One Identity Manager Reviews

Its main purpose is identity management. It is an IGA tool. The organization where I am currently working is mainly using One Identity Manager for identity management and access control. We are also using it for various types of provisioning such as Azure AD, Exchange Online, or SAP account creations. When we talk about identity management, we also consider the various access recertifications. All those are being carried out as part of One Identity Manager.

It streamlines operations. Whatever you put in from an identity management perspective, access governance perspective, compliance perspective, or application perspective gets very easily streamlined. You can easily integrate multiple applications because it provides the inbuilt features or the default connectors. You do not have to know how cloud applications or other applications work. One Identity is doing everything. They provide custom connectors. You just get the details of a cloud application and then connect. One Identity by default will manage the things for you. They have inbuilt features, so you just have to study and implement them. In my last organization where I implemented One Identity, we integrated almost 12 SAP applications. It was easy. Once you define the framework, then implementation is very easy. Implementing multiple applications, managing users, and the entire JML lifecycle is streamlined.

We use One Identity Manager to help manage SAP. One Identity provides a connector for SAP. From an enterprise solution perspective, it can be implemented very safely. I have done multiple SAP implementations with One Identity. It provides all the inbuilt functions and everything related to SAP. It is a very good tool to implement SAP for an enterprise. If an employee has multiple SAP accounts or multiple SAP systems, One Identity provides a singular feature where you can have all the SAP accounts listed under an employee. From a management perspective, it can be easily managed. It is very good. It provides a unified view of all the accounts and various systems of SAP. Everything such as the SAP rules, groups, profiles, and access policies can be managed via One Identity, but I am not sure if workflows can also be managed.

One Identity is a complete and wholesome tool for managing any enterprise application. It provides a unified platform to manage everything. When you implement One Identity, you have all the features needed within an enterprise to manage various applications, such as SAP, Active Directory, Exchange Online, etc. From an enterprise perspective, it is wholesome and unified, and it supports everything. It supports the SaaS features, PaaS features, and cloud features.

We use business roles to map company structures for dynamic application provisioning. Normally, when any employee gets onboarded, they need access to certain company resources. You can assign any company resources to any business role, and you can assign that business role to an employee. That employee automatically gets access to the company resources. It is an important feature, and most organizations use the business roles part very frequently.

We are able to extend governance to cloud apps by using One Identity Manager.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. For the test environment and the production environment, you have a streamlined approach. The process of transporting from dev to production with One Identity is very smooth. It also provides a transporter tool or feature. You can just pull out the production configurations and put them in a lower environment. It just makes it as similar as production. In that way, the difference in the environments can be minimized. The configurations can be made similar. You do not have to pull the relevant production data. You cannot put it in a lower environment. From this perspective, it streamlines the environment and fills the gap.

It streamlines the application access decisions, application compliance, and application auditing aspects of application governance. It provides various compliance-related features and auditing features. They are inbuilt and very helpful for compliance and audits.

It provides various views. Employees have their own portal for requesting roles or accessing their profiles to see what type of access they have. Similarly, owners have a unified view within the portal for multiple roles, groups, or any resources. They have separate views. They can easily manage things. The views are well segregated within One Identity. There is the product owner's view, the manager's view, the employee's view, and the system administrator's view. There is also the business role owner's view and the call center's owner's view. Everything is well segregated.

There are various tools available in the market. The best part of One Identity Manager is that it provides wholesome features. Most of the things required for identity management are given out of the box in One Identity Manager. You can just define your use cases, take this tool, and right away implement the solution. The default features and the default setup are already embedded or built into One Identity Manager. That is what provides One Identity Manager an advantage over other tools where we have to customize things, whereas, in One Identity Manager, most of the things can be done out of the box. On top of that, if something needs to be customized, that can also be done in One Identity Manager. The inbuilt functions or features that One Identity Manager provides for identity management are very good.

I have been working on it for the last six years. It is very good from the user experience perspective.

