Fairfax Media Adopts SaaS Apps Quickly While Enhancing Security

Similar documents
Case Study: Eurostar

STREAMLINING USER PROVISIONING WITHIN JIVE USING ACTIVE DIRECTORY

WHITEPAPER. Mobile SSO & the Rise of Mobile Authentication

The Case for Cloud- Based IAM. OneLogin s Meyer on Identity and Access Management for the Modern Enterprise

Workspace ONE. Insert Presenter Name. Empowering a Digital Workspace. Insert Presenter Title

INTEGRATING PING IDENTITY SOLUTIONS WITH GOOGLE IDENTITY SERVICES

Case Study: Broadcom Limited

Office 365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107

Identity and Access Management

TOP 20 QUESTIONS TO ASK BEFORE SELECTING AN ENTERPRISE IAM VENDOR

CTERA Enterprise File Sync and Share (EFSS) - CTERA Overview

Australia s #1 Fashion Retailer Increases Employee Engagement with Jostle

SECURITY TRAILS CLOUD

CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON

Executive Summary. Office 365 Adoption Accelerating Through the Roof. White paper

The Total Economic Impact Of OneLogin

Wandel der IT im Kontext Digitalisierung

Office365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street San Francisco, CA

5 Tips for Improving Collaboration

WHITE PAPER GOOGLE AND SALESFORCE

Optimizing Active Directory to Better Suit a Hybrid Environment. Gary Savarino Solution Consultant Active Directory Subject Matter Expert

FOUR PRINCIPLES OF DEVOPS FOR CONTINUOUS CLOUD COST CONTROL

Wanted: Agile Solution for Evolving Marketing Demands

Identity and Access Managementas-a-Service: Protecting Digital Relationships

Enterprise Mobility Suite

Microsoft Dynamics 365 for Operations Microsoft Dynamics 365 for Operations Reasons to accelerate your path to the cloud with the new Dynamics 365

David Linthicum, Managing Director, Chief Cloud Strategy Officer, Deloitte Consulting LLP

Keep pace with change.

Secure information access is critical & more complex than ever

ENTERPRISE OPERATIONS SERVICES

Optimizing Security Practices Among Employees

10 ESSENTIALS FOR CREATING AN INTRANET THAT EMPLOYEES WILL LOVE. PRODUCED BY THE CONSULTING TEAMS AT UNILY AND BRIGHTSTARR

Yes, You DO Need Visual IVR Frequently Asked Questions

4 Core Business Model

Drive success for your business and IT with workplace flexibility

5 Ways. to Cut. Market Data. Spend and IMPROVE WORKFLOW WHITE PAPER

Capgemini Cloud Platform. Migrate, operate, and innovate every aspect of your business in the cloud

10 ESSENTIALS FOR CREATING AN INTRANET THAT EMPLOYEES WILL LOVE. Sponsored by:

Solution White Paper Drive Radical Business Value with a High-Speed IT Organization

Shifting communication preferences in the consumer space are driving the requirement for changing tools in the workspace.

5 Tips for Improving Collaboration

Shifting communication preferences in the consumer space are driving the requirement for changing tools in the workspace.

Starfish Associates Playbook for Partners Cisco

Reinventing the IT War Room:

Starfish Associates Playbook for Partners Cisco

IBM SmartCloud Migrations Best Methods and Practices

Solution White Paper Drive Radical Business Value with a High-Speed IT Organization

The Future of Employee Management

Fundamentals of Hosting Your QuickBooks Desktop in the Cloud

VDI. Citrix Cloud Services Adrian Fish

Service Catalog ATTOSOL TECHNOLOGIES.

Enabling Self-Service for Data Scientists with AWS Service Catalog

Integrate and Automate. Business Processes. Cloud Essentials. Easily connect applications using Oracle s cloud integration capabilities.

