Omada Identity Reviews

Omada Identity is our platform for managing the entire lifecycle of user identities, including creating and assigning roles based on changing needs (dynamic roles and birth rates), and we'll soon be implementing access review workflows.

Omada Identity prioritizes transparency in development by providing a clear roadmap. As a customer advisory board member, I gain access to this roadmap and can directly influence the product's future through feedback. This collaboration helps them prioritize features and bring them to production faster. I've even had direct discussions with their VP of product about our specific needs, ensuring they address functionalities that are currently immature or even missing entirely.

We saw the value in Omada Identity within the first four months.

Omada Identity deployed within 12 weeks.

Omada Identity's built-in data filtering eliminates the need for time-consuming manual data exports and filtering, allowing users to analyze information directly within the platform and make quicker, data-driven decisions.

Omada Identity has saved us time which could correlate to cost savings.

By automatically disabling access for former employees, Omada Identity strengthens our overall security posture.

Our organization is piloting Omada Identity's certification survey feature to streamline access reviews. This automated approach will ensure compliance and security by automatically collecting data from target systems, eliminating the need for administrators to manually extract, filter, assess, and compile information – a significant time saver.

We are deploying Omada's role-based access control across a large portion of our organization.

Omada has streamlined user provisioning for identity and access management, saving at least 15 minutes per user for the birthrate access method. It's also significantly reduced time spent on role-based access control, saving an additional hour or so per user.

Omada helped us automate reviews of access requests and reroute these access requests to the appropriate people.

Omada has significantly reduced our workload, particularly for tasks like managing birthrate access which was previously done manually. This applies to other areas where we have dynamic roles as well since anything directly integrated with Omada no longer requires manual intervention.

Contributing to the Omada connectivity community is valuable because it fosters a two-way exchange of information. We gain insights from other customers, their support staff, and engineers. This exchange not only allows us to help others and find solutions but also provides Omada with valuable customer data to prioritize improvements.

The most appealing aspect of Omada Identity is its self-service upgrade system. The cloud console allows us to control the update schedule, manage multiple environments by spinning up or cloning them, and configure most back-end settings without vendor intervention. This level of self-service is unmatched by many other identity governance solutions.

Omada Identity's user interface needs improvement, especially for new users. The key to a successful identity management system is ease of use for non-technical users. New hires or those unfamiliar with the system shouldn't struggle to request access. Ideally, the interface should be clear and straightforward, eliminating confusion about application types, entitlements, and permission levels. Users should be able to submit requests with confidence, knowing they have selected the correct options for full access. The burden shouldn't be on the user to understand the intricacies of the system behind the scenes. This is a common issue that Omada Identity, and similar solutions, should address.

Omada's pre-built connectors are generally effective, however a few require improvement. We've already informed Omada about these specific connectors.

I have been using Omada Identity for two years.

Omada Identity has been a significant improvement for us in terms of system stability. Unlike our previous solutions, which required extensive regression testing after upgrades and often resulted in bugs and performance issues, Omada Identity has not exhibited any lagging or crashing in our production environment, even though our lower environments have limitations due to weaker hardware. This has saved us a considerable amount of time and effort.

Our experience with Omada's scalability has been positive. We regularly communicate our data intake and future plans, including the number of systems we intend to connect, to ensure they can accommodate our growth.

While I appreciate that Omada's technical support surpasses my prior experiences, their response times can sometimes be slower than I'd like.

Positive

I have been deploying solutions for over 20 years and Omada Identity is one of the easier ones I have deployed.

We used two full-time and one part-time people for the deployment. 

Omada Professional Services assisted us with the implementation process.

Omada Identity is competitively priced and delivers good value for our money.

I would rate Omada Identity eight out of ten.

Omada Identity's cloud platform minimizes our maintenance burden; it handles most upkeep, leaving us with only essential tasks.

It's crucial to understand your business rules and data sources upfront. Not all identity management systems can handle complex rules or multiple sources of truth. Before implementing a solution like Omada Identity, ensure it aligns with your requirements to avoid compatibility issues and wasted effort.

We leverage Omada Identity to manage user identities for governance applications. We integrate our applications with the Identity Governance and Administration system and conduct periodic access reviews.

Omada helped us deploy IGA within 12 weeks by focusing on fundamentals and best practices.

Omada's identity analytics helps us make faster decisions.

Omada is set up to remove employee access as soon as an employee leaves the organization. This improves our security posture.

Omada can streamline identity access provisioning by up to 5 percent. This efficiency is achieved by focusing automation on frequently used access rights, primarily those assigned to D groups.

Omada helps us consolidate some of our access management systems. However, we don't rely solely on Omada for all our access management needs. We also use Jira for other access management functions.

Omada Identity helped us save around 20 percent of our time.

The out-of-the-box connectors from Omada are easy to use.

I appreciate all the support we receive from Omada. Through Omada, we get to learn about all of our contacts and who to reach out to for assistance. The consultation sessions are also helpful.

