I have used a similar solution, but it was closer to a desktop password manager kind of tool. It was made by IBM and it was something you could actually install on your desktop and manage your passwords around that.

Later on IBM developed the tool into something more enterprise-oriented, and it turned into what we would classify as a privileged access management solution. But otherwise, CyberArk was probably the first fully-fledged solution in this sphere that I have used.

This was an initial implementation to meet the regulatory requirements of a federal customer.

Prior to the implementation of the CyberArk Privileged Access Manager, the security operations utilized unencrypted spreadsheets to store privileged passwords, which became a POAM when discovered during a routine security audit.

I did not previously use a different solution.

The company was probably using LockBox before using CyberArk Privileged Access Manager, but I'm not sure about that.

I did not previously use a different solution. 

I've used Thycotic and Hitachi HiPAM, and we've used some custom in-house build solutions.

The reason we switched is that Thycotic opened up the door to that possibility when we talked about pricing. The price came out to be something similar to what we were spending. We were basically going to have to redeploy the whole Thycotic solution to get what we needed, and that opened it up for us to evaluate the landscape.

I have not worked with a solution with a focus explicitly for PAM.

We weren't using anything before. 

I have been working with CyberArk and with the CyberArk teams for years. They have been able to adapt the solutions that they have developed or bought. They have grown a lot with the acquisition of different companies. They have been able to adapt them, make them valuable, and helpful.

We did use Delinea, formally Thycotic. That solution is really good, however, not fully secure. CyberArk is a more secure product - much better than Thycotic. Thycotic may be better in terms of its admin-friendly interface and integration, however, CyberArk offers more than vendor integration. It has massive integration capabilities.

Our previous solution was not a PAM solution and these days you can't afford to not use one.

We previously used BeyondTrust.

We had clients who had quite a lot of SAP systems, something like 900. At first, their change management practice, i.e., the changing of the administrators' passwords was not so frequent, e.g., once a year instead of once a month or every two months. Their password management was usually done by storing those passwords on an Excel. Therefore, if they needed to connect to a system, they had to access the Excel file to find the machine and accounts to then receive the passwords for access to the system. This was unwieldy since they needed to look through an Excel spreadsheet with more than 900 entries. This is also not very secure since you have an Excel file with a clear password on your workstation. 

I can't speak to what solutions, if any, we used previously. 

We did not use a different product. We had an in-built vaulting system for managing our own credentials. We've been a CyberArk customer for a while. We had the document vault. Privileged Access had just come out and CyberArk was one of the easiest choices we could make at that time. That's how we decided to go with it.

I have not used other solutions.

With data breaches and ransomware becoming the standard that companies now face, a more elegant solution was desired from standard network and physical security. Accounts that can be found or socially engineered out of people has been a long-standing tradition for criminals and bored teenagers. Reducing the window any account can be used provides a more secure network.

I was previously using MEGA HOPEX.

We previously had Hitachi ID PAM. We switched to CyberArk because of the features and interface, where there is a bit of distinct difference between the two solutions. Though, the architecture is the same.

No, we used no other services/software previous to EPM.

I’ve never had experience with any other vendors.

I have worked with Thycotic before. It is not user-friendly, although it has changed a lot.

Implementation was really hard, and the reporting was not as good as the users expected. In comparison to CyberArk, Thycotic was not better.

Other than the regular Password Manager, they didn't have any real solution. They chose to look into CyberArk because it is a good security practice to have accounts automatically rotate and secure remote connections.

We didn't previously use another solution.

We had no PAM program when I came to this company.

We did not have a previous solution, because we have always had admin rights. In fact, we did a proof of concept in CyberArk, version 1.

We needed something to manage the endpoint and to be able to empower the user. By far from not only a user's perspective on what they would be able to accomplish, but from the person who has to design the policies, it was the best. It was like working in MS-DOS compared to Windows 10. 

I've never used another solution that would have the same or similar capabilities.

We previously used One Identity.

It sort of was implemented with One Identity Manager when Identity Access Management came into the picture. In early times when there was simply Excel as an identity access manager, and then there was nothing basically. Once there was the onset of proper identity access management without in-house custom tools or proper streamlining process, this solution was added. Initially, One Identity was sort of used as a Privileged Access Management also. However, soon they realized that it lacked in a lot of places for Privileged Access Management. That's when we went to CyberArk. That was way before my time.

We were using the Centrify solution for managing UNIX apart from CyberArk. However, the scope of the Centrify solution is not as wide as the CyberArk solution.

We were using KeePass before we got CyberArk, and I can't imagine trying to manage the number of accounts and credentials we have today, and the number of systems, with something like KeePass. It would be a nightmare.

We switched because of the scale of where we were going. All of our infrastructure passwords, prior to three-and-a-half years ago, were decentralized. The people who worked on a particular system managed the passwords for that system in their own particular way. There was no across-the-board system. There was no standard regarding these having to be encrypted versus those. Everybody came up with their own way of handling that. We tried to implement some standards during the years leading up, but they were not mandatory. So people ended up just doing what they wanted to do.

