Oracle Access Management delivers risk-aware, end-to-end multifactor authentication (MFA) and single sign-on (SSO) that integrate identities and systems across cloud and on-premises.
N/A
SailPoint Identity Security Cloud
Score 7.7 out of 10
N/A
SailPoint Identity Security for the cloud enterprise manages risk from the explosion of technology access. The solution gives businesses visibility while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.
OAM is designed to be scalable, and it can handle large-scale deployments with thousands of users and applications. It provides a centralized framework for managing access to web applications and resources, enabling organizations to define and enforce security policies across their entire IT environment. OAM offers a range of authentication and authorization mechanisms, including multi-factor authentication and OAuth-based authentication, making it suitable for organizations that need to meet different security and compliance requirements.
As discussed in previous sections, it does integrate well with other systems, and basic JML works well; it's very powerful and customizable in these areas (though also complex). The downsides are in areas like access reviews, where it's less customizable (no way to automatically send a review to the owner for a set of access items; each review needs an individual to be selected for it).
Oracle Access Management allows superior session management capabilities. It can maintain and terminate session states using access engine and endpoint cookies or security tokens.
It allows for automated single sign-on as well as protocol translation.
The suite allows for real-time fraud detection and prevention capabilities. This is especially useful where our applications are accessed by tens of thousands of users simultaneously.
The product could be improved by simplifying changing the master password. That is, if you change a password in one place, it would be good to automate changing the password for all the gateways so that change is less complicated.
It should be more Customizable for Customer Specific needs.
Oracle Access Management connects well with Oracle Database but doesn't work smoothly with Microsoft AD.
The user interface is not very intuitive. It is hard for the occasional user to navigate through the request process. There are no instructions on the screen to help the user to know what to do. It is left up to the user to figure out what to click on and how to navigate through the process.
Its a best tool for a CISO, works very well, easy to use, great connectors and integrations, great reports, automated reviews, full compliance, great support to a JML (Joiners, Movers and Leavers) project;
Usability with this platform is pretty good after you get a handle of things. I must say for new users it can take some time for training and adoption. This however is not just limited to Oracle products but most major ERP. Once you get past the initial training period all should be well from there.
Always improving the UI, so it's getting better. Some areas are fully featured, but others, such as Separation of Duties reporting and policies, are very weak.
The first journey isn't easy because you need to win your internal process and problem concern and Sailpoint have many experience to support this phase, and make the real difference into the client experience;
Both are great products. From a technical point of view Oracle Access Management implementation is relatively simple due to the possibility to adjust the functionality and appearance of the system to the customer's needs. SAP is a robust product but not user friendly and more expensive. Overall cost and product functionality was what drove us to implement Oracle Access Management.
The on-prem SailPoint IdentityIQ platform provides the necessary customization that is required in our dynamic environment. Although we may look at a cloud-based Identity Management service again in the future, (there are many advantages), our identity management, authentication, and application assignment processes cannot be quickly consolidated to a single cloud-based service at this time.
Over 300,000 password change/reset calls avoided to the helpdesk annually.
1,000 plus accounts with proper accesses provisioned via automated birthright processes weekly versus 1-2 days of manual provisioning and approvals. With a call center population that churns many people per week, this brings many dollars of efficiency to the operations teams.
Flexibility on terminations to manage accounts and access for target applications based on regulatory or business rules to ensure compliance and avoid fines for non-compliance.