The reporting and importing have room for improvement. Currently, it takes half a day to complete and since we are looking to implement more applications the time will only increase.

Omada comes with custom functionalities but the access rights review requires a lot of manual work and could be improved.

I have been using Omada Identity for 1 year.

I would rate the stability of Omada Identity 9 out of 10.

I would rate the scalability of Omada Identity 9 out of 10.

Sometimes the support team doesn't provide clear instructions on how to solve our problems. This might be because we have a lot of self-created content, making it difficult for Omada to offer one-size-fits-all support. Additionally, explaining complex issues with multiple solutions can be time-consuming. Perhaps this reflects a gap in understanding between how we, as customers, use the tool and how Omada anticipates us using it.

Positive

We previously used an IBM solution before switching to Omada Identity.

Consolidating our processes with Omada Identity has shown a return on investment.

Omada Identity offers a reasonable price point, but it will increase as we transition to the cloud.

I would rate Omada Identity 8 out of 10.

When there's a concern about something, such as reporting, the process usually follows a clear path. We typically hold meetings with Omada to discuss any reporting issues we encounter. After providing them with relevant information, the information is then released and formatted accordingly. However, this process likely applies to other types of information as well, such as details about upcoming features. This information is probably sent via email or can be found within the Omada staging area. In our specific case, though, our lead engineer handles the verification of that information.

We are currently in the process of training and implementing the certification surveys to recertify roles and determine if they are still relevant for employees.

Omada Identity is deployed across our organization of 16,000 people and managed by a team of 11 people in IT.

Omada Identity requires regular maintenance. Sometimes, we encounter issues with its functionalities, and troubleshooting is necessary to identify and resolve the problems. One specific process within Omada involves automatically sending new employee login credentials to their managers via email. Unfortunately, this process has been experiencing occasional failures. 

I recommend having a technical introduction or demo on how to use the features of Omada before implementing the solution.

We use Omada as the core of our identity and access management operations. It centralises the provisioning, deprovisioning, and governance of accounts and access rights across the organisation. It’s integrated with platforms such as SAP HCM, GRC, Active Directory, Exchange, and Microsoft licensing, enabling streamlined, policy-based access control throughout our environment.

Omada has brought visibility, control, and automation into our IAM lifecycle. We’ve reduced manual effort by automating onboarding, offboarding, and access reviews. Its user-friendly interface, strong European support, and comprehensive integration capabilities have all contributed to operational efficiency and increased compliance posture.

API connectivity is a game-changer. It enables seamless integration with business-critical systems such as SAP, GRC, and Microsoft. The platform’s extensibility, combined with its rich policy engine and role-based access control, provides flexibility and governance. The intuitive UI, strong documentation, and access to a community forum are also key assets.

Integration logic could be simplified further for complex environments, particularly when handling rule hierarchies or large-scale data mapping. More native connectors and enhanced debugging tools for integrations would also be welcome in future releases.

I have been using Omada Identity for four years.

Platform is stable with very few outages. Most issues arise from external systems (e.g. HR feeds), not from Omada itself.

Scales well across diverse systems and high user volumes. Integration across cloud and on-prem services is handled reliably.

Omada’s support team is responsive and technically sound. Their engineers provide detailed, relevant assistance and actively engage in resolving escalations. I’d rate support a 8.5 out of 10.

Positive

Previously, we relied on Microsoft AD and other siloed tools. We moved to Omada for a unified IAM experience, allowing both administrators and end-users to manage access within a single, intuitive platform.

Initial setup was complex due to customisation and integration needs. It requires in-depth understanding of the business logic and data sources.

Used a vendor-supported implementation team with strong expertise in IAM and Omada-specific features.

We’ve seen strong ROI in reduced manual processes, improved compliance, and enhanced security.

Significant initial investment in setup and configuration. The value will pay off long-term, but plan for professional services or internal expertise for full implementation.

Yes. We considered solution - Omada stood out for its governance capabilities and integration roadmap.

Implementing IGA with Omada took us over a year, but it was worthwhile. Its built-in analytics, training resources, and excellent support were crucial for success. Automation reduced our workload significantly, and we now rely on Omada for everything from automated user provisioning to access reviews and certifications. Its policy engine ensures that role relevance is maintained, while its access restriction measures mitigate risks.

Our final goal is the entire process of identity management including provisioning, de-provisioning, roles-based access, review-based access, and things like that, but first, we needed to replace the old legacy system. That was successfully done last summer.

The main business case was realizing a unique joined identity process because we have students and we have employees. We have external contractor employees, and we have partners who work for our organization and need digital or physical access to our environment. Because of that, Avans wants to use a single identity and an identity for life. If a student who once studied at Avans becomes a teacher or an ICT employee five or ten years later, he or she should have the same identity back with the same UPN or email address, so we have to guarantee an account for life.

