How has it helped my organization?
Implementing CyberArk is not only "rolling out" a tool. It also will force the company to have a good look at the access management strategy, improve security processes and clean data. Implementation of CyberArk will increase the insight the company has in their access management implementation.
What is most valuable?
The password management component (CPM) is the most valuable. This enables companies to automate password management on target systems gaining a more secure access management approach.
Another major component is the PSM, which enables session recording and provides additional possibilities to securely connect to target devices.
What needs improvement?
Allthough it's highly configurable, the user interface could use a do-over. The current interface doesn't scale that well, has some screens still in the old layout, while others are in the new ones and consistency in layout between pages sometimes is an issue. As I understand, this is scheduled for version 10.
What do I think about the stability of the solution?
If there are stability issues, most of the time this relates to the companies infrastructure.
What do I think about the scalability of the solution?
CyberArk is highly scalable. Depending on the companies infrastructure, the size of the CyberArk implementation can become quite large.
How are customer service and technical support?
I rate support 7/10. Technical knowledge of the support staff is good. Sometimes it is a lengthy process to get to the actual answer you require. One the one hand, that is because lots of information is required (logs, settings, reports, etc.). On the other hand, the support crew sometimes answers on questions that we did not ask.
Which solution did I use previously and why did I switch?
We did not have a previous solution.
How was the initial setup?
The installation manual is quite straightforward and extensive. There also is an implementation manual to support the function implementation. The installation requires specific hardware which sometimes might not fit the standards within an organisation. Over the last few years the documentation has improved hugely. Of course, there is always room for improvement, but I guess this is one of the better ones in the IT field.
What's my experience with pricing, setup cost, and licensing?
I do not have anything to do with pricing.
Which other solutions did I evaluate?
I was not involved in the acquisition process, but I know that sometimes a Hitachi solution is considered.
What other advice do I have?
Do a detailed assessment of your requirements before you invest. Map the requirements to the functionality and go just that step deeper in the assessment of whether the tool fits your needs. Keep in mind that, although CyberArk is highly configurable and provides lots of functionality, it still is an out-of-the-box solution and customization is limited in some ways.