Now, with CyberArk, there is a mandate from upper management that we all use this tool. All the credentials go into it and they are all encrypted. Eventually, everything, 100 percent or as near 100 percent as we can get it, will be under full management.

In terms of criteria for selecting a vendor, from my perspective, I like to be able to find someone who can speak to me on a somewhat technical level and help me work through technical issues. But I also want them to give me a vision of things, the roadmap or other products and other things that are available, without getting too much of a marketing pitchor sales pitch. I don't mind a little bit of that. I know that's important. But at the same time, I don't just want a slick sales presentation. I want to know the technical end of how does this really work? I want to be able to have some vision as to how we might implement that. Not just what it can do for us, but how would we actually go through the machinery, go through the work, to make it work for us.

It's always good to have a vendor that can provide resources, that can speak to someone like me on a technical level, and that can help me work through issues, whether it's lack of experience or just lack of knowledge in a certain area; a vendor that can help me work through some of those situations and get me to where I need to be.

We were not using a different solution before CyberArk.

We started out with CyberArk. When we started to look into using a PAM solution they were the leader in the space (and still are).

We didn't use another solution before we bought this one.

We did not use a PAM product before this.

We were previously using Excel spreadsheets. We changed because of audit requirements, but a lot of times it will due to usability. We understand that having our password in a spreadsheet is a huge vulnerability, so it is one of the things that made us look for a solution to manage those credentials, and create automated workflows around it for audit requirements.

I have had experience with CA PAM. That's the only other password vaulting technology that I've used so far. I've used SailPoint IdentityIQ, but that's not really password vaulting. Apparently, there is a partnership growing that allows you to provision CyberArk through SailPoint, which I worked on with the CDM project - and it was a headache last year. So I'm excited about the new CM technology that they have that's allowing for that integration, but other than that, I haven't really done much.

We did not use another solution before CyberArk.

The big thing that was a catalyst for us to look at CyberArk was the Anthem breach that happened back in 2014 or 2015. Being a healthcare organization, our executive leadership realized that we are a big company. We are not immune to these sorts of attacks either. We have got to get something in place. Being best of breed, we turned to CyberArk for that. Again, it has been a fantastic partnership, and has both ways; we've been able to help them. They have been able to help us quite a bit as well. 

I started my career with Quest TPAM (now Dell TPAM) and also worked on BeyondTrust, CA PUPM, ARCOS, etc. BeyondTrust and ARCOS were introduced in market at that time. These tools are good but doesn't seems to be user friendly as CyberArk PAM. These solutions are bit complex to implement, configure and usage. Even if these tools have some good features which keeps them running in market but one feature in which all these tools are beaten up by CyberArk is User Friendly.

Users are more confident in using CyberArk, more convenient in installing and deployment and easier to customize as per client requirement.

We did not previously use another solution.

We did not have a previous solution. We have always used CyberArk. 

From a risk landscape, we knew that privilege accounts were where attackers were going, doing lateral movements. These are keys of the kingdom which protect those, and that is why we focused in this area.

We were previously using HPM.

We did not have a previous solution.

We were lucky to have a board of directors who really embraced security. With their support, we were able to establish the need for a PAM solution. 

Before CyberArk we had a number of solutions, CA and IBM products, but CyberArk meets our requirements regarding application password management.

This is the first PAM product that I have used.

No previous solutions were used.

I have used Balabit and One Identity prior to using CyberArk Privileged Access Manager. I found that CyberArk has more integration out of the box with other solutions and it solves a lot of problems for customers if they have different solutions.

Yes, we decided to change to CyberArk in line with our strategic intent to provide as safe a central and customer environment as possible.

No, we haven't used any other solution.

I did not previously use a different solution. I have always used CyberArk.

Since I started, it has always been CyberArk.

My company did not previously use a different solution. My company has had CyberArk in their portfolio for more than 10 years now.

Never used a different solution.

We didn't have a previous solution at the time.

We did not have a previous solution.

I saw customers using another product for their privileged accounts. Due to its limitations (e.g., on password and session management) and stability, they decided to switch to CyberArk.

I did not previously use a different solution.

Most customers using a different solution switch to CyberArk because CyberArk is more user-friendly than its competitors and have more plugins compared to the others.

We did not use any previous solution.

No Previous PAM solution used.

Initially, we were using the CA ControlMinder. There were many issues with this solution, mainly in regards to no proxy solution and poor performance.

No.

We did not previously use another solution.

Haven’t use any solution prior to CyberArk.

I was part of the PIM product evaluation team at my previous organization. I stayed with CyberArk because is it's extremely easy to implement, and very stable when implemented with well-thought-out planning and experience. It has all of the required features for a PIM product, it does not have dependencies on third-party products for it to function and it is clientless.

I did not previously use a different solution.

We did not use a previous solution. Basically, we helped a telecom to migrate from a standard .XLS with accounts to CyberArk.

I have also worked with Thycotic, until the completion of the project.

I didn't use a previous solution.

No, we didn't use any.

We moved from version 8 to Version 9.