Because of the source systems, we know it is a student, which studies they do, and, for employees, we know which department they work for and if they are a teacher or non-teacher personnel and things like that. Based on all those attributes, we have business rules guiding them towards a set of rights. From the moment they agree on the standard basic rules, we get their accounts created. We allow them to have access to that particular account. After the account is created, group memberships are assigned. Through runbook script, Omada sets the right into our Azure Entra ID environment.

Every implementation has some hurdles. Not everything goes 100% smoothly. In our organization, we have a lot of processes and an enormous amount of students starting the study year on the first of September. During this period, we have a lot of students coming in. We have been able to clear any hurdles because everything is traceable within Omada, and we also got the help of the Customer Success engineer from Omada. We were able to pinpoint any problem that would have impacted not only one person but hundreds or thousands of students or employees. In a very short duration, we were able to solve all the problems. That gave me a good feeling. We were expecting problems, but when any problem occurred, they were flexible and very fast in providing answers and solutions.

We did an evaluation almost three years ago in which Omada won. Within Omada, a lot of things are possible, and we have used only a few features. We had a go-live in July, and we are now closing the last features that are a part of the delivery plan for the go-live. So far, the implementation that we have is a replacement of the business logic of our old system. We are aware that Omada Identity can do more, but first, we need 100% synchronization with systems like Azure Entra ID. We are not there yet, but we are aware that it is possible. We have a standard way of onboarding, so we also know what to do when someone leaves a branch to remove those rights. However, within our organization, we still have other groups that are given access manually within other systems. We first have to synchronize with those systems or align with those systems before we can use Omada Identity to take control of removing an employee's access as soon as that employee leaves our organization.

We use Omada Identity for role-based access, but it is still very basic. It is on our roadmap for this year to continue with role-based access and provide departments and teams with the ability to add people to their environment based on the workflows available in Omada for group membership. The group membership is done by roles, and based on what kind of role someone has, the person is provided with certain software licenses, certain applications, certain data structure rights, etc.

Omada Identity has helped to automate reviews of access requests and reroute them to the appropriate people.

Omada Identity has had a good impact on our IT Team's operations efficiency. More and more things are automated. Only a few steps require manual decision-making. Its effect is very positive on our daily activities, and it will improve more and more.

What I like most is that we can always find a solution, and we can also find the cause when something goes wrong. I like that the most because everything is in one way or another traceable. That is what I like most. I like its reliability. 

Omada keeps on releasing new features within their product. We also have our own functional features. The roadmap of Omada quite aligns with our roadmap. The features available in Omada Identity suit our business case.

In our organization, all the data is event-driven, which means that if an attribute is changed in the source system, it can be updated within a few seconds in all end-user systems. There is room for improvement in Omada regarding that. Omada is still batch-based for some processes, so sometimes it can take an hour or even four hours before the execution is run and the update is sent. We know that 100% real-time synchronization is not possible. There is always a delay because of system utilization and things like that, but we try to achieve near real-time. If someone is locked out for a reason, we want to find the reason, resolve the issue, and resume the access for that user to enable him or her to log in within a few minutes. With Omada Identity, sometimes, it takes a quarter, and sometimes, it takes more than an hour. It sometimes also takes more than a day before access is given back to their user. There is always a good explanation for that, but that does not bring us as real-time as we want it to be. In the future, Omada should move towards a real-time and event-driven system.

We have been using Omada Identity since July last year. We have been implementing it for two years upfront.

It is stable. I would rate it a nine out of ten for stability.

We have about 32,000 students, but that number fluctuates. Overall, we have about 4,800 identities for the staff. Some of the teachers work only one or two days, and some of the interns work only a few days.

It is very capable of scaling based on the needs of our organization. We have just started. We have to see how things go in the future, but I am very confident of that.

So far, we have Mads as our customer success manager. He is a very good engineer. He is almost a part of our team, so that works fantastic. We are now closing the go-live, and as we start using more and more roadmap features ahead, I hope that Mads will keep that connection with Omada for us. That was the biggest part of the success.

Positive

We had a Novell solution based on Novell directory services, and later on, that changed to the Micro Focus NetIQ solution. In addition, as our IBM tooling, we had a home-built database platform where we had some processes provisioned. They have already been migrated to Omada, and there are still some more to come.

Avans University is quite ambitious. As per our goals that we wrote down a few years ago, by 2025, we want to be more flexible. We wanted to provide students with a more flexible way of doing their studies. Until now, students come to an institute and do a course, and in that course, the path is already defined. The future students would be in control of their own study much more than in the past. A student in the future can decide to have a part of its curriculum from Avans and another part from Amsterdam University or another university. When they have enough certificates within a branch, they get their degree. It is no longer required that everything is done within one institute, so a student can follow a particular course, and then follow another course in another city or institute. For us to be able to do that, we have to be more flexible. We have to have a system that can cope with a lot of changes coming in the near future. The solution we had was not capable of doing that, so we ended up doing a new tender and looking for a solution that was cloud-based and flexible enough for a constantly changing environment. Our organization will constantly change, and the IAM system must be flexible enough to cope with that.

