Okta vs. SAI360 vs. SAP Access Control

Should be well-suited for a SaaS business organisation as they have a lot of internal applications and need a role-based authentication system between the various teams, improving security and audit log system to account for any breaches. It integrates well with internal applications such as Salesforce and Oracle. Best when need of SSO.

Incentivized

The usage of ROAM, as well as the integration of external programmes through API and import functions, has almost reduced duplication of work. One thing to keep in mind is that your use cases must be very clear. There are a lot of SAI solutions, and their titles don't always correspond to what they actually perform.

Incentivized

Appropriate for SAP hrs hierarchy integration and can have multiple hierarchies of org structures adopted as alternative workflow support. Cons of access control are the logs of firefighter usage are still limited in depth and does not evolve to adop more cloud products which are coming at a plaster pace than the ac product as such.

• Centralized control of enterprise passwords
• Extensive customization of acceptable password criteria
• One system for Identity and Access Management to learn
• Scalable throughout the university for all central services
• Uniform login experience for students, faculty, and staff
• Single point of response to address termination of access
• Ability to use FastPass for lower priority systems
• Excellent support of multi-factor requirements

Incentivized

• Customized unified design platform
• Modules that fit your organization
• Low technology involvement with information department.
• Built on foundational platforms some bidirectional in the ERM framework with TPRM contracts
• Single sign-on web-based applications

Incentivized

• SAP Access Control ensures that our services are accessed by the right users since it send me alerts when an employee tries to access any application. That way, I am able to either authorize or cancel the request to safeguard of company data.
• With SAP Access Control, it is easy to automate and monitor how our team access services and applications. SAP Access Control has an automatic feature that notifies me when employees access applications and services and the issues they are encountering.
• In addition, SAP Access Control add security on employees login to ensure that their data on the applications are encrypted to never leak to cyber attackers.

Incentivized

• I do have to reset my password quite frequently. However, I don't think there is really a way to improve this, as it's a good security measure.
• It makes me re-sign in a couple of times a day, sometimes if I haven't used my laptop for a couple of hours, and sometimes just randomly throughout the day.
• It doesn't remember my devices, either my laptop or phone. so it always calls that out.

Incentivized

• Integration with SAP for continuous control monitoring.
• Control mapping to standards: ISO; COSO; COBIT; HIPAA; SP800_53 (NIST); FedRAMP; PCI_DSS; BITS; GAAP; AICPA; BSI; CCM; COPPA; CSA
• Surveys.

Incentivized

• It still uses the webdynpro for the front end. All webdynpro applications should be migrated to Fiori for a better user experience.
• Some functionalities can't manage in mass way. I.E. building derive roles/multiple single roles,
• Interface with LDAP is not efficient.

Incentivized

Okta has a passion to provide secure and scalable identity solution. Their passion has come across as advocacy in a way that has deepened my knowledge of the field of authentication. I took identity for granted before but after seeing features such as external authentication I know that Okta can enable my business to reach new heights

BWIse is very flexible, and an affordable GRC tool.

Incentivized

We are very happy with it.

Some of its features are great and some are slightly complex and not easy without vendor support.

Incentivized

Overall it is a very versatile system that does help to keep our processes automated and secure. We are able to streamline our day to day activities.

Incentivized

This is a great tool for a medium to large sized company. SAP Access Control requires a great deal of SAP knowledge to use, but it is certainly information that can be learned. Their customer support is wonderful and easy to work with. The overall usability is great. I greatly recommend this software.

Incentivized

The Okta Identity Cloud advertises 4 9's of reliability and I would go as far to say that it may even do better than that. As a true Global organization that operates in just about every region of the world, we have yet to have an issue with The Okta Identity Cloud that has impacted our business operations.

Incentivized

From my perspective, for the things that my group uses it for, Okta is very fast. It is as least as fast as the local password database methods that it replaces on our campus enterprise services. I do not believe that it slows anything down at all. In fact, not having to think too much about the login, because they all look the same, probably speeds things up somewhat.

Incentivized

We've had a few support cases over the years and every case has been handled by the Okta support team beautifully. We received clear answers to questions we had regarding setup and even were provided simple to follow guides on how to setup their product to use with custom applications.

Incentivized

BWise support is knowledgeable and responsive. Bug fixes and development are also timely and ongoing.

Incentivized

This product fulfills all our requirements. We can use this for user management, role management, risk analysis, business role management, workflow management. Initial configuration takes a lot of effort. Otherwise it's a great product for the end user. SAP Access Control tool performance needs improvement, sometimes it slows down the processing time for requests.

Incentivized

The main issues were managing the internal conflicts and competing objectives, rather than the capability and implementation of BWise itself.

Incentivized

Okta is far superior in terms of integrations, user interface, automation, and connectivity. Additionally, Okta offers better support and availability, and a more robust solution across every capacity Entra competes in. Okta simply works, whereas Microsoft Entra has a large overhead that is difficult to use when configuring things.

Incentivized

Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than MetricStream's).

Incentivized

Pricing was higher for the cloud version of the BTP service - IAG. SAP Access Control pretty much facilitates everything we are looking for as an enterprise with an efficient dollar cost ROI for the services we are looking for. Also, there were many features on the cloud version which came bundled with the license and we had to pay for them even though we did not actually use these products.

Incentivized

Being a cloud native application, The Okta Identity Cloud is extremely scalable and easy to setup. By integrating into existing directories and applications via standard techniques and protocols, it is very easy to both initially setup and add additional users as required. Once all the necessary integrations are setup, it's a simple rinse and repeat process to onboard additional users (which can be automated with imports as well)

Incentivized

• Increased user productivity - not fighting with IT all the time!
• Though there could be a bit more on the 'lost/broken phone' front, the self-service eliminates time that would typically be spent waiting for IT support/admins.
• An Okta account under a certain domain allows proper access from the get-go, and under certain apps (such as our HRIS), adding members is easy.
• Improved security - deactivating Okta removes all account access across multiple platforms instantly for leavers.

Incentivized

• Pre-built training courses for certification that have a higher ROI than building your own courses.
• Helped customers training their personnel to achieve multiple management system certifications.

Incentivized

• Reducing risk of fraud. Implementing SAP Access Control allows analysis of every role assigned to a job on the organization. Through this analysis, weakness on roles are detected, corrected and monitored. As the users feel the change, they also feel that they are being monitored, preventing any intent to use his position and privileges to take personal advantage. So a major impact to organizations is to reduce the financial lost due to frauds.
• Reducing cost for monitoring. Another positive impact is lowering the cost of monitoring. This is twofold: First, a rather small team can manage access management. Second, through the use of SAP Access Control the complete universe of roles and users can be monitored without increasing the cost for the continuous monitoring.
• During transactions. The use of SAP Access Controls allows detection of transactions that, from an information security point of view, require some redesign. When SAP GCR is implemented, you make some discoveries such as: obsolete transactions, transactions with no authorization objects and the like. The transactions with these problems can be left out of the active roles, waiting for remediation of the issues found.

Incentivized