In my daily operations, I rely on One Identity Safeguard for administrator requests for access through One Identity Safeguard, which are approved via workflows. Once approved, sessions are launched, ensuring security without revealing passwords, and all activities are recorded for auditing purposes. In our environment, there were multiple administrators using shared privilege accounts, which created accountability and security risks. With One Identity Safeguard, we implemented password vaulting where passwords are automatically rotated and never exposed to users, ensuring secure access and eliminating shared credential risks. In our daily operations, One Identity Safeguard is primarily used to manage and control privilege access to critical systems such as servers, network devices, and databases. Administrators and users request access through One Identity Safeguard, which follows an approval-based workflow. Once access is approved, users can securely connect to the target system without directly viewing or knowing the privilege credentials. All sessions are proxied through One Identity Safeguard, ensuring that passwords are never exposed. Additionally, every session is monitored and recorded, allowing security teams to review activities when required. We also use One Identity Safeguard for automated password rotation, ensuring that privileged account passwords are regularly updated without manual intervention. Overall, it acts as a centralized platform for security, secure access management, auditing, and compliance in our environment.
Our primary use case for One Identity Safeguard includes privileged password management, where it includes vaulting, rotating, and checking in and checking out privileged credentials. Secure remote access helps to grant access to Windows/Linux servers based on group membership. We also use it for session monitoring and recording, where it helps to monitor, record, and audit privileged sessions for compliance. Access request simplification plus threat detection helps to streamline requests and quickly detect threats seamlessly.In my day-to-day work, One Identity Safeguard helps to identify anomalous behavior, a deal breaker feature for some customers. It also helps to detect threats and streamline requests and quickly detect threats.
Our primary use case for One Identity Safeguard is to secure, control, and monitor privileged access across critical systems in the organization. We mainly use it for privileged session management, password vaulting, and enforcing least-privilege access policy. It helps us manage administrative access to servers, databases, and network devices by centralizing credential storage and rotating passwords automatically. Additionally, we use it for session recording and real-time monitoring, which strengthens our audit and compliance capability. Overall, it plays a key role in reducing insider threats, improving security visibility, and ensuring regulatory compliance. A common example of how we use One Identity Safeguard for privileged session management is when a system administrator needs access to a production server. Instead of sharing static credentials, they request access through One Identity Safeguard. For password vaulting, the admin never sees the actual passwords. One Identity Safeguard automatically injects the credential during login, and the password is rotated after the session ends. This ensures that credentials are never exposed or reused. For privileged session management, once the admin connects to the server through One Identity Safeguard, the entire session is monitored and recorded. If any suspicious activity occurs, we have the ability to terminate the session in real-time. These session recordings are also used later for auditing and compliance checks. This approach significantly improves security while still allowing admins to do their work efficiently without manual credential handling. One additional point to add about our main use case is how well One Identity Safeguard integrated into our overall security workflow. It is not just a standalone tool; it works as a central control point for all privileged access. In our day-to-day operation, it reduces manual effort for the IT team by automating password management and access approval. It also standardizes how privileged access is handled across different teams, which improves consistency and reduces human error. Another important aspect is its role in compliance. Since all privileged activities are logged and recorded, it makes audits much smoother and faster. Instead of collecting logs from multiple systems, everything is available in one place. Overall, it fits seamlessly into our workflow by enhancing security without slowing down operations, which is critical for maintaining both productivity and control.
My main use case for One Identity Safeguard includes privilege access, session recording, and real-time monitoring. In daily work, I use session recording and real-time monitoring as part of my workflow. My main use case is privilege access.
Network Engineer at a outsourcing company with 1,001-5,000 employees
Real User
Top 5
Apr 17, 2026
I use One Identity Safeguard mainly for managing and securing privileged access like controlling admin accounts and monitoring sensitive sessions. For example, I use One Identity Safeguard to grant temporary admin access to users and track their sessions to make sure everything is secure. One Identity Safeguard also helps with password vaulting and automatic rotation. This means we don't have to share or manually manage sensitive credentials. We are using One Identity Safeguard in a hybrid setup, partly on-premises for sensitive access control and partly integrated with cloud services. We have integrated One Identity Safeguard with our cloud environment on Microsoft Azure and also with some internal DevOps workflows so privileged access can be controlled during the deployments and automation tasks. It was moderately easy overall to integrate One Identity Safeguard with our DevOps workflows and Microsoft Azure environment. Microsoft Azure integration was pretty smooth, but the DevOps workflow setup took a bit more effort to configure and test properly.
My main use case of One Identity Safeguard is to manage and secure privileged access in our IT environment. We use it for password vaulting, automatic credential rotation, and monitoring administrator sessions on servers, network devices, and critical systems.
My main use case for One Identity Safeguard has been managing and securing privileged access across critical systems. I primarily use it for password vaulting and automated credential rotation, which helps eliminate manual password handling and improve security. In addition, I work with access request workflows where users request privileged access and approvals are enforced before granting time-bound access. I have been involved in monitoring and reviewing privileged sessions for audit and compliance purposes. Overall, I use One Identity Safeguard to ensure secure, controlled, and traceable access to sensitive systems. In addition to the core use cases, I also use One Identity Safeguard for day-to-day operational tasks such as onboarding new assets and accounts into the vault, maintaining access policies, and troubleshooting access-related issues. I regularly review audit logs and session recordings to ensure compliance and investigate any unusual activity. I have also worked on integrating One Identity Safeguard with directory services such as Active Directory to streamline user authentication and access control. Overall, my day-to-day usage is focused not just on securing privileged access but also on improving efficiency, enforcing security policies, and ensuring complete visibility and accountability across all privileged activities.
