CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.
N/A
HID DigitalPersona
Score 9.0 out of 10
N/A
HID DigitalPersona (formerly Crossmatch) provides a comprehensive multi-factor authentication solution. The vendor’s value proposition is that their solution frees users from cumbersome login activities while making it easy for an IT Team to secure access to their networks, data and applications.
$3.75
per user per month
Pricing
CyberArk Privileged Access Management
HID DigitalPersona
Editions & Modules
No answers on this topic
HID DigitalPersona
$3.75
per user per month
Offerings
Pricing Offerings
CyberArk Privileged Access Management
HID DigitalPersona
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
Yes
Entry-level Setup Fee
No setup fee
Required
Additional Details
CyberArk offers a variety of Identity Security packages for different user types within an organization.
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
During the onboarding process, remote workers can enroll their fingerprints or create secure PINs. This eliminates the need for complicated passwords and enables them to safely access company resources and critical apps from remote locations. HID DigitalPersona's robust authentication techniques and access control features can assist you in adhering to data security laws.
Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
Speeding up the login process with fingerprint in PIN rather than having to remember a long password. Our IT department has seen a huge decrease in the amount of account lockout and forgot password calls.
It is highly customizable to meet the needs of remote or on-premises workers. It is all configurable through group policy, so it is very easy to set specific requirements on certain groups.
Setup was quick and the administration guides are very easy to follow if you need to go back in and adjust things.
I find that sometimes I have had to delete a users fingerprints and re-add them. There must be something going on where the software believes that the user has changed their fingerprints.
I have on occasion come across a person where the reader was unable to create fingerprints for that user. It would be interesting to see if the sensitivity of the 4500 reader could be improved on.
I find that using the DigitalPersona software makes the users ultimately forget their passwords. Maybe every once in a while the software could require the user to type in their Windows password to help them remember it.
It is wonderful for multifactor authentication and gives us many options for what we use to authenticate. All of our users use it and it is engrained into our group policies and people would be very disappointed if it went away.
I think there are still fundamental enhancements needed to be added to the management consoles and I think there ought to be a Centralized, Windows Based "Thick" Management Application instead of individual utilities which vary from MMCs, Scripts, Wizards, etc.
Customer support and technical support have always been great when we require assistance. Especially when we come across issues that we're not familiar with.
Extremely poor; I've never encountered such. Professional Services completely dropped us for months. Crossmatch tech support seems like it has 3 techs tops! No response to emails, calls, the absolute worst! I will never recommend DP to anyone.
Could use tools to audit license usage at a more granular level as to allow an administrator to free up licenses from users whom seldom use their biometrics to login.
It is known as one of the safest products in the market. It has good support and is also available as on-premise. You can run it virtually on VMWare (and probably on other hypervisors as well). You can have a second instance on bare metal and that makes it a very safe system.
We have used One Identity for software tokens. The Defender software tokens were originally included with our bundle and work pretty well for integration into the AnyConnect VPN client with Cisco. All that said, we use the two products for different applications and DP does what it does very well.
I'm happy to say I'm not involved in budgeting or finance, but the financial benefits are easy to state: Less helpdesk time - helpdesk staff don't have to spend time resetting people's passwords.
Users don't have to wait for Helpdesk to get around to helping them log in.
