SailPoint Identity Security Cloud Reviews

The use case involved architecting solutions for LogLabs and Scotiabank, focusing on two main user groups: Identity and Access Management users utilizing various heterogeneous IEM platforms like Broadcom, and Active Directory users. The challenge revolved around implementing attestation and governance certification processes, requiring integration for both groups. Specifically, integrating with third-party systems for users on non-AD platforms and with AD for those utilizing it.

The primary objective was to leverage IdentityIQ for identity governance and compliance within the organization. With over two hundred thousand IdentityIQ instances in use and a continual influx, the focus was on streamlining identity governance processes, particularly for onboarding, offboarding, and conducting periodic attestations.

It effectively streamlined our user access management processes, serving as a central hub within our enterprise ecosystem. With various credentialing IdentityIQ access management solutions in place across the organization, SailPoint integrated seamlessly with these systems. It ingested events from these sources, generated reports, and initiated outgoing events and triggers to facilitate appropriate actions based on user and supervisor actions.

The policy management and risk-scoring capabilities of SailPoint IdentityIQ greatly benefited our organization. While we primarily focused on policy enforcement based on written guidelines for identity lifecycle management, we didn't extensively utilize a risk-based approach, as that fell under a separate area of resource management. However, within the policy feature set, SailPoint provided robust options. We were able to categorize users into different groups, such as office users, retail channel users, and backend users. Additionally, we could apply role-based access controls and differentiate between temporary and permanent employees, full-time and part-time staff, and those with specific time-based access requirements or temporary assignments within the organization.

The implementation of IdentityIQ significantly impacted our IT audit and compliance activities. SailPoint was introduced in response to an audit observation, as no prior system was in place and everything relied on manual processes. This lack of automation resulted in gaps and oversights. Implementing SailPoint IdentityIQ for attestation and governance effectively addressed this audit observation and closed the compliance gap.

It played a crucial role in addressing a complex identity management challenge within our company, particularly in the area of credential cleanup. Given the large user population, a dedicated team within the IAM pillar focused on this task. Before SailPoint, it was common to encounter instances where user identities remained active even after individuals had moved roles or left the company. For example, credentials associated with finance or treasury functions would still be accessible, even if the user had transitioned to a different department. Similarly, sensitive data access, such as payroll and HR systems, posed risks if not appropriately managed post-employee departure. SailPoint streamlined the process of managing these identities, effectively identifying and addressing instances where inactive accounts lingered, sometimes for extended periods, thus enhancing overall security and compliance efforts.

One of the most valuable aspects of SailPoint is its open integration interface. In my experience, it seamlessly connected with four different digital identity management solutions, offering both API and low-level code integration options. This flexibility, coupled with extensive documentation and strong support, ensured smooth integration without encountering issues like lost events or operational challenges. 

Additionally, its reporting capabilities are exceptional, providing detailed and granular insights without any issues. Reporting features are highly effective for managing user certifications and role management.

I believe SailPoint could benefit from embracing newer, no-code or low-code approaches, in addition to its already excellent integration and API capabilities. Finding integration experts for SailPoint in the North American market can be challenging, and transitioning to a no-code or low-code setup could reduce dependence on specialized skills. This shift could potentially make development and integration more user-friendly and accessible, opening up new possibilities for easier implementation and customization.

I have been working with it for almost four years.

In my experience, SailPoint IdentityIQ has been stable. While stability may be influenced by the capabilities of other parties involved, I haven't encountered any significant stability issues.

We aimed to implement SailPoint IdentityIQ across our entire enterprise, encompassing over two hundred thousand users. While we were informed that it could scale up to fifty-five to sixty thousand users with ease, scalability considerations required additional backend server resources. This scalability, however, is subject to various factors, including the complexity of integrations and the environment. Ours was particularly complex, involving integration with four distinct IdentityIQ digital identity solutions. I would rate it seven out of ten.

We plan to expand our usage of SailPoint IdentityIQ in the future, with the aim of establishing it as the central product for identity and governance across our organization.

Initially, there were numerous interactions with tech support, but after resolving some initial issues, the process became much smoother. While we faced challenges with offshore support resources, the onshore and nearshore teams provided excellent assistance. I would rate it five out of ten.

Neutral

Broadcom was previously utilized for similar purposes, but it lacked certain capabilities, particularly in terms of traceability and governance functionalities like attestation, recertification, and periodic certifications. Additionally, Broadcom faced support issues and relied on outdated technologies which presented challenges. SailPoint, on the other hand, was sought as a more contemporary and comprehensive solution to address these limitations, offering numerous advantages over Broadcom.

