One Identity Safeguard Reviews

One Identity Safeguard has been used by our organization for more than three years. The primary use case for One Identity Safeguard is to secure admin access to the servers and the network devices, which helps us to ensure only authorized users can access our critical systems and devices, and it also monitors all the privileged sessions.

One Identity Safeguard offers secure password vaulting, which ensures passwords are not shared or exposed, significantly improving security, and session monitoring and recording, allowing us to track all the admin activities easily.

These features help our team day-to-day by eliminating password sharing among the admins and ensuring secure access to critical systems, which reduces security risks, while tracking and controlling privileged access prevents misuse of admin accounts and improves overall system security.

One Identity Safeguard has positively impacted our organization by increasing visibility into privileged user activities, allowing us to track and audit all actions easily, which helps in compliance and security.

One Identity Safeguard provides great features with a smooth process and a very good amount of stability, so there is no need to improve as of now, but it might be required in the future.

I have been working in my current field for more than eight years.

One Identity Safeguard is stable.

One Identity Safeguard's scalability matches our organization's growth over time with no issues.

Customer support has a very helpful nature and is very responsive to our technical team when they require technical support, providing 24/7 assistance based on the given timeline.

We have not evaluated any other options, as we had confirmed from day one that we were going to procure One Identity Safeguard.

The deployment of the solution has taken less than one month, and it was a great experience. Regarding deployment, we have not faced any disruptive issues; it was very smooth for our privileged users, and after a short initial adjustment, they were able to access the system through One Identity Safeguard without issues, thanks to training and clear communication that minimized disruptions.

The training requirement was very minimal, taking less than one week for training the employees, and once they had a good amount of knowledge about One Identity Safeguard, they were ready to go.

We have seen a good amount of return on investment, saving our employees time and money while providing security; it has helped us reduce manual efforts by around 30 to 40 percent.

The experience with the pricing, setup cost, and licensing was straightforward, and the sales team was very helpful during the procurement and implementation of the solution, making it a great experience.

One Identity Safeguard has been the only solution used since day one.

For any organization, whether mid-size or large, looking into using One Identity Safeguard, it will be a really good solution for managing accessibility to critical devices with great security features and automation. Planning deployment carefully and understanding access requirements is essential, so start with the most critical systems first and then go for the less critical ones. This review has been rated 9 out of 10.

I use One Identity Safeguard mainly for managing and securing privileged access like controlling admin accounts and monitoring sensitive sessions.

For example, I use One Identity Safeguard to grant temporary admin access to users and track their sessions to make sure everything is secure.

One Identity Safeguard also helps with password vaulting and automatic rotation.

This means we don't have to share or manually manage sensitive credentials.

We are using One Identity Safeguard in a hybrid setup, partly on-premises for sensitive access control and partly integrated with cloud services.

We have integrated One Identity Safeguard with our cloud environment on Microsoft Azure and also with some internal DevOps workflows so privileged access can be controlled during the deployments and automation tasks.

It was moderately easy overall to integrate One Identity Safeguard with our DevOps workflows and Microsoft Azure environment.

Microsoft Azure integration was pretty smooth, but the DevOps workflow setup took a bit more effort to configure and test properly.

I think the best features One Identity Safeguard offers are strong password vaulting with auto-rotation, session monitoring and recording, and real-time alerts that help catch suspicious activity quickly.

The real-time alerts from One Identity Safeguard are pretty reliable.

Alerts come in quickly, and they have helped us respond faster to suspicious activity before it becomes a bigger issue.

The session recording and audit logs from One Identity Safeguard really stand out.

They make tracking and reviewing activity easy.

But it would be even better if the UI was a bit more user-friendly.

One Identity Safeguard has improved security a lot by controlling privileged access, and it also reduced risks since all sensitive activities are monitored and logged.

We have seen fewer security risks since access is controlled and monitored by One Identity Safeguard, and it definitely helped with compliance because all actions are logged and easy to audit.

