SailPoint IdentityIQ Reviews

We use Identity IQ for user onboarding, offboarding, profile management and to manage user access across various platforms in our organization. 

SailPoint has allowed us to ensure the right people have the right access and to the rights things.

The prices could be slightly reduced to match other products in the market. 

The UI of the solution could be more customizable so we could change the workflows to suit our needs.  There is not much customization offered in SailPoint connectors. We had to customize the out-of-the-box connector to meet our needs and keep track of this customization for future upgrades. 

I have been using this solution for seven years. 

This is a stable solution. 

We moved from Oracle Identity Manager to SailPoint and the initial setup was not straightforward. It took two to three days and was done is small steps. 

We implemented the solution in-house but received assistance leading up to the implementation from a third party company for three months.

From the backend perspective, when we have needed certain functionality and it has not been possible within the solution, we have reached out to SailPoint for assistance. 

I would rate it an eight out of ten. 

We have different use cases depending on the project. For example, we use it for user management, account management, user lifecycle, certifications, reporting, SODs, and governance. We use everything that SailPoint IdentityIQ provides.

Our user lifecycle takes less time with SailPoint IdentityIQ. Previously, it would take around one day to get all the users access, and now it is an automatic process with a good authentication authorization mechanism.

When deployed on-premises, it gives us a lot of areas to customize and provides many out-of-box features. For example, it offers different out-of-box connectors where we can connect with multiple forest configurations. There are also out-of-box connectors for CyberArk, Okta, and other applications, but SailPoint IdentityIQ has more enriched out-of-box connectors than the others.

There's a lot of customization required to improve the user experience. It would also be helpful if there were some out-of-box options for filtering.

We have been using this solution for seven years. We are currently using version 8.2 or 8.3. We have also used versions 6.0, 6.1, 6.2 and 6. 3. It is deployed on-premises and on cloud.

The stability and performance are very good.

Scalability is good, but if the number of users significantly increases, it requires different web servers and becomes difficult to manage. In addition, SailPoint IdentityIQ doesn't provide any SIM tool, so we have to implement it if required. Without it, we have to work locally, going into the logs for eServers by ourselves, and there isn't a central log factory where we can see all the logs for the SailPoint IdentityIQ.

The number of users depends on the project. There are projects with millions of users and others with 100,000 or 300,000 users. Also, the number of people required for deployment depends on the number of servers and users. However, if I were to estimate, it requires an average of three people, but if the server and the UI server increase, it becomes challenging to look at the logs.

Compared to SailPoint IdentityIQ, Saviynt provides a way to select servers. From the UI, you can choose different servers and see the logs.

SailPoint IdentityIQ is being used at full capacity, and I am currently working as an architect for both Saviynt and SailPoint IdentityIQ. If I were to compare solutions, there is no comparison with SailPoint in the market right now, and SailPoint is way ahead. Solutions like Saviynt and Omada have features such as logs, clarity of the risk and SODs that are not as good in SailPoint IdentityIQ.

We have not used technical support directly, but our clients use them, and we have not heard of any problems.

We previously worked with IBM IM products like ISIM and Oracle IM, and we switched to SailPoint IdentityIQ because it is an enhancing product. SailPoint IdentityIQ is the best in feature enhancement.

It was straightforward to implement, which is an advantage with products deployed on-premises. However, there is minimal documentation around the firewall on SailPoint community sites. For example, sometimes, we want to configure SailPoint IdentityIQ for our developers in a development version, and we don't want it to connect inside a company's firewall. But that is not addressed in the architectural documents. The documentation covers areas like check configuration or DR configuration but does not mention options for different networking structures between a web server and a product and how it works. Deployment is dependent on the project. Sometimes we complete it ourselves, and other times it's done by a third party.

There is an ROI. I have worked in this domain for 12 years on different continents and have not heard of people replacing SailPoint IdentityIQ on-premise with other solutions.

I rate the price a six out of ten, with one being least expensive and ten being most expensive.

I rate this solution an eight out of ten. If deployment is done on-premises, SailPoint IdentityIQ is best, but Saviynt or Omada is better if it is cloud.

Regarding advice, SailPoint IdentityIQ is the most customizable product. However, it is good to minimize customization and use more out-of-box functionality because it becomes a hassle in the long term to manage customization in the IM product. In addition, it will be good if there is better log management in future releases.

The Certification and Provisioning features are most valuable.

Manager Certification helped to review user access and revoked unnecessary accesses to various applications.

The connector for EPIC, ServiceNow, and Duo.

More than a year.

None, except cosmetics issues related to UI and documentation.

No.

Excellent.

We didn’t have a solution for Certification, but we had a homegrown solution for all other IAM processes. For various reasons, we switched to IIQ.

It was straightforward.

They are expensive.

Yes. We tried Oracle and ForgeRock IAM products.

Just go for this product. Its awesome.

IdentityIQ is connected to all our target systems to manage access to various applications.

IdentityIQ's best features are the hassle-free user experience and security.

