Hypersocket (formerly Nervepoint) enables organizations to efficiently manage and administer end users and their access to disparate systems by empowering end users to manage their own accounts across multiple systems both on-premise and in the cloud, while allowing IT to gain control over user sprawl, cut support and gain in-depth business insight.
N/A
SailPoint Identity Security Cloud
Score 9.0 out of 10
N/A
SailPoint Identity Security for the cloud enterprise manages risk from the explosion of technology access. The solution gives businesses visibility while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.
One Identity is a great self-service password management system, however, it is limited to just that. As it stacks against the competition, Hypersocket isn't modular, it's an all-in-one which most other systems aren't. One Identity is what we use today for self-service, and …
Nervepoint Access Manager (NAM) has the ability to deal with multiple domains. While ServiceNow at the time we looked at the solution did not (I do not know if it does now). NAM was a more polished, mature product.
The customer was already using SailPoint Access Risk Management (ERP Maestro) and doesn't want to bring in SAP AC for the SOD topic. So it was easy to decide to go with SailPoint Access Risk Management (ERP Maestro).
SailPoint is a more customizable solution than Okta, it is also not just a cloud application. Our use of IIQ to manage external suppliers via Azure AD guest accounts was not available on other platforms at the point of deployment. The integration with SAP and other Microsoft …
The on-prem SailPoint IdentityIQ platform provides the necessary customization that is required in our dynamic environment. Although we may look at a cloud-based Identity Management service again in the future, (there are many advantages), our identity management, …
SailPoint and Oracle were selected for the RFP from a field of over 10 companies. SailPoint was much more mature and stable during our evaluation in 2015 and continues to lead the pack. We're confident we made the correct decision and work closely with our success team at …
I think SailPoint Identity Platform stacks better than most IAM tools and solution though a lot of SaaS IAM solutions are already available, can compete and are at par with its features and capabilities.
IdentityIQ provides a more complete solution for a fraction of the cost of other solution providers. It is easy to work with and provided very effective management of all aspects of the access management process.
All these products are really good at some key areas. They are all different and solve different parts of the puzzle. IIQ is more of a centric focal point that manages and maintains access in a vendor-agnostic way. It helps bridge the gap at the identity layer for different …
Compared to other solutions, IdentityIQ provides the best identity governance for your organization. Custom workflows and automation processes make this product more attractive to business rather than its competitors. IdentityIQ is a united, user-friendly platform to perform …
It has great flexibility with multiple domains, and the ability to sync or not sync passwords between primary and secondary accounts. I'd like to see a more granular set of permissions for the help desk role tied to an OU path rather than a whole directory. You can [create this] by defining multiple directories based on OUs but is less flexible this way.
We are happy with the management of the Id, accounts where the user can request any access easily. Also the many connector which Sailpoint is offering in order to onboard lots of applications is quite helpful. The access review module has also have been improve so that large campaigns can we work out easily.
Where we see some improvement is on the UI as here it is not so intuitive for the end user, so that we need to make lots of communications and training so that the user is able to understand how to use it.
For the administration and creation of roles it also would be great to have some improvements here to make it more easily its management.
The access request work flow and back end process is exceptional. It effectively manages all of the various pieces of a request and presents the completed request to the provisioning agent as a single record. This is very helpful to the efficiency of the process since the provisioning agent only sees the completed request rather than seeing each component as it is approved. Other systems deliver the various request components to provisioning as they are approved but cannot be provisioned without all the components. Thus creating complexity for the provisioning agent and impacting the SLAs with what looks like a delay with the provisioning process.
The system is robust enough to effectively handle the scale that we need. With 750+ applications, 24,304 individual entitlements to select from, and an average of 10,200 request transactions per month. We have never had any performance issues.
The system flexible enough to accommodate our complex business needs without needing to customize the base system. We have been able to add significant functionality to the system in order to support the business needs by extending the code rather than altering the base code. This has enabled a simple upgrade of the system without having to re-apply code enhancements.
Help-Desk functionality similar to OneIdentity Self-Service Password Manager, as it provides additional users that do not require administrative access to assist with managing end-users who may have locked themselves out of HyperSocket Access Manager by forgetting their own security questions.
Too many features which become unusable and feel like the payment plans are not flexible since it's an all-in-one product with one price. It is not necessarily a bad thing as most subscription-based pricing forces a buyer to pay more for an integral service that is only available on the highest price-plan. You really do get what you pay for, but we found many of our use-case scenarios limited the product.
This isn't necessarily against the product, just a personal opinion around Multi-Factor authentication which is always primarily driven mobile devices. Not all companies or end-users have access to a multi-factor device, (or in our case, are allowed to have access to a cell phone while servicing members/clients). This creates a shortfall to allow multi-factor functionality to extend to all users unless there are hardware tokens, which can be miss placed or left out more easily as most users don't treat it the same way they would their personal smartphone.
Technical adoption requires a high level of training and experience by the implementing teams.
SailPoint and partners offers very good training courses which I think are very good. An area of improvement can be in providing cloud VMs that users can work with to learn the IIQ tool more effectively at their own pace.
One Identity is a great self-service password management system, however, it is limited to just that. As it stacks against the competition, Hypersocket isn't modular, it's an all-in-one which most other systems aren't. One Identity is what we use today for self-service, and migrated to KeePass for users centralized password manager. This probably wasn't the best move but this was all driven by cost and budgetary constraints.
SailPoint is a more customizable solution than Okta, it is also not just a cloud application. Our use of IIQ to manage external suppliers via Azure AD guest accounts was not available on other platforms at the point of deployment. The integration with SAP and other Microsoft services is also second to none.
As with any IT Service or Solution, the investment will always be seen as a sunk cost. The only ROI would be the time and resources spent elsewhere rather than with Password Management through an IT Department or similar department. I found that the time spent on password management was about the same, as many users who are frequently forgetting a password are also forgetting their security question & answers.
There are some positives, as it was able to help manage the bulk of their non-windows passwords or passwords related to another online service. The centralized password manager doesn't feel like a true single sign-on but for most users, it replaces a hand-written copy they have taped to a monitor.
It can help with automating some of the active directory workflows with its own user provisioning functionality. Took more time to set up than it was to manage on its own.