Our customer is a public service organization with about 800 privileged accounts and 8,000 functional accounts. The client already has a relatively unadvanced identity management implementation. It's a request-based identity management solution. What we're doing now is getting better control of the privileged accounts and getting rid of the old technology. The end users don't know of an alternative. They are still subject to identity management through what is quite a large, manual process instead of process automation. For instance, the users do not have a self-service port where they can automatically get privileges they don't have today. Everything goes via the ITSM manual control workflow. It's the manual processing our client currently has that is what we are thinking of improving. The installation was not set up by my team, but our job is to focus on the most sensitive information assets and secure insights into how service and other infrastructure are managed through privileged accounts. After that, we will work on simplifying the everyday user experience. We work with just the physical appliances. It wasn't my decision. It was what the client already had. Regarding the form factor, just put it in a rack and it works. It's not an issue.
System Administrator at Shaare Zedek Medical Centre
Real User
Top 20
2023-09-28T14:35:00Z
Sep 28, 2023
We use the virtual appliance of One Identity Safeguard to enhance security when external support is logged into our internal network. This is because it is the riskiest situation when an external company logs into servers to provide support. We want to increase security and monitoring to minimize risk. We have better monitoring tools to help us achieve this.
Cyber Security Engineer at a financial services firm with 5,001-10,000 employees
Real User
Top 20
2023-09-28T07:33:00Z
Sep 28, 2023
I work for a bank, and we use Safeguard to manage access to our Internet banking services. We use Safeguard for two things: identity and access management and detection recording. We have our services onboarded on SysTrack doing RDP directly to the servers or station, and we use virtual appliances for collection. The solution covers around 150 users at this organization.
System Manager at a retailer with 10,001+ employees
Real User
Top 10
2023-06-28T11:45:00Z
Jun 28, 2023
Our administrators mainly use it to protect their different packages and access secrets through Safeguard, either by checking out credentials, using encrypted sessions, or utilizing the product's API. We are using a virtual appliance deployed in the cloud and on-premises.
Manager Engineering at a comms service provider with 1,001-5,000 employees
Real User
Top 5
2022-10-09T17:59:00Z
Oct 9, 2022
We have more than 1,000 servers or application servers, and we have several layers of teams. We have super admins, system admins, and operations staff, and we also have application vendors using the system. In such a large environment, it was really difficult for us to do identity management on a daily basis. We had new people joining the team, and we also had people leaving. We had to put in additional manpower to monitor these activities and comply with the regulations. That was the main reason we moved to automation with the One Identity solution. We are using their Privileged Account Management solution. We have virtual appliances. We don't have physical ones.
Professional Service Manager at a financial services firm with 501-1,000 employees
Real User
Top 20
2022-08-16T10:58:46Z
Aug 16, 2022
The first time I used One Identity Safeguard was when I was the manager of the infrastructure of Ayendeh Bank, and we are currently using it now at my present company. Our main use case is in security reviews for all of the change management and incident management services, and we also use it for the VPN connection for PAM. It allows us to review everything that goes on over the working day. For example, our third-parties who support all of our services, including network services (e.g. Cisco) and our Linux servers, are eligible to connect via the VPN, and through One Identity Safeguard, they are able to make contact with and use the various services. Our company works alongside various PSPs (Payment Service Providers), and our work here is mainly to prepare the software switch for them, and to handle the SLA for infrastructure maintenance services. Due to the nature of our work, we also use One Identity Safeguard for on-call and direct administrators whether they are in-house or external to our company. It is, in fact, the main tool for managing access for all the services. And because of that, I'm available for these companies 24/7 all year long. At present, we have around 17 direct users of One Identity who use it on a daily basis, which includes 10 people from my own department.
We use Safeguard to manage users when the client wants to record all discussions on an LDAP. The solution is deployed on a VMware ESXI because all our clients don't want a physical appliance. We average about 300 to 500 connections to Safeguard.
The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally.
One Identity Safeguard is used by administrators to access their devices. They will log in using identity management in order to secure the administrator's login.
Security Business Consultant at a tech services company with 201-500 employees
Real User
2021-03-31T23:34:00Z
Mar 31, 2021
We primarily use the solution to manage passwords and use for the RDP access. Our infrastructure is three SPPs and two SPSs. This is across 1,000 users and approximately 500 targets.
Senior Vice President (Infrastructure Systems/Information Security) at MAXUT
Real User
2020-07-26T08:19:00Z
Jul 26, 2020
With Safeguard, there are two virtual appliances. There is one that helps you manage passwords and then there is another one that helps you record the sessions. You can configure it to record whatever you do when you make the remote calls. We use this solution for a bank. My current project is to onboard all the bank's security assets onto Safeguard. It will be used for admins to have secure access to the server.
