Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager.
The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager.
The implementation is quite easy because the documents are always online.
The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file.
I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording.
I'm a BeyondTrust partner and I have multiple deployments, four or five banks right now. The features that give us quite an edge compared to what our competitors are offering - like IBM or Thycotic - are the Session Management, that is quite a big one; also the recording of keystrokes. In addition, there is the password vaulting and state-of-the-art Password Management, which I haven't seen in other products.
It scales easily and the product is stable.
Reduces major vulnerabilities by removing local administrator privileges.
The short version is that we gained significant insight into the issues of access governance. This allowed us to turn an auditing nightmare into praise from our auditors.
It gives the best user experience, enabling us an overview of all user entitlements.
This solution is better on the IT personnel, because now they spend less (or almost no time) managing user rights.
The most valuable feature for me is the built-in security, which is the best that I have seen.
The connection with multiple systems is what makes it flexible. We can create the accounts flexibly, enabling access to other systems. In addition to Active Directory, it can extend to SAP, to Salesforce, to Office 365, etc.
Nobody has to put people in AD groups by hand anymore. It goes automatically and that's very good. It's also very flexible. It's quite easy to customize and we have customized it a lot.
For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems.
This is almost a complete solution for us.
The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does.
The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process.
The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features.
The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers.
It should support XWindows Remote Desktop Access protocol for Linux/Unix.
It only has limited support for Mac.
The support team could be improved on. The first level of support essentially looks up knowledge base articles and often can't provide the answer needed.
The initial setup was complex. We have a lot of different systems. The journey from implementing to joining all the systems was difficult.
The performance could use improvement. Sometimes synchronizations take too long.
A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory, on the fly.
More integration with SAP and with the internet of things would be good. We also have system devices that we could manage as identities, so that would be a feature to add.
One of the things we would like is the ability to have more than one system role manager. That would be nice. For example, when people are on vacation, sometimes it gets a little hard to administrate system roles.
The system role manager, or some of the roles that are inside Identity Manager, are limited to one user. It would be more flexible if these responsibility roles could be attached to many people.
It should be able to give a client version of the product, rather than just a web-portal.
Pricing and Cost Advice
This solution is expensive compared to its competitors.
What BeyondTrust was providing was user-based licensing which was a great benefit from the client point of view. Recently, I don't know why, the licensing model has been changed, and that is the reason that they have lost a bit of their edge when it comes to the PAM, against our competition. The asset-based licensing, from the user's point of view, is not beneficial. The licensing should be based on the users. The greater the number of users, the greater will be the load and the greater the scalability problems. I presume that is why the licensing model has changed.
PowerBroker for a Mac client is three times the price of the Windows version.
There is a one-time licensing cost, and there is also a yearly subscription fee.
It's costlier that some other products, and there is nothing that fits every solution.
We are using a self-built solution. It would cost too much to get that up to the standard of what we need. In the long-term, it is cheaper to buy a solution that has what we need. Though, we are still running the previous solution, as we are still in the implementation phase.
It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things.
It has helped to reduce customer costs.
We are paying for premium support, which is expensive. However, we do receive very good, fast support.
It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation.
We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support.
out of 32 in Privileged Access Management
Average Words per Review
out of 61 in Identity Management (IM)
Average Words per Review
Compared 56% of the time.
Compared 11% of the time.
Compared 5% of the time.
Compared 17% of the time.
Compared 15% of the time.
Compared 10% of the time.
Also Known As
|BeyondTrust PowerBroker, PowerBroker||Quest One Identity Manager, Dell One Identity Manager|
The BeyondTrust PowerBroker Privileged Access Management Platform is an integrated solution that provides visibility and control over all privileged accounts and users. By uniting capabilities that many alternative providers offer as disjointed tools, the platform simplifies deployments, reduces costs, improves system security, and reduces privilege risks.
One Identity Manager helps you mitigate risk, secure data, meet uptime requirements and satisfy compliance by giving your users access to data and applications they need and nothing more. IAM can be driven by business needs, not IT capabilities. With Identity Manager, you can manage user identities, privileges and security across the enterprise, putting you in control of identity management and taking the burden off your IT staff.
Learn more about BeyondTrust Endpoint Privilege Management
Learn more about One Identity Manager
|Aera Energy LLC, Care New England, James Madison University||Texas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies|
Software R&D Company30%
Comms Service Provider29%
Financial Services Firm39%
Software R&D Company30%
Comms Service Provider13%
Financial Services Firm8%