Omada has not helped us consolidate disparate systems for access management. We replaced the old system, so that is a one-on-one replacement. Now that we have installed it, we can start using Omada for workflows and things that we have automated in other systems. In the future, we will have more processes provisioned through Omada. It will start helping us there.

For us, it is a SaaS solution. Omada was one of the top solutions in our tender because of the capability of doing all from the cloud. Its implementation took us about two years.

In terms of maintenance, we have to execute the updates ourselves. Omada tells us that there is a new release, and we can execute it ourselves. Within a time period, we can allow it to happen, which is nice. Within the system, we also have our configured workflows. We have to keep checking that everything is running properly. When there is an update done by Omada, we test it in staging before releasing it in production. We want to ensure that our most important flows are doing exactly what they are supposed to do. That is what I call maintenance.

Omada used a value-added reseller to do the implementation, and things went wrong there. They were not capable of doing SaaS implementations. They were capable of doing on-prem implementations. We were the first or second SaaS customers, and they were not capable of delivering the solution we requested in our tender, but we knew that Omada was capable of doing so. Omada then took over in March or April 2023, so the actual implementation started in March or April, and we went live in July 2023. At the end of February 2024, we are closing the activities from that go-live in July. For me, it was successful when we directly got it implemented from Omada. 

When Omada took over, there were no issues at all. They provided us with what we needed. The most important feature for us was the identity join check process for which we needed an improvement. It was quite a big improvement, but Omada fixed it with extra code, specially built for Avans.

I would rate Omada's implementation services an eight out of ten, and I would rate the third-party provider one out of ten for the effort.

It is not cheap. It is expensive, but compared to what we did almost three years ago, it is value for money. It is worth it.

I would recommend Omada Identity if you are an institute like Avans or an enterprise. If you are a small business, I would not recommend it.

We plan to use more features as we go on. We will use the governance features of Omada Identity as we go on. We have not prioritized the governance features of Omada. They are very important to us, but we have to first align and connect a lot more systems before we can fully profit from the governance possibilities. Similarly, we have not yet used Omada Identity Analytics. Our go-live implementation was a replacement of our old system. Since then, we have released some of the end-customer features, and now we are starting with extra features.

Within the educational IT environment, security is our top priority. It has always been a priority and in the future, we need to prioritize that more and more. Omada helps us, but our Security and Safety department itself has ICT security as the top program running right now where security must be in every part of our environment at every second and in every decision we make. Having Omada implemented during that program makes us aware that we are quite good, but there is always room for improvement. Omada can help us with that a lot.

Omada Identity has not yet saved us time. We have mostly replaced the functionalities that we had from our old system. In the near future, we will have more automatic provisioning. People will also be able to provision other colleagues and things like that. It will help us a lot in terms of time savings, but so far, the time savings are similar to what we have had in the last five years.

Overall, I would rate Omada Identity an eight out of ten.

We just divested half of the company, including all our old business systems and our former Access Management system. We were in a new situation with the new business systems that were mainly cloud-based, and we were looking for a new Access Management solution that was cloud-based.

We have various use cases. The first use case is that we want to make sure that everybody gets access by privilege and that access is approved. We can then document that they approved. We are an ISO 27001-certified company, so we need to have things like that in place.

The second use case is that we wanted life to be easier for managers. For instance, certain rights, such as access to email, should be allocated automatically to new hires.

The last use case is that we are looking at some automation around the accesses that need security clearance. We want to ensure that nobody gets them by accident.

Omada provided us with a clear roadmap for getting additional features deployed. As a part of the accelerator pack that we bought, by the end of the basic onboarding, we sat down and made a plan for:

• Where are we now?
• Where do we want to go?
• Which parts of Omada can be invoked as we mature as an organization?

The product has a lot of features, but for some of them, you need to be a mature organization. For example, for risk management, you need to have all your accesses qualified. You need to make a qualification of all your accesses, and when you have that qualification, you can start making your risk profiles on the employees.

Omada helped us to deploy IGA within 12 weeks, by focusing on fundamentals and best practices. They have an accelerator pack that we signed up for. They ran a 12-week project to help us onboard it and start using it. It was a fast track to get Omada onboarded and then get the HRID onboarded. We also onboarded one business system, so we had a starting point for developing the solution.

Our Omada solution is set up to remove an employee's access as soon as that employee leaves our organization. As soon as we get the information from HR that someone has left the company, accesses are closed down immediately.

We have role-based access control. That is why the onboarding of Omada is not done in one week because you have to identify the roles. I know they have something on the roadmap to suggest roles, but so far, building roles has been hard work. It involves interviewing business owners.

It helps us save time when provisioning access for identities. As soon as the access is approved, there is immediate provisioning. The access is also revoked immediately when people leave the company. It is hard to specify the time savings because we already had a top Access Management system before Omada. The previous solution was also set up to provision immediately. However, if we did not have a system like this, it would take at least three or four FTEs.