Sometimes, when we implement One Identity in the organization, customization has to happen. You cannot skip the customization. You cannot just implement the One Identity model and go ahead with it. However, whenever we make any customizations, the logic of the customization can interfere with the existing logging of One Identity. All such things have to be a bit clear. They have to be well documented. One Identity should provide information about how these things work. This is the only thing. There are some gaps in that, but One Identity is trying to bridge those gaps.

I have been working with One Identity Manager since 2018. It has been around six years.

It is a very stable tool. There is about 80% stability.

It is scalable. I would rate it a ten out of ten in terms of scalability.

In my project, we have around 23 people using it.

We just take the normal support whenever we have any issues. For the premium support, you have to pay a lot.

The support from One Identity is very good. Whenever you reach out to them, they help you out. If you have a license, they have a technical support team. They also have a professional services team if you need any professional support. From the customer service perspective, they are pretty good. You can reach out to them anytime. That is a very flexible option they have.

In terms of documentation, they have everything. They have all the technical documentation and all the details. They also have a user forum where you can post your queries. It is a global forum where experts reply within an hour or two, which is very good. You can reach out to these experts, and they will help you out. The user experience is very good with One Identity.

Positive

In the current organization, we have had One Identity from the very beginning, but I have worked with other products. One Identity is far better than them. Pricing-wise, One Identity is more costly than others, but in terms of features, One Identity provides many features by default. It was not available in other tools. We have to do everything from scratch, whereas you do not have to do that in One Identity.

It is deployed on the cloud. If you want to install One Identity from the very beginning for the cloud application, it will hardly take three months. It can also be done before that. For a huge client, it takes time. For a small client, it can be implemented within two months.

It does require maintenance. From time to time, they have upgrades. They have long-term releases year after year, so it has to be updated. Sometimes, they do a cumulative update to fix many issues.

For upgrades, I am the only one, but when it comes to implementation, we have multiple teams. We have four to five members actively working, and then there are supporting resources.

It has saved us about 30% of the time.

It is fairly priced because they provide all the features by default. That is why they charge a bit more than other vendors. I am not sure about the exact cost part, but One Identity is a little bit more expensive than IBM and other tools.

I would definitely recommend implementing One Identity, but you have to understand how One Identity works and how it has been developed. You will be able to easily implement it then.

One Identity is a unified solution, and most of the features are inbuilt. Before you make any customizations, you need to understand how One Identity works. That is a critical bit. Normally, developers have a development mindset. They do not think from the framework perspective, but One Identity has been implemented from a framework perspective. They have designed this solution keeping in mind the needs of enterprises and how enterprises manage their accounts, employees, and applications. You should look at it from the framework perspective and not the customization perspective. However, even if you have to make any customization, it is very easy. You just have to learn .Net and MS SQL. If you understand how One Identity works, implementation and customization are very easy.

Overall, I would rate One Identity Manager an eight out of ten. 

We obtained tickets for user access roles to grant appropriate access to specific target systems. To process these tickets, we need to determine the user queue number, search for the corresponding user in One Identity Manager, and verify their target roles. The process includes understanding how to resolve each ticket.

One Identity Manager provides a single platform for enterprise level administration and the governance of users.

Immediately after deployment, we can reap the benefits of One Identity Manager. Based on my previous experience resolving similar tickets, I am confident that users will receive the desired access to roles upon completing the necessary configurations within the manager and observing the job queue.

One Identity Manager's user interface can be confusing due to its multiple UIs. Having worked with ForgeRock Identity Access Management, which has only two UIs for access and identity management, I believe One Identity's interface is significantly more complex and challenging to navigate compared to ForgeRock or other similar tools.

I have been using One Identity Manager for almost eight months.

It lags. Due to configuration issues, the system requires eight to ten GB of RAM, ideally 16 GB, to function properly with One Identity. If the system has eight GB of RAM or less, the tool will experience lag during use, regardless of the task being performed.

I previously used ForgeRock Identity Access Management but have been asked to switch to One Identity Manager for a new project.

Deploying One Identity Manager proved challenging due to the extended time required to install all necessary tools and subsequently gain access. While deployment would be significantly easier with the documentation, the process is lengthy regardless of the system. Additionally, any system hosting the tool must have a minimum configuration of 16 gigabytes of RAM. It takes one day to fully deploy One Identity Manager.