A Cloud Migration Checklist

Data Sheet PRODUCT DESCRIPTION PRODUCT OVERVIEW

ACCELERATE AND EXTEND THE BENEFITS OF ENTERPRISE MOBILITY IN JUST TWO TO FOUR WEEKS FAST TO DEPLOY, EASY TO MANAGE

ADOBE EXPERIENCE MANAGER MOBILE. for Retail

The 4 Talent Acquisition Necessities

Securely Manage the Complete Identity Lifecycle of People, Services, and Things

ITSMA Release Release Readiness for Customers

Multisource Management in the Cloud Age Keys to MSI and SIAM success in Hybrid IT environments

Named User Deployment Migration Guide A Project Management Guide to taking full advantage of Adobe Creative Cloud for enterprise and Document Cloud

MONICA THORNTON Salesforce Admin, McKesson

5 Ways to Automate Collaboration Between Sales Teams and Everyone Else

Okta Challenges for Sales Engineer Candidates. Version: 6.0

A practical guide to more effective collaboration

Brochure. Application Lifecycle Management. Accelerate Your Business. Micro Focus Application Lifecycle Management Software

Windows 10: Digital transformation platform

iphone and ipad Management

The Future of NAS is Object

Oil and Gas. Powered by Infor 10 SunSystems Enterprise Financials

Salesforce Connector. Features. Workflow Salesforce Connector. webkul.com /blog/salesforce-connector-magento2/

Fostering Business Consumption With Automation & Orchestration Of IT Services. Antoine Acklin Head of Consulting, Australia & New Zealand

Problem solved: SAP Integration

HOW TO UNLOCK EMS. 3 Things You Need to Know to Capitalize on Enterprise Mobility Suite for Manufacturing

CI in the cloud. Case Talend & Nordcloud Ilja Summala, Group CTO, Nordcloud Anubhav Sharma, Senior Software Architect, Talend Deutschland

Solicitation # Account Provisioning and SSO Solutions Addendum #1 dated 2/14/2017

Delivering the Unified Workspace. Automate: Deliver: Manage. October 2017 Peter von Oven End User Computing SME

Informatica Cloud Application Integration

Vendor Cloud Platinum Package: Included Capabilities

VMWARE WORKSPACE ONE + MICROSOFT OFFICE 365 : ENABLING MORE SECURE COLLABORATION. A Solution for Balancing Productivity with Protection

SOFTWAREONE UNIFIED COMMUNICATIONS MADE SIMPLE UNIFIED COMMUNICATIONS FOR THE FUTURE WORKPLACE

INTEGRATING HORIZON AND CITRIX APPS IN A DIGITAL WORKSPACE

Comparing Alternatives for Business-Grade File Sharing. intermedia.net CALL US US ON THE WEB

WEBCENTER PORTAL CLOUD. Create Engaging, Integrated Digital Experiences

THINK YOU NEED A BYO STRATEGY? THINK AGAIN. Shift to a Digital Workspace Strategy in 5 Steps

The 7 Tenets of Successful Identity & Access Management

Agency implements Workfront solution in fewer than four months as standard for managing work for one client spanning 30 offices across 20 countries.

Solutions Business Manager What s New. May 30, David J. Easter Director of Product Management, SBM and SBM powered solutions

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

power up your business DIGITISE YOUR BUSINESS PROCESSES Entry Level

ForgeRock Identity Management

5 Pitfalls and 5 Payoffs of Conducting Your Business Processes in the Cloud

An Introduction to Oracle Identity Management. An Oracle White Paper June 2008

5 Key PaaS Benefits and What They Mean for Your Business

SaaS løsninger reintroduserer siloene, hvordan utvide og utvikle løsningene på tvers av og i samspill med, SaaS løsningene?

Creating a Well-Stocked, Well-Managed Enterprise App Store

UNIFIED SECURITY SERVICE (USS)

Innovation to grow. Insight to control.

Transcription:

CUSTOMER STORY Fairfax Media Adopts SaaS Apps Quickly While Enhancing Security The best feedback for us is when people don t notice it s there that transparent single sign-on, where the user is not necessarily aware they re using OneLogin. It just works. Steven Christall DIRECTOR OF SECURITY, FAIRFAX MEDIA Fairfax Media, an innovative and digitally progressive media company in Australia and New Zealand, needed a solution for quickly implementing their growing number of SaaS applications that also integrated with Active Directory. CHALLENGE Support Burden with Custom Integrations To provide secure application access and improve user productivity at Fairfax, the Technology team built a homegrown single sign-on (SSO) solution, working back and forth with app vendors, implementing SAML themselves, and building the multi-factor authentication (MFA) piece as well. As the number of SaaS applications grew, so did the burden on Technology. They needed to integrate each new app themselves with their identity directory Active Directory (AD). Obviously, this approach slowed down app rollouts, and also required a significant amount of time to build and support these integrations. The task was already daunting and continued to grow as the business continued to add more SaaS apps. David Tregoning, Systems Architect at Fairfax, recalls, It was taking substantial time to put applications in. We were looking for something that would be a turnkey solution to help us speed up that process and put less of a burden on our staff. Steven Christall, Director of Security, adds, Without an out-of-box integration to all these third party SaaS apps, we just couldn t keep up with the business rolling them out. Spending weeks aggregating information and pushing new apps through was no longer a sustainable option for the Technology team or the company. INDUSTRY Media USERS 7,000 TOP CLOUD APPS ServiceNow, Workplace by Facebook, Adobe Creative Cloud, Egencia, Google Apps, Salesforce, SAP SuccessFactors, Zscaler CHALLENGE Replacing manual app integrations with AD Unifying multiple directories Closing security gap in deprovisioning SOLUTION Unified directory, real-time AD sync, pre-integrated apps, and network-aware MFA with OneLogin RESULTS Relieves support burden Empowers users, raises productivity and saves time Faster app rollout heightens perception and morale