It has a very user-friendly interface compared to what we are used to, and it is highly configurable. In the old solution, when we needed to do something, we had to have a programmer sitting next to us, whereas, in Omada Identity, everything is configurable.

Certain things are unclear to us. For example, in situations where you can only request an access if you are a member of a specific department or if you are participating in a certain project, we are unclear about how to resolve such restrictions. We have some restrictions where you need to be a member of a special project in order to get access. We have restrictions on which accesses you can apply for, based on the context that you are a member of.

The comprehensiveness of Omada's out-of-the-box connectors for the applications we use could be better. We are getting a new HR system called Cornerstone for which they do not have an out-of-the-box connector, so we have to take the REST connector and play around with it. We might be the only Omada customer who is using this HR system. I would love to see more connectors.

We have been using Omada Identity since September last year. We signed a contract in September, and we have been doing an onboarding project which went into production in January. We are now adding more applications to the solution.

We have not experienced any downtime or crashes. It is down only for a few seconds when it is restarting, so we start an upgrade and keep on working until there are ten seconds left to the downtime, and then it is up and running again. It has been very stable.

For the scalability that we need, we are fully satisfied. We have 2,000 licenses, but I know that they have a customer in the US with 30,000 licenses on the same kind of solution, so I expect that they can support our needs for scalability.

I have not interacted with them as a customer, but I have interacted with them as a partner. I used to work on a project for another customer. I know from back then that their tech support is okay.

Positive

We were using IdentityIQ. It was part of the divestment. The part that was divested from IT kept all the old business systems including the Access Management system, so we were in a situation where we needed a new Access Management system. We wanted a cloud-based one instead of an on-prem one. IdentityIQ was on-premises, but we wanted a cloud-based solution. Everything that we are buying at the moment is cloud-based.

Omada has not helped us consolidate disparate systems for access management because we are not consolidating. We are simply moving out because the systems that were controlled by the old Access Management system are also being sunset, so we are almost in a greenfield deployment. We are starting with new systems. We are also on a roadmap to replace the whole ERP system within this year, so Omada is not helping us, but we are in the process of replacing a lot of systems. We do not need Omada to do that.

It is deployed in the cloud. I was involved in its initial deployment.

As soon as you sign the contract with Omada, they give you a call and say that everything is open and you start configuring. It took a couple of days before we could start looking at it, but that was only the test version. We had the accelerator pack where we deployed and onboarded connections to Entra ID, to a business application, and to the HR system, importing the HR data and getting the right data from HR. They take 12 weeks to onboard something, but the biggest delay factor is usually the HR system. I am still waiting to see an HR system that delivers correct data in the first go. 

We had a project team of four. Omada had a project team of four. Omada was doing the work. We were only participating in workshops where we were being interviewed. We were kindly asked to keep our hands off the systems while they were working, but we are now continuing with a team of four people.

In terms of maintenance, the solution as such does not require any maintenance, but there are always changes. When you get new business applications that need to be managed, you need to make some changes. This year, we not only have a new ERP but also a new HR system, so when the world changes, you also need to change what has to be managed.

It is expensive. Fortunately, I had a very good procurement manager on my side, but they are expensive. The closest competitors are also very expensive.

You get a full-fledged solution that can do everything you dream of, but you pay for everything. They are quite expensive, but the challenge with the pricing when you talk about business solutions is that nobody is paying the full price anyway. I used to work for Salesforce. If you look at Salesforce's list prices, nobody would be able to afford Salesforce. If you look at the list prices, nobody would be able to pay for their licenses. The list prices are very high, but we did not pay the list prices. We went straight to them and told them what we were paying for our old SailPoint licenses, and then they were quite easy to negotiate with. So, the prices are high, but everything is up for negotiation.

We looked at three major ones in Gartner's Quadrants: SailPoint, Omada, and Saviynt. Based on the information that we got, our opinion was that Omada was making the best cloud offer. It was a short-length selection. We did not spend several months on it, but we had a look at these three in the top corner of Gartner's Quadrants. We also had some good connections in Omada, so we did not have a very long and tedious vendor selection. We looked at others, but it looked like Omada was the best one.

I have been working a little bit with IdentityNow, which is SailPoint's cloud-based version. It is still very reduced compared to the GIQ because they started all over coding it when they went for the cloud. 

I have met customers who have been stuck with the same version of Saviynt despite it being a cloud solution. I have met customers who have been stuck with the same version for three years and cannot upgrade because they do binary modifications of the solution even though it is in the cloud, meaning that they suddenly have customers who cannot upgrade, and we do not want that. We have already upgraded our production three times since we had Omada installed. We could do that with the press of one button. We have not had any regrets about the choice of the solution.