I would rate One Identity Manager six out of ten because of the complicated UI and system configuration lagging issues.

One Identity Manager requires no maintenance; once deployed, it can be used for any required purpose and then closed. However, if deployed on a virtual machine or VMware environment, it must be accessed every one or two years to prevent deletion due to machine expiration.

We use One Identity Manager for access control and identity management. It is the central repository for all our organization's users. It has all the access control points, role-based access control, security policies, single sign-on, password management, and privilege access management for all the stuff we did.

It's pulling the public Azure access, so we can identify who has the right level of access. And we have the SODs, the artifacts, and the scoring server. It helps us identify customers with that public access and whether it should be removed or managed by the owners.

It helps automate provisioning and launching application accounts. It will also investigate compliance issues. We already have some custom reports, and Identity Manager's built-in reports are quite helpful.

The solution empowers application owners or business managers to make application governance decisions by themselves without IT help. It has a lot of features that allow you to configure that.

One Identity Manager is more scalable and customizable than other products I have worked on, and user customization isn't as complicated. Defender, One Identity's PAM solution, is useful for rotating passwords in the developer's evolving facilities. 

Customizing the UI and backend is easy if you understand the framework. It may take some time to learn, but it's not too difficult once you have it down. Business roles are a handy tool from One Identity that we can map multiple accesses in a single bundle and provide it to the users. You can also provide birthright access to this, so they don't need to request it once onboarded. We can assign them access based on a particular department or a job role.

The out-of-scope connection for the cloud data applications could be better. We have to contact the data on the connection center if it's coming out of the process.

The UI may need some improvement, but it's still great. GraphQL Cloud isn't quite visible yet to the end users, and they said there are some issues there because we have lots of users on board, so it takes time to reflect when the approval is going through and who they should contact to get it approved. The smoothness in that UI performance could be better.

I have used One Identity Manager for four years.

I rate One Identity support eight out of 10. We customized the system a lot when we were using a system. We had dedicated support from the vendor on the data side. They were for within the SLA time.

Positive

I rate One Identity Manager nine out of 10. 

We started using the solution for the supply chain. We are a retail organization (FMCG) and we use it in the distribution center, at the head office, and for all of our employees in the stores, even the stock clerks.

The solution has made it possible for us to give everyone in the store a personal account for application access. That was not possible without One Identity. In the past, only management had a personal account in Active Directory and could use the computer and applications. It allows everyone to reach whoever they need in the store. It's also allowed us to move to the cloud and keep security. It helps us monitor users as well.  

The solution helps us to efficiently manage lots of authorizations automatically. We started initially using One Identity as a tool for security reasons. But then we noticed that management in the supply chain embraced One Identity for operational efficiency reasons. Today It allows all 100,000 employees to automatically access all kinds of applications.

We use it for SAP. We have multiple SAP systems. We use it for HANA and the cloud environment, for example.

One Identity Manager provides an enterprise view of management for logically disconnected SAP accounts. It's very good yet also difficult. Technically, it's a good solution, however, you need to have people who understand it and can use it the correct way. Being just a One Identity developer is not enough. You need to be specialized in this kind of module to use it to be efficient and effective. We are not there yet to use all this additional functionality.

One Identity Manager connects SAP accounts to employee identities under governance. It is important to see who has which SAP role, and if it's assigned based on the HR function, or assigned after an additional request.

There is a special SAP connector. There is reporting. You can build reports yourself. There are lots of possibilities, however, you need to know how to use it.

The solution is good for providing a single platform for enterprise-level administration and governance of users, and access to applications and data. We use it only for personal accounts. We have a separate PAM solution to manage privileged accounts. But to request access to PAM-tooling initially, needs to be done in One Identity. It's a two-step approach.

What I noticed, is that the user experience in version nine is good. We’re using an older version. The user experience is not very good in version eight. It’s a bit old-fashioned as it appears now. The latest version is much more modern.