On a scale of one to ten, I would rate the initial setup of SailPoint as a two. It's rarely an easy process, and the ease of setup depends on the resources allocated. However, compared to my experiences with other enterprise systems, SailPoint's setup was relatively better. Its out-of-the-box integration with Broadcom and Active Directory was particularly advantageous, addressing around thirty-five to forty percent of our challenges without requiring additional customization.

The deployment timeline for the initial pilot involving two hundred and fifty users spanned approximately six months from start to finish, including user acceptance testing and production rollout. Similar to other solutions, this process comprised both technical aspects, such as deploying VMs and servers within Azure and configuring settings, as well as procedural and integration components. Integration efforts, in particular, required additional time due to complexities. The selection and onboarding of users, which involved manual processes, also contributed to the duration. However, despite the comprehensive nature of the deployment, there were no significant obstacles encountered along the way. Leveraging a third-party consultancy for implementation, specifically one proficient in SailPoint, proved beneficial as they brought in skilled consultants familiar with the product, facilitating a smoother deployment process. 

From a technological standpoint, our team consisted of two architects, three developers, and project management staff, totaling approximately ten to fourteen internal members. Additionally, we engaged external resources, ranging from four full-time to six to eight part-time personnel, depending on project demands. These resources included database roles, developers, and analysts, some of whom were pulled from Broadcom and Active Directory teams. For ongoing maintenance, a team of six individuals was allocated, with three working full-time on operational tasks and others providing support as needed. This setup ensured smooth operations and support, with dedicated personnel available for day-to-day activities and issue resolution.

I found the pricing to be relatively high. The pilot project for two hundred and fifty users over an eighteen-month period amounted to nearly two million dollars, which I considered to be a significant investment.

As an architect, I feel quite comfortable with this product from end to end. Given my positive experiences and advocacy for SailPoint, I would rate it eight out of ten.

We use the solution for identity management and access requests.

The solution's most valuable feature is its integration with Slack for the notification of access requests.

The solution needs to have more out-of-the-box integration with different applications and solutions. I would like to see the solution integrated with MFA tools like Gemalto, SafeNet, and One Identity.

Many consultancies charge a lot of money for services to implement the solution, which increases the project cost.

I have been using SailPoint Identity Security Cloud for about one year.

SailPoint Identity Security Cloud is a very stable solution.

I rate the solution a nine out of ten for stability.

Previously, around 10,000 users were working with the solution. Our customers for SailPoint Identity Security Cloud are mostly medium and enterprise businesses.

I rate the solution’s scalability ten out of ten.

The solution’s technical support is very good.

Positive

The solution's initial setup is a little complicated, but that's often because a project is complicated. The setup could be easier, but it needs to be flexible to meet a project's demands.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a six out of ten.

The solution can be deployed in some hours. Yeah. It's generally a quick process to deploy the solution. Since it's a cloud service, it's all about trying to get that cloud service to talk to your applications. It's reasonably quick to have things ready, but you need to configure the tool to talk to your systems. The solution can be deployed either on-premises or in the cloud.

It's difficult to say that the solution saved costs because it is quite expensive. Automation may make things easier and less error-prone, but it doesn't save on human power.

The solution's role management capabilities enhance access controls. They help control different types of access and what people can have access to.

The solution has introduced some AI functionalities to improve identity management. However, SailPoint seems uncertain about how the AI had been trained and how the customer data would be safeguarded. AI is used in terms of learning and some security and access requests.

SailPoint Identity Security Cloud is mostly used in the energy utility sector. New users should know what you're trying to achieve with SailPoint Identity Security Cloud. You need to control the tool rather than the tool control what you do. Make sure you understand what you're trying to do with your project. SailPoint Identity Security Cloud is a very good tool that does a lot of things, but you have to configure it to do what you want.

Overall, I rate the solution an eight out of ten.

I use the solution in my company for any customization that needs to be done. If something is not available out of the box, assuming that sometimes one may need to do some customization, it can be done easily with SailPoint IdentityIQ.

The most valuable features of the solution are the workflow and user access, which are the tool's two important features.

The disadvantage of the tool stems in the area of upgrades, especially if you need to do a lot of upgrades in terms of versions. Suppose a user is on SailPoint IdentityIQ Version 6.0 and needs to upgrade to SailPoint IdentityIQ Version 8.0. In that case, the product takes a lot of time, and there is a need to put in a lot of effort, making it an area where improvements are required.

The solution's technical support team's response time and skills need improvement since it is an area where there are shortcomings.

I have been using SailPoint IdentityIQ for eight years. I am the product's system integrator.

It is a pretty stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution an eight out of ten.

I deal with the tool's customers, handling small, medium, and large businesses.