There are various functions that don't work in IdentityIQ, including the access request reminder, which doesn't go to the approvals in the proper format, so it's hard for users to read. In the next release, IdentityIQ should enable emails and reports through the UI instead of the code.

I've been using IdentityIQ for two years.

IdentityIQ is very stable.

IdentityIQ is scalable manually and automatedly.

The initial setup was easy, and the implementation was completed within four months.

I would rate IdentityIQ nine out of ten because the UI is really easy for end users to understand and use.

We used it to manage our complete lifecycle completely. We migrated from CA Integrated Manager to SailPoint in my previous firm. Typical use cases include onboarding contractors, lifecycle management, and employee lifecycle management for user certification. Other use cases include password reset and any application group-level provisioning.

I like IdentityIQ's granular attachment management and certification customization features. 

I've used IdentityIQ for the last year and a half.

IdentityIQ is pretty stable compared to our previous solution, and we're satisfied with the performance.

We haven't had any issues with scalability. What we built earlier matched our requirements, so Identity IQ was scalable as per our need when we added more users or applications. We have about 100,000 users. 

We've used their engagement and peer services team since the beginning. 

It was a standard installation. It wasn't too complicated or easy. It is a typical out-of-the-box installation. We could do it all ourselves with our in-house engineering capability. We need at least one engineer for deployment and maintenance and 10 people for support. It's a multi-year project for us split into three phases. I was there for phase one and part of the second phase. The third phase is ongoing.

The price of IdentityIQ could be lower. There are additional costs when you buy the licenses, and they force the customers to pay for them. Overall, enterprise pricing should be more transparent. It's a yearly license. 

I rate IdentityIQ 7.5 out of 10. 

Enterprise application provisioning and certifications. Provisioning automatically grants access to users based on pre-qualified variables like job function, region, etc; Certification feature of IIQ allows teams to go back and validate that access is still valid, limiting access to those who need

Improved visibility into who has access to what improved ability to validate and certify enterprise access to sensitive applications, useful for measurement and forecasting.

Automated provisioning platform, certification because it helps with automatically provisioning users based on discreet roles, access profiles, across many different applications.

What used to be very complex can be simplified if implemented correctly.

Some of the configuration options could be more automated, but this is a complex problem and I do not expect a simple solution.

One to three years.

No.

No.

Excellent, they have a well supported active community of experts and support personnel.

No.

It can be a bit complex and requires training and a strong background in IT systems and some software development, but other than that it can be learned over time.

N/A.

I implement enterprise software solutions for my clients and SailPoint happens to be one of them.

Work with experience solutions experts who have worked with this tool before. Complement them with experience, and the tools needed to succeed including strong testing and development, project management and team support.

It is used on provisioning accounts, all the crude operations and enterprise resources. So an enterprise may have a different resource like SuccessFactor, Oracle or Microsoft. SailPoint IdentityIQ does the provisioning operation for all the users, which onboards it into the company enterprise. It also does the de-provisioning operations for all the users who leave the organization.

In between, it manages and maintains the accounts. Depending on the requirements, SailPoint IIQ provides a lot of functionality that can suit any enterprise's requirements.

It is simple and easy to implement.

Several resources and applications are entering the cybersecurity market, so if SailPoint IdentityIQ can provide a connector or a way to integrate all those resources, it would be good. For example, there is a connector in CyberArk, but it is not a direct connector. They go via Skim Server, and latency is experienced.

We have been using this solution for more than ten years. We are using version 8.3, and it is deployed on-premises.

It is a stable product. 

It is a scalable solution. We have more than 50 people using this solution.

The technical support is good.

The initial setup is straightforward. The deployment time depends on the customer's requirements. If we are using our maximum resources, it takes about ten days.

It is a licensed product, but I am unsure of the exact cost.

I rate this solution an eight out of ten because it is simple and easy to implement and develop. Regarding advice, it is not readily available and cannot be downloaded from the net. If they get a corporate account, they can create the account via corporate email ID only. Therefore, I would recommend focusing on implementation. In addition, choosing the latest release minus one is good because it is always a stable product because clients have already tested and implemented it in their environment. So instead of taking additional risks, it can be tested by other clients first.

We use it to automate onboarding and offboarding processes.

The basic concept is most valuable. I like how they have designed the solution. They create an Identity Cube, and then they do all the processes and configuration around the Identity Cube. 

It is too technical. You need really good technical skills in Java and other technologies, which are hard to find. If they can make it easier so that things can be done with a few clicks, it will be great.

It should also have more standard connectors. Its price should also be reduced.

I have been using this solution for more than 15 years.

It is surely stable.

It is scalable.

I have not interacted with their technical support.

Its initial setup is not straightforward. No identity management solution is straightforward.

It is a costly solution. Its cost, for sure, should be reduced.

If you want to use a non-Microsoft application, then, for sure, go with SailPoint, but if your use cases are only using Microsoft applications, then go with Microsoft.

I would rate SailPoint IdentityIQ a seven out of 10.