To those evaluating this solution or planning to implement this solution, I would say that it is not a solution that you just buy, install, and then it works like Office 365. You need to make sure you have all your systems mapped out and all the accesses to those systems mapped out. To get the full bonus from the functionality, you need to qualify your data and qualify your accesses. You need to see whether a certain access is giving access to something secret or HR data or whether it is just giving access to something that most of the company already knows. You need to differentiate how dangerous accesses are. You should start mapping that out upfront. You can easily do this exercise while you are doing the vendor selection because it is irrespective of the vendor you choose. 

You should be aware that you need to have a project team of four or five people for a period of time. Very often, it takes about a year to onboard all your business systems and to make sure that everything is onboarded correctly. For example, while onboarding HR ID, I have seen companies with 15,000 different AD groups. If you want to search and get access from 15,000 AD groups, you need to organize that data. You can use Omada to do that, but it takes time. Everything takes time, so be prepared. The world is not safe by installing it and running an accelerator pack for 12 weeks. I have been working as a consultant in the IGA area for a number of years. I know a financial institution that has Omada. They have had it for four years, and they hated it because they only did the accelerator pack. Most of the business systems were not onboarded, and they said that it was of no use. We then onboarded 50 different systems and made 200 roles. There were about 100 functional roles. It was role-based access, and now, they love it. It is the same product. If you just install it as if it was Office 365, then you would be very disappointed. This is not just an Omada thing. This is applicable to any Access Management system.

We have not used Omada's certification surveys to recertify roles or to determine if roles are relevant. We have not gotten to that point yet. We have just put it into production, but it is definitely something we want to do. We need to do recertifications. We have the analytics part on the roadmap. It will help us reduce the number of recertifications that we have to look at. You can recertify every access, but usually, you would have thousands of roles and access rights in a company. You want to look at the ones that are giving critical access.

Omada has all the features, but we need to analyze our data to qualify our data. When we have done that, Omada can help us make more intelligent decisions, such as, am I applying for something that is unusual? Am I the only one of the departments applying for this, or am I applying for something that 80% of my department already has? It can then mark the access request with green, red, or orange. We can also use that for recertification. We only want to recertify "dangerous accesses". All the not-so-dangerous accesses are simply recertified once a year, for instance, whereas the red ones should be at least three months.

Omada's identity analytics will reduce the manual overhead. That is the whole point of it, but we need to map our data and qualify it because the analytics can only do so much based on non-qualified data.

Omada's identity analytics has not helped to reduce the cost of our IGA program because we have not gotten to that point yet. However, we expect that we will have a cost reduction because of two reasons. The first reason is that it is an integral part of the product, so we do not have to buy an extra license. The second reason is that we will reduce the workload on managers who have to approve accesses. We expect that workload to be reduced significantly.

Omada has not yet helped to automate reviews of access requests and reroute them to the appropriate people, but we expect them to. We have a framework agreement where we have a number of hours to get help from Omada when we get to that point in our own project. We know they would be helping us out.

I would rate it a ten out of ten. I have to choose a system again tomorrow, I would go for this one.

Omada for identity governance and administration.

Omada improves our security and compliance. As a financial institution, we are required by regulations to manage employee access in a highly structured manner. This tool supports that effort. The solution saves time when provisioning access, but it's hard to calculate how much. We're provisioning access thousands of times monthly. It's difficult to figure out how much that would take without a solution like Omada. 

It took time to realize the benefits because it's a complicated product. It isn't something you can deploy end immediately use at full capacity. It enabled us to deploy IGA in 12 weeks more or less. I wasn't on the team then, but that's my understanding. 

Omada allows us to disable accounts automatically when employees leave, but we don't fully remove the accounts until a bit later due to our requirements. Omada automates the removal of access. Omada has consolidated our systems and reduced the help desk workload by streamlining employee access requests. 

The teams we work with at Omada provide great insights and support. Overall, it has been a pleasure working with them. That's the part we value the most. Omada provides a clear roadmap for getting additional features, which helps us with our secondary planning.

Omada's integration with other solutions is quite good. We've had no problems connecting it out of the box. 

Omada's performance could be better because we had some latency issues. Still, it's difficult to say how much of that is due to Omada versus the resources used by our other vendors in our on-prem environment. Considering the resources we have invested into making it run well, it's slightly slower than we would expect.

Also, when we discontinued our previous product, I didn't think we set up all the processes in the best way possible, so we needed to do a lot of work to improve these processes to ensure that the processes worked. Everything is fine, but I don't think we had the best support initially. I believe they have improved since then. The initial stages are extremely sensitive for us, and it would have been helpful if the deployment was smoother. 

I have used Omada for approximately 7 years.

We have had no problems with Omada's scalability. 

I rate Omada 9 out of 10 for support. They respond quickly and provide good answers. They will look into it for us if they cannot answer something immediately. Omada also does workshops and training sessions. We're happy with that part.

Positive

We were using IBM's identity management solution. 

Omada is reasonably priced.

I rate Omada Identity 8 out of 10.