I rate the technical support a six out of ten.

Neutral

The product's initial setup phase was satisfactory for our company.

I rate the product's deployment phase a nine on a scale of one to ten points, where one is difficult, and ten means it is easy to deploy.

Depending on the infrastructure where the product is required to be deployed, the deployment process, along with the updates, can take a week's time.

The product is expensive. People need to opt for a licensing plan for one year or three years.

The maintenance requirement depends on the size of the deployment. If the product is used to serve a very large enterprise-sized organization with many users, 15 to 20 people are required to take care of the maintenance. If 50,000 is the product's user base, there is a need to have four to five people to four support the product.

The product's integration capabilities with other solutions can be described as a straightforward process that the tool offers. As long as the application exposes some kind of interface, SailPoint IdentityIQ can integrate with it.

The tool's GUI is user-friendly.

The product requires one to invest in maintenance, upgrades, and other such areas. If it is a small-scale business, I usually suggest SaaS-based systems to such companies so that you don't have to take care of the maintenance. Medium to large-sized businesses can choose SailPoint IdentityIQ.

I rate the tool an eight out of ten.

The initial setup isn't so difficult. 

The product can be flexible in the build. You can easily customize the workflows.

We can set everything up on the cloud, which makes things very easy. It can easily adapt to the PoC requirement and the set requirements on the app's online version.

The user interface needs some work. It could be more user-friendly.

Right now, it only offers a single sign-on, an SSO.

I'm in the PoC SailPoint in my online orientation. We did the PoC with the online model, and I want to try the free trial and update it on the cloud. 

I have tried to do a lot with SailPoint in about three years. We deployed dit last year and have been working on a PoC.

The solution is stable and flexible. We didn't have any issues with it. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

The solution is scalable. 

If we deploy with the reduction, we have more than 15,000 users.

I've dealt with technical support. However, I don't have much to comment on.

I also want to try Identity Now to compare the environment, the solution, and the features.

I'm looking at SailPoint and Saviynt and Oracle. Currently, we do Sailpoint IBM solutions. However, we are just finalizing the PoC. We aren't really using anything just yet.

It's my understanding the initial setup isn't very difficult. However, I don't do the setup in the PoC. 

I have only with the phone connection and I don't think it's very difficult.

Currently, I am just a SailPoint user.

I was partner. Right now, I am working for a bank. We did the PoC with the Identity IQ. We spent three months on the PoC. Until now, we have finalized the PoC report. I don't yet have strong experience with the product.

We don't use the mock-up use strain with the Identity IQ. We circle everything on Cloud and management.

I'd rate the solution eight out of ten.

We use SailPoint IdentityIQ for identity governance and access management. There is no other vendor as good as this product. 

I find the built-in connectors, lifecycle management, certification, and recertification features to be the most valuable.

Access management could be improved. SailPoint is known for its IT identity governance capabilities, but its access management features in one platform.

Comparing SailPoint's access management to that of competitors like CyberArk and Okta, there's a clear gap.

Additionally, regarding privilege access management, there's potential for improvement. If SailPoint can develop a connector for RPAQ, they could also extend their capabilities by adding more access management features and modules.

I have been using it for three years. I am currently using version 8.3.

We actually have a lot of challenges with some of our applications. Some of them are not working properly, and the issues are not fixed. We are encountering some problems.

Scalability is hard, especially when you are doing it in real time. But, it would be eliminated once we have the first version of IdentityNow. So, the main goal for now is just to eliminate maintenance costs or run the entire infrastructure. That's why we plan to migrate it to the SaaS version of SailPoint.

We have more than 10,000 end users. We use it daily, 24/7 operation.

Initially, I had difficulties, but with time, I gained experience. Especially integrating legacy applications like ARPAQ. Over time, it became easier, but integrating legacy apps remains a typical issue.

In terms of user experience, I don't have any complaints.  We are planning to migrate to the cloud.

We did it in-house with the help of a third-party vendor experienced in deploying SailPoint.

The deployment took a couple of weeks in a test environment before going into production.

We require maybe around four people because, in our company, we have different roles and responsibilities. So, from another perspective, from the system administrator, we require around four resources.

It is affordable licensing. 

Currently, we are looking for another option, which is EmpowerID.

Overall, I would rate the solution a nine out of ten. If you want to start, go better directly to the cloud, instead of installing it on-prem.

The third party is the non-payroll staff of the University. IdentityNow is used to manage services.

We are happy with the SailPoint IdentityIQ’s stability.

SailPoint IdentityIQ could be cheaper.

I have been using SailPoint IdentityIQ for a few years.

