Ellen Messmer over at NetworkWorld recently wrote a nice profile of one our customers, Amag Pharmaceuticals, and how they are leveraging the cloud to evolve their IT operations. Nathan McBride, the executive director of IT for AMAG, truly has a “Cloud First” mentality and his approach has been very successful thus far, so I wanted to share it as an example of what a difference cloud can make when done right.
In a recent conversation, Nathan described his process:
“When I came to AMAG in 2008, I knew where I wanted to end up: No IT department at all.”
“The company had brought in a CFO in 2007 who had identified that we needed to have a formal IT department and program. Up until this point, there had been no central process around IT, but rather an ‘every employee for him or herself’ model, where they just went out and bought what they needed which had resulted in a lot of redundancies and inefficiencies. So I came on board with this vision to build an IT department that was infrastructure-less.”
“Right off the bat, I started to get rid of the things accumulated over the years to kick off a three-year strategy to drastically reduce corporate IT assets. I knew it was possible to run the department with very few people if it was run in a certain way, and it has worked. Even despite hiring four people to run IT, we have decreased our budget each year and are currently at a 60% decrease cost since I started - from $2.8M to $1.4M.”
“So, what did we do to make this happen?
- Divided cloud strategy into five buckets, which I call the Five-Headed Dragon:
- Authentication and Access
- Files Systems
- Client Management
Instead of perimeter security we focused on ‘people-centric’ security and securing individual identities and information. To do this we wanted to deploy an external single sign-on solution with portable authentication. We looked at Hitachi, Symplified, IBM Tivoli, Courion, Ping Identity and Okta – ultimately we chose Okta.”
As Messmer describes it in her profile:
“One thing Amag looked at was how easy it would be for the cloud vendors to supply specific plug-ins for more than 15 applications. These plug-ins apps would be needed to foster SSO commands between the cloud services, the employee desktops and the cloud-based applications that Amag used elsewhere. ‘For Okta, the ace card was that they already had it…’
‘All the conduits sit at Okta,’ says McBride. ‘The user authenticates to Okta,’ and in the cloud a tunnel is created from the client Web browser to Okta to the application that's hosted in another locale altogether. Instead of storing employee information at Amag, ‘Okta maintains our profile’ of the employee account and which of the many cloud-based services they're allowed to use.”
“Now everything in our company is in cloud – expense reporting, employee self-service, paychecks, etc. Every employee logs in through Okta first to access all their applications. They each have one username and 15-character password and Okta-maintained profiles that provide instant access to the groups they belong in. “
“SSO makes our job in IT incredibly easy because Okta provisions all the accounts. When an employee leaves, Okta terminates their account. Basically, all IT has to do is assign a new hire to the right group, Okta does the rest and we just have to provide them a laptop. That's pretty much it.”
And this is music to our ears.
How are you leveraging the cloud in your organization? We’d love to hear.