Rodney DapilmotoSystems Admin Analyst 3 at CPS Energy
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"The technical support is good."
"The most valuable feature is Special Monitoring."
"The most valuable aspects of the solution are the integration with external websites one-factor authentication."
"This solution allows us to do the provisioning. Also the most important for us is the ability to enable and disable features to employees as they onboard and offboard."
"Enabled MFA to access federated applications as well as increased user satisfaction through improved provisioning times and more reliable processes."
"The ease of deployment, ease of use, and speed of delivery is what I like about Okta Workforce Identity. It is very easy to use. For a lot of software, you need to be trained extensively and have a very technical background. Okta Workforce Identity is quite simple. You can integrate any software into Okta. They've got a network of 7,000 applications that easily integrate into it."
"Having a single sign-on to all our applications."
"The MFA part is the best. MFA provided most of the security that we were looking at with respect to the second level of authentication. Okta Workforce Identity provides a number of options with respect to multifactor authentication, such as the app, phone call, and text. These options provide different ways of logging in for users, and they were a lot more than what we needed. This is certainly a very good feature of Okta Workforce Identity."
"The most valuable features are ease of operation and visibility."
"Its simplicity and its integration with various vendor-agnostic platforms are the most valuable features."
"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."
"The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."
"There is a bit of a learning curve, but it's a pretty complex solution."
"It needs better documentation with more examples for the configuration files and API/REST integration"
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"The authentication port is available in CyberArk Alero but not Fortinet products."
"The solution lacks an on-premises deployment model so it can't offer a hybrid solution. It would be ideal if clients had options that weren't just cloud-based."
"I don't know if it is possible to make it simpler to use or simpler to understand, but that would be the most important thing to improve."
"SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service."
"It would be pricing, which is a tough one because it goes against Microsoft. A lot of companies say they're a Microsoft partner, and they get all their software for free. Okta is like a luxury product, and it's not the most affordable one. I would say if they could work on pricing, it would help. Other than that, they've done great strides in developing a product that is really good. The companies that do see the value tend to invest in it."
"You can't hide the device when you're checking logs."
"They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time."
"The integration with third-party tools needs to be improved."
"It can have more API integrations."
"I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
"Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
"It could be a bit too pricey for small companies. Okta Workforce Identity can add a lot of benefits, but smaller companies may not have a lot of applications that need to be managed by Okta Workforce Identity. In larger organizations, there are more departments, applications, and users to manage. Okta Workforce Identity adds a bit more value to those bigger organizations. In addition to standard licensing fees, there are also additional costs for things"
"License is around US$20,000 annually."
"I believe it competes well. The pricing is pretty competitive. I know that Microsoft also provides something similar with its MFA and identity services."
Earn 20 points
CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
Okta is an enterprise grade identity management service, built from the ground up in the cloud and delivered with an unwavering focus on customer success. With Okta, IT can manage access across any application, person or device. Whether the people are employees, partners or customers or the applications are in the cloud, on-premises or on a mobile device, Okta helps IT become more secure, make people more productive, and maintain compliance. Okta is an on-demand identity and access management service for web based applications, both in the cloud and behind the firewall.
CyberArk PAS is ranked 1st in Privileged Access Management with 12 reviews while Okta Workforce Identity is ranked 1st in Identity and Access Management as a Service (IDaaS) with 9 reviews. CyberArk PAS is rated 8.8, while Okta Workforce Identity is rated 8.6. The top reviewer of CyberArk PAS writes "Provides simplicity and ease of implementation for the right level of security controls". On the other hand, the top reviewer of Okta Workforce Identity writes "Good product with ease of deployment, ease of use, speed of delivery, and easy integration with other software". CyberArk PAS is most compared with BeyondTrust Endpoint Privilege Management, Thycotic Secret Server, Azure Active Directory, Cisco ISE (Identity Services Engine) and Centrify Privileged Access Service, whereas Okta Workforce Identity is most compared with Azure Active Directory, Google Cloud Identity, OneLogin Workforce Identity, Auth0 and LastPass Enterprise. See our CyberArk PAS vs. Okta Workforce Identity report.
See our list of .
We monitor all Privileged Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.