact it has had on us.

Our business is regulated and subject to audit fines, but again, it is too difficult to estimate whether it has reduced the number of audit fines we have received. It is too early to estimate that, but I would guess it has.

From an on-prem point of view, the cost is quite transparent and reasonable. The direct cost is primarily for licenses and maintenance on licenses.

We evaluated other solutions. I don't remember them all. We did a market analysis where we considered SailPoint. We definitely reached out to Microsoft as well but not for their identity solution as such. We reached out to them for their future solutions in this environment.

We only did a market analysis. Being in the public sector, we have a very strictly EU-regulated process for procurement. So, it is quite difficult to do a look-and-feel kind of selection of tools.

I was not directly involved in the market analysis. As far as I know, our tender showed that from a technical standpoint, all evaluated solutions were comparable in functions and features for our intent and purpose. They were not identical, but they were comparable in functions and features.

Any business interested in using this product needs to make sure that they are ready to either pay Omada or another consultancy firm to maintain the solution, or they should have the internal resources for maintaining the solution. It is quite a difficult solution in terms of maintenance.

It is very important to make sure that the master data is correct and is controlled by processes rather than humans. This is very important. We thought that we had a very good understanding of our master data, and it was mostly supported by processes and not by people, but we certainly were caught a bit by some of the things. So, having control over your master data is the most important thing. 

If you are a reasonable-sized organization, you should be very careful and make sure that the implementation partner has the correct implementation model that suits your need. You need to make sure that you have the correct support, or the means to find the correct support, for the application itself when you go live. These are definitely the three most important things.

I would rate Omada Identity a seven out of 10. There is definitely room for improvement, but it is not a bad product. It is a good product, and seven, in my book, is for a good product. 

We are using it for rights and roles of our users. When we hire a new employee in our municipality, we have their information exported to Omada and, based on which department they are hired for, they will get roles and rights for the IT systems. That's what we use it for right now. We have plans to do more with it, but identity management is a life-long task to enjoy.

The solution is on-premises.

When it comes to IT audits and reviews, before we had Omada there were a lot of findings about employee accounts that were not properly shut down. They were not in the municipality anymore, but they still had an account that was active. And as soon as the auditor found one, he would go further and dig more. Every time he was here, he found something. We had to spend a lot of energy trying to make this situation better. But as soon as we got up an IDM system that automatically shuts down the Active Directory accounts of people who are not employees anymore, this problem totally went away. We don't have this as an issue anymore. And the auditor is very pleased when he hears that we have an identity management system that automatically closes down these accounts.

The solution has helped to reduce the number of helpdesk tickets and requests. While I don't have exact numbers, our statistics show that the number of tickets is going down. However, that's not only because of Omada. There are other areas where we have improved and become more professional and have helped our users.

The most valuable functionality of the solution for us is that when employees stop working for the municipality, they are automatically disabled in Active Directory. Omada controls that 100 percent. They are disabled for 30 days, and after that time Omada deletes the Active Directory account. The same type of thing happens when we employ new people. Their information is automatically imported to Omada and they are equipped with the roles and rights so they can do their jobs. Those are the two main benefits we have at the moment.

The identity governance and administration features are also really good in Omada. There are a lot of possibilities for controlling access rights. We are only using a little bit of all the possibilities in the platform right now, but of course we want to go further and use more of the functionality.

Generally, I find the whole solution to be very good. But the way errors in the system are handled could be improved. If you find an error and you need it fixed, you have to upgrade. It's not like they say, "Okay, we'll fix this problem for you." You have to upgrade. The last time we upgraded, because there was an error in a previous version, we had to pay 150,000 Danish Krone (about $24,000 at the time of this review) to upgrade our systems. This is a very big issue for us because 150,000 Krone is a lot of money. And because we have production, test, and developer environments, we had to upgrade them all. The fact that we can't have an error fixed but, rather, we have to upgrade, annoys us a little. That means that we have to pay to get errors fixed that Omada has made in programming the system. I hope they change this way of looking at things.

We have used Omada Identity since 2018.

We are now at 14.0.6 and its runs very good, - we have no problems.

The scalability of the solution is fine. There are a lot of possibilities to scale from a small business to a big business. You can use part of the system or use the more advanced functionality for creating roles.

We currently have 5,633 employees in the system, and there are 59,000 citizens in our municipality.

