Item: SailPoint Identity Platform
Rating: 8
Author: Jose Garcia-Russo

Use Cases and Deployment Scope

We have the IdentityIQ platform implemented within my organization, and its main benefit (although not it's only one) is the automation it brings to the Provisioning of user accounts/profiles and the automation of access via its roles functionality. Through this automation, LCM is also controlled by IdentityIQ, where people joining, moving, and Leaving the organization have their accounts subsequently amended or removed. This mechanism saves countless hours across our organization both in Technology and Business support departments. The product ties all our employee's access to our critical Applications and enables them to access them at the right time, and in the right place.

Pros and Cons

Brings users access, profiles and accounts all into one place
Manages the Life Cycle Management process across ALL identities, permanent and Temporary
Secures and manages access to critical applications and resources across the group
Enables Info. Security to customise, share and delegate authority across the group
Single version of the truth across our technology platform

The use of a Distinguished name and the lack of a clear support model for the task that is necessary for this process to work is not a good idea.
In a hybrid model where application automation is not fully rolled-out, means that there can be inconsistency in the process, which leads to duplicate accounts.
Certification: The functionality is a bit clunky and could be designed with the end-user experience in mind (Although this might be due to our version of IIQ)

Most Important Features

Life cycle management
Access Management
Automation of role assignment
Account Provisioning in other Applications

Return on Investment

Seamlessly manages the disablement of account access for users leaving the business. Our company has approx. 200 leavers a week, which before IIQ was managed primarily manually.
Conversely, IIQ automates the creation of 200 new starters a week, which again used to be fuelled by manual Service Requests.
The Information Security of this platform is endless. From LCM to Application assignment and removal

Alternatives Considered

The Okta Identity Cloud

SailPoint is a more customizable solution than Okta, it is also not just a cloud application. Our use of IIQ to manage external suppliers via Azure AD guest accounts was not available on other platforms at the point of deployment. The integration with SAP and other Microsoft services is also second to none.

Key Insights

Do you think SailPoint Identity Platform delivers good value for the price?

Yes

Are you happy with SailPoint Identity Platform's feature set?

Yes

Did SailPoint Identity Platform live up to sales and marketing promises?

Did implementation of SailPoint Identity Platform go as expected?

Yes

Would you buy SailPoint Identity Platform again?

Yes

Other Software Used

Microsoft Azure Active Directory, Microsoft 365, Ivanti Service Manager (powered by Heat)

Likelihood to Recommend

This platform is well suited for managing large-scale employees/Customers/Users. Its ability to handle and work through thousands of transactions on a daily basis is one of its true benefits. Conversely, companies with smaller user bases might not feel this processing power. Organizations with a large number of users in similar roles, such as a Contact Centre or warehouse, will really benefit from being able to deploy Role-based access controls that will enable large numbers of people to access what they need in order to complete their roles. Highly audited and compliant companies would really benefit from the ability to customize and access low-level provisioning access logs.

SailPoint IdentityIQ - Rolls Royce of a platform if used correctly and truely invested in

Overall Satisfaction with SailPoint Identity Platform