Securely Managing User Identities Across Multiple Systems and Applications With more than 100 users needing access to 30 individual Amazon Web Services (AWS) accounts, whenever someone leaves the business or changes roles, stranded accounts are likely to result. Christall recognized the security risk of having manual processes to manage these accounts. With this in mind, he wanted an AWS-approved solution to implement best practices for user management: provision and deprovision users faster and with less manual work. Overall, Fairfax was seeking a solution that integrated with AD and had real-time sync. So disabling a user in AD would also disable cloud accounts almost immediately, eliminating security risks and unnecessary costs. Complex AD Environment Since Fairfax is comprised of a number of business units that have merged over time, they have a diverse AD environment. Technology wanted a solution that could bring together five forests and 29 user domains without them having to do significant manual work. Some previous cloud systems required substantial work to prepare the identity information for syncing, and this was not maintainable in the long-term. ONELOGIN + AWS OneLogin makes it easy for companies to accelerate their migration to AWS and quickly scale and manage their growing AWS environment. Using OneLogin s best-in-class directory connectors and a powerful role-based user provisioning engine, companies can apply least privilege policies quickly and have an extra layer of security for AWS. ONELOGIN FOR AWS PRODUCT HIGHLIGHTS In summary, Fairfax needed a solution that had pre-integrated apps, real-time AD sync, and the capability to unify multiple directories. Although not a technical challenge in itself, time was another factor. Directory Integration Automated Multi-Role User Provisioning Single Sign-On (SSO) Technology needed a solution up and running fast, with the least amount of manual work. SOLUTION Multi-Factor Authentication Self Service Password Reset Through the OneLogin platform, the Technology team at Fairfax was able to quickly implement a unified directory, real-time AD sync, network-aware MFA, and out-of-the-box app integration. Pre-integrated Applications To meet growing demands, Fairfax looked for a solution that provided integration into a large number of SaaS apps, especially the ones they already had. Technology compared its list with the OneLogin app catalog, which currently has over 4,000 pre-integrated applications and continues to grow. OneLogin s intuitive rules engine easily maps multiple roles and accounts per user for comprehensive access assertion. Automate and manage least privileged access based on account and role (e.g. RDS Power User, S3 Power User, EC2 Power User, etc.) through a centralized access management platform. OneLogin also has the flexibility to set up new applications easily. Tregoning shares that for them, setup comes down to how well the application vendor or implementer understands SAML. He says, In the instances where we ve been in control of both ends, like ServiceNow for example, it was about a 30-minute setup. Thus, it takes only minutes for

his team, compared to the months of building an integration themselves. Not only can Technology implement apps more easily and quickly, but they and their users do not have to wait a full day for the apps to sync. Apps implement in near real-time, within 15 minutes at the most, states Tregoning. Standardized Multi-Factor Authentication Fairfax had built a custom MFA to help secure remote logins, so a standardized MFA solution with similar or better functionality was a requirement. OneLogin MFA functionality helps the Technology team deliver three tiers of authentication security: Transparent access from internal networks Prompt username and password on partner networks Prompt MFA for external internet access or for added security when appropriate Unified Directory As mentioned above, Fairfax uses AD as the user directory, but with multiple AD instances, it has incurred significant operational overhead in previous integrations. OneLogin enables companies to still control access to cloud apps through AD by acting as a unified directory. Technology unified the disparate directory sources through OneLogin Active Directory Connectors, which can be installed in minutes with no firewall changes required. The connector automatically discovers all forests and domains, and uploads the complete organizational unit (OU) tree to OneLogin. After selecting from which OUs to sync users, the users are pushed to OneLogin in the cloud and automatically kept up-to-date going forward. OneLogin enables companies to still control access to cloud apps through AD by acting as a unified directory that leverages user information like group membership from external directories in real-time. For example, an admin can go into AD and update identity information such as Manager, then OneLogin will read it in real-time and modify access control attributes like Role. For apps or web services like AWS, where users were not passing through any type of company gateway, Fairfax can perform best-in-class AWS user management through OneLogin. Technology can now use role-based access more effectively for AWS as well. When a user requests AWS access, the support team only needs to add the person to the proper group, and that person immediately gets access, rather than having the admin go into AWS to set up the account manually.