I think One Identity Safeguard could be improved by making the UI more user-friendly and simplifying some configurations, as it can feel a bit complex at times.

Reporting with One Identity Safeguard could be more detailed and easier to customize, and better integration with other tools would make the overall experience smoother.

I have been using One Identity Safeguard for around one and a half years.

One Identity Safeguard is generally stable and reliable in day-to-day use.

One Identity Safeguard is generally considered highly scalable and enterprise-ready.

Customer support for One Identity Safeguard is generally good and knowledgeable, especially when it comes to technical issues and enterprise deployments.

Earlier we were using a mix of manual access management and some basic PAM tools, but we switched to One Identity Safeguard for better automation, strong security controls, and easier auditing.

Admins needed a bit of training for One Identity Safeguard, maybe a few days to get comfortable with policies and setup.

But for end-users, it was pretty minimal since most of it runs in the background.

It was mostly seamless for privileged users after deploying One Identity Safeguard.

They just had to follow the new access request process, and after a short adjustment period, it didn't really disturb their daily work.

We didn't purchase One Identity Safeguard through the Microsoft Azure Marketplace.

We went through a direct vendor licensing process.

We have seen ROI with One Identity Safeguard mainly in reduced manual efforts and faster access handling.

Roughly around 40 percent less time spent on managing privileged accounts, and also fewer security incidents that need manual intervention, which saved both time and operational costs.

Pricing for One Identity Safeguard was on the higher side but justified by the security features.

Setup cost was manageable and licensing is typically subscription-based per appliance or capacity, which makes it easier to scale but can add up in larger environments.

We did evaluate a few options before finalizing One Identity Safeguard. The main ones we looked at were CyberArk, BeyondTrust, and several others.

CyberArk was very strong but felt a bit complex and costly, and BeyondTrust was solid for remote access and monitoring.

In the end, we chose One Identity Safeguard because it fit better with our hybrid setup and integration needs.

One Identity Safeguard is a solid and reliable PAM solution in my experience.

My advice would be to start with a clear access model before you deploy One Identity Safeguard. I would rate this review an 8 out of 10.

My main use case for One Identity Safeguard is to safeguard my password as well as my login IDs when I'm working from home, as it provides better safety for my passwords and for my login IDs.

When we log in, we get two-factor authentication, which I use for safeguarding my passwords or login IDs while working from home, and that makes it safer compared to other software.

One Identity Safeguard helps in keeping my login IDs and passwords safe, and that is very important to me.

The best feature that One Identity Safeguard provides is its flexibility, as well as the fact that it integrates well with other software like Salesforce, which I really appreciate.

The integration part of One Identity Safeguard has been quite beneficial for my workflow, especially with tools like Salesforce.

One Identity Safeguard is flexible and provides out-of-the-box integrations that have been very helpful for me, and the installation process was quite easy and smooth, which I would also rate as a feature.

One Identity Safeguard has positively impacted us because the fear of theft of passwords or IDs has been reduced to almost zero, significantly enhancing our security.

The reduction in password or ID theft risk with One Identity Safeguard has led to measurable changes as security incidents have been reduced, positively impacting us and increasing our efficiency.

In terms of improvement for One Identity Safeguard, I would like to say that the customer support needs to be improved and the pricing needs to be a bit more reasonable, as these are the two factors that require attention.

Regarding customer support for One Identity Safeguard specifically, there has been lag and they are not very responsive, which needs to be improved immediately.

I have been using One Identity Safeguard for the past eight months.

One Identity Safeguard is stable.

One Identity Safeguard's scalability is quite good, as it is scalable according to the needs of the enterprise.

The customer support for One Identity Safeguard was not very good and definitely needs to be improved.

The deployment of One Identity Safeguard took around three months.

The deployment of One Identity Safeguard affected our privileged users seamlessly, without disruption.