My main use case for One Identity Safeguard in day-to-day work is to provide identity across all user accounts and domains, and it improves security across the enterprise by providing enhanced features with respect to this identity solution. I primarily use One Identity Safeguard for protecting security across all user accounts, enterprise data accounts, assets, as well as privileged access, domain user, and admin accounts, giving SSO features and providing security across all user accounts.
One Identity Safeguard serves as our Privileged Access Management solution to enforce session management for administrators and allow them to access our systems in recorded sessions, which secures our environment. In our daily operations, One Identity Safeguard acts as a centralized privileged credentials manager for our systems including Windows, Linux, network devices, and our database, allowing administrators to access our database systems in critical environments while recorded sessions ensure security and accountability. We have just-in-time access with approvals, allowing administrative access to our users based on request and approvals, which helps us monitor requests for access to critical systems.
My main use case for One Identity Safeguard is to specifically secure, control, and monitor the privileged accounts across our critical systems. We use this to secure password vaulting for privileged and service accounts, control the privileged access to servers, databases, and network devices, session monitoring and recording for audits and compliance purposes, and meet compliance requirements. We often use it to reduce the risk of potential misuse while maintaining visibility and governance over the privileged access. We use One Identity Safeguard to manage the privileged access to our production Linux and Windows servers. All admin credentials are stored in Safeguard's password vault and users authenticate through Safeguard instead of knowing their actual passwords. When an admin needs access, they request the privileged access through Safeguard, and then Safeguard grants them time-bounded access, with the session proxied and recorded for auditing. Once the session ends, the password is automatically rotated.
Chief Cyber Security Officer at a retailer with 51-200 employees
Real User
Top 10
Dec 22, 2025
My main use case for One Identity Safeguard is using only one module for privileged session, which we use for admins and contractors. A quick specific example of how my team uses One Identity Safeguard day-to-day is that we use only the second part for our contractors, not for admins in our company, but for companies that help us perform admin work and support our system.
Consultant at a computer software company with 11-50 employees
Real User
Top 5
Dec 19, 2025
Our main use case for One Identity Safeguard is to integrate it to clients that need the SPP functionality, which stands for Safeguard for Privileged Passwords. They do say that we could utilize One Identity Safeguard to its full extent for now, but we're getting there. A quick specific example of how we use One Identity Safeguard with a client is that our latest client needed a password vault, so at first, we integrated One Identity Safeguard for Privileged Passwords, and then they asked for a personal vault so they could store their passwords and secrets, much like KeePass, so we integrated One Identity Safeguard Personal Vault as well. Lastly, they figured at some point down the line that they needed SPS as well, but only the primitive version of it, so we just decided to integrate SPS as well and form it into a cluster with SPP, but they don't use any third-party plugins as of now.
Manager, Account Services Delivery at Softcell Technologies Limited
Real User
Top 5
Dec 15, 2025
Our main use case for One Identity Safeguard is as a privileged access management solution across multi-client environments. We use it to secure, control, and audit privileged accounts, enforce session monitoring and password vaulting, and provide just-in-time privileged access for admins, helping us reduce risk while meeting client security and compliance requirements. A common example is admin access to client production servers. We use One Identity Safeguard to vault privileged credentials and grant just-in-time access only for approved change windows. All sessions are recorded and audited, which has significantly reduced credential exposure and helped us meet clients' audit and compliance requirements. As a service provider managing various customers, we prioritize this consideration. One additional use case is centralized PAM management across multiple customer environments. We use One Identity Safeguard to standardize privileged access policies, rotate passwords automatically, and enforce session auditing in different client environments. This helps us solve the challenge of shared admin access and inconsistent access controls, improving security and compliance without increasing operational overhead and reducing our time to response.
My primary use case for One Identity Safeguard is privileged password vaulting and real-time session monitoring, which has been a game changer for managing sensitive access. I mainly use it to securely store, manage, and rotate privileged credentials across multiple environments. In my day-to-day work, I frequently need to provide temporary, controlled access to different users, including third-party vendors. In a recent project, we granted time-bound access through the privileged password vault and monitored vendor activity using session recording rather than direct password exposure. Another major advantage is One Identity Safeguard’s ability to integrate with existing systems, particularly for centralized privileged password management.
Our main use case for One Identity Safeguard is access management and session management for our privileged users. A specific example of how we use One Identity Safeguard for privileged users involves our integration with OneLogin, which is another product by One Identity. When our privileged users sign up with OneLogin, we provide them with all the necessary details about their session, and we monitor their activities to control any mistakes they might make. This process is fully automated by One Identity Safeguard. In addition to access and session management, we also use One Identity Safeguard for password vault safety, ensuring that most of our privileged users receive a different password each time they log in so that the admin doesn't know the password, thereby protecting the entire system.
Business Line Manager - IGA & PAM at a tech services company with 201-500 employees
Real User
Top 10
Apr 4, 2025
I am not a customer; I am a partner. Therefore, I assist clients in implementing One Identity Safeguard ( /products/one-identity-safeguard-reviews ) to manage privileged account access and their passwords. The primary aim is to reduce the attack surface of those accounts.
Consultant at a outsourcing company with 5,001-10,000 employees
Real User
Top 5
Apr 1, 2025
We are using it internally because I work in a consultancy company. I use it both for our internal privileged accounts. We have different systems like Google Cloud, some internal servers, data centers, etc. To secure those privileged accounts, like the administrator accounts and root accounts, I use One Identity Safeguard to rotate passwords, authorize sessions, and more. The second use case is that we also implement One Identity Safeguard for different customers.
Systems Administrator at a university with 10,001+ employees
Real User
Top 10
Mar 31, 2025
We use it to handle secure access to our Windows and Linux servers and also to manage some of our user accounts. This includes password rotation, JIT, and disabling accounts when they are not in use. We use their physical appliance.
Senior Vice President (Infrastructure Systems/Information Security) at MAXUT
Real User
Top 5
Jul 10, 2024
We are a One Identity partner, and our clients use One Identity Safeguard for password vaults, session management for Linux and Windows servers, and network appliances.
The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally.
Our customer is a public service organization with about 800 privileged accounts and 8,000 functional accounts. The client already has a relatively unadvanced identity management implementation. It's a request-based identity management solution. What we're doing now is getting better control of the privileged accounts and getting rid of the old technology. The end users don't know of an alternative. They are still subject to identity management through what is quite a large, manual process instead of process automation. For instance, the users do not have a self-service port where they can automatically get privileges they don't have today. Everything goes via the ITSM manual control workflow. It's the manual processing our client currently has that is what we are thinking of improving. The installation was not set up by my team, but our job is to focus on the most sensitive information assets and secure insights into how service and other infrastructure are managed through privileged accounts. After that, we will work on simplifying the everyday user experience. We work with just the physical appliances. It wasn't my decision. It was what the client already had. Regarding the form factor, just put it in a rack and it works. It's not an issue.
System Administrator at Shaare Zedek Medical Centre
Real User
Top 5
Sep 28, 2023
We use the virtual appliance of One Identity Safeguard to enhance security when external support is logged into our internal network. This is because it is the riskiest situation when an external company logs into servers to provide support. We want to increase security and monitoring to minimize risk. We have better monitoring tools to help us achieve this.
Cyber Security Engineer at a financial services firm with 5,001-10,000 employees
Real User
Sep 28, 2023
I work for a bank, and we use Safeguard to manage access to our Internet banking services. We use Safeguard for two things: identity and access management and detection recording. We have our services onboarded on SysTrack doing RDP directly to the servers or station, and we use virtual appliances for collection. The solution covers around 150 users at this organization.
System Manager at a retailer with 10,001+ employees
Real User
Jun 28, 2023
Our administrators mainly use it to protect their different packages and access secrets through Safeguard, either by checking out credentials, using encrypted sessions, or utilizing the product's API. We are using a virtual appliance deployed in the cloud and on-premises.
Manager Engineering at a comms service provider with 1,001-5,000 employees
Real User
Oct 9, 2022
We have more than 1,000 servers or application servers, and we have several layers of teams. We have super admins, system admins, and operations staff, and we also have application vendors using the system. In such a large environment, it was really difficult for us to do identity management on a daily basis. We had new people joining the team, and we also had people leaving. We had to put in additional manpower to monitor these activities and comply with the regulations. That was the main reason we moved to automation with the One Identity solution. We are using their Privileged Account Management solution. We have virtual appliances. We don't have physical ones.
Professional Service Manager at a financial services firm with 501-1,000 employees
Real User
Aug 16, 2022
The first time I used One Identity Safeguard was when I was the manager of the infrastructure of Ayendeh Bank, and we are currently using it now at my present company. Our main use case is in security reviews for all of the change management and incident management services, and we also use it for the VPN connection for PAM. It allows us to review everything that goes on over the working day. For example, our third-parties who support all of our services, including network services (e.g. Cisco) and our Linux servers, are eligible to connect via the VPN, and through One Identity Safeguard, they are able to make contact with and use the various services. Our company works alongside various PSPs (Payment Service Providers), and our work here is mainly to prepare the software switch for them, and to handle the SLA for infrastructure maintenance services. Due to the nature of our work, we also use One Identity Safeguard for on-call and direct administrators whether they are in-house or external to our company. It is, in fact, the main tool for managing access for all the services. And because of that, I'm available for these companies 24/7 all year long. At present, we have around 17 direct users of One Identity who use it on a daily basis, which includes 10 people from my own department.
We use Safeguard to manage users when the client wants to record all discussions on an LDAP. The solution is deployed on a VMware ESXI because all our clients don't want a physical appliance. We average about 300 to 500 connections to Safeguard.
One Identity Safeguard is used by administrators to access their devices. They will log in using identity management in order to secure the administrator's login.
Security Business Consultant at a tech services company with 201-500 employees
Real User
Mar 31, 2021
We primarily use the solution to manage passwords and use for the RDP access. Our infrastructure is three SPPs and two SPSs. This is across 1,000 users and approximately 500 targets.
Senior Vice President (Infrastructure Systems/Information Security) at MAXUT
Real User
Top 5
Jul 26, 2020
With Safeguard, there are two virtual appliances. There is one that helps you manage passwords and then there is another one that helps you record the sessions. You can configure it to record whatever you do when you make the remote calls. We use this solution for a bank. My current project is to onboard all the bank's security assets onto Safeguard. It will be used for admins to have secure access to the server.
Head of Department of Technical Means of Protection at BrokerCreditService
Real User
Jun 25, 2020
We use this solution to control the access of privileged users, such as application administrators, to the internal network. This solution allows us to record and log user sessions. We use virtual appliances on the VMware platform. The virtualization of such services allows us to flexibly scale our hardware configuration and gives significantly more opportunities for building a stable structure.
Director of Information Security at a healthcare company with 1,001-5,000 employees
Real User
Apr 21, 2020
We use it primarily for our IT team, so they can access our production and pre-production environments, to have better accountability. They have to create a ticket, check it out, and then they have to get approval from our approvers group. So there's accountability from beginning to end, and we also record the sessions.
VP & Head of Cybersecurity Manager at a financial services firm with 1,001-5,000 employees
Real User
Mar 11, 2020
We started with administrative use cases and we were able to take control of all the local administrator accounts for endpoints and servers. We then started controlling privileged accounts for our domain administrators as well as for any kind of privileged account that had access to our switches, routers, and the like. This year we're looking at taking control of all of the servers and application accounts. But that's going to be a longer journey for us because there are a lot more of those accounts, and there is a lot more testing that needs to be done because of the nature of the accounts. Another use case this year is integrating Safeguard into the SQL database, so we can start taking control of the SA accounts within SQL. Furthermore, we have a use case where we are using Safeguard to manage the account for our IIGA solution, which is our identity governance solution. When it creates new users or transfers or terminates users, it's using a privileged account that is being handled by Safeguard. We have a lot more use cases but these are enough to give you an idea of how we use it.
Chief Information Security Officer at a financial services firm with 51-200 employees
Real User
Mar 8, 2020
Our company is regulated by the central bank in our country. There are about 4,000 employees in our organization. Our main need was to reduce the operational cost of our department by increasing the window of operations to 24-hour rather than have office unemployment. We are now digitizing the access control function through One Identity. Whoever forgets their password can reset it on their own rather than reaching out to the security desk. Whenever we have a new employee, we found that it was taking at least two days to get them a username or access to the system. Now, once they are logged into the organization and are registered on our ERP system, their complete access will be ready within five seconds. They will receive an SMS with their username and password so they can start working. This has increased efficiency and effectiveness of the access control function. It has reduced operational costs as well as providing services 24/7 with a platform that can be used anytime and anywhere for investigation in case we have a requirement. We use the physical appliances, as they are more reliable. Around the world, dedicated appliances are more reliable than having a virtual version/copy. We went with the physical appliances because they are dedicated and closed like a black box. However, we haven't reported any misses with the virtual version.
VP Risk Management at a financial services firm with 1,001-5,000 employees
Real User
Mar 1, 2020
The three main use cases that we have are: * Ensure our human and non-human privilege accounts are locked up in a password vault. * Have workflows to handle the major types of usage, such as break glass and business as usual. * Changes in usage of the credentials are tied into approved change requests. These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password Vault. Last Fall, we went group by group and revised their accounts. We took away any type of privilege account that they had, ensuring that all of these accounts were then migrated to the Vault. They could then check out passwords to facilitate any type of privilege activities they needed to do on behalf of the bank. We use virtual appliances for this solution, which made sense for us, especially if we will plan to perhaps migrate to the cloud. Right now, it's all virtualized on-premise.
We are using the virtual appliance. We are a cloud company working widely with virtualization. We provide virtual machine to our customers. When we deploy a new solution, we try to use our system to show our customers that it works for them. That is why we are using a virtual appliance which validates the usage. For now, we are using it for traceability of access inside the platform because we are a certified company: ISO 27001, SecNumCloud, HDS... We use this solution to monitor the session of our administrator and also to capitalize on incidents. When you have an incident in the night and our Level 3 people are working on it, they don't have the time to document all they do on the platform. The main goal is to have the service up as fast as possible. We are now recording the session, and the morning after the incident, we can see the session and understand what has been done to resolve the incident. We are using the latest version of Safeguard.
Expert Systems Architect at Tempur Sealy International, Inc.
Real User
Feb 18, 2020
There are two parts to Safeguard: the sessions recording part and the password management appliance. With the password management appliance, we have been using version 2.10. For the sessions recording, we started off with version 6.2. It has new additions and updates which have come out, thus we've upgraded. Currently, we are up to version 6.5. We are doing a sessions recording for all of our UAT and production servers. Therefore, if something breaks/happens or there's a change during the day without the proper change control mechanisms, we can determine the session by pulling the last session on the box and finding out who did what. Then, for the password part, it is used to consolidate enterprise-wide all our passwords for our 2000-plus server accounts. We have five physical alliances for the password part. Then, for the sessions recording, there are three virtual appliances. We went with these particular versions because they were the latest and greatest. I like to keep things updated instead of dragging stuff out, which is how people get stuck with legacy devices unable to upgrade or with no upgrade path available.
We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI.
Head of Information Security at a financial services firm with 11-50 employees
Real User
Apr 17, 2019
The primary use case for our One Identity Safeguard solution is to optimize security across private accounts, accounts which can be secured upstream and downstream. The solution enables us to implement encryption protocols across channels. It is designed so that depending on the cryptographic case, different policies can be applied in correlation.
One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.
In my daily operations, I rely on One Identity Safeguard for administrator requests for access through One Identity Safeguard, which are approved via workflows. Once approved, sessions are launched, ensuring security without revealing passwords, and all activities are recorded for auditing purposes. In our environment, there were multiple administrators using shared privilege accounts, which created accountability and security risks. With One Identity Safeguard, we implemented password vaulting where passwords are automatically rotated and never exposed to users, ensuring secure access and eliminating shared credential risks. In our daily operations, One Identity Safeguard is primarily used to manage and control privilege access to critical systems such as servers, network devices, and databases. Administrators and users request access through One Identity Safeguard, which follows an approval-based workflow. Once access is approved, users can securely connect to the target system without directly viewing or knowing the privilege credentials. All sessions are proxied through One Identity Safeguard, ensuring that passwords are never exposed. Additionally, every session is monitored and recorded, allowing security teams to review activities when required. We also use One Identity Safeguard for automated password rotation, ensuring that privileged account passwords are regularly updated without manual intervention. Overall, it acts as a centralized platform for security, secure access management, auditing, and compliance in our environment.
Our primary use case for One Identity Safeguard includes privileged password management, where it includes vaulting, rotating, and checking in and checking out privileged credentials. Secure remote access helps to grant access to Windows/Linux servers based on group membership. We also use it for session monitoring and recording, where it helps to monitor, record, and audit privileged sessions for compliance. Access request simplification plus threat detection helps to streamline requests and quickly detect threats seamlessly.In my day-to-day work, One Identity Safeguard helps to identify anomalous behavior, a deal breaker feature for some customers. It also helps to detect threats and streamline requests and quickly detect threats.
Our primary use case for One Identity Safeguard is to secure, control, and monitor privileged access across critical systems in the organization. We mainly use it for privileged session management, password vaulting, and enforcing least-privilege access policy. It helps us manage administrative access to servers, databases, and network devices by centralizing credential storage and rotating passwords automatically. Additionally, we use it for session recording and real-time monitoring, which strengthens our audit and compliance capability. Overall, it plays a key role in reducing insider threats, improving security visibility, and ensuring regulatory compliance. A common example of how we use One Identity Safeguard for privileged session management is when a system administrator needs access to a production server. Instead of sharing static credentials, they request access through One Identity Safeguard. For password vaulting, the admin never sees the actual passwords. One Identity Safeguard automatically injects the credential during login, and the password is rotated after the session ends. This ensures that credentials are never exposed or reused. For privileged session management, once the admin connects to the server through One Identity Safeguard, the entire session is monitored and recorded. If any suspicious activity occurs, we have the ability to terminate the session in real-time. These session recordings are also used later for auditing and compliance checks. This approach significantly improves security while still allowing admins to do their work efficiently without manual credential handling. One additional point to add about our main use case is how well One Identity Safeguard integrated into our overall security workflow. It is not just a standalone tool; it works as a central control point for all privileged access. In our day-to-day operation, it reduces manual effort for the IT team by automating password management and access approval. It also standardizes how privileged access is handled across different teams, which improves consistency and reduces human error. Another important aspect is its role in compliance. Since all privileged activities are logged and recorded, it makes audits much smoother and faster. Instead of collecting logs from multiple systems, everything is available in one place. Overall, it fits seamlessly into our workflow by enhancing security without slowing down operations, which is critical for maintaining both productivity and control.
My main use case for One Identity Safeguard includes privilege access, session recording, and real-time monitoring. In daily work, I use session recording and real-time monitoring as part of my workflow. My main use case is privilege access.
I use One Identity Safeguard mainly for managing and securing privileged access like controlling admin accounts and monitoring sensitive sessions. For example, I use One Identity Safeguard to grant temporary admin access to users and track their sessions to make sure everything is secure. One Identity Safeguard also helps with password vaulting and automatic rotation. This means we don't have to share or manually manage sensitive credentials. We are using One Identity Safeguard in a hybrid setup, partly on-premises for sensitive access control and partly integrated with cloud services. We have integrated One Identity Safeguard with our cloud environment on Microsoft Azure and also with some internal DevOps workflows so privileged access can be controlled during the deployments and automation tasks. It was moderately easy overall to integrate One Identity Safeguard with our DevOps workflows and Microsoft Azure environment. Microsoft Azure integration was pretty smooth, but the DevOps workflow setup took a bit more effort to configure and test properly.
My main use case of One Identity Safeguard is to manage and secure privileged access in our IT environment. We use it for password vaulting, automatic credential rotation, and monitoring administrator sessions on servers, network devices, and critical systems.
