HID DigitalPersona (formerly Crossmatch) provides a comprehensive multi-factor authentication solution. The vendor’s value proposition is that their solution frees users from cumbersome login activities while making it easy for an IT Team to secure access to their networks, data and applications.
$3.75
per user per month
SailPoint Identity Security Cloud
Score 9.0 out of 10
N/A
SailPoint Identity Security for the cloud enterprise manages risk from the explosion of technology access. The solution gives businesses visibility while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.
During the onboarding process, remote workers can enroll their fingerprints or create secure PINs. This eliminates the need for complicated passwords and enables them to safely access company resources and critical apps from remote locations. HID DigitalPersona's robust authentication techniques and access control features can assist you in adhering to data security laws.
We are happy with the management of the Id, accounts where the user can request any access easily. Also the many connector which Sailpoint is offering in order to onboard lots of applications is quite helpful. The access review module has also have been improve so that large campaigns can we work out easily.
Where we see some improvement is on the UI as here it is not so intuitive for the end user, so that we need to make lots of communications and training so that the user is able to understand how to use it.
For the administration and creation of roles it also would be great to have some improvements here to make it more easily its management.
Speeding up the login process with fingerprint in PIN rather than having to remember a long password. Our IT department has seen a huge decrease in the amount of account lockout and forgot password calls.
It is highly customizable to meet the needs of remote or on-premises workers. It is all configurable through group policy, so it is very easy to set specific requirements on certain groups.
Setup was quick and the administration guides are very easy to follow if you need to go back in and adjust things.
I find that sometimes I have had to delete a users fingerprints and re-add them. There must be something going on where the software believes that the user has changed their fingerprints.
I have on occasion come across a person where the reader was unable to create fingerprints for that user. It would be interesting to see if the sensitivity of the 4500 reader could be improved on.
I find that using the DigitalPersona software makes the users ultimately forget their passwords. Maybe every once in a while the software could require the user to type in their Windows password to help them remember it.
The user interface is not very intuitive. It is hard for the occasional user to navigate through the request process. There are no instructions on the screen to help the user to know what to do. It is left up to the user to figure out what to click on and how to navigate through the process.
It is wonderful for multifactor authentication and gives us many options for what we use to authenticate. All of our users use it and it is engrained into our group policies and people would be very disappointed if it went away.
I think there are still fundamental enhancements needed to be added to the management consoles and I think there ought to be a Centralized, Windows Based "Thick" Management Application instead of individual utilities which vary from MMCs, Scripts, Wizards, etc.
Extremely poor; I've never encountered such. Professional Services completely dropped us for months. Crossmatch tech support seems like it has 3 techs tops! No response to emails, calls, the absolute worst! I will never recommend DP to anyone.
Could use tools to audit license usage at a more granular level as to allow an administrator to free up licenses from users whom seldom use their biometrics to login.
We have used One Identity for software tokens. The Defender software tokens were originally included with our bundle and work pretty well for integration into the AnyConnect VPN client with Cisco. All that said, we use the two products for different applications and DP does what it does very well.
The on-prem SailPoint IdentityIQ platform provides the necessary customization that is required in our dynamic environment. Although we may look at a cloud-based Identity Management service again in the future, (there are many advantages), our identity management, authentication, and application assignment processes cannot be quickly consolidated to a single cloud-based service at this time.
I'm happy to say I'm not involved in budgeting or finance, but the financial benefits are easy to state: Less helpdesk time - helpdesk staff don't have to spend time resetting people's passwords.
Users don't have to wait for Helpdesk to get around to helping them log in.
Over 300,000 password change/reset calls avoided to the helpdesk annually.
1,000 plus accounts with proper accesses provisioned via automated birthright processes weekly versus 1-2 days of manual provisioning and approvals. With a call center population that churns many people per week, this brings many dollars of efficiency to the operations teams.
Flexibility on terminations to manage accounts and access for target applications based on regulatory or business rules to ensure compliance and avoid fines for non-compliance.