We use the on-demand version of One Identity Safeguard because it provides us flexibility, which was the main reason for choosing that version.

I can say we have seen a return on investment with One Identity Safeguard as we have saved a lot of time and manpower, although I cannot give a specific number for that.

My experience with pricing for One Identity Safeguard indicated that the pricing was a bit high, while the setup cost was manageable and the licensing was acceptable; overall, the cost aspect was on the higher side.

The feedback I have received from users regarding One Identity Safeguard's usability and functionality has been positive, as the usability aspect has been quite good and it is easy to learn and user-friendly.

The training required to start using One Identity Safeguard was not very extensive, but a bit of training was needed, and it was a smooth process.

If you are looking into using One Identity Safeguard, I would advise that if you are looking for user-friendly software that integrates well with other software, and if you do not mind spending a bit of extra money for that, then One Identity Safeguard is the go-to solution for you. I would rate this product a 7 out of 10.

My main use case for One Identity Safeguard is to use it as a PAM tool for managing and monitoring privileged accounts. In every organization, there are special accounts such as admin or root accounts that have a very high level of access, and if these accounts are missed or compromised, it can create problems or damage. One Identity Safeguard helps us to control who uses these accounts and when they can use them.

A quick, specific example of how I use One Identity Safeguard to manage those privileged accounts involves a database administrator needing to make an urgent change to our production database. In the past, we would just use a shared admin password that everyone in the team knows, but now with One Identity Safeguard, the admin logs into the Safeguard portal and raises an access request for the production database. The request automatically goes to his manager, and based on the review, it gets approval. One Identity Safeguard connects the admin to the database without showing him the actual password, so he never knows about the credentials.

The excellent session recording and monitoring stand out as the best features of One Identity Safeguard. It is a compliance-based deployment and can work across on-premises as well as cloud environments.

Session recording and monitoring have benefited my organization by ensuring that every privileged session is monitored in real-time. Whenever any admin logs into the server through One Identity Safeguard, the system records it and the screen is viewed. The security team can watch live sessions if needed or review the recordings whenever they need them.

One Identity Safeguard has saved our compliance efforts, so generating audit reports that used to take days now takes a minute, which is a very good example of its efficiency.

One Identity Safeguard has positively impacted our organization by giving us complete visibility over all privileged access, making compliance audits much easier than before, and ensuring that access is not time-bound, allowing admins access only for the duration they need it.

Compliance audits have become much simpler with One Identity Safeguard, as every access request, approval, session, and action is logged automatically. The audit team can ask who accessed what system and when, and we are able to generate those types of reports in minutes, significantly reducing our efforts and costs.

I have not seen any issues with One Identity Safeguard solution. I do not wish to add more about needed improvements related to usability, integration, or support.

I have been using One Identity Safeguard for more than three years.

One Identity Safeguard is stable.

One Identity Safeguard is a very good solution from a scalability perspective, and we have not seen any issues with its scalability so far.

The customer support team for One Identity Safeguard is good, responsive, and we have seen good responses multiple times.

We are using One Identity Safeguard only and did not use a different solution before.

The deployment of the solution took less than one month for my organization.

The deployment affected our privileged users smoothly, as I did not see any challenges or disruptive events with this solution.

The experience during the deployment was very smooth, as I have not seen any kind of challenges with the end-users.

We have integrated our Active Directory with One Identity Safeguard.

The integration with Active Directory was complex during the initial setup, but later we found it to be very smooth, requiring proper planning in advance.

The integration with Active Directory has improved our efficiency and security because our users are syncing properly.

We have seen a good return on investment with One Identity Safeguard because the ROI did not come in a dramatic way; it came through multiple small savings that added up significantly over the years.

I had a great experience with the pricing and setup cost of One Identity Safeguard, and there were no challenges.

We have not evaluated other options before choosing One Identity Safeguard.

I would advise others looking into using One Identity Safeguard to implement it in their environment and not wait for a security incident to occur. Most organizations consider access management only after something goes wrong and an account gets compromised, but by then the damage is already done. One Identity Safeguard is a tool you want in place before something bad happens, so this is highly recommended by us. I have given this review a rating of eight.

Our main use case for One Identity Safeguard is to integrate it to clients that need the SPP functionality, which stands for Safeguard for Privileged Passwords. They do say that we could utilize One Identity Safeguard to its full extent for now, but we're getting there.

A quick specific example of how we use One Identity Safeguard with a client is that our latest client needed a password vault, so at first, we integrated One Identity Safeguard for Privileged Passwords, and then they asked for a personal vault so they could store their passwords and secrets, much like KeePass, so we integrated One Identity Safeguard Personal Vault as well. Lastly, they figured at some point down the line that they needed SPS as well, but only the primitive version of it, so we just decided to integrate SPS as well and form it into a cluster with SPP, but they don't use any third-party plugins as of now.

The best feature One Identity Safeguard offers is that it is a pretty new, modern tool that makes extensive use of its API. In general, it's easier than other tools to just perform maintenance work or perform work using the API of One Identity Safeguard. Also, the way that the access requests are structured—with entitlements and access request policies—makes it easier to govern data and identities. CyberArk, which is essentially the industry standard right now, is doing a very primitive job of helping the administrator with the task, and One Identity Safeguard is a lot better at this.

These features help my team day-to-day by making onboarding new users easier, and they also make it easier to create existing teams that are complete with their own password management, their own password profiles and rotations, password requirements, and who gets access to what, so it all makes it easier and faster.

One Identity Safeguard has positively impacted my organization by being another tool that we have in our arsenal to be able to get other clients as well, because we also sell One Identity IAM, and we can just bundle One Identity Safeguard with it. It also has a nice feature called remote access, which a lot of people want to use for externals in their organization, coupled with its just-in-time requisition, so it makes selling it much easier because One Identity is a company that's been in the field for ages.

One Identity Safeguard can be improved by fixing the documentation, which is very convoluted as of now, and addressing versioning, as some major bugs and issues are not documented well enough in the documentation, along with some patches and fixes. Custom plugins need to be introduced as soon as possible.

I give it an eight because it's a nice tool and it's a modern tool, but there are still some issues, not necessarily pertaining to the tool itself, but to the whole philosophy of One Identity and how they have structured their workflows and their knowledge base, which essentially has no knowledge base, just like CyberArk. There are some issues that need to be fixed, plus it does not have a custom option, and a lot of clients are using in-house made applications that also need to be onboarded to One Identity Safeguard to be able to launch a browser session to that application, which One Identity Safeguard has not had any capabilities that could assist with that.

I have been using One Identity Safeguard for two and a half years, ever since we pivoted from CyberArk, as we wanted to be more tool-agnostic, and we decided that One Identity Safeguard was our best option because we had a past with One Identity, with us being in an IAM team.

One Identity Safeguard is stable.

So far, we haven't had any issues with One Identity Safeguard's scalability; it's been fine, but we generally target smaller to mid-sized implementations.

The customer support for One Identity Safeguard is fine for what it is, even though everything needs to be run through them and there are no knowledge bases, so we have to wait for a response from the One Identity Safeguard company, and they also keep a lot of information, requiring us to make a request and then they would need to reply, but it's acceptable overall. It's not the worst I've seen.

Positive

I previously used CyberArk before switching to One Identity Safeguard.

The deployment of the solution takes about two to four weeks, give or take, but that's not counting waiting for the client to respond and all that.

About a month of training is required for end-users, and for us, it was four months to understand One Identity Safeguard, but that was because we already had experience in other PAM tools like CyberArk.

We are partners, executive partners, and resellers with this vendor.

My experience with pricing, setup cost, and licensing has been a good experience overall, as the back and forth with One Identity is something that is acceptable; other tools have options to do this automatically, and they have it, but pricing, presales, and sales is acceptable overall.

