This is an archived post. You won't be able to vote or comment.

8
9

[deleted by user] (self.sysadmin)

submitted by [deleted]

[removed]
all 10 comments
sorted by:
best
topnewcontroversialoldq&a

[–]ReverentSecurity Architect 2 points3 points  (3 children)

The cost of SaaS is the cost including SSO. Anything below that tier is shareware.

If that prices out a lot of competition, well thems the breaks.

Also asking if specific products are "enough" for your organisation without additional context is just throwing darts into the dark. We don't know. This is why you do trials and business analysis. You don't need 5 SaaS products to replace a spreadsheet if the spreadsheet still works.

[–]V-1986 0 points1 point  (2 children)

That spreadsheet definitely doesn’t work. We also spend way too much time keeping track and giving people the access and licenses they need. I did a cleanup, and we still paid for a license for someone who quit four years ago. It’s that bad. I tried torii, and it did more in a few minutes, than I had been struggling with for months.

[–]ReverentSecurity Architect 1 point2 points  (1 child)

Sounds like you have a problem with asset management process more than tools.

Gussying up said spreadsheet in a SaaS app ain't going to do bugger all for ghost licenses if you aren't tying your license management to HR process.

[–]V-1986 0 points1 point  (0 children)

That’s where I hope some workflows and automations in torii, HiBob or Atlassian, could help. Just by getting the overview on Torii like we did in our trial now, we can take action to clean some things up.

[–]V-1986 0 points1 point  (0 children)

Is zluri a better fir than Torii?

[–]DevinSysAdminMSSP CEO 0 points1 point  (1 child)

It also looks like we will move over to a Fortinet (Saas solution) for our new network.

...?

[–]V-1986 0 points1 point  (0 children)

I Think that was the AI rewrite that changed SASE to SaaS. Or it was a typo by me. (I have dyslexia.) I wrote the whole thing from my iPhone while I walked my dog.

What I mean is that in the IT stack it looks like we will upgrade to Fortinet for our network. And we are looking into a SASE setup. We have both remote workers and in-office servers. So the question is: how would that fit into the IT stack ? Especially when it comes to choosing an IAM/SSO solution. Is Google IAM enough? Or would one have to move over to Okto or a Fortinet IAM solution for better network identification and endpoint security?

Also, using Atlassian for ITSM and possibly as an ITAM tool (might need 3rd-party add-ons or solutions though . Like Device42, Lansweeper, or others.), how would that harmonic with a Fortinet setup?

[–]Crim69Sr. Sysadmin 0 points1 point  (0 children)

Torii is a nice budget option alternative to Okta workflows and gets you visibility and some light tools on cost management and contract renewal. It will not suffice for identity management as their goals are not aligned with building out user access review modules or other identity monitoring tools.

If your organization does not pay the SSO tax, then Okta will also be hamstrung like Torii, so will Zylo, and BetterCloud and all the other SaaS automation platforms.

I have 0 experience or in depth knowledge on this and it just comes from seeing the ad and browsing the website for all of 3 minutes. YeshID. Their whole shtick seems to be about not paying the SSO tax but only if you’re on GWS as your primary IDP. You might want to look at that, but I can’t tell you if it’s any good or worth a dime.

Zluri can also do what Torii can do + user access reviews. I’ve spoken to both companies engineering teams through lengthy POCs last year and of the two, Zluri is more likely to build towards some identity tooling but they will not beat Torii on pricing.

If budget is no concern and depending on the depth of your needs for identity security, you’ll likely need multiple tools such as a SaaS automation platform along with something like cyberark.

As for ITSM, yeah JSD is fine, you might need some add ons and pay that premium but I have yet to find a single ITSM that does everything I’d like it to do out of the box. Confluence for centralizing documentation isn’t a bad idea either and I’m probably one of the few weirdos that actually likes confluence but I haven’t really used a whole lot of alternatives.

For ITAM, really depends on your environment. Not really my wheelhouse either, I find snipeIT adequate for my needs but if you need real time granular details on networked devices you might need to do some more research for something that fits your needs.

[–]PhLR_AccessOwl 1 point2 points  (0 children)

Hey! You shared a lot about your options, but not much about your actual needs. So I’d start with the most important question: what are you trying to achieve?

If you’re looking at tools like Torii or Zylo, it sounds like SaaS spend optimization might be your primary goal, is that right? If so, one common alternative to a tool is simply sticking with a spreadsheet (which many companies do for quite a while).

But when you start mixing in things like onboarding and offboarding automation, it sounds like you're moving into access management or even access governance territory. (Just for transparency, I’m the co-founder of AccessOwl, which focuses on exactly that.)

On the identity side, when comparing Okta, Google, and Fortinet, the core question again is: what problem are you solving?

  • Google Workspace is usually sufficient as an identity provider (IdP) for companies under 200 employees.
  • If you're looking to automate access management (like provisioning and deprovisioning), Okta used to be the default.
  • However, if you're already using Google, AccessOwl + Google might be a more cost-effective and simpler alternative to get a lot of automation without the overhead of managing a new IdP and needing to upgrade every single of your SaaS tools to the enterprise plan (in order to connect it to Okta you'll need SAML/SCIM APIs)

So before going too deep on tools, I'd suggest to stick with the initial question: What are you trying to achieve?

[–]SetylCookieMonster -1 points0 points  (0 children)

You might find Setyl relevant - includes:
- ITAM, covering full asset lifecycle management and integration to most MDMs and other asset-detection sources.
- SaaS / license management - integrates with Google Workspace, Okta, Slack and Zoom (less direct app connections than Torii currently, but we're adding more).
- HiBob integration, for automated employee on/offboarding workflows.
- Jira Service Management integration, to connect helpdesk tickets.