ONELOGIN ENABLES AUTOMATED, ROLE-BASED ACCESS MANAGEMENT WITHOUT ONELOGIN FIREWALL WITH ONELOGIN FIREWALL Active Directory Active Directory CLOUD CLOUD AWS OneLogin AWS RDS Power User Snowball S3 Admin S3 Power User EC2 Admin Glacier Elastic Beanstalk Route 53 Admin EC2 Power User Dynamo DB VPC Power User TechOps Lead S3 Admin RDS Power User Route 53 Admin DevOps Engineer EC2 Power User DevOps Lead EC2 Admin VPC Power TechOps Engineer S3 Power User INDIVIDUAL-ASSIGNED ACCESS ROLE-BASED ACCESS Real-time Sync with Active Directory To ensure the security of company data, user accounts must be disabled as soon as the user leaves. Christall affirms, From a risk and governance perspective, the near real-time disablement of accounts is a key thing. You know that access to 25 SaaS products gets cut off when a single account is disabled in Active Directory by the service desk. OneLogin synchronizes users in real-time, which means creates, updates, deletes and suspends are pushed from AD and other apps within seconds. Real-time sync makes onboarding more efficient and provides Technology with that essential kill switch for protecting data. RESULTS It took only a week and a half to implement OneLogin. Technology has since seen several key benefits, as have end users at Fairfax. From a risk and governance perspective, the near real-time disablement of accounts is a key thing. You know that access to 25 SaaS products gets cut off when a single account is disabled in Active Directory by the service desk. Steven Christall DIRECTOR OF SECURITY, FAIRFAX MEDIA Reduced Support Burden Today, Fairfax users can seamlessly access their apps to do their job from anywhere without the burden on Technology teams to support and keep up with building custom integrations. With unified directories and the ability to use OneLogin as the gateway to internet-based applications

and services, Technology also saves time by not having to clean up stranded accounts, especially in the most robust of platforms like AWS. Password management is centralized and deprovisioning is real-time, effectively disabling all affected accounts and closing the security gap. Empowered Users Another example where Technology enables users to save valuable time is through self-service password resets. The year before Fairfax implemented OneLogin, they recorded 3,138 password resets in ServiceNow, its support hub. Christall recognizes the intangible benefit of an empowered user: They can self-service reset. They re not sitting in a phone queue or wasting time waiting. On weekends or outside service desk hours, they can also effectively get in, which is an additional bonus. Furthermore, Christall figures that at about 10 minutes per password reset, their teams have since avoided those costs (approx. 40,000 AUD) and wasted time (approx. 500 hours). Fast App Implementation and Heightened Perception Technology now implements applications in a day or less and in a way that, Tregoning states, is far less onerous on my peers and me. Additionally, other departments have started to perceive Technology differently. In some cases, they ve asked upfront how long implementing an app will take, expecting to hear weeks or months, and to their surprise, the team replies, Whenever you re ready. One of the greatest things I find with OneLogin is the relationship we have with support and the regular calls we have. David Tregoning SYSTEMS ARCHITECT, FAIRFAX MEDIA Working closely with a technology partner helps enable this readiness. One of the greatest things I find with OneLogin is the relationship we have with support and the regular calls we have, says Tregoning. Christall adds, Generally, Technology has been perceived to be nay-sayers. Having these sorts of toolsets allows us to say yes more often and more quickly, which is very important from a service delivery and perception point of view. About OneLogin, Inc OneLogin brings speed and integrity to the modern enterprise with an award-winning SSO and identity management platform. Our portfolio of solutions secure connections across all users, all devices, and every application, helping enterprises drive new levels of business integrity and operational velocity across their entire app portfolios. The choice for innovators of all sizes such as Condé Nast, Pinterest and Steelcase, OneLogin manages and secures millions of identities around the globe.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback