Houston-based company BMC began building its knowledge of computers back in the days when single mainframes filled entire rooms. Now, over three decades later, the firm has grown to support more than 10,000 organizations all around the world, including Global 100 giants. Serving such a large and diverse client base with its cloud and IT management solutions means BMC has a deep understanding of the intricacies of digital technology.
As BMC's business transitioned to cloud-hosted SaaS solutions the IT department faced new challenges. They needed to ensure employees’ access to apps was managed efficiently and securely so they could effectively do their jobs. BMC customers also required easy and seamless access to their subscribed products, so BMC started looking for an identity and access management solution to help as the business rapidly expanded.
As a cloud-first organization, BMC was discerning when choosing its cloud providers. Senior Manager of Information Security Tien Dinh, who has been part of the BMC’s team for 18 years and counting, says the company was searching for a flexible, easy-to-use identity provider.
After considering multiple SaaS identity providers, Dinh explains that Okta was the clear solution as it offered a flexible and reliable solution, as well as a great support team. With Okta in place, BMC provided a single sign-on solution for both employees and external customers to access SaaS and on-premises applications. “Okta allows us to add authentication integrations to SAML-enabled SaaS vendors quickly and securely as well as custom applications located on multiple servers on premises,” says Dinh. “SSO integration was fast and easy.
Today with the Okta Identity Cloud, BMC better serves its 7,200 Active Directory users and 80K+ Sun LDAP users. SAML is enabled for more than 20 SaaS applications, including Salesforce and Office 365, in addition to the custom applications on premises through Shibboleth and Spring Security. In addition to SSO, BMC has expanded its security perimeter with Okta Multi-Factor Authentication using Okta Verify.
To improve internal IT efficiency, BMC relies on Okta Lifecycle Management with Universal Directory. The team has implemented dynamic groups based on Active Directory attributes to better manage who has access to what applications.
Some of the advantages BMC has accrued by using the Okta Identity Cloud:
3-4 hours to authenticate SaaS solutions through SAML 2.0. Once authenticated, it’s easy to limit access to the right users
Increased efficiency through Desktop Single Sign-On: employees don't have to log in once they're on the network
Enhanced security: The Okta Active Directory integration and sign-on policies protect SaaS sandbox environments. The Active Directory softlock helps prevent a Domain Controller lockout due to hacking attempts
Easier integrations: Okta RADIUS allows BMC to integrate Linux authentication using Okta and permits single sign-on with non-SAML; Sun LDAP integrations for customers’ delegate authentication and Okta Shibboleth for implementing SAML authentication for on-premise applications that do not support SAML