What is our primary use case?
The primary use case for this solution is implementing them at the customer site, according to the customer's business needs. E.g., certain customers needs an attestation case.
The reason for implementing this solution is the need to become somewhat more in control. There is also the ease of use for connecting products to target systems, like an Active Directory or Exchange.
How has it helped my organization?
I had an organization which had no idea of their user accounts and who owned them. It took me two weeks, and out of those two weeks, most of the time was spent waiting for the user accounts to connect to the Active Directory. Within two weeks, we knew exactly how many orphaned accounts that they had. This was a huge deal for the customer. They never realized that within such a short time frame that they could be able to better view their Active Directory, who owned which account, and how they could start cleaning it up. This is a very basic feature within the product, but to the customer, it is a huge leap.
What is most valuable?
The policy and role management features are superb. If you have a customer who is willing to go somewhere with role management, then the possibilities are endless with the product. It is well-structured, and the architecture is well-defined. I am quite content with it.
The solution is flexible. It is based on modules. Depending on the customer's needs, you can implement the different modules, which are accompanied with it.
What needs improvement?
I would like better integration with cloud apps, but I just learned this week that there is already a pretty advanced cloud integration. So, what I would like to see is already implemented, but I just need to start using it.
When I first started using it, way before version 7, the manual wasn't comprehensive.
The UX design needs improvement, but I have noticed that people are working very hard behind the curtains to make sure that UX is designed in such a way that the end user is going to have a much easier time using the product in future releases. My ideal was a product designed by IT guys with an IT guy mindset, not without realizing thousands of people in an IT portal would be using the product. Therefore, it took my customers many hours to find the correct links to order something from the IT shop, but I know One Identity is working very hard to improve this as well. If they could improve the UX within the Manager tool, this would be another huge upgrade in just lowering the learning curve of how to use the product.
What do I think about the stability of the solution?
If well-implemented, the solution is extremely stable. What I have been confronted with is I am usually joining an ongoing project, which has been implemented quite messily:
- The basic features of the product usually aren't used.
- Customization is too spread out, and in a very inefficient way, making the product very unstable.
It should be implement with the out-of-the-box features. When used with its features, it is extremely stable.
How are customer service and technical support?
With the technical support, I create a case, then within a few hours I receive a reply. So, I'm very pleased with the technical support. However, some features aren't supported. It is based on your own risk, which I can accept, but I would be happier if they would provide me some additional information about them anyway, e.g., deleting tables or columns.
How was the initial setup?
You need a bit more knowledge than with the One Identity Manager product. You also need to be knowledgeable about servers and IIS servers for the web server. However, if you just follow the manual, you will get very far. Sometimes, you just need to Google somethings.
The SAP integration is extremely easy. The first time that I used it, I picked up the user manual, and typed in some user account system clients and passwords, then I was connected. It doesn't get any easier than that.
What about the implementation team?
Once you are past the learning curve of the product, the most valuable feature is the ease in which you can implement the product.
What was our ROI?
It has helped to reduce customer costs.
For the customers that I have worked with, this solution has helped increase employee productivity when it comes to provisioning users. For example, if someone joins the company, then someone else will need to realize a member has joined the company. They need to create a ticket or call someone they know within the Active Directory team. This usually takes at least three to four weeks before they are able to make someone work efficiently. With One Identity Manager, within a few months, you can reduce four weeks time to a few days or even hours.
What's my experience with pricing, setup cost, and licensing?
It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things.
What other advice do I have?
It isn't that hard of a product to use. It's actually very easy to set up. Your business case is much easier than you think, forget the word complex. Just use the product as it is meant to be used, and it will make your life easier. It will also make your customers much happier, reducing the time to implement something or making the company grow.
I have done some basic SAP integrations just using the out-of-the-box connectors. After connecting it, the customers with their own technical teams go in and clean up SAP.
The customers that I am working with haven't moved to the cloud yet or are just starting move to the cloud. I am pleased to see many steps are being taken to make cloud integration much easier from version 8 and up.
I am interested in finding more out about the privileged account governance features.