We make use of the solution's business roles to map our company structure for Dynamic Application Provisioning. We are giving people the right authorizations based on the job and function. We use it a lot, especially in the stores and distribution centers where there is a high frequency in the joiner, mover, and leaver process, but the organizational structure is quite solid and doesn't change a lot.

We use One Identity also to give access to test environments, as self-service.

It has positively affected operations. There are a lot of things that are possible. It does what you want. 

It provides more insights because HR data and access to all systems are in one system. This information can help us to review who needs more access, or revoke access if it's necessary.  

One Identity Manager helps streamline application access decisions. There's an approval flow for additional access requests. For every application, you can have a different flow, in case you need extra security approvals or from a data-owner. 

It helps streamline application compliance and auditing. We can do a re-certification process and someone can give approval if it is needed or not. It's helped us improve governance. The re-certification process is very good. 

The solution helped enable application owners or line of business managers to make application governance decisions without IT. All employees and managers can request access as a self service in One Identity instead of going through IT.  The request for access is easier, and faster, because after approval the access is automatically granted.

It's customizable. However, that's also the downside. It's a bit complex and there are so many possibilities. You need to have good developers who know what is standard and how it's meant to be used before they adjust all kinds of stuff. It is possible to configure and change a lot of things and if it's not good enough, you can use custom code.

They should offer more best practices and documentation for every functionality. It would be helpful if there was a demo environment to show the possibilities and how they can be used. That would help with the learning curve. 

I've used the solution for quite a long time. It's likely been about seven years. 

The stability is very good. 

We have 100,000 users on the solution currently.

The solution is scalable. 

I'm satisfied with the level of support we receive. 

We use regular support. I was not aware premier support was an option.

Positive

I did not previously use a different solution.

The initial setup was complex. The start of the project took a bit more time than we expected.

We're still busy with the solution. We have a DevOps team, and every week we have things to do and improve. It's not a project you start and finish. It's a continuous process. 

We currently have a team of six people working with it. 

The solution requires a lot of maintenance. That includes updating, patching, and monitoring all kinds of processes that are running. On top of that, there are incidents that you want to improve and make better. 

It's important to have a good partner, a good process, and good people involved for the initial setup. We started the project with another team and moved to another partner. The partner was involved with training staff on the solution. 

The first partner we started with didn't understand what we really wanted and we went our separate ways. Our second partner understood our business much better and we have had a more successful partnership. They've been involved with post-implementation support. 

I cannot speak to the pricing. I don't deal with the licensing. 

We are a customer and end-user. 

It is hard to pinpoint when we noticed a benefit with this solution. It was step-by-step. We didn't dive in all at once. It might have taken two years of working with it and implementing small steps before all stores and franchises were under the solution. 

I'd advise others to start with the solution as a managed service so that you don't have all of the technical hassles. 

I'd rate the solution eight out of ten. 

The purpose of the solution is to add customers with identity and access management. We build software for them and configure everything, however, we're more on the consulting side. 

Automation has really helped to improve things. It provides less manual work for creating accounts and providing permissions. It allows for a faster onboarding process. As soon as a person joins a company, it used to take one or two weeks until someone had permission to access everything that they needed to access for the job. With this product, that can be reduced to half a day. 

There's now an automatic generation of accounts. There's no human element anymore. It's directly from HR to the Active Directory. There are fewer errors made or no errors. Overall, there are fewer errors, more automation, and faster processes. If someone leaves the company or needs to be deactivated and everything needs to be removed, nothing is forgotten. 

The customization is an excellent aspect of the solution. You can basically change the product to anything that we need to with most of the code available. Most of the user interfaces can be changed just by the request of the user and our customers. That's very good. 

Another very good part is the standard connectors, especially SAP. The integration with SAP and One Identity Manager is just very good. It brings a lot of the standards with it already. There's a lot that has already been done and doesn't have to be configured manually. That's back to the customizability. If the SAP connector or any other connector is not enough, things can be reconfigured. 

We use it to manage SAP. From an enterprise view standpoint, we have a full list of all SAP users. It connects all SAP users to the specific employees and we get an enterprise view. The solution connects SAP accounts to employee identities under governance. That is very important. It's one of the most important things we can do - to recertify permissions and recertify the users and also find authentic users that are not used anymore. That is why it's a very important part of governance.

The solution provides some default workflows for creating users, updating permissions, et cetera, however, you can customize beyond that. You can basically do whatever you want all in workflow and processes, automatic processes, et cetera. 

It provides a single platform for enterprise-level administration and governance of users, data, and privileged accounts. It allows you to see everything. If you have more than one product, you have a very good overview of everything. The identity manager alone can give an overview of privileged accounts that exist. The overview is very good. 

The solution's user experience and intuitiveness are great, especially for the users and administrators. The web interface is very good. It's very easy to use. Most customers change the interface colors and icons and stuff like that to match their own company. 

It is easy to customize the solution for our particular needs or for our client's particular needs, depending on what has to be customized. For web interface customization, you need to do some programming. You need to be experienced in web interface programming. However, enterprise processes, workflows, approval, recertification, and calculation of permissions and stuff like that is very easy. It's easy to configure that without much knowledge of the system. 

We make use of the solutions business roles to map the company structure for dynamic application provisioning. Business growth is one of the first things that we try to conceptualize with our customers. We can map specific permissions to specific roles and also apply those via dynamic roles automatically to people in specific departments.

We do use the solution to extend governance to cloud apps. This extension of governance to the cloud apps is important. You have to extend the governance to every aspect - not only on-premise, but also cloud. You cannot stop with governance. If you only do governance on half your systems, then that doesn't really make sense. Therefore, it's very important that the solution provides it for the cloud as well.

The product helps minimize gaps in governance coverage. The recertification and access management part can help with that.

It can help consolidate procurement and licensing. None of our customers have needed it until now. 

The solution helped enable application owners and managers to make application governance decisions without IT. When the recertification or application access is automated and configured correctly, then the manager automatically gets, for example, every six months, a request on the web interface, which is very easy to understand. It basically explains everything. The user just has to click the green arrow or the red cross to say yes or no to certain access or permissions; it's very easy.

The product helped us achieve an identity-centric zero-trust model. It all comes back to the optimization of different accounts since everything is connected. With this product, you get a 360-degree view of all accounts, et cetera. 

Items that can be improved in the solution include pricing, integration, support, and analytics.

The update processes for hotfixes need improvement. There are bugs in the system, and even though there are not a lot, there's no information about it until you happen to stumble upon it and then talk to the support, and then the support informs you there has been a hotfix for that for two months. Users need to be informed they exist in advance. 

Integrations are basically always able to improve. They can always have more standard connectors, more prepaid workflows, more templates, and stuff like that. That said, with the standard rest API and C-sharp and power share connectors you can basically do everything that you need to do even with stuff that is not supported.

I've been using the solution for three years. 

It's very stable. I have never seen it crash or anything like that.

It's very scalable. I've seen the solution operate with millions of users. 

I mostly work with premiere support. It offers faster support times. That's important. When we do reach out, it's likely very critical. 

Positive

I have past experience with Microsoft, Omada, and IBM HCI, among others. While I can't speak to the pricing differences, functionality seems to be better with One Identity. It's more customizable and the user interface is very good.  

The deployment varies according to what is included in the deployment itself. To get it up and running, it takes about one year. 

We have enterprise clients and it's mostly deployed in a high-availability environment, mostly three databases, a web server, and an application server. It mostly starts small with one server and then grows bigger. The same is true with the application side. All of our customers are using Active Directory, Azure Active Directory, or a combination of both. That's the first integration that we start with. Then, we also have, of course, HR data coming in via .CSV or a REST API or starting connector. 

We're also implementing standard workflows, and standard processes, and integrating HR data to exchange for emails or anything like that. As soon as the big applications are done, we provide workshops so that the companies can extend the product by themselves.

The solution requires maintenance. There are regular updates provided. We also check regularly if there are any processes or jobs that aren't working anymore. Other than that, there's maintenance maybe once a year. It's not very often.

I'm not too familiar with the pricing.

We're integrators.

I'd advise others to always do a proof of concept for this or any other product they use. However, I would recommend the product to others. 

I'd rate the solution nine out of ten.

I implement One Identity for multiple use cases, including identity management, access assignment, and workflow automation. I also use it to migrate workloads from the admins to the business owners of the resources that are available in the IT shop.

One Identity increases security and decreases the provisioning time. Provisioning can be completed in a few minutes instead of days. That's a huge difference. It improves governance because you can deal with a problem account much quicker. You can fine-tune the roles to an employee's position in the company. You can give them the exact permissions they need and nothing more.  

It delivers a simple solution for assigning the correct permissions to the right person. One Identity helps us develop an identity-centric zero-trust model. The solution gives us one centralized entity for all the accounts in the connected systems, such as Active Directory accounts, email accounts, application accounts, SAP application accounts, etc. 

One Identity is simple to implement. About 90 percent of the implementation is configuration rather than scripting and creating the connectors. It's quite easy to customize the solution. 

There are too many different user interfaces. For example, one is the designer and another is the manager. There's also a web interface and an object browser. It would be helpful to consolidate all of those into a single administrator portal. 

I have used One Identity Manager for 10.

One Identity is a stable product.

One Identity is scalable. We deploy the solution for businesses of all sizes.

I rate One Identity support nine out of 10. Most of our customers use One Identity's premier support. The main advantage is that they offer 24/7 service, so you can call them on Sunday evening if you need help. 

I previously used SailPoint and OpenText.

Deploying One Identity is straightforward and only takes a couple of days. After installation, you have to onboard the servers, databases, Windows operating systems, etc. The number of people needed during the deployment varies, depending on the size of the project. It is typically deployed at two or three locations. 

One Identity requires some daily maintenance to ensure that everything is working fine. We need to review the logs and extend the functionality for the customer. Sometimes, the client needs to make changes like connecting a new hub system connected, adding applications, changing the workflow, etc. 

One Identity's pricing is similar to that of other products. It might be a little more expensive, but you save time and implementation costs. It's cheaper to implement One Identity compared to Sailpoint and other solutions.

I rate One Identity Manager 10 out of 10. I recommend doing a proof of concept before implementing the solution.

Currently, we are using the One Identity Manager solution for user feeding from the HR database to target systems such as Microsoft Active Directory, Microsoft Exchange, and other protocols and servers. In our organization, One Identity's main use case is user feeding, user onboarding, and user offboarding.

We have created job flows for users, and One Identity listens to our HR database to see if there are any changes. It detects any changes and then synchronizes with the target systems or feeds the target systems. We have created a custom workflow based on our organization's requirements, and then we are managing our users with One Identity.

One Identity has a single sign-on solution. If you want to use single sign-on or auth providers in your organization, you can use it, but currently, we are not using it for the single sign-on features. We are using it for privileged accounts. We have created custom rule sets for access reviews, attestation, etc. We have also created flows for the segregation of duties and job rotations. We are handling these operations or regulations with One Identity.

We are completely working with an on-prem solution. As per Turkish financial regulations, we can't use cloud services for financial services. That's why we didn't test any scenarios related to the cloud and any software on the cloud. We are currently using its latest version.

It's very easy to implement for privileged accounts and for our regulations. It's a competent solution that we can use for our regulations and requirements.

We use its business roles to map company structures for dynamic application provisioning. We are implementing and developing our business roles for business needs. One Identity mainly manages our business roles to do all the business and use financial tools in our bank. It's critical for our business. If this solution is not working properly, our main functions and our main operations will not continue because all access rules are managed with One Identity. Some roles will not be able to do their daily tasks. Currently, One Identity is managing the roles for credit approval, credit preparation, and credit final approval. Without it, they cannot do their daily tasks, and they cannot approve credit.

For IM services, we are completely working with One Identity auto-flow jobs. Our help desk, or our user administration teams, are not involved in any subsidiary company's employees' processes. We delegate activities related to user onboarding and offboarding to their HR teams. They start the onboarding process with their own portal running on One Identity, and then, auto tasks and auto flows are managing the operations to the target systems. Our operations teams are not involved in this process, so there is no overhead in managing users.

We have many regulations for access reveal, user onboarding, user offboarding, user rotation, and user re-organization tasks. For example, if users move to another department, One Identity manages the activities for data operations, such as removing some groups and adding new groups. It happens automatically with One Identity. We need to meet these regulatory requirements, and it helps with that.

We can also see historical operations and modification logs with One Identity. If we need information about any activities, we can create an identity-based custom report for users or an object-based report for groups. We can create a report to see what happened, what changed, and which modifications happened in our systems. We can provide detailed reports to our auditors. It has powerful reporting tools for auditing activities.

One Identity Manager completely helps us with our operations. We are relying on One Identity for our operations. We don't want to touch Microsoft AD, Microsoft Exchange, or other target systems. We don't want to touch them, log in to them, or operate anything on these servers. Our master database and our master platform for modifications is One Identity.

It has helped to close the security gap. If any unauthorized change happens on our target systems, or a suspicious change happens in our target systems, the One Identity platform overwrites these operations because the master database is One Identity. If there are any security vulnerabilities, or if there are any suspicious activities that are identity-based or related to our privilege groups, One Identity will ignore and overwrite that with the master data.

Identity Manager has been managing our application authorization tables. All of the authorization tables and all the access-revealing features are managed with One Identity. These tasks are delegated to us, and we are providing One Identity's reports for the auditing activities and requirements.

Changes are being synchronized with applications. If there are any changes on One Identity access tables, it'll affect the applications directly.

It has helped to achieve an identity-centric Zero Trust model. We can manage and we can feed from one database to all target systems. We have distributed target systems. We have more than 10 target systems, and we are effectively using One Identity tools for managing and seeing from one view. From the operation side or the administrative side, this solution helps us to have a view without logging into the target systems.

We did a PoC with other identity management tools such as SailPoint, Oracle Identity Manager, and Microsoft Identity Manager. We chose this product for being able to accommodate our requirements. It's very flexible, and it's open to being developed to our requirements. For example, for our custom tasks related to subsidiary companies, we created a custom HR portal for our subsidiaries. These employee accounts are not in our main HR databases. We created a portal in One Identity for their HR divisions, and they are doing their daily operations on this One Identity custom portal. That's why we chose this product for our production environment.

Another reason for choosing One Identity was the local support and the Password Manager solution that they have.

The product's GUI could be more user-friendly.

One Identity can improve its Password Manager solution for custom requirements. We want to manage different environments, such as test environments, and we want to manage their passwords, but we can't use this solution because their environment does not have its own connector server.

I'm not sure if One Identity already has it or not, but there could be a Privilege Identity Management solution from the vaulting side in the One Identity family.

It has been almost three years.

It's very stable. I would rate it a nine out of ten in terms of stability.

It's scalable. We have installed it on an on-prem server in one of our data centers, but it's a highly available infrastructure. It's not a standalone server. We have a redundant topology for this one. The approximate number of end-users who are using this solution is 35,000. Its usage would only increase by 5% in our organization.

Currently, we are using both premium support and local partner support. We are getting support from our local partners for the development requirements from our side. They are supporting us with development requirements. I would rate our local partner an eight out of ten in terms of support. 

We used Security Identity Manager from IBM. We switched to One Identify because that product was out of support, and it was not open to implementing a custom workflow from our side. It was not flexible, and it was not a convenient service.

I worked as a team leader. I was involved, but I did not execute or administer this service. We worked with our local partners, and they did it for us, but it was straightforward. 

It took about three months to implement it. We closed our old identity management solution and moved all the workflows to the new one, but the installation was quick.

We used SoftwareOne in Turkey for the implementation. In general, four people were involved in the implementation. We had two people from each side, and then there was a project manager. People from our side were from the Identity Access Management department. They were Access Management architects. From the integrator company, two people were Identity Access developers.

Our experience with SoftwareOne was good. They helped us to customize the solution for our particular needs. They trained us on the solution, which was very helpful for us in managing and doing daily activities. They have also been involved in post-implementation support. We are happy with their support. They have been very important to us. We wouldn't have been able to go further without them.

In terms of its maintenance, for the maintenance tasks, two IM specialists are involved.

It was okay for us. It was not too much for us. It was nearly the same as other products. It was not expensive.

We aren't paying any costs in addition to the standard licensing fees. We are just paying for the local support. We are paying for the development requirements to our local partners.

We evaluated SailPoint, Oracle Identity Manager, and Microsoft Identity Manager. When we compared this solution against SailPoint, they were very close, but the local support and development capabilities were the reasons for going with One Identity.

It's a very flexible solution. You can improve or develop it based on your needs. If you have a little bit of knowledge of .Net code, you can create whatever you want. The product is so open to development. If you have some coding experience, you can do whatever you want. This is one of the most important things for us.

I would rate it an eight out of ten.

We're a consulting company and provide professional services. If the customer has the solution, we end up using it. 

It offers really powerful processes. For example, when a person is joining a company, or changing teams, or leaving, it's easy to create a management flow for the onboarding or offboarding process. It helps manage all of the accounts a person might need to have access to. It integrates with several platforms and has specific connectors that make it very useful. It works with the majority of applications an enterprise might be using, such as Salesforce or various cloud providers. It also integrates well with SAP. 

It provides a unified view of logically connected solutions. It can connect to accounts related to employee identities under governance. It's probably the main reason a client would use the solution. The entire reason to deploy such a solution would be to have governance over accounts and have access to the life cycle of the account. 

The solution is a single platform for enterprise-level administration and governance of users, data, and privileged accounts. 

It can be fairly easy to customize, depending on a user's particular needs. If you are integrating with some very common solutions, it's pretty straightforward. 

The solution offers various business roles to help map company structure, name, and provision. You can tie permissions to specific roles very effectively. You can implement role-based access control.  

We've used it to extend governance to cloud apps. This is important to us. The common trend is to move to cloud applications. Even local clouds afford the same level of permissions. Having a standardized layer in between definitely helps. 

We immediately noted the benefits of the solution. However, it depends on the type of user. Common enterprise users can get quick results. Those responsible for identity access management or compliance see the results quickly. They'll benefit almost immediately. The normal user, however, may not understand the difference. 

You can use the solution to minimize security gaps and close the gaps between privileged and standard users. 

It can help consolidate procurement and licensing. It can help you understand how many users need access to specific applications to help you get better numbers as to what is needed and not overbuy licenses. 

The solution helps us streamline application access decisions, application compliance, and application auditing. You can get reports. It's nice. It helps with visibility and planning. 

It helps reduce footprints and minimizes access from unrelated teams. 

The user interface can be a bit clunky. It could be more modern. 

Its documentation could be better, especially around complex configurations. 

Support could be better as it is part of the user experience of the product itself.

I've used the solution for the past year. That said, we do not use the solution in my company directly. 

The solution is pretty stable. I haven't experienced any major issues. 

It's a scalable product. You can integrate with many platforms, and it works well with the majority of common enterprise platforms. It's pretty scalable overall. 

I've contacted support in the past. There is premiere and regular support, and I've used both. I work mostly on the client's behalf, which I would reach out to would depend on the client's contract. 

Premiere support has more advanced engineers and is more available to the users.

Normal support could be better in terms of the level of service. They should offer more services during the initial deployment and configuration. 

Neutral

I have used competitors in the past.

One of my colleagues handled the configuration and setup process. I've never experienced a deployment. 

If any maintenance is needed, it will depend on the deployment model. For example, if it is on-prem, it would need a bit more maintenance than if it were deployed on the cloud. There may be access and configuration reviews or integrations with other platforms that may be ongoing on occasion. 

Given the fact that you can save a lot of time and headaches around compliance, it is worth paying for this - if you are an enterprise. SMEs may find the cost high, even though they could benefit from the offering. 

We're One Identity partners. 

I'd rate the solution seven out of ten.