Top 7 Privileged Identity Management Solutions – Q1 2017

| |

IT Central Station’s crowdsourced user review platform helps technology decision makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.

You can read user reviews for the top seven privileged identity management solutions here, to help you decide which solution is best for you.

In the review excerpts below, our users have ranked their solutions according to their valuable features, and have also discussed where they see room for improvement.

#1 CyberArk Privileged Account Security

CyberArk Privileged Account Security is ranked as the number one solution in privileged identity management by our users during Q1 2017.

But what do users really think about CyberArk Privileged Account Security?

Malhar Vora, Project Manager at a tech vendor with 1,000-5,000 employees, shares that “All features of the CyberArk PAS solution are valuable.”

More specifically, Vora writes that “The Digital Vault is one of the key components of the solution along with many other great benefits. The highly secured vault stores the privileged account passwords and data files using encryption.

In version v9.7, CyberArk has introduced the Cluster Vault feature, which enhances the high availability of the Vault server.”

“The performance of this product needs to be improved”, writes an IT Administrator at a tech company with 1,000-5,000 employees.

He explains that “When the number of privileged accounts increases, i.e., exceeds 2000, then the performance of the system reduces. The login slows down drastically and also the connection to the target system slows down. This is my observation and thus, the server sizing needs to be increased.”

#2 Quest One Identity Manager

IT Central Station users rank Quest One Identity Manager as the number two identity access management solution of Q1 2017.

Sachin Loothra, Senior Identity and Access Management Specialist at a tech vendor with 1,000-5,000 employees, lists several of Quest One Identity Manager’s valuable features:

  • The GUI is very impressive and clean (even cleaner and minimalistic in v7).
  • JobQueueInfo does an amazing job tracking all processes.
  • Synchronizations are easy to set up.
  • Reporting capabilities are fantastic once you get the hang of using Report Editor.
  • WebDesigner allows a lot of customizations to be added to the web project.
  • Schema and table names are very logical. It is very easy to find something in the database just because of the fact that the naming convention in the schema is very logical and consistent.
  • It’s a feature-rich product: a suite of very powerful tools with a lot of functionalities once you get the knack of them.

A Presales Solution Architect at a tech company with 51-200 employees writes that “There is a need to improve the use case documentation and coding templates. This product has some limitations when it comes to using use case documentation.

Generally, when we have any different scenario, we need to post in the blog and only then we will get answers.”

#3 CA Privileged Access Manager

CA Privileged Access Manager is ranked as the number three solution in privileged identity management by our users during Q1 2017.

“We need a solution that is very reliable for our users”, writes a Senior Security Analyst at a retailer with 1,000 – 5,000 employees. “We need something that has the ability to handle requests for network ports and various configurations. Security is one of the highest priorities and part of that is tracking/auditing. Xceedium/CA PAM support has been excellent and that is one of the main reasons we have stuck with this solution. We have had the same core team supporting us over the years and they work with us through any issues.”

Jose Albino, Director, Managed Services – Analytics & Data Solutions at a tech services company with 51-200 employees, suggests:

“They need to improve how it scales. We end up adding new “appliances” to scale for large or complex environments.”

#4 BeyondTrust PowerBroker

IT Central Station users rank BeyondTrust PowerBroker as the number four identity access management solution of Q1 2017.

Gaurav Demiwal, Sr Platform Engineer at a construction company with 1,000-5,000 employees, shares that BeyondTrust PowerBroker “elevates the user to perform admin tasks without the user being a part of an administrator group.”

Demiwal then elaborates that “Previously, all users were in the administrator group of their machines. Since PowerBroker elevates the user, we can remove the users from the administrator group. Thus, the machines become less vulnerable to attacks.”

In terms of improvements, Demiwall suggests to “Improve the ActiveX rule for websites”, and notes that “the software uses a lot of memory.”

#5 BalaBit Shell Control Box

BalaBit Shell Control Box is ranked as the number five solution in privileged identity management by our users during Q1 2017.

Ivan Kutov, IT Security Engineer at a tech services company, points out two of BalaBit Shell Control Box’s valuable features:

  • Flexible Modes:

“Easily integrated into the customer infrastructure. It’s easy to find needed information and the indexer does a good job.

  • Secure Replays:

Balabit SCB supports multiple security officers (something like senior and junior officer), who can encrypt upstream, and downstream flows, with different SSL certificates. For example, one officer can see replays, and another officer can only see replays by pressing on a key.”

Peter Jankovsky, CTO & Solution Architect at a tech services company with 51-200 employees, addresses two areas for improvement:

  • VMware PCoIP protocol support:

“Many customers are switching from normal computers/environment to VDI infrastructure and some of them are switching to VMware Horizon that uses PCoIP protocol, which is not supported right now.”

  • Central management for more SCB boxes:

“If you have many boxes in a customer infrastructure (right now we have one customer of this kind in POC and they will need eight boxes) with the same configuration/purpose, you have to do everything 8x. I know this feature is on the roadmap, but nobody knows when it will be available.”

#6 Thycotic Secret Server

IT Central Station users rank Thycotic Secret Server as the number six identity access management solution of Q1 2017.

“I manage our Secret Server environment, and over the years we have heavily utilized this product across our entire University to harden our security posture and meet compliance requirements”, shares Michael Muto, a Systems Administrator at a university with 1,000-5,000 employees.

Muto explains that “Secret Server has helped us eliminate many of the manual processes that we performed regarding password changing and rotation, as well as the data we stored in Microsoft Excel.  

We love the fact that the product discovers privileged accounts across our infrastructure so that we can securely store and manage them appropriately, as well as rotate their passwords to meet our password policy requirements.”

This Security Operations at a tech company with 1,000-5,000 employees writes that in terms of future improvements, “Referring to Secret Server v10, we want the ability to add subfolders to the “\Personal Folders” container.  We had to rename it to “\Personal Secrets” to avoid confusion.

Otherwise, you can create as many top-level folders and subfolders as you like. A minor annoyance for an otherwise awesome product.”

#7 Lieberman Software Enterprise Random Password Manager

Lieberman Software Enterprise Random Password Manager is ranked as the number seven solution in privileged identity management by our users during Q1 2017.

A Cyber Security Engineer at a Recruiting/HR Firm with 51-200 employees points to the solution’s “Randomizing local accounts on all endpoints” as a valuable feature.

He elaborates that “ERPM’s greatest ability is that it can easily randomize ALL local accounts on almost any endpoint.

One of biggest security risks that occur within a company is the ability of an attacker to compromise one system and then use similar local accounts to slide horizontally through an environment.”

This Senior Solutions Engineer at a tech services company with 501-1,000 employees discusses session recording as an area for improvement:

“It records simple, flat Windows Media Viewer format files, and is suitable for very basic recording needs. It is not a very scalable or robust offering and offers no session management capabilities.”

Read more user reviews for the top privileged identity management solutions of Q1 2017 here.


Message Queue Solutions — New User Reviews 2017

New: Modular SAN Solutions — User Reviews: Q1 2017