SailPoint IdentityIQ is a scalable solution. We onboarded about 30,000 students, 7,000 staff, and 7,000 third parties that we need to manage on the platform. They use it themselves, and we just need to manage the numbers on the platform. People are managing it administratively within IT with five to six people.

We have engaged with SailPoint IdentityIQ's technical support and faced no problems with them.

The solution’s initial setup is complex.

We implemented SailPoint IdentityIQ through a consultant. The solution’s deployment takes around seven months.

We have seen a return on investment with SailPoint IdentityIQ because it manages our risks.

We pay an annual licensing cost for SailPoint IdentityIQ.

SailPoint IdentityIQ is deployed on-cloud in our organization. SailPoint IdentityIQ covers our whole portfolio, and its growth will depend on the growth of our numbers.

I would advise other users to be very sure of what they want to achieve and select the right product instead of being brand specific. In our case, SailPoint IdentityIQ matched the capabilities we sought.

Overall, I rate SailPoint IdentityIQ a seven out of ten.

We use this product for identity governance. There is the basic identity creation in the lifecycle followed by certification. I'm a company manager and implementer and we are customers of SailPoint.  

I think the certification module is perhaps one of the most valuable features. The options are pretty intuitive and you can usually set up the certification easily without much time or resource investment. It consists of two parts, both of which are useful. I like the pre-built out-of-the-box connectors that have a plug-and-play kind of feature. Identity IQ is easy to integrate with other systems and offers a lot of options. 

The only issue I have with the product is that there are modules that need to be bought separately, and that makes the product prohibitive for some of the customers that I've worked with, particularly in the middle-tier range. The solution itself is expensive and then when you add the cost of the modules it becomes too much. They could provide something similar to what Okta offers and I believe this would give the company a lot more traction in the mid-size range of companies. I'd like to see SailPoint support for custom-based connectors.

I've been using this solution for three years. 

The solution is stable. There are a few bugs here and there, but that's expected for any kind of implementation that we do. It's a risk associated with each and every product. It's not the worst we've seen but there's definitely scope for improvement.

SailPoint is easy to scale.  They give you the bandwidth for that. 

The technical support is good. There are various levels of technical support that you can access depending on the licensing model you purchase. 

Positive

The initial setup is pretty simple and a straightforward mechanism. It does require some knowledge on how to set up and a basic understanding of networking protocols and other things, which is pretty complex. It's not something that's easy to learn and I think SailPoint could look at bringing out intuitive-based migration> There are 10 people in my team who deal with implementation and deployment and the time it takes generally depends on the scale of the setup. One of our larger projects took around three months. 

Licensing costs are high and since we're not an official partner, we're unable to offer any discounts to our customers. Companies often choose an alternative solution that is significantly cheaper and covers 90% of their use cases. I would expect SailPoint to be more price sensitive and have the capability to cater to even small clients and provide them with features necessary in their daily IM use cases. It would expose SailPoint to a larger audience and they'd have a larger implementation market.

I have evaluated a couple of other solutions. Okta is a pure access management product. They have recently launched their Identity Governance suite. Okta and Cisco are more into access management with more focus on providing MFA and access regulation in the traditional sense, rather than going into the governance side of things. SailPoint, on the other hand, is more into identity governance with their workflows more natively able to support use cases with certification. These are two different genres of product so you can't make a direct comparison. If you have Okta or Cisco Duo, you cannot expect it to do a certification. If you have SailPoint, you cannot expect it to do an MFA for you. The market is moving towards a combined product that does everything and I expect each of these products to basically expand more to support all the other use cases. 

Prior to purchase, be sure that SailPoint can solve all your use cases. Otherwise, you'll be unhappy with the amount of money that you're spending. 

I rate this solution seven out of 10. 

We use SailPoint IdentityIQ for identity and life cycle management management for devices. It helps us with access certification, password management, and other essential functionalities.

SailPoint IdentityIQ has a good and straightforward user interface. They also have a lot of resources and documentation available to understand the process.

The product’s cloud offering could be flexible.

We have been using SailPoint IdentityIQ for six to seven months.

I rate the product’s stability an eight out of ten.

We have large-scale institutes as our customers for SailPoint IdentityIQ. I rate its scalability an eight out of ten.

The technical support team responds within an acceptable time frame and is knowledgeable.

Neutral

I used Oracle for a three-year-long project. I encountered constant challenges with incompatibility, or bugs and glitches using it.

I rate the initial setup process a seven out of ten. It takes a couple of days to complete.

The product is expensive. I rate its pricing an eight out of ten.

I rate SailPoint IdentityIQ an eight out of ten. I recommend it to others as it is used widely and has a knowledge base. I advise organizations to streamline their processes rather than to customize the products.