Before choosing One Identity Safeguard, I evaluated Zero Trust and Delinea, but they were for smaller organizations, so we decided to adopt One Identity Safeguard.

My advice to others looking into using One Identity Safeguard is to get familiar with the concepts of entitlements and access request policies, the keywords One Identity Safeguard uses, and also get familiar with the way that it handles session management and recording because it's a tool that needs a lot of time to get accustomed to. I give One Identity Safeguard an overall rating of eight out of ten.

My main use case for One Identity Safeguard includes privilege access, session recording, and real-time monitoring.

In daily work, I use session recording and real-time monitoring as part of my workflow.

My main use case is privilege access.

The best features One Identity Safeguard offers include secure and controlled access along with real-time session controlling.

The real-time session control feature helps me in my daily tasks by providing session controlling and monitoring in user sessions that occur, allowing proactive management across web and platform access instead of reacting after something goes wrong.

Session monitoring and recording are also crucial parts of the features.

One Identity Safeguard has a noticeable positive impact around security and operational efficiency, providing secure, strong security, real-time monitoring, and full visibility.

Operational efficiency has improved as it requires less manual effort for the IT team and makes troubleshooting easier.

One Identity Safeguard needs improvement in deployment and integrating with other products.

Many team members feel that the biggest friction with One Identity Safeguard relates to access requests, session approvals, and policy changes, which require more clicks than expected.

I think One Identity Safeguard is a good product, but it just needs improvement in tech support.

I have been using One Identity Safeguard for the last two years.

One Identity Safeguard is stable in my network.

Scalability is very good as it can easily scale with organizational growth by adding more virtual appliances, and it handles increasing users, servers, and privilege accounts without any major performance issues.

Customer support is really good.

I previously used a different tool for managing, but it lacked centralized control, proper auditing, and security features.

The deployment of the solution took around two to four weeks due to initial setups, integrations, and policy configurations.

End users need a minimum of two to three weeks to understand the solutions.

I have seen a return on investment in both money saved and time saved.

I have experienced noticeable time savings and some indirect cost benefits, specifically in that access provision has reduced from hours to minutes, requiring less manual effort, and the cost impact has been mitigated due to fewer security incidents and audit issues.

The pricing, setup cost, and licensing are not the cheapest, but they offer strong security features that justify the cost.

The license is usually based on the number of user accounts, which is straightforward to understand, and the setup cost is good and reasonable.

Before choosing One Identity Safeguard, I evaluated BeyondTrust.

My advice for others considering One Identity Safeguard would be to plan and execute the deployment properly during the implementation phase.

I have given this review a rating of 8.

One Identity Safeguard is used for managing privileged passwords and monitoring sessions, which helps track admin activities and enforce secure access policies for the accounts. This is important for protecting critical resources like systems or applications, thereby improving both security and accountability.

Whenever an admin needs server access, they must request it through One Identity Safeguard. Once approval is granted based on the request, they can access the server, and the session is recorded, keeping everything monitored and controlled.

Whenever an admin accesses a server through One Identity Safeguard, they do not need to know the actual password. The system provides temporary access through the vault, ensuring secure and controlled usage of the applications.

The session monitoring and recordings are the best features of One Identity Safeguard, allowing us to review what actions were performed during a session. This helps us in both troubleshooting and audits.

One Identity Safeguard makes compliance easier and really helps in incident investigation as well as visibility.

One Identity Safeguard has impacted our organization positively because it has helped us standardize how privileged access is managed and has also reduced dependency on manual efforts in password handling, improving operational control overall. It has reduced errors, and the manual efforts have been significantly reduced.

One Identity Safeguard does not require any improvements at this time based on our current usage.

The initial setup of One Identity Safeguard is somewhat tricky and requires proper planning, so this aspect could be simplified.