We're looking to expand our use of Omada Identity by providing more functionality to the users and the managers in our municipality. Right now, Omada is running in the background. Nobody actually knows that it's there. It's doing its job and people are happy, but no one in our business has access to the platform. We want to make it more visible and to exploit some functionality for the managers, for example, so that they can do more themselves. We also want to have managers do access reviews for all roles they are responsible for. That way, they can say, "Okay, this employee has access to this, this, and this, which is okay. But he also has this right of access and he doesn't need it anymore." This type of access review is something we are still planning to implement, but we are not there yet.

Before Omada, we had a solution called NetIQ. That platform was very expensive and there were modules that we didn't buy. If we were to continue with that system, first we would have had to upgrade it, and that would be very expensive, and we would also have had to buy some extra modules, which were very expensive. So instead of just blindfolding ourselves and ordering an upgrade, we examined the market for IDM systems. We took the best-known and looked at their ratings in industry reviews to see which were at the high-end. We invited them for an interview and a demo of their systems, and Omada scored the highest. That's why we choose them.

When we started with this system, it was Omada that hired some temporary project managers to implement the solution at our place, and they did not do a good job. We found out later that something was just not implemented. For example, if we rehire a former employee, we have no process to handle that in the system. We only found out about this after the original implementation. Today, they use their dealers to implement the system. I don't think Omada itself implements nowadays. Maybe it's better that way, but we were not satisfied with the way that it was implemented originally.

Our deployment was a long story because, in the middle of the implementation, Omada gave up and said, "You can go further with a dealer called ICY Security." They handed over the implementation to this dealer. It's difficult to say exactly how long it took, but if I have to give you a number, we are talking about between six and eight months.

Up until now, it has been our dealer, ICY Security, that has maintained the system. We recently took over maintenance of the system and the databases ourselves. But if there is development needed, it will still be our dealer that helps us with this. The whole area of identity management is complex, but ICY Security is doing a good job to help us grow in this system.

It's a fair price for the on-premises system. Compared with what we had before, it's much cheaper and we get all the modules in one. 

We tried to go with the cloud, but it was far too expensive. We calculated the costs and to go cloud, it would mean four times the expense for us. That was more than we could get budget for. We have had meetings with Omada to tell them that we want to go cloud, because that's our strategy in many other fields, but that the price is way too expensive. We have told them they have to reconsider the price for it because they will never get any customers to go cloud when it's that expensive.

Among the solutions we looked at were SailPoint IdentityIQ, Micro Focus NetIQ, KMD IDM, Ca and 2ndC/Atea.

In scoring the solutions, we focused on user-friendliness. The NetIQ system that we had before was very fixed. You couldn't design it as you wanted. If you adjusted a screen the way you wanted it, there was often something that didn't function. We didn't have the ability to customize it the way we wanted. As a result, the usability of the system was very bad. It was so bad that we couldn't give it to our managers and say, "Here's a platform you can use for self-service." That's why user-friendliness was a significant part of our scoring.

We also wanted to be able to adjust the system ourselves without having to hire consultants. With NetIQ, we had no clue how to do stuff in the system. It was so difficult that we had to call external help every time, and that was not for free. We had to pay every time. Our wish was that, in the next system, we would be able to do minor adjustments ourselves.

And, of course, price was also an issue, not that we needed to buy the cheapest one, but pricing was a parameter that we were looking at. In terms of a reduced total cost of ownership as a result of choosing Omada, I don't have a specific number. Some things are difficult to put a value on. But for sure, we have a better system, a more user-friendly system, and the cost for licenses is much lower. Also, the way that Omada sells the system is that you get the whole package. It's not that you have to buy a module here, and if you need more functionality, you have to buy another module there. You get it all in one purchase. That has also reduced the total cost because we have all the modules.

As for the time it took to get up and running with Omada compared to NetIQ, it's a hard thing to compare because NetIQ was our first IDM system. Before the NetIQ deployment, we had to do a lot of preparation to go into identity management. Implementing Omada was easier, but mostly because we knew more about identity management at that point compared to when we implemented NetIQ.

Finally, identity governance and administration functionality are a lot easier to manage in Omada than in NetIQ. Much easier.

Make sure that all processes are dealt with in Omada. We had some processes that were not described and, therefore, we had problems afterward. The implementation of the system is very important. For example, be sure to have valid and correct data. Garbage in, garbage out. All the work before you push the "Go" button is very important. I think we may have underestimated that when we were implementing Omada.