Head of Department of Technical Means of Protection at BrokerCreditService
Real User
2020-06-25T10:53:00Z
Jun 25, 2020
We use this solution to control the access of privileged users, such as application administrators, to the internal network. This solution allows us to record and log user sessions. We use virtual appliances on the VMware platform. The virtualization of such services allows us to flexibly scale our hardware configuration and gives significantly more opportunities for building a stable structure.
Director of Information Security at a healthcare company with 1,001-5,000 employees
Real User
2020-04-21T07:28:00Z
Apr 21, 2020
We use it primarily for our IT team, so they can access our production and pre-production environments, to have better accountability. They have to create a ticket, check it out, and then they have to get approval from our approvers group. So there's accountability from beginning to end, and we also record the sessions.
VP & Head of Cybersecurity Manager at a financial services firm with 1,001-5,000 employees
Real User
2020-03-11T08:01:00Z
Mar 11, 2020
We started with administrative use cases and we were able to take control of all the local administrator accounts for endpoints and servers. We then started controlling privileged accounts for our domain administrators as well as for any kind of privileged account that had access to our switches, routers, and the like. This year we're looking at taking control of all of the servers and application accounts. But that's going to be a longer journey for us because there are a lot more of those accounts, and there is a lot more testing that needs to be done because of the nature of the accounts. Another use case this year is integrating Safeguard into the SQL database, so we can start taking control of the SA accounts within SQL. Furthermore, we have a use case where we are using Safeguard to manage the account for our IIGA solution, which is our identity governance solution. When it creates new users or transfers or terminates users, it's using a privileged account that is being handled by Safeguard. We have a lot more use cases but these are enough to give you an idea of how we use it.
Chief Information Security Officer at a financial services firm with 51-200 employees
Real User
2020-03-08T10:06:00Z
Mar 8, 2020
Our company is regulated by the central bank in our country. There are about 4,000 employees in our organization. Our main need was to reduce the operational cost of our department by increasing the window of operations to 24-hour rather than have office unemployment. We are now digitizing the access control function through One Identity. Whoever forgets their password can reset it on their own rather than reaching out to the security desk. Whenever we have a new employee, we found that it was taking at least two days to get them a username or access to the system. Now, once they are logged into the organization and are registered on our ERP system, their complete access will be ready within five seconds. They will receive an SMS with their username and password so they can start working. This has increased efficiency and effectiveness of the access control function. It has reduced operational costs as well as providing services 24/7 with a platform that can be used anytime and anywhere for investigation in case we have a requirement. We use the physical appliances, as they are more reliable. Around the world, dedicated appliances are more reliable than having a virtual version/copy. We went with the physical appliances because they are dedicated and closed like a black box. However, we haven't reported any misses with the virtual version.
VP Risk Management at a financial services firm with 1,001-5,000 employees
Real User
2020-03-01T06:37:00Z
Mar 1, 2020
The three main use cases that we have are: * Ensure our human and non-human privilege accounts are locked up in a password vault. * Have workflows to handle the major types of usage, such as break glass and business as usual. * Changes in usage of the credentials are tied into approved change requests. These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password Vault. Last Fall, we went group by group and revised their accounts. We took away any type of privilege account that they had, ensuring that all of these accounts were then migrated to the Vault. They could then check out passwords to facilitate any type of privilege activities they needed to do on behalf of the bank. We use virtual appliances for this solution, which made sense for us, especially if we will plan to perhaps migrate to the cloud. Right now, it's all virtualized on-premise.
We are using the virtual appliance. We are a cloud company working widely with virtualization. We provide virtual machine to our customers. When we deploy a new solution, we try to use our system to show our customers that it works for them. That is why we are using a virtual appliance which validates the usage. For now, we are using it for traceability of access inside the platform because we are a certified company: ISO 27001, SecNumCloud, HDS... We use this solution to monitor the session of our administrator and also to capitalize on incidents. When you have an incident in the night and our Level 3 people are working on it, they don't have the time to document all they do on the platform. The main goal is to have the service up as fast as possible. We are now recording the session, and the morning after the incident, we can see the session and understand what has been done to resolve the incident. We are using the latest version of Safeguard.
Expert Systems Architect at Tempur Sealy International, Inc.
Real User
2020-02-18T07:41:00Z
Feb 18, 2020
There are two parts to Safeguard: the sessions recording part and the password management appliance. With the password management appliance, we have been using version 2.10. For the sessions recording, we started off with version 6.2. It has new additions and updates which have come out, thus we've upgraded. Currently, we are up to version 6.5. We are doing a sessions recording for all of our UAT and production servers. Therefore, if something breaks/happens or there's a change during the day without the proper change control mechanisms, we can determine the session by pulling the last session on the box and finding out who did what. Then, for the password part, it is used to consolidate enterprise-wide all our passwords for our 2000-plus server accounts. We have five physical alliances for the password part. Then, for the sessions recording, there are three virtual appliances. We went with these particular versions because they were the latest and greatest. I like to keep things updated instead of dragging stuff out, which is how people get stuck with legacy devices unable to upgrade or with no upgrade path available.
We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI.
Head of Information Security at a financial services firm
Real User
2019-04-17T08:37:00Z
Apr 17, 2019
The primary use case for our One Identity Safeguard solution is to optimize security across private accounts, accounts which can be secured upstream and downstream. The solution enables us to implement encryption protocols across channels. It is designed so that depending on the cryptographic case, different policies can be applied in correlation.
One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.
Our customer is a public service organization with about 800 privileged accounts and 8,000 functional accounts. The client already has a relatively unadvanced identity management implementation. It's a request-based identity management solution. What we're doing now is getting better control of the privileged accounts and getting rid of the old technology. The end users don't know of an alternative. They are still subject to identity management through what is quite a large, manual process instead of process automation. For instance, the users do not have a self-service port where they can automatically get privileges they don't have today. Everything goes via the ITSM manual control workflow. It's the manual processing our client currently has that is what we are thinking of improving. The installation was not set up by my team, but our job is to focus on the most sensitive information assets and secure insights into how service and other infrastructure are managed through privileged accounts. After that, we will work on simplifying the everyday user experience. We work with just the physical appliances. It wasn't my decision. It was what the client already had. Regarding the form factor, just put it in a rack and it works. It's not an issue.
We use One Identity Safeguard to manage our privileged accounts. We use One Identity Safeguard on both physical and virtual appliances.
We introduce One Identity Safeguard to customers, primarily Italian customers who need to partner with solutions that protect their target resources.
We use the virtual appliance of One Identity Safeguard to enhance security when external support is logged into our internal network. This is because it is the riskiest situation when an external company logs into servers to provide support. We want to increase security and monitoring to minimize risk. We have better monitoring tools to help us achieve this.
I work for a bank, and we use Safeguard to manage access to our Internet banking services. We use Safeguard for two things: identity and access management and detection recording. We have our services onboarded on SysTrack doing RDP directly to the servers or station, and we use virtual appliances for collection. The solution covers around 150 users at this organization.
We use the on-demand version. We use the solution for monitoring and connection to the customer's server for Windows and Linux.
We primarily use the solution to manage identities.
Our administrators mainly use it to protect their different packages and access secrets through Safeguard, either by checking out credentials, using encrypted sessions, or utilizing the product's API. We are using a virtual appliance deployed in the cloud and on-premises.
We have more than 1,000 servers or application servers, and we have several layers of teams. We have super admins, system admins, and operations staff, and we also have application vendors using the system. In such a large environment, it was really difficult for us to do identity management on a daily basis. We had new people joining the team, and we also had people leaving. We had to put in additional manpower to monitor these activities and comply with the regulations. That was the main reason we moved to automation with the One Identity solution. We are using their Privileged Account Management solution. We have virtual appliances. We don't have physical ones.
The first time I used One Identity Safeguard was when I was the manager of the infrastructure of Ayendeh Bank, and we are currently using it now at my present company. Our main use case is in security reviews for all of the change management and incident management services, and we also use it for the VPN connection for PAM. It allows us to review everything that goes on over the working day. For example, our third-parties who support all of our services, including network services (e.g. Cisco) and our Linux servers, are eligible to connect via the VPN, and through One Identity Safeguard, they are able to make contact with and use the various services. Our company works alongside various PSPs (Payment Service Providers), and our work here is mainly to prepare the software switch for them, and to handle the SLA for infrastructure maintenance services. Due to the nature of our work, we also use One Identity Safeguard for on-call and direct administrators whether they are in-house or external to our company. It is, in fact, the main tool for managing access for all the services. And because of that, I'm available for these companies 24/7 all year long. At present, we have around 17 direct users of One Identity who use it on a daily basis, which includes 10 people from my own department.
We use Safeguard to manage users when the client wants to record all discussions on an LDAP. The solution is deployed on a VMware ESXI because all our clients don't want a physical appliance. We average about 300 to 500 connections to Safeguard.
The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally.
We use it for controlling the client sessions into our data center.
One Identity Safeguard is used by administrators to access their devices. They will log in using identity management in order to secure the administrator's login.
We primarily use the solution to manage passwords and use for the RDP access. Our infrastructure is three SPPs and two SPSs. This is across 1,000 users and approximately 500 targets.
With Safeguard, there are two virtual appliances. There is one that helps you manage passwords and then there is another one that helps you record the sessions. You can configure it to record whatever you do when you make the remote calls. We use this solution for a bank. My current project is to onboard all the bank's security assets onto Safeguard. It will be used for admins to have secure access to the server.
We use this solution to control the access of privileged users, such as application administrators, to the internal network. This solution allows us to record and log user sessions. We use virtual appliances on the VMware platform. The virtualization of such services allows us to flexibly scale our hardware configuration and gives significantly more opportunities for building a stable structure.
We use it primarily for our IT team, so they can access our production and pre-production environments, to have better accountability. They have to create a ticket, check it out, and then they have to get approval from our approvers group. So there's accountability from beginning to end, and we also record the sessions.
We started with administrative use cases and we were able to take control of all the local administrator accounts for endpoints and servers. We then started controlling privileged accounts for our domain administrators as well as for any kind of privileged account that had access to our switches, routers, and the like. This year we're looking at taking control of all of the servers and application accounts. But that's going to be a longer journey for us because there are a lot more of those accounts, and there is a lot more testing that needs to be done because of the nature of the accounts. Another use case this year is integrating Safeguard into the SQL database, so we can start taking control of the SA accounts within SQL. Furthermore, we have a use case where we are using Safeguard to manage the account for our IIGA solution, which is our identity governance solution. When it creates new users or transfers or terminates users, it's using a privileged account that is being handled by Safeguard. We have a lot more use cases but these are enough to give you an idea of how we use it.
Our company is regulated by the central bank in our country. There are about 4,000 employees in our organization. Our main need was to reduce the operational cost of our department by increasing the window of operations to 24-hour rather than have office unemployment. We are now digitizing the access control function through One Identity. Whoever forgets their password can reset it on their own rather than reaching out to the security desk. Whenever we have a new employee, we found that it was taking at least two days to get them a username or access to the system. Now, once they are logged into the organization and are registered on our ERP system, their complete access will be ready within five seconds. They will receive an SMS with their username and password so they can start working. This has increased efficiency and effectiveness of the access control function. It has reduced operational costs as well as providing services 24/7 with a platform that can be used anytime and anywhere for investigation in case we have a requirement. We use the physical appliances, as they are more reliable. Around the world, dedicated appliances are more reliable than having a virtual version/copy. We went with the physical appliances because they are dedicated and closed like a black box. However, we haven't reported any misses with the virtual version.
The three main use cases that we have are: * Ensure our human and non-human privilege accounts are locked up in a password vault. * Have workflows to handle the major types of usage, such as break glass and business as usual. * Changes in usage of the credentials are tied into approved change requests. These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password Vault. Last Fall, we went group by group and revised their accounts. We took away any type of privilege account that they had, ensuring that all of these accounts were then migrated to the Vault. They could then check out passwords to facilitate any type of privilege activities they needed to do on behalf of the bank. We use virtual appliances for this solution, which made sense for us, especially if we will plan to perhaps migrate to the cloud. Right now, it's all virtualized on-premise.
We are using the virtual appliance. We are a cloud company working widely with virtualization. We provide virtual machine to our customers. When we deploy a new solution, we try to use our system to show our customers that it works for them. That is why we are using a virtual appliance which validates the usage. For now, we are using it for traceability of access inside the platform because we are a certified company: ISO 27001, SecNumCloud, HDS... We use this solution to monitor the session of our administrator and also to capitalize on incidents. When you have an incident in the night and our Level 3 people are working on it, they don't have the time to document all they do on the platform. The main goal is to have the service up as fast as possible. We are now recording the session, and the morning after the incident, we can see the session and understand what has been done to resolve the incident. We are using the latest version of Safeguard.
There are two parts to Safeguard: the sessions recording part and the password management appliance. With the password management appliance, we have been using version 2.10. For the sessions recording, we started off with version 6.2. It has new additions and updates which have come out, thus we've upgraded. Currently, we are up to version 6.5. We are doing a sessions recording for all of our UAT and production servers. Therefore, if something breaks/happens or there's a change during the day without the proper change control mechanisms, we can determine the session by pulling the last session on the box and finding out who did what. Then, for the password part, it is used to consolidate enterprise-wide all our passwords for our 2000-plus server accounts. We have five physical alliances for the password part. Then, for the sessions recording, there are three virtual appliances. We went with these particular versions because they were the latest and greatest. I like to keep things updated instead of dragging stuff out, which is how people get stuck with legacy devices unable to upgrade or with no upgrade path available.
We primarily use the solution for managing and monitoring privileged users, both internal and external.
We primarily use the solution to manage passwords.
We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI.
The primary use case for our One Identity Safeguard solution is to optimize security across private accounts, accounts which can be secured upstream and downstream. The solution enables us to implement encryption protocols across channels. It is designed so that depending on the cryptographic case, different policies can be applied in correlation.
We primarily use One Identity Safeguard for Privileged Sessions (SPS) for managing our customers' access to their critical systems.
We use Safeguard for privileged sessions. It's primarily used as a solution for accessing our production environments.
Privileged management.