We used Omada Identity to control the entitlement catalog of most or all of the access rights in the company. The main use of the solution was to control the catalog that determines the possible accesses and who has them. That's the foundation to get control over the existing accesses.

Omada Identity has benefits that are in common with all of the IGA vendors that Omada competes with. The benefits of Omada Identity include a holistic way of viewing access, the ability to give people access, and automation.

There seem to be many different and complex ways to do things in Omada Identity. I would like to simplify how configuration is done and also have fewer different ways of doing things. The solution should be made more agile for customers to own or configure.

Omada Identity needs to invest more in analytics capabilities. Currently, identity and access analytics are add-ons that you do in Power BI on the side. It's not a part of the product, and it's not directly accessible to the customers. I would like to see identity analytics capabilities in Omada Identity.

I worked with Omada Identity for half a year.

My team had contacted Omada Identity's technical support for a few things, and I think they were generally satisfied.

Before Omada Identity, I worked mainly with Oracle and CA Identity Manager, who are not a big part of the market.

The main advantage of Omada Identity that needs to be mentioned is that for a SaaS solution sold to a European company, it is compliant with GDPR. None of the other companies can comply with GDPR as a SaaS service because they are either US-based or use non-European personnel to administer the SaaS solution.

I don't have the details about the solution's deployment since I wasn't directly involved in the setup. I just know that it wasn't as smooth and straightforward as we had hoped for.

We got help from Omada professional services to implement the solution. They were absolutely helpful and knowledgeable. We had senior resources from Omada who really knew what they were doing. Omada Identity's deployment took two months.

Omada Identity is very reasonably and competitively priced.

Omada Identity has a pretty simple licensing model, with not so many things to pay extra for. Compared to other solutions with different prices for different modules, it's easy to plan and pay for Omada Identity.

I haven't directly worked with any of the current big vendors, such as Saviynt or SailPoint. I've only evaluated them.

Omada Identity is quite good at providing a clear roadmap for getting additional features deployed. We've always been able to have good discussions with Omada's product managers about the features we would like to have. It's a good environment for discussion, and I've heard from others that Omada is good at listening to customers and getting features into production within a year or so.

Omada partially helped us to deploy IGA. However, the company I was working for needed to take more charge and do things a bit differently. It was not possible for Omada to do that for us. Omada did help, and it was not Omada's fault that it took longer.

It's too early to say if the solution's identity analytics has affected the manual overhead involved with our identity management. It should have had a positive effect because it should be easier to request more things automatically. Since that's not in production yet, we couldn't measure the effect, but it looked promising.

Our Omada solution is set up to remove an employee's access as soon as that employee leaves our organization. This setup has positively affected our organization's security because we have less overall access.

Omada Identity was deployed as a SaaS solution in our organization.

I think Omada Identity is flexible enough to be used by both smaller and bigger companies.

Based on what I've seen, Omada's out-of-the-box connectors are more than sufficient.

I advise users to assess their data quality and make a clear cleanup plan before using the solution because Omada is not well-suited as a cleanup tool.

Overall, I rate Omada Identity a seven out of ten.

We use it for identity management. Our source system is SAP SuccessFactors. It is a human resource assistant. We do imports there, and we have connections to other applications. For the suppliers that we have, we make partner identities.

We also use it for resources. People can ask for resources through the Omada portal. As a resource owner, you can deny access to a resource. If someone no longer needs access to a resource, you can revoke the access. You can do a lot with it. It is a wonderful system.

We also started with role based access; our Administrators all have the role they need with the rights they need.

We have used Omada's certification surveys to recertify roles or to determine if roles are relevant. It depends on the application, but we do surveys with the resource owners and system owners as well. System owners are the ones who have to say whether a role is okay or no longer necessary. They have to let us know. We do this for the administrator accounts. We have some roles, and when people ask for an administrator account, we can choose the right role. Previously, the way we worked was that we were told that someone needed the same role as so and so. The problem was that some people had been working for a long time and had more rights than what was necessary for their current job. With roles, we can give people the right amount of rights for the job they are doing at the moment.

It helps us to stay compliant and secure because there is an end date and rights and roles are disabled. If somebody does something that is not alright and we want to block the account immediately, we have a process. It takes a few minutes, and the account is blocked and the pass that they have for the building no longer works. They cannot get into the building. It is more secure now.

We use Omada for role-based access control. The system for the pass that you need to access the building is joined with Omada. If you work in a special organization unit, you have more rights than everybody else. It is very easy to give the right roles and rights to people. If your application is joined with Omada, we can easily do that for you.

In terms of time savings, I do not have the metrics because we first started with MIM and then came to Omada, but I know that when we started with MIM in general, we cleaned up more than 500 accounts of people who were no longer working here but still had access to the system. That was a huge eye-opener as well. It is a lot safer now. We probably do not have to make accounts by hand anymore, and everything goes automatically. Even our administrator accounts are made through Omada, so it is automatic. We can make an account in five minutes, and if we have 100 people every month, it is a lot of time-saving.

