SAP Information Steward Review

Great for collecting, monitoring and planning storage capacity; functionality could be improved

What is our primary use case?

Our primary use case of SAP is for data governance, access management, and historical reporting. We're a global enterprise company that uses multiple solutions. We have about five or six of them in place right now, some of which are direct competitors to SAP. 

We are customers of SAP and I'm the information protection senior adviser.

How has it helped my organization?

The product has improved company efficiency because we're able to categorize the need for user access at the folder level across storage enterprise wide.

What is most valuable?

The most valuable feature is the ability to collect information from devices, to monitor user access and to plan storage capacity upon those devices.

What needs improvement?

I would like to see the granularity of the configuration reduced from a global or an application level to the object level, together with the ability to archive data retention and make reporting and indexes faster. I'd also like the ability to get inside the individual information collections on a more specific level and to get information directly related to a topic. They currently have BIRT, a business information reporting tool and I'm forced to use that to extrapolate information unless I want to go through the command line which has very poorly documented access. They put out a syntax and then you have to experiment to figure out how it actually works. 

One area of improvement would be the documentation on the application, its third party dependencies, and the functionality of the command line features. I think improvements could be made in performance. I have some situations where I can throw more resources than the application can handle, and I will not get better performance. The issue is that indexing is single-threaded so I'll never be able to make one thread faster. If it could be done in parallel threads, it would all be more efficient. With a date timestamp I'm limited to a single thread, those are the limitations in the threading model of the application. The threading model creates bottlenecks all over the application. 

For how long have I used the solution?

I've been using this solution for nearly two years. 

What do I think about the stability of the solution?

I currently have a support case open for four indexes that are failing miserably out of tens of thousands, so the percentage rate is very small. The degree to which that's a problem for me is massive in those four cases. To rate the functionality that we're seeking and the ability for the application to perform, with appropriate resources and access points to the objects that I'm trying to scan and track, it's quite reliable.

What do I think about the scalability of the solution?

The scalability is limited by single-threadedness, and by the ability to keep data over a longer period of time. They use sequel-like databases, which is a flat file database that's non-relational, and therefore slower in querying or pulling data back. It's faster in committing data because whatever the last line is, it adds one and commits the next piece of data. If I'm manipulating or modifying data, it uses the half by half model of indexing. If I never get rid of my data over time, that's a severe limitation and if I continually expand that index, it becomes unmanageable at some point. 

How are customer service and technical support?

I am the technical support for this solution in the company and I constantly engage the solution's technical support. My position is unique since I trained most of them, including their back line and I know more than the current technical support at SAP. In some cases they do well being able to navigate their internal systems and gaining access to the engineering, or the customer focused team, to get answers. And in some cases they have given extraneous or erroneous information, which is completely useless. I'm not sure that somebody who doesn't know the application well, would be enthralled with their support. I'm not.

How was the initial setup?

Some components in the solution require manual installation, and some allow for push installation. Depending on what I'm installing, I will push installs, updates and upgrades across my environment so I don't have to install manually or locally. Dependent upon the environment there will be different domains with different rights that force me to use an external user versus a user with access to the enterprise. I might be required to access other departments or other users to get their administrative access. Functionally, if I had complete access, I could do the deployment with one person. It would likely be an IT administrator implementing the solution. 

Deployment time depends on what I'm deploying. If I'm pushing out to hundreds of nodes across multiple domains, I could anticipate it's going to take hours. If I'm going to install locally to those same nodes, then potentially I would do them in batches, and it could take weeks. The deployment or upgrade of an individual node takes around 15 to 20 minutes, depending upon the resources in the machine.

What was our ROI?

I'm rarely involved in ROI assessments, but I would venture to say that in general, returns are in direct proportion to cost. If I was measuring them as a layman, I would say that generally, over the lifetime of an application, ROI is exceeded many times, otherwise most organizations would get rid of the solution.

What's my experience with pricing, setup cost, and licensing?

As a value proposition, the solution is an expensive one but the benefits of having it as a cost-benefit analysis to prevent intrusion, breaches, inappropriate access, is warranted. So I would venture to say that what they're offering is expensive but in long-term benefits, it's probably cheaper than having that information exposed through a breach or the wrong people internally getting access to it. There's a lot of value, although it's a very expensive solution.

Total cost is rarely just the cost of a license. There's also hardware, staff, the cost of a downtime window or a defect in the application so there are additional costs beyond the application itself. And that would be true with any application I've ever worked with in my 31-year career. 

What other advice do I have?

The key is to assess your needs and plan, plan, plan. If you plan in advance, you'll likely avoid the pitfalls of putting this kind of an application into production.

I rate this solution a seven out of 10. 

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about SAP, Informatica, IBM and others in Data Quality. Updated: June 2021.
509,570 professionals have used our research since 2012.
Add a Comment