Reviews (1-6 of 6)
December 21, 2017
Identity IQ is being used by the entire Western Union enterprise with 20,000+ users. It is our primary access request system with 750+ applications. It manages the workflow for request approval and in many cases provided the automatic provisioning and de-provisioning of accounts upon approval. We also use the system to manage our quarterly access review and re-certification process.
- The access request work flow and back end process is exceptional. It effectively manages all of the various pieces of a request and presents the completed request to the provisioning agent as a single record. This is very helpful to the efficiency of the process since the provisioning agent only sees the completed request rather than seeing each component as it is approved. Other systems deliver the various request components to provisioning as they are approved but cannot be provisioned without all the components. Thus creating complexity for the provisioning agent and impacting the SLAs with what looks like a delay with the provisioning process.
- The system is robust enough to effectively handle the scale that we need. With 750+ applications, 24,304 individual entitlements to select from, and an average of 10,200 request transactions per month. We have never had any performance issues.
- The system flexible enough to accommodate our complex business needs without needing to customize the base system. We have been able to add significant functionality to the system in order to support the business needs by extending the code rather than altering the base code. This has enabled a simple upgrade of the system without having to re-apply code enhancements.
- The user interface is not very intuitive. It is hard for the occasional user to navigate through the request process. There are no instructions on the screen to help the user to know what to do. It is left up to the user to figure out what to click on and how to navigate through the process.
Read Mark Routh MCPM, PMP, CSM's full review
It is most appropriate for organizations that categorize the request in a "role" configuration but is quite appropriate for "entitlement" based configurations as well. Its flexible configuration is very effective for accommodating any business needs in an efficient manner.
December 19, 2017
I implement SailPoint IdentityIQ for enterprises who are looking to manage their overall risk posture, typically across the most sensitive parts of their organizations; The main business problems the solution address is around proactive access management. In an organization where you have hundreds (or some cases) thousands of users constantly joining, leaving or moving within the company to take on complex projects, IT has the burden to assure that users have the application access required to do their jobs. Imagine orgs that have multiple roles, job functions, geographies, and regulations; accurately granting access and limiting access can be a major undertaking and IIQ helps to manage the complexity of that entire process, which is what is referred to as identity lifecyle management.
- Providing accurate visibility enterprise-wide to who has access to what applications and data, across the entire organization.
- Seamless automatic provisioning of access based on matrix defined job roles and job functions , simplifying the provisioning process.
- An elegant interface to manage certifications and to limit access as customers change their job functions or projects (typically within 12-24 months).
- Technical adoption requires a high level of training and experience by the implementing teams.
- SailPoint and partners offers very good training courses which I think are very good. An area of improvement can be in providing cloud VMs that users can work with to learn the IIQ tool more effectively at their own pace.
Read Omon Edeki's full review
If you are holding customer information, then you need IIQ or some kind of identity management system. While smaller companies can live without it, as you grow and add new applications, regions and offerings to your customers, it is critical to manage access to customer and operational data. Business data today is very much similar to capital, and you want to properly manage who access to your capital resources demonstrating prudence and vigilance to customers.
IdentityIQ is used both as an IAM tool to manage user logins across various devices and software. This includes Windows accounts, our timesheet software, email accounts, and a few other software tools used by our engineers. Additionally, IdentityIQ also is used for very specific workflows that require the contribution of several employees. For example, we have a team that is spread out over three different client sites in different time zones. They use the workflow to ensure that all of their steps are taken care of in an organized manner.
- It's great for specific workflows that bottleneck around a certain individual. IIQ identifies the bottleneck and "shames" that employee to pick it up. With an IIQ developer, you can make almost any workflow that you need.
- It's great for people who forget their Windows password a lot, especially if you have a password policy that requires constant changes. IIQ allows the user to select "forgot password?" on the Windows login.
- It's great for administrators because now they can admin a user's accounts all in one spot instead of keeping records across several pieces of software.
- Making it easier to create workflows would be helpful. Especially if an admin could do this work. Developers cost more...
Read David Riddel's full review
IIQ is well suited for an organization with a large amount of users that use lots of software. It's also good for developing workflows so that workers can organize their process.
Our company did not have an IAM solution, and was relying on pen/paper to conduct certifications. After conducting POCs with 6 vendors, SailPoint clearly stood out. The ease of implementation (along with IdN) and the intuitive nature of the product make it a winner. And support from SailPoint is fantastic. Simply a great product.
Read Terry Garbo, CISSP GCIH GCFE's full review
Its the best in the business
December 18, 2017
Score 6 out of 10
We use it for: access provisioning, self service password reset, and database password synchronization.
- Very customizable interface
- Ability to connect to many enterprise databases and systems like AD
- One integrated product built from the ground up with the entire identity lifecycle in mind.
- Beanshell is used to program it - this is an old variant of Java pre-generics. This language essentially died in 2005 and there is no reason a product like this should be using it.
- There is no built-in way to version control the scripts that are used. We had to develop our own system to properly follow the SDLC.
Read this authenticated review
It definitely is better than the Oracle suite of products in that there is one unified product which handles what you'd need multiple Oracle products for. That said, it is not very exciting or cutting-edge to work with.
April 04, 2017
Score 9 out of 10
We do not use IdentityIQ in our company. We as a contractor implement IdentityIQ.
- Access certifications are one of the best features in IdentityIQ. You will be able to approve and extend employee's access to different applications periodically and it reduce the risk of unnecessary long time accesses to the applications.
- I personally like the role-base access control feature in IdentityIQ. It helps you to find out the existing roles in the systems and assign access to those roles. That makes it easy to implement the software in large organizations.
- Although the risk factor are chalenging to define in first place but they'll be very usefull to give the management team a good view of high risk previleged employees.
- I would like IdentityIQ to have a directory service built in and not [be] dependent to other directories.
- Having Single Sign on would be a great improvement.
- Although they are adding more and more connectors to IdentityIQ, they are applications that they don't have a connector and the implementor has to develop a connector for that.
Read this authenticated review
IdentityIQ is the best choice for very large organizations with complicated processes and paperwork. The ability of custom workflows in IdentityIQ would help organizations to boost the speed and accuracy of their business processes. Automation is another factor that makes IdentityIQ best choice for large firms. This feature would provide end to end automated provisioning and de-provisioning in several applications.
IdentityIQ Scorecard Summary
SailPoint's IdentityIQ provides enterprise-level cloud-based or installed identity and access management (IAM) software featuring single sign-on (SSO), password management, provisioning, role management, and identity intelligence for audit purposes.
IdentityIQ Technical Details