Omada has helped to automate reviews of access requests and reroute them to the appropriate people. We have a process for that. You can request for anything that is possible. You can ask for the application-specific roles. You can ask for the administrator role. You can ask for everything in Omada yourself. You do not need anybody else. The resource owner and the system owners decide whether it is okay.

You can make resources. You can import them from Azure or Active Directory and put them in an application. For example, if there is an application that uses a lot of Active Directory groups, you can make the groups available for people. If they need to access that application, you can tell them the resource groups you have for that application. People can do everything by themselves. They do not need anybody else. They can just go to the Omada portal, and they can do it all by themselves. That is terrific.

We are still on Omada on-prem, but I understand that when Omada is in the cloud, you cannot send an attachment via email. We have some emails with attachments for new employees because we have to explain to them how to register and do their multi-factor authentication. All that information is in the attachment. People have to do that before they are in our system. We cannot give them a link to our Intranet and SharePoint because they do not yet have access. They have to register before that, so I need to send the attachments, but this functionality is not there in the cloud. They say it is not possible to add an attachment to the email, but for us, it is very important to be able to do that. I heard from my consultant that they informed Omada about this bug, but Omada said that it was not a bug. That is a bit of a shame. They should look before they say no because if it is a bug, people can work around it with PowerShell or something else. However, it is always better if you do not have to work around it because then you have a layer of PowerShell scripts around Omada to get it working, and I do not think that is how it is meant to be.

When there is something wrong, you have to look at the error code book in Omada, which is very difficult to read. You sometimes get an error, but the message in the error does not say anything. It does not help you to know what is wrong. For example, today, I did a survey, but the email was not sent. I do not know why. We did the same in the test environment and then moved it to production. In the test environment, emails were sent, but in production, emails were not sent, and I cannot find out why. There is also no error. It is sometimes difficult to know why things are not working. It should be easier.

We started with Omada Identity sometime in 2018. We had to first make everything ready in a test environment. We went to the production environment at the end of May 2019.

It is good. Omada is better than working with MIM. It is more stable.

We have about 8,500 people in our organization using it. Our team has six administrators, but not all of them are working with Omada all the time. I am the one who works the most with Omada.

We have a consultant from Traxion. He helps us with everything related to Omada. If there is something wrong, we go to Traxion.

From Omada, I only get emails when there is an update, and I can join their sessions where they tell you what is new. I do not get a clear roadmap from Omada for getting additional features deployed, but I have a terrific consultant from Traxion who tells me about a new feature, explains what it does, and asks if we can use it. I get all the information from him, not from Omada itself.

I had not used any other similar solution previously. 

I do not know if Omada has helped us consolidate disparate systems for access management. I did not work with the IT organization before I went to MIM, so I do not know what there was. Most probably, there was not anything. What I do know is that they started the project to get Identity and Access Management four times before they got it on the road with MIM and then with Omada. So, four times, they could not get it on the road or in production. It did not work, but we now have a very good working system. We only have Omada. Since July 2023, we don't use MIM anymore. We still had some of the things in MIM, but now, everything is in Omada, and it works.

Its deployment was very easy. To get everything ready, it took about a month or a little bit longer than that. We already had MIM, so everything that we had in the portal had to be built in Omada.

It is deployed on-premises, and we are using its latest version. We are working very hard to get everything standardized so we can go to the cloud. We have a lot of custom stuff, but we are doing our best. The email attachment issue is a big issue for me because I do not know how to get the right information to the new people then.

I was in a project in 2017, and we had to assess Omada to see if it had a better portal, and it was user-friendly. We started with Omada at the front end. I was like a functional advisor. I was involved, but I could not say which tool we would use. It was more like, "We are going to use Omada, and you have to learn to work with it and do your thing."

To those who are interested in using this solution, I would advise starting with it. It is terrific. It is a nice program. For users, it is very easy to access.

We recently let another potential customer of Omada see what we do with Omada. They were so happy. They said to us that they would contact Omada to get it.

Omada can be set up to remove an employee's access as soon as that employee leaves the organization, but we have a grace period of seven days. We have some managers who sometimes forget to extend the account and change the end date. When the first of the month is on Saturday and their employee has to work on Monday, they have to expand the account and change the end date. So, as a grace period, for the first seven days, we do not revoke any rights or resources. After seven days, we do that. The only resource we revoke right away is the Office license because that is a lot of money.

Omada Identity helps to save time when provisioning access for identities, but in my human resource organization unit, there are some people who make mistakes, and most of my time goes into cleaning up their mess. They put somebody in their system twice, so I have them twice in Omada, twice in Active Directory, etc. I have to bring this to their attention and ask them to hide one because otherwise, everybody can see them in the address book. They have to clean it up. After they clean it up, I can remove them from Omada. Humans make mistakes.

Overall, I would rate Omada Identity an nine out of ten.

2025 we go to the cloud.... to be continued ;)