We are provisioning new accounts. We are deprovisioning accounts that are gone. In Omada Identity, you can connect transfers (external employees who came to work for us) very easily. We have had trouble doing this with a new front-end system, not Omada Identity, where accounts are not connected. With Omada Identity, I can connect accounts and change everything that I have to do.

We can manage access for everyone, including suppliers, partners, and maintenance staff. Now, in Active Directory, there is accountability for everyone. If someone is responsible for an account, we can see who is responsible. 

We use the main portal of Omada Identity.

We are not using the solution fully, but we are getting there slowly.

When we started with identity and access management, we cleaned up and skipped 500 accounts. Therefore, there are a lot of people who are still in our system. Using this tool, we have cleaned up a lot of accounts for ourselves as well as our partners and suppliers. So, we can manage everything now.

When we switched to Omada Identity, it was easy for everyone. The solution was so smooth. Managers can do a lot of our work processes themselves, which reduces a lot of tickets.

We can sync our administrator accounts with our normal accounts. So when an administrator no longer works for us, their account is disabled. This provides us control because when we did the admin accounts, there were a lot of admins who were already gone, but they still had an account in Active Directory.

Our test accounts are now managed and feasible.

The interface is nice. I can do so much myself. I don't need my supplier for everything. I can change emails and add attachments. 

I like it very much that it is a self-reliant solution as well as user-friendly. I made a handout for managers and other users, and it was very easy to explain how to use the system. It's not difficult. We have workflows that are so simple, and you can explain them to somebody else in a very easy way.

Omada Identity has a reporting server that we use. With emails or usernames from an application, we can create a report and check on those users in the application regularly. For example, if you send me a list of users, I will send you back information on those users, like their end dates and activity. This way, the auditor can see we are in control.

We now use multi-factor authentication (MFA). To let people working from home register for MFA, we put them in an Active Directory group where the date and group are set. If someone needs to reinstall the application, you can set a new date in Omada Identity. So, I only have to set a date, then everything necessary happens.

I would like to search on date fields, which is not possible now.

I am unable to connect our organizations' tables and our partners to create a report in the solution. Sometimes you have to connect two different tables of your report. For now, I make a report for one, then I make a report for the other. After that, I combine them in Excel, but this is time-consuming. We are waiting for the newest version to come out at the end of the month. Hopefully, the feature to connect to other applications will be available with this release. Otherwise, we will have to wait for the next one. It would be nicer if we could get it sooner.

At the end of May 2019, we got Omada Identity.

The scalability is great. It is not often that I hear that our supplier can't do something with Omada Identity.

We manage 6,500 users with Omada Identity.

Right now, I don't feel that I have any influence on the features that they are delivering to us. My supplier has also said that if they ask something, then they have to wait a very long time for it. I would like it if they would tell us, "We can't do everything at this time. Many requests have come in all at once. But, what request would you like us to prioritize?" If they could also provide time frames for requests, this would help us understand when we would get our requests.

Our suppliers and partners need to be in Omada Identity as well. That wasn't possible when we had only MIM from Microsoft. Now, I can manage partner types with the access management, creating an organizational unit and partner. Then, I can put the people who only have access in the system, so we can connect the two systems. This way, we can really manage all the people coming into our building and using our systems.

With Omada Identity, we can manage the partners and supplier accounts. This was the primary reason that we switched from MIM. We can also connect other applications, though we are still working on this.

The solution has reduced our total cost of ownership compared to our previous solution.

The initial setup took a long time, over six months, because of our supplier. Omada said that they have an integration with CyberArk, so we wouldn't have to build anything because it was there already. We would only have to install it. Then, the supplier told us, "We have to make it," but it was already there. If it was there, I don't understand why it took so long.

I worked side-by-side with the supplier. We have a very good connection with our supplier, Traxion. We see them more as a partner. We work well together, learning from each other.

There were a lot of administrator, partner, and supplier accounts for people who were no longer working for us but still in the system. So, we reduced the number of users no longer with the company, which saved us some money on licensing.

I don't know if they looked at other suppliers or systems.

When we started, our supplier recommended using MIM at first, then Omada Identity. Now, I would recommend starting with Omada Identity and getting the entire solution, so you can do everything in Omada Identity and aren't using two systems.

I am cleaning up accounts with the help of the functional administrator. This is very easy to do.

I am a happy customer. We have our identity and access management under control with Omada Identity. I would rate this solution as a nine (out of 10). 

I used it in my previous company for identity governance or identity administration. We used it for tracking who had access to the data warehouse and for workflows for requesting approval for access. We also had access verification to ensure that the right person had access.

We were using its latest version, and we were upgrading it regularly.

It has a lot of out-of-the-box features. It is flexible, and there are a lot of possibilities to configure and extend it. 

It is user-friendly. It has an interface that is end-user or business-user friendly.

Its flexibility is both a good thing and a bad thing. Because it is very flexible, it also becomes too complex. This is common for most of the products we evaluated.

Its scalability should be better. It had a few scalability issues.

I have been using this solution for three years.

It is quite stable.

It is partly scalable on-premises. There are some scalability issues, but they are, of course, very organization-specific.

We had about 10,000 users, but all of them were not using it on a daily basis. There were just a few hundred active users because it was not fully rolled out for all kinds of requests. The end goal was 5,000 to 10,000 daily users, but at that time, there were only a few hundred users. We planned to keep using it.

I have interacted with them because we had used the vendor instead of a third-party integrator, which worked well for us. We had almost direct contact with technical support and their specialized development team.

The main reason for choosing this vendor was the geographical part. Omada is headquartered in Denmark, so it is a European company. The company I was working for was a Norwegian company, and we were close to the management, engineers, and development team of Omada, which also made it much easier to have good contact with technical support. If we had chosen an American company, we wouldn't have got the same experience.

Its installation is easy. You can install it over a weekend, but connecting with different parts of the organization takes time, which is applicable to all products in this area. The core installation is simple and easy, but integrations take time.

We had someone from our company, and we also took help from the vendor. We didn't use a third-party integrator. We got professional services from the vendor's organization.

It is licensed per managed user per year.

I would recommend this solution to others depending on their use cases. It definitely depends on which of the use cases are important for that company. I used it in my previous company, and I am currently in another company. If I am evaluating it for exactly the same use cases, I would definitely consider this product again.

I would rate Omada Identity a seven out of ten.

Everything is related to identity governance, such as

• Certification
• Joiner, Mover, and Leaver (JML) use cases
  
• Access request for use cases
• Provisioning use cases
• Workflow.

In a fully implemented Omada Identity solution, all these use cases are equally important.

We have on-prem Omada customers, then we also have the Omada SaaS customers. We always work with the latest version of this solution.

Our customers have benefited from Omada Identity automating the certification process. Most of our customers were using manual methods for user access certification. With Omada Identity, you can automate almost all of it, which means that certification now becomes on demand. You don't have to wait for two or three months to execute a certification timeframe. Instead, you can do certifications as often as you want. 

Another benefit is automated provisioning of user accounts when you replace manual provisioning. 

Omada Identity has reduced the number of audit fines that some of our customers have received by more than 80 percent.

Omada Identity is a very feature-rich solution. Its features are designed based on a methodology called identity plus.

For our customers who prefer having a SaaS solution, they also prefer a cloud-native solution. This is a big requirement for them.

The Omada Identity SaaS version isn't as flexible as Omada Identity on-premise. It is expected behavior though. Often, customers under estimate the level of controls and flexibility when moving to SaaS. We want customers to carefully evaluate and analyze each use case and/or requirement. 

We work closely with Omada and understand the roadmap, which addresses what market is demanding, incrementally in each release.

It has been about three years that we have been implementing Omada Identity for customers.

We haven't had any scalability issues with our customers. Omada Identity has been scalable to our customer requirements. It's a high-capacity solution, so large environments (more than 2000 users) is not a problem for Omada Identity. 

Omada is at par with the industry standard at this point for scalability. They aren't extraordinary yet, but they are working on it. They are probably at par with their competitors.

The Omada product documentation could use a good uplift. Some documentation is outdated as well as other documentation can be less descriptive than it should be.

There are some initial challenges when it comes to support. However, I am very happy to see it drastically improving. 

If you are using the provided connectors and configuration out-of-the-box, then it is straightforward. However, if you require custom connectors or configurations, that setup is can get complex. 

An average deployment takes three to six months.

Our implementation strategy varies based on the customer's requirements.

We provide deployment and post-deployment support. In a deployment scenario, there will be one or more implementation engineers along with an architect and project manager. Then, in the post-deployment support, we have architects and engineers.

The initial total cost of ownership to implement Omada Identity is not small. The TCO for the implementation is comparable to other solutions. However, the cost of maintaining the solution is at par or lower than competitors, including adding more features or maintaining the system after the initial deployment/installation to make sure that they are available for users to use or extending the functionalities of those activities. Those maintenance costs are lower than other vendors.

It has reduced the number of our help desk tickets from 25 to 75 percent.

Compared to competitors, Omada Identity is either equal or more feature-rich than comparable solutions, e.g., RSA Identity Governance and Lifecycle (IGL), SailPoint IdentityIQ, and Oracle Identity Governance, because of its identity plus methodology. 

Omada workflow designer is a feature for which we have gotten very good feedback. Ease of configuration is also something Omada Identity does better than others in the market. However, customizability is something where Omada is not as good as its competitors.

The time that it takes to get up and running with this solution compared to RSA and SailPoint is almost similar.

Carefully evaluate your use cases before starting an implementation. Have an identity management program defined before starting technical implementation. That would be my most important advice. 

Define your use cases clearly. 

Have all parties involved. Not having management buy-in almost always led to difficulties in the project.

Omada has defined and documented the Identity Plus Process based on their experience. This is an excellent reference guide to implement an Identity program.

Everything considered, I would rate this solution as an eight out of 10.

Our clients use it to onboard apps for provisioning, not just collections. They use Omada for provisioning to business applications, such as SAP and PeopleSoft. They use ServiceNow as the front door to that but Omada is for their accounting and their HR business applications. It's mostly used for the governance piece, certification—GRC.

Compliance is often what the issue is for our customers. They want to hurry up and get these products onboarded and set them up for provisioning for their business application, so they can meet whatever regulatory compliance controls they're trying to meet.

We're an Omada partner/vendor. We implement both their on-prem and SaaS versions.

From a security perspective, we've got customers that are failing audits or that are in danger of failing audits, because they can't do certifications. While it's not necessarily an improvement to the way their business functions, Omada certainly helps customers remain compliant with those audits. It makes them more efficient, and it's easier for them to support the audit requirements they have to remain compliant.

The solution also helps reduce total cost of ownership. In cases where they're swapping out Oracle, or they're swapping out RSA's Aveksa or IGO product, it's certainly reducing total cost of ownership. And, when we're moving clients from an on-prem, legacy IGO or IGA solution to the cloud solution, they no longer have the infrastructure issues and it's a lot easier to maintain. It's not as complex as an Oracle. Certainly, when we're replacing some of those legacy systems—IBM, Oracle, CA—it definitely reduces total cost of ownership.

Another benefit is that it has helped to reduce the number of helpdesk tickets and requests, specifically when combined with ServiceNow, which we've done in a couple of instances. In that scenario it drastically reduces the helpdesk tickets. Omada has the workflow built into it that allows a lot of work that used to be done through the helpdesk to be automated. We try to build more automation into the system in an effort to reduce the amount of support that's required for it.

It has also absolutely reduced the number of audit fines that our customers receive. A few of our Omada customers have either had audit findings, or did a pre-audit and knew the findings were coming, or they were trying to clean up from an audit finding by using the solution to do so. We see a reduction in audit fines in at least half of the cases where we implement the product.

The most valuable feature in Omada is the governance. We work with other products and other product vendors, but the sweet spot in the market for Omada is where things are heavy on governance.

I would like to see them expand the functionality of the tool to continue to be competitive with the monsters out there. For example, they could add functionality on the authentication side, functionality that Octa and SailPoint have. But they should do that while maintaining the same simplicity that makes Omada a product of choice today.

We've been working with Omada for four or five years now.

We have a lot of choices out there in the market to spend our time on. We've chosen Omada as one of the products that we support. It has been very stable. We haven't seen any issues related to stability so far.

When it comes to scalability of Omada's cloud-native SaaS solution, we've used it with a Fortune 10 customer and a Fortune 100 customer. It's definitely scalable. The fact is, we're connecting it to SAP which is running the internal organizations of some of these companies. It's a new product, so it probably hasn't gone through enough Fortune 500 companies to say that it has been fully tested at that scale, but the customers that we work with are pretty significant customers.

In terms of our customers increasing usage of Omada, if they've gone through the process, they have a prioritization of the applications that need to be onboarded to an IGA tool. Once they get those high-priority applications onboarded, there's the never-ending list of additional applications to get onboarded. The priority for onboarding applications could be business-related, it could be audit-finding related, or it could be SOX-related. The client makes that determination. 

We've integrated the product with CyberArk and ServiceNow, to automate some of the helpdesk support that is typically required. Most of our customers are at the stage where they're saying, "Hey, let's get this Oracle HR product onboarded as our system of record, and work from there to onboard the other apps." Most customers, even the small customers, have an endless list of applications that need to be onboarded, once they have onboarded their highest priority applications.

We have relationships with Omada from the chief revenue officer, all the way down. When we really need to make something happen, we can put that call in and make it happen.

But from what I know from our customers that have used Omada's technical support, they seem to believe those guys to be as adequate as any of the competitors in the space.

The complexity of the initial deployment of Omada depends on the customer. But one of the reasons we chose to become a product vendor for Omada is because of the simplicity. It's the perfect fit for a lot of customers that don't need the complexity of an Oracle, or of a CA, or even a SailPoint. That's one of the main factors that attracted us to the product.

The implementation strategy is going to depend on the customer and where they are in the process. The pre-implementation strategy is to find customers that meet what we've defined as the sweet spot of customers, where Omada is the best fit for them. They are customers that are looking for this, this, and this, they're this size, and they're at this stage in their maturity model. We like Omada for the SMB market because you can get your hands around an implementation. You can get them on the cloud version and get them up and running pretty quickly. 

If it's a customer that doesn't require a lot of complex workflows, it's a simple product to get installed and get up and running. However, it still does have the heft to be able to support some of the more complex custom configurations and workflows, if they need that in the future.

There is no such thing as an "average deployment," but 90 days would not be a stretch for getting some of our clients up and running and getting an app or two onboarded, with some pre-built-in workflows.

The number of staff required for deployment is also deployment-specific, but we'll typically have a team of between two to ten people, depending on the size of the deployment and what the customer wants to do.

Some of our legacy clients—and when I say legacy, I'm talking about two to three years ago—are using the on-prem version. Whether a client goes with the SaaS or the on-prem really depends on what the customer is looking for. A lot of customers are going for SaaS because of the "flash-to-bang." The pitch is that with one of the starter packs, you can get them up and running with a system of record in a shorter amount of time than with the on-prem version. That's typically the preference. Customers want to get up and running. They're running from an audit, they're running to meet compliance, they're running for a deadline. They typically want to go SaaS so they can get some quick wins under their belts. The on-prem takes a little bit more coordination with their onsite technical and security guys.

The ROI that we see is the "flash-to-bang." You can get in there and get the implementation up and running. 

There is definitely also ROI, that I can't quantify, in getting clients compliant with findings and in getting their highest priority applications up and onboarded.

Where we do see a lot of ROI is with the cloud version in particular. When we do these implementations, we require time from the customer's internal IT staff. With COVID, those guys have been busy making sure folks can work remotely and protecting themselves from all the different threat vectors that have presented themselves during COVID. The cloud version requires the least amount of time of the internal IT staff, so there is definitely ROI there.

Omada continues to be very competitive on pricing, especially on the Omada cloud product.

In terms of the solution's IGA features, I'm not going to say Omada's are pretty broad but there is enough breadth there to support some large customers that are using that product. It's definitely compatible, in terms of breadth, with other products out there in the market.

We support SailPoint. We've done a little work with Saviynt. We've worked with some of the legacy solutions, like Oracle OIG and RSA. We're familiar with other IGO and IGA solutions in the market.

Compared to some of the more complex tools, with Omada you can cut the implementation time in half, or even more than that. We look for the customers that fit that Omada mold. For the customers that don't have the complex workflows, and where you don't have to wade through 37,000 guys in their IT shop to make something happen, it's certainly a much easier product to get installed. That's why we like it.

But there is competition. All these vendors are now offering cloud solutions, like SailPoint's IdentityNow. Saviynt is a cloud-based solution. But when it comes to some of the legacy ones, you can certainly reduce your implementation time by 50 percent or more.

And on the pure governance part, Omada is definitely maintaining some of the same functionality as the other vendors out there in the market. It's not going to have all of the functionality of the SailPoint on-prem version. But it's more than adequate for the average customer.

The only advice I would give is the same advice I give anywhere: Know your requirements and then make sure that the Omada product is the product that best fits your requirements. If it does, you can get it in and up and running in a more reasonable amount of time than some of the competitors on the market.

What I've learned from using the solution is that Omada has a certain place in the market. When we find a customer that has the set of requirements that Omada is a really good fit for, we can get them up and running pretty quickly, without their having to spend a ton of money, and without their having to spend a ton of their internal IT resource time. Omada is probably marketing to everybody, but for us, there's a certain customer where we say, "Okay, they're heavy on this, they're light on this, they want this, they have this issue, that issue, and this requirement. Okay, perfect fit for Omada." When we find that, we end up with really happy customers because we can show them some progress in 30, 60, or 90 days, as opposed to a two-year deployment in other cases.

We are using Omada Identity Cloud, their SaaS version, as part of our identity and access management proposition towards our customers. We are an IT security company situated in the Netherlands. What we're trying to do: We give our customers guidance in their needs, aims, and goals regarding identity and access management. Therefore, we are the trusted partner for our customers in order to give them control over their identity and access management landscape, and we use Omada for this. We provide managed services for our clients.

It is all cloud native. What we do, we say, "Dear customer: We can help bring your landscape under control from an identity and access management perspective. For that, we use Omada as our platform."

Omada Identity Cloud is part of our proposition to help us manage environments. If we don't have a product underneath, then it is quite difficult. Therefore, we had to choose a product solution to make our proposition believable.

The governance part is the most valuable feature. The governance processes are defined, and it is quite easy to report upon the compliance. The compliance reporting is very good. 

From my perspective, the IGA features cover everything and are quite broad.

They need to improve the cost for small companies.

We have just started to use this solution.

The scalability of the product is good. There is a lot of functionality within it, without paying extra costs. It is quite complete on its own, and there are no hidden costs. 

It scales in terms of numbers and types of identities. It can govern the on-premise applications as well as the cloud applications. So, it can manage hybrid environments with all types of identities and various load amounts. 

They know what they are doing when setting up the business because this is their core business. There is no waiting time if you need to schedule a meeting with them. They provide a quick response time. Compared to other solutions, their response time is fast and done in a short amount of time.

We are starting the configuration stage right now. 

The initial setup has been straightforward. It is a quick setup, which is flexible and user-friendly.

They set up the environment, which makes it almost immediately available for us. Then, we can configure the solution for our customers' needs, as the customer wants, and as we think is best for our customers. That makes it flexible, so we do not have to make any big investments in terms of hardware.

We have a customer lead who is responsible for all contact with a given customer. We also have a project manager finishing the implementation process, then we have a couple of engineers and a solution architect. There are about five people who are involved.

With a SaaS solution, you don't have to buy something, install it, and activate it on your balance sheet. That is one of the clear benefits. 

They offer a complete solution. However, the pricing is too high for SMBs.

With the cloud solution, spinning up the system is quite easy. Afterwards, you configure and pay for all the use by customers, which is then paid by the customers.

We evaluated other vendors from the Gartner Magic Quadrant (the ones that were near Omada Identity Cloud) when looking for a solution. 

We are just starting with this product. We have a clear vision of what we want with our proposition, so we chose Omada Identity because it is a good product in regards to scalability and being a cloud-native solution.

We feel Omada has the same understanding of what is going on in the market as us. Our strategies are quite well-aligned. The decision to choose Omada Identity Cloud was not only about the product, but at least 50 percent about the company too.

It is very important that it is a cloud-native solution. The world is moving towards the cloud, which is a trend that you cannot change. Based on that, it is quite evident that you want a partner that has a product from a cloud-native perspective. Assets are less on-premise and more on the cloud now, so it's more about functionality and processing as well as taking it as a service. We want to move along with that trend.

I would rate this solution as an eight out of 10. There is always room for improvement.

Our general use cases include: 

• User onboarding
• User out-boarding
• Role-based access control, e.g., whenever a person's role is changed from one to another, then all the related roles need to be changed.
• Role management 
• Asset management 
• Re-certification, audits that happen every quarter. Every quarter a manager has to certify all his subordinates' access, whether that expertise should be gained or not, or whether they'll be skipped.

The most valuable aspect of the product is that it is Microsoft-based and it supports all Microsoft technology. It is ingrained with Microsoft and we implemented it ourselves for our clients wherein we can request software to install from Omada. That is something they have implemented and they are getting a lot of value out of. 

In terms of improvement, there are not so many out of the box connectors available in the current version. So what they have improved in the latest version is more out of the box connectors for integration, that is one improvement. 

Then there is the recertification process. When the recertification process is launched that makes Omada very slow. There are performance issues in the current version.

We have been working with Omada Identity Suite for around one year. 

There have been some performance issues during the re-certification process, so it works well whenever the re-certifications or audits are not launched but the re-certification makes it very slow. 

We haven't tried doing scaling it yet, so I don't know about that.

I personally have not contacted their support because I don't support our Omada current clientele but our clients have contacted Omada quite often when they required line support. They said the support was fine. 

Omada people came in on-premises and they helped with the installation, so it was a joint effort from the client and Omada. Our client takes care of the maintenance. They are enterprise size and use Omada on a daily basis. 

Licenses are only for installations and support problems. They are definitely additional costs.

I would recommend this solution if you are more Microsoft based technology. If not then I wouldn't recommend Omada, because it mainly works on Windows. It has been a market leader and Omada is growing, but it's not quite there with the current version. I would definitely recommend version 12.0 Omada.

In the next release, I would like to see more governance.

I would rate Omada a seven out of ten. The reason for that being is that it's good but it has got some limitations. Some performance improvements can be done.

I have this solution at two different sites and they are completely different setups.

The most valuable feature is the automatic provisioning and reconciliation of things like the Active Directory groups and memberships.

You can set up automated processes so that you don't need to have an AD administrator doing it all. You can automate processes and control who is allowed to do what. All of these features are quite good.

The way they do the connection to external systems for the provisioning and for the reconciliation is also very good.

The user interface should have a more flexible design, where you can change it to your requirement. It is not an agile design, so it doesn't reformat itself for small devices like tablets or mobile phones (i.e. fluid design). 

One year.

In a stable environment, it's reasonably stable.

You can kind of provoke it into being less stable. There is a thing called ROPE (Reconciliation and Policy Engine) that can sometimes be a bit tricky. Otherwise, it is mostly stable.

On my side, I consider it relatively easy to scale. I have been involved with customers that have worldwide organizations running with it. There are guidelines for scaling to that kind of size. Generally, scalability is ok.

Frankly, everybody in the company uses it because it is used to apply for permissions. Our internal administration team is between ten and twelve people, whereas there are a couple of thousand end-users.

I have had no problem with technical support. I have enrolled two similar people, with access to their partner website as well. In the partner's site, there is help available outside of the Omada family of products. 

I find the initial setup quite straightforward, however, I can imagine it being complex for some people. It can become very complex with the connections to external systems. I know of one customer here who has had very great problems with it, but another one found it a bit easier.

The main problem is going to be the amount of shoe-horning your own systems into it. That's the big problem; modeling so that everything fits.

We had an integrator working with our in-house team. You can't do it all on your own. You need an integrator, but there are good integrators and poor integrators.

I recommend using this solution and I would rate it a seven and a half out of ten.

Omada Identity Suite is an extremely flexible solution providing easy customisation of anything from process flows to role assignment rules and compliance reports. It’s handled almost exclusively through configuration, not development. Reacting on new requirements can be handled swiftly.

The whole IT side of offboarding/onboarding of employees/external consultants is centred on OIS. A tight integration between the HR system, OIS and AD ensures a high level of compliance while reducing manpower to a minimum.

The suite’s flexibility within the area of continuous violation detection and handling could be improved. I have not used the latest version, but I have been told that some work has been put into this area recently by Omada.

Eight years.

Generally, a very robust system running on Windows/MS SQL.

I have experience with rather large companies that have OIS handling thousands of identities and without worrying much about load balancing, server clusters, etc.

Above average.

I have worked with Sailpoint’s IIQ and I believe that on quite a high number of features (functional and nonfunctional), OIS is superior. I can only think of one area in which Sailpoint could claim to have reached a higher level of maturity: continuous recertification of accesses.

Considering the scope of the project, the setup was quite straightforward.

No knowledge of the pricing model.

No.

Despite the high level of flexibility in the SW, I recommend implementing the standard IAM processes/functionality that OIS offers and expand scope/customise from there.

Strict governance, ability to scrutinize, and make a granular view.

Governance around user access provisioning and user profiling.

UI and user-friendly adaptivity.

Less than one year.

Slow performance on reports.

OK, with complex questions from us.

Was complex, a lot of org implementation questions, master data issues, process workflows, too much compared to what we needed.

Choose wisely based on needs.

Work hard with your requirements and scope.