One Identity Safeguard Primary Use Case

Cody Engelman
Expert Systems Architect at Tempur Sealy International, Inc.
There are two parts to Safeguard: the sessions recording part and the password management appliance. With the password management appliance, we have been using version 2.10. For the sessions recording, we started off with version 6.2. It has new additions and updates which have come out, thus we've upgraded. Currently, we are up to version 6.5. We are doing a sessions recording for all of our UAT and production servers. Therefore, if something breaks/happens or there's a change during the day without the proper change control mechanisms, we can determine the session by pulling the last session on the box and finding out who did what. Then, for the password part, it is used to consolidate enterprise-wide all our passwords for our 2000-plus server accounts. We have five physical alliances for the password part. Then, for the sessions recording, there are three virtual appliances. We went with these particular versions because they were the latest and greatest. I like to keep things updated instead of dragging stuff out, which is how people get stuck with legacy devices unable to upgrade or with no upgrade path available. View full review »
VP Risk Management at a financial services firm with 1,001-5,000 employees
The three main use cases that we have are: * Ensure our human and non-human privilege accounts are locked up in a password vault. * Have workflows to handle the major types of usage, such as break glass and business as usual. * Changes in usage of the credentials are tied into approved change requests. These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password Vault. Last Fall, we went group by group and revised their accounts. We took away any type of privilege account that they had, ensuring that all of these accounts were then migrated to the Vault. They could then check out passwords to facilitate any type of privilege activities they needed to do on behalf of the bank. We use virtual appliances for this solution, which made sense for us, especially if we will plan to perhaps migrate to the cloud. Right now, it's all virtualized on-premise. View full review »
Information Security | Cybersecurity | VP, Cybersecurity Manager at a financial services firm with 1,001-5,000 employees
We started with administrative use cases and we were able to take control of all the local administrator accounts for endpoints and servers. We then started controlling privileged accounts for our domain administrators as well as for any kind of privileged account that had access to our switches, routers, and the like. This year we're looking at taking control of all of the servers and application accounts. But that's going to be a longer journey for us because there are a lot more of those accounts, and there is a lot more testing that needs to be done because of the nature of the accounts. Another use case this year is integrating Safeguard into the SQL database, so we can start taking control of the SA accounts within SQL. Furthermore, we have a use case where we are using Safeguard to manage the account for our IIGA solution, which is our identity governance solution. When it creates new users or transfers or terminates users, it's using a privileged account that is being handled by Safeguard. We have a lot more use cases but these are enough to give you an idea of how we use it. View full review »
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,141 professionals have used our research since 2012.
Director of Information Security at a healthcare company with 1,001-5,000 employees
We use it primarily for our IT team, so they can access our production and pre-production environments, to have better accountability. They have to create a ticket, check it out, and then they have to get approval from our approvers group. So there's accountability from beginning to end, and we also record the sessions. View full review »
Chief Information Security Officer at a financial services firm with 51-200 employees
Our company is regulated by the central bank in our country. There are about 4,000 employees in our organization. Our main need was to reduce the operational cost of our department by increasing the window of operations to 24-hour rather than have office unemployment. We are now digitizing the access control function through One Identity. Whoever forgets their password can reset it on their own rather than reaching out to the security desk. Whenever we have a new employee, we found that it was taking at least two days to get them a username or access to the system. Now, once they are logged into the organization and are registered on our ERP system, their complete access will be ready within five seconds. They will receive an SMS with their username and password so they can start working. This has increased efficiency and effectiveness of the access control function. It has reduced operational costs as well as providing services 24/7 with a platform that can be used anytime and anywhere for investigation in case we have a requirement. We use the physical appliances, as they are more reliable. Around the world, dedicated appliances are more reliable than having a virtual version/copy. We went with the physical appliances because they are dedicated and closed like a black box. However, we haven't reported any misses with the virtual version. View full review »
Martin Ajayiobe
Senior Vice President (Infrastructure Systems/Information Security) at MAXUT
With Safeguard, there are two virtual appliances. There is one that helps you manage passwords and then there is another one that helps you record the sessions. You can configure it to record whatever you do when you make the remote calls. We use this solution for a bank. My current project is to onboard all the bank's security assets onto Safeguard. It will be used for admins to have secure access to the server. View full review »
Edouard Camoin
Chief Information Security Officer at Outscale
We are using the virtual appliance. We are a cloud company working widely with virtualization. We provide virtual machine to our customers. When we deploy a new solution, we try to use our system to show our customers that it works for them. That is why we are using a virtual appliance which validates the usage. For now, we are using it for traceability of access inside the platform because we are a certified company: ISO 27001, SecNumCloud, HDS... We use this solution to monitor the session of our administrator and also to capitalize on incidents. When you have an incident in the night and our Level 3 people are working on it, they don't have the time to document all they do on the platform. The main goal is to have the service up as fast as possible. We are now recording the session, and the morning after the incident, we can see the session and understand what has been done to resolve the incident. We are using the latest version of Safeguard. View full review »
Alexander Pirogov
Head of Department of Technical Means of Protection at BrokerCreditService
We use this solution to control the access of privileged users, such as application administrators, to the internal network. This solution allows us to record and log user sessions. We use virtual appliances on the VMware platform. The virtualization of such services allows us to flexibly scale our hardware configuration and gives significantly more opportunities for building a stable structure. View full review »
Cedric Jolivet
Identity & Access Manager at Reist Telecom Gmbh
We primarily use One Identity Safeguard for Privileged Sessions (SPS) for managing our customers' access to their critical systems. View full review »
User with 10,001+ employees
We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI. Some of the data are transferred to our SIEM solution. For the moment we use the product for RDP and SSH sessions. We are going to use it for Citrix farms also in transparent mode. View full review »
Stephen Fleming-Unger
Security Consultant at Controlware GmbH
The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally. View full review »
Sergey Smirkin
Head of Information Security at a financial services firm
The primary use case for our One Identity Safeguard solution is to optimize security across private accounts, accounts which can be secured upstream and downstream. The solution enables us to implement encryption protocols across channels. It is designed so that depending on the cryptographic case, different policies can be applied in correlation. View full review »
IT Security Consultant at a tech services company with 11-50 employees
We primarily use the solution for managing and monitoring privileged users, both internal and external. View full review »
IDM Architect at a tech company with 10,001+ employees
We use Safeguard for privileged sessions. It's primarily used as a solution for accessing our production environments. View full review »
Security Engineer at a tech services company with 201-500 employees
We primarily use the solution to manage passwords. View full review »
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,141 professionals have used our research since 2012.