One Identity Safeguard has been in use for more than three years.

One Identity Safeguard is stable.

From a scalability perspective, One Identity Safeguard is excellent and matches our organization's growth. We have seen a good response from the customer team, who are ready to provide support at any time we require it.

We have found and seen a good response from the end-user and usability of One Identity Safeguard, as it is seamless and works well in our organization.

One Identity Safeguard has been used since day one.

The deployment of One Identity Safeguard took less than one month. It was straightforward, initially taking one or two days, and from this we have seen a smooth transition to One Identity Safeguard with no issues during the deployment.

One-week training was provided for the users and the IT team to ensure they could manage One Identity Safeguard. The end-user access management is smooth as per usability, making for a great experience.

One Identity Safeguard has provided a good return on investment, which comes from the reduced risk of security incidents. Avoiding even one breach can have a significant cost. It has also reduced the time spent on password management, saving our team time in managing privileged accounts, and is helping with automation that reduces manual efforts.

One Identity Safeguard is highly recommended because it is a wonderful solution, providing great usability, great security, and great visibility. One thing I would advise is to ensure your team is properly trained before deployment and plan the architecture and policies carefully, as this will help you get the best result. This review has been given a rating of nine out of ten.

I have hands-on experience with One Identity Safeguard and attended the foundation course in the end of last year. My primary goal is to make use of the cross-product capabilities joining IGA (Identity Manager) and Safeguard (PAM) to achieve Privilege Access Governance (PAG) since lots of customers are asking for this. The trend show consolidation within the IAM market and cross-product solutions is becoming the new standard.

Most important, very easy to setup.

Safeguard for Privileged Passwords (SPP)

I have been using asset and account discovery. This means the product will assist in identifying privileged accounts across hosts, directories, and networks.

Other features include workflow and access requests. Typically time-based, which is best practice to restrict access. Workflows can have one or several approvers.

The "activity center" where I can place my custom queries and get automated reports. This will collect over time and you can see what has happened for a certain user.

I like that the upgrades are not complicated, if the appliance is clustered this is handled automatically.

Great variety of support for different platforms and protocols.

Safeguard for Privileged Sessions (SPS)

I have used something called centralized policy enforcement. You can set up a gateway proxy for privileged sessions where you are applying authentication, access controls, and security policies. This is for endpoints such as SSH, RDP, and telnet.

Then I have used session recording and audit trails. When the recording is being made, it actually records at the protocol level, meaning it can capture keystrokes, mouse input, and the GUI. The recordings can be digitally signed.

Real-time monitoring alerts. It can detect violations according to a policy. If there is a destructive command that is dangerous, it can look for those and can trigger an alert. If we want, it can also automatically terminate the session that is ongoing. Everything is indexed and searchable. It is like a forensics investigation and you can do searchable playback.

User behavior analytics. This is some kind of integration where in real time, it can detect anomalies, something that is not normal, and do some deeper insights on that matter.

I have successfully connected Identity Manager (IGA) to Safeguard to achieve Privilege Access Governance. This is being possible by using an OOTB connector in Identity Manager to talk to the Safeguard system. I can govern the data from Safeguard and provision PAM accounts from Identity Manager to achieve a complete lifecycle.

Documentation can be much better and they should provide typical use cases to get started more easily.

SPP and SPS has separate portals (even if they are joined). SPP seems to be a more mature product and the SPS seems to be less updated in its UI and has more technical depth when configuring.

I have been working with it for a couple of months.

Straighforward.

Using the virtual appliance is quite easy. You download the hypervisor file, everything is already included. There is one appliance for the SPP and one for the SPS. SPP requires a Windows license and to activate it you must have internet access. It was a little headache to get it working.

I'm rating the product 8 of 10 out of what I have seen so far, I'm satisfied by the features OOTB and the integration with the Identity Manager. Also the usage of Remote Access (SRA) and Cloud assistant should not be missed.