My main use case for One Identity Safeguard has been managing and securing privileged access across critical systems. I primarily use it for password vaulting and automated credential rotation, which helps eliminate manual password handling and improve security. In addition, I work with access request workflows where users request privileged access and approvals are enforced before granting time-bound access. I have been involved in monitoring and reviewing privileged sessions for audit and compliance purposes. Overall, I use One Identity Safeguard to ensure secure, controlled, and traceable access to sensitive systems. In addition to the core use cases, I also use One Identity Safeguard for day-to-day operational tasks such as onboarding new assets and accounts into the vault, maintaining access policies, and troubleshooting access-related issues. I regularly review audit logs and session recordings to ensure compliance and investigate any unusual activity. I have also worked on integrating One Identity Safeguard with directory services such as Active Directory to streamline user authentication and access control. Overall, my day-to-day usage is focused not just on securing privileged access but also on improving efficiency, enforcing security policies, and ensuring complete visibility and accountability across all privileged activities.
My main use case for One Identity Safeguard in day-to-day work is to provide identity across all user accounts and domains, and it improves security across the enterprise by providing enhanced features with respect to this identity solution. I primarily use One Identity Safeguard for protecting security across all user accounts, enterprise data accounts, assets, as well as privileged access, domain user, and admin accounts, giving SSO features and providing security across all user accounts.
One Identity Safeguard serves as our Privileged Access Management solution to enforce session management for administrators and allow them to access our systems in recorded sessions, which secures our environment. In our daily operations, One Identity Safeguard acts as a centralized privileged credentials manager for our systems including Windows, Linux, network devices, and our database, allowing administrators to access our database systems in critical environments while recorded sessions ensure security and accountability. We have just-in-time access with approvals, allowing administrative access to our users based on request and approvals, which helps us monitor requests for access to critical systems.
My main use case for One Identity Safeguard is to specifically secure, control, and monitor the privileged accounts across our critical systems. We use this to secure password vaulting for privileged and service accounts, control the privileged access to servers, databases, and network devices, session monitoring and recording for audits and compliance purposes, and meet compliance requirements. We often use it to reduce the risk of potential misuse while maintaining visibility and governance over the privileged access. We use One Identity Safeguard to manage the privileged access to our production Linux and Windows servers. All admin credentials are stored in Safeguard's password vault and users authenticate through Safeguard instead of knowing their actual passwords. When an admin needs access, they request the privileged access through Safeguard, and then Safeguard grants them time-bounded access, with the session proxied and recorded for auditing. Once the session ends, the password is automatically rotated.
My main use case for One Identity Safeguard is using only one module for privileged session, which we use for admins and contractors. A quick specific example of how my team uses One Identity Safeguard day-to-day is that we use only the second part for our contractors, not for admins in our company, but for companies that help us perform admin work and support our system.
Our main use case for One Identity Safeguard is to integrate it to clients that need the SPP functionality, which stands for Safeguard for Privileged Passwords. They do say that we could utilize One Identity Safeguard to its full extent for now, but we're getting there. A quick specific example of how we use One Identity Safeguard with a client is that our latest client needed a password vault, so at first, we integrated One Identity Safeguard for Privileged Passwords, and then they asked for a personal vault so they could store their passwords and secrets, much like KeePass, so we integrated One Identity Safeguard Personal Vault as well. Lastly, they figured at some point down the line that they needed SPS as well, but only the primitive version of it, so we just decided to integrate SPS as well and form it into a cluster with SPP, but they don't use any third-party plugins as of now.
Our main use case for One Identity Safeguard is as a privileged access management solution across multi-client environments. We use it to secure, control, and audit privileged accounts, enforce session monitoring and password vaulting, and provide just-in-time privileged access for admins, helping us reduce risk while meeting client security and compliance requirements. A common example is admin access to client production servers. We use One Identity Safeguard to vault privileged credentials and grant just-in-time access only for approved change windows. All sessions are recorded and audited, which has significantly reduced credential exposure and helped us meet clients' audit and compliance requirements. As a service provider managing various customers, we prioritize this consideration. One additional use case is centralized PAM management across multiple customer environments. We use One Identity Safeguard to standardize privileged access policies, rotate passwords automatically, and enforce session auditing in different client environments. This helps us solve the challenge of shared admin access and inconsistent access controls, improving security and compliance without increasing operational overhead and reducing our time to response.
My primary use case for One Identity Safeguard is privileged password vaulting and real-time session monitoring, which has been a game changer for managing sensitive access. I mainly use it to securely store, manage, and rotate privileged credentials across multiple environments. In my day-to-day work, I frequently need to provide temporary, controlled access to different users, including third-party vendors. In a recent project, we granted time-bound access through the privileged password vault and monitored vendor activity using session recording rather than direct password exposure. Another major advantage is One Identity Safeguard’s ability to integrate with existing systems, particularly for centralized privileged password management.
Our main use case for One Identity Safeguard is access management and session management for our privileged users. A specific example of how we use One Identity Safeguard for privileged users involves our integration with OneLogin, which is another product by One Identity. When our privileged users sign up with OneLogin, we provide them with all the necessary details about their session, and we monitor their activities to control any mistakes they might make. This process is fully automated by One Identity Safeguard. In addition to access and session management, we also use One Identity Safeguard for password vault safety, ensuring that most of our privileged users receive a different password each time they log in so that the admin doesn't know the password, thereby protecting the entire system.
I am not a customer; I am a partner. Therefore, I assist clients in implementing One Identity Safeguard ( /products/one-identity-safeguard-reviews ) to manage privileged account access and their passwords. The primary aim is to reduce the attack surface of those accounts.
The purpose is to ensure that privileged users do not know their own passwords.
We are using it internally because I work in a consultancy company. I use it both for our internal privileged accounts. We have different systems like Google Cloud, some internal servers, data centers, etc. To secure those privileged accounts, like the administrator accounts and root accounts, I use One Identity Safeguard to rotate passwords, authorize sessions, and more. The second use case is that we also implement One Identity Safeguard for different customers.
We use it to handle secure access to our Windows and Linux servers and also to manage some of our user accounts. This includes password rotation, JIT, and disabling accounts when they are not in use. We use their physical appliance.
My main use cases include LDAP, SSH, and some utilization of HTTPS. My primary uses are LDAP and SSH.
We are a One Identity partner, and our clients use One Identity Safeguard for password vaults, session management for Linux and Windows servers, and network appliances.
We mainly use the Privileged Session Management (PSM) features.
The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally.
Our customer is a public service organization with about 800 privileged accounts and 8,000 functional accounts. The client already has a relatively unadvanced identity management implementation. It's a request-based identity management solution. What we're doing now is getting better control of the privileged accounts and getting rid of the old technology. The end users don't know of an alternative. They are still subject to identity management through what is quite a large, manual process instead of process automation. For instance, the users do not have a self-service port where they can automatically get privileges they don't have today. Everything goes via the ITSM manual control workflow. It's the manual processing our client currently has that is what we are thinking of improving. The installation was not set up by my team, but our job is to focus on the most sensitive information assets and secure insights into how service and other infrastructure are managed through privileged accounts. After that, we will work on simplifying the everyday user experience. We work with just the physical appliances. It wasn't my decision. It was what the client already had. Regarding the form factor, just put it in a rack and it works. It's not an issue.
We use One Identity Safeguard to manage our privileged accounts. We use One Identity Safeguard on both physical and virtual appliances.
We introduce One Identity Safeguard to customers, primarily Italian customers who need to partner with solutions that protect their target resources.
We use the virtual appliance of One Identity Safeguard to enhance security when external support is logged into our internal network. This is because it is the riskiest situation when an external company logs into servers to provide support. We want to increase security and monitoring to minimize risk. We have better monitoring tools to help us achieve this.
I work for a bank, and we use Safeguard to manage access to our Internet banking services. We use Safeguard for two things: identity and access management and detection recording. We have our services onboarded on SysTrack doing RDP directly to the servers or station, and we use virtual appliances for collection. The solution covers around 150 users at this organization.
We use the on-demand version. We use the solution for monitoring and connection to the customer's server for Windows and Linux.
We primarily use the solution to manage identities.
Our administrators mainly use it to protect their different packages and access secrets through Safeguard, either by checking out credentials, using encrypted sessions, or utilizing the product's API. We are using a virtual appliance deployed in the cloud and on-premises.
We have more than 1,000 servers or application servers, and we have several layers of teams. We have super admins, system admins, and operations staff, and we also have application vendors using the system. In such a large environment, it was really difficult for us to do identity management on a daily basis. We had new people joining the team, and we also had people leaving. We had to put in additional manpower to monitor these activities and comply with the regulations. That was the main reason we moved to automation with the One Identity solution. We are using their Privileged Account Management solution. We have virtual appliances. We don't have physical ones.
The first time I used One Identity Safeguard was when I was the manager of the infrastructure of Ayendeh Bank, and we are currently using it now at my present company. Our main use case is in security reviews for all of the change management and incident management services, and we also use it for the VPN connection for PAM. It allows us to review everything that goes on over the working day. For example, our third-parties who support all of our services, including network services (e.g. Cisco) and our Linux servers, are eligible to connect via the VPN, and through One Identity Safeguard, they are able to make contact with and use the various services. Our company works alongside various PSPs (Payment Service Providers), and our work here is mainly to prepare the software switch for them, and to handle the SLA for infrastructure maintenance services. Due to the nature of our work, we also use One Identity Safeguard for on-call and direct administrators whether they are in-house or external to our company. It is, in fact, the main tool for managing access for all the services. And because of that, I'm available for these companies 24/7 all year long. At present, we have around 17 direct users of One Identity who use it on a daily basis, which includes 10 people from my own department.
We use Safeguard to manage users when the client wants to record all discussions on an LDAP. The solution is deployed on a VMware ESXI because all our clients don't want a physical appliance. We average about 300 to 500 connections to Safeguard.
We use it for controlling the client sessions into our data center.
One Identity Safeguard is used by administrators to access their devices. They will log in using identity management in order to secure the administrator's login.
We primarily use the solution to manage passwords and use for the RDP access. Our infrastructure is three SPPs and two SPSs. This is across 1,000 users and approximately 500 targets.
With Safeguard, there are two virtual appliances. There is one that helps you manage passwords and then there is another one that helps you record the sessions. You can configure it to record whatever you do when you make the remote calls. We use this solution for a bank. My current project is to onboard all the bank's security assets onto Safeguard. It will be used for admins to have secure access to the server.
We use this solution to control the access of privileged users, such as application administrators, to the internal network. This solution allows us to record and log user sessions. We use virtual appliances on the VMware platform. The virtualization of such services allows us to flexibly scale our hardware configuration and gives significantly more opportunities for building a stable structure.
We use it primarily for our IT team, so they can access our production and pre-production environments, to have better accountability. They have to create a ticket, check it out, and then they have to get approval from our approvers group. So there's accountability from beginning to end, and we also record the sessions.
We started with administrative use cases and we were able to take control of all the local administrator accounts for endpoints and servers. We then started controlling privileged accounts for our domain administrators as well as for any kind of privileged account that had access to our switches, routers, and the like. This year we're looking at taking control of all of the servers and application accounts. But that's going to be a longer journey for us because there are a lot more of those accounts, and there is a lot more testing that needs to be done because of the nature of the accounts. Another use case this year is integrating Safeguard into the SQL database, so we can start taking control of the SA accounts within SQL. Furthermore, we have a use case where we are using Safeguard to manage the account for our IIGA solution, which is our identity governance solution. When it creates new users or transfers or terminates users, it's using a privileged account that is being handled by Safeguard. We have a lot more use cases but these are enough to give you an idea of how we use it.
Our company is regulated by the central bank in our country. There are about 4,000 employees in our organization. Our main need was to reduce the operational cost of our department by increasing the window of operations to 24-hour rather than have office unemployment. We are now digitizing the access control function through One Identity. Whoever forgets their password can reset it on their own rather than reaching out to the security desk. Whenever we have a new employee, we found that it was taking at least two days to get them a username or access to the system. Now, once they are logged into the organization and are registered on our ERP system, their complete access will be ready within five seconds. They will receive an SMS with their username and password so they can start working. This has increased efficiency and effectiveness of the access control function. It has reduced operational costs as well as providing services 24/7 with a platform that can be used anytime and anywhere for investigation in case we have a requirement. We use the physical appliances, as they are more reliable. Around the world, dedicated appliances are more reliable than having a virtual version/copy. We went with the physical appliances because they are dedicated and closed like a black box. However, we haven't reported any misses with the virtual version.
The three main use cases that we have are: * Ensure our human and non-human privilege accounts are locked up in a password vault. * Have workflows to handle the major types of usage, such as break glass and business as usual. * Changes in usage of the credentials are tied into approved change requests. These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password Vault. Last Fall, we went group by group and revised their accounts. We took away any type of privilege account that they had, ensuring that all of these accounts were then migrated to the Vault. They could then check out passwords to facilitate any type of privilege activities they needed to do on behalf of the bank. We use virtual appliances for this solution, which made sense for us, especially if we will plan to perhaps migrate to the cloud. Right now, it's all virtualized on-premise.
We are using the virtual appliance. We are a cloud company working widely with virtualization. We provide virtual machine to our customers. When we deploy a new solution, we try to use our system to show our customers that it works for them. That is why we are using a virtual appliance which validates the usage. For now, we are using it for traceability of access inside the platform because we are a certified company: ISO 27001, SecNumCloud, HDS... We use this solution to monitor the session of our administrator and also to capitalize on incidents. When you have an incident in the night and our Level 3 people are working on it, they don't have the time to document all they do on the platform. The main goal is to have the service up as fast as possible. We are now recording the session, and the morning after the incident, we can see the session and understand what has been done to resolve the incident. We are using the latest version of Safeguard.
There are two parts to Safeguard: the sessions recording part and the password management appliance. With the password management appliance, we have been using version 2.10. For the sessions recording, we started off with version 6.2. It has new additions and updates which have come out, thus we've upgraded. Currently, we are up to version 6.5. We are doing a sessions recording for all of our UAT and production servers. Therefore, if something breaks/happens or there's a change during the day without the proper change control mechanisms, we can determine the session by pulling the last session on the box and finding out who did what. Then, for the password part, it is used to consolidate enterprise-wide all our passwords for our 2000-plus server accounts. We have five physical alliances for the password part. Then, for the sessions recording, there are three virtual appliances. We went with these particular versions because they were the latest and greatest. I like to keep things updated instead of dragging stuff out, which is how people get stuck with legacy devices unable to upgrade or with no upgrade path available.
We primarily use the solution for managing and monitoring privileged users, both internal and external.
We primarily use the solution to manage passwords.
We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI.
The primary use case for our One Identity Safeguard solution is to optimize security across private accounts, accounts which can be secured upstream and downstream. The solution enables us to implement encryption protocols across channels. It is designed so that depending on the cryptographic case, different policies can be applied in correlation.
We primarily use One Identity Safeguard for Privileged Sessions (SPS) for managing our customers' access to their critical systems.
We use Safeguard for privileged sessions. It's primarily used as a solution for accessing our production environments.
Privileged management.