Anonymous UserDirector, Global Identity and Access Technologies at a financial services firm
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording."
"The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."
"The implementation is quite easy because the documents are always online."
"The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."
"The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager."
"BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."
"What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
"Even without any customization, if you install it, configure it, it's ready... It's very powerful. Without any customization, it starts working."
"The company policies feature is really good because in workflows you can check whether the policies are all working."
"This solution has helped to increase employee productivity when it comes to provisioning users in our systems. This solution has been really been effective with our retail workers. It wouldn't be possible to onboard and manage our 40,000 store employees without it. The management of the solution is pretty automated."
"It's a huge toolkit, and you can do a lot of stuff with it. You can extend nearly everything, so if you want to build something that may not have been though of by the vendor. Compared with other distributors who design their products to certain specification, you can put in your own processes, because not all companies function the same. You can write what you want, and the process should be like that."
"With this product, we been able to bring together HR, IT, and lifecycle management. It is very helpful for managing the Joiner/Mover/Leaver process. We also use it for compliance on all the audits which are around."
"The tool is like a big Lego in which you can use the parts that make sense for your organization."
"For the recertification and segregation of duties, it's easier to know all the information about our employees. If we need to delete some information, we can do it from a central point, then it can be deleted on all our searches. This is very good for GDPR."
"We no longer keep users who shouldn't exist."
"The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does."
"Their technical support could be more responsive and helpful."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"One Identity has a self-service portal but many customers need a helpdesk where they can go in and request. To make that happen we need to do a lot of customization. Maybe that could be improved..."
"They could make the product more user-friendly. It takes a lot of work to build technical and business cases with the product. The solution is more complex than you think to use."
"They could improve the support. Sometimes, you make a service request and don't get an answer. Then, sometimes, we don't get a response that we want, and it's frustrating."
"The technical support is non-existent. It is not worth talking about."
"The product is quite scalable, except for the database which is not highly available. This is where scalability could be improved."
"I would like to have more extensive out-of-the-box reports."
"The initial setup was quite complex because you run into some existing policies that the company already had. There was some trouble with some inconsequential policies."
"It would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes."
"This solution is expensive compared to its competitors."
"There are old processes that are really great for some people and look like pieces of artwork. However, the maintenance of them is really expensive."
"The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price."
"We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support."
"It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation."
"We are paying for premium support, which is expensive. However, we do receive very good, fast support."
"It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things."
"It has helped to reduce customer costs."
"We are using a self-built solution. It would cost too much to get that up to the standard of what we need. In the long-term, it is cheaper to buy a solution that has what we need. Though, we are still running the previous solution, as we are still in the implementation phase."
Earn 20 points
BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.
Key Solutions Include:
-ENTERPRISE PASSWORD SECURITY
Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.
-ENDPOINT LEAST PRIVILEGE
Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.
-SERVER PRIVILEGE MANAGEMENT
Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.
-A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS
Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.
Learn more at https://www.beyondtrust.com/privilege-management
One Identity Manager helps you mitigate risk, secure data, meet uptime requirements and satisfy compliance by giving your users access to data and applications they need and nothing more. IAM can be driven by business needs, not IT capabilities. With Identity Manager, you can manage user identities, privileges and security across the enterprise, putting you in control of identity management and taking the burden off your IT staff.
BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management with 7 reviews while One Identity Manager is ranked 1st in Identity Management (IM) with 31 reviews. BeyondTrust Endpoint Privilege Management is rated 7.4, while One Identity Manager is rated 8.0. The top reviewer of BeyondTrust Endpoint Privilege Management writes "A stable, scalable, and easy-to-deploy solution that can track malicious use or send analytics to a host". On the other hand, the top reviewer of One Identity Manager writes "Enables us to automate SOX recertification, saving a significant amount of time". BeyondTrust Endpoint Privilege Management is most compared with CyberArk PAS, Thycotic Secret Server, CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine) and Centrify Privileged Access Service, whereas One Identity Manager is most compared with SailPoint IdentityIQ, Cisco ISE (Identity Services Engine), CyberArk PAS, One Identity Active Roles and OneLogin Workforce Identity.
See our list of .
We monitor all Privileged Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.