Microsoft’s Active Directory (AD) has been a cornerstone for authentication in enterprise-grade systems for years, responsible for features such as SSO and storing sensitive login data. However, the past two decades have seen more enterprises shift from legacy on-prem infrastructure to best-in-class SaaS applications, requiring them to reevaluate their modern access strategy.
At Oktane17, Okta’s Sonali Vaidya detailed some of the significant challenges companies face as they update this infrastructure. She also shared three ways Okta helps companies provide a seamless experience for customers during this digital transformation in order to better serve the end user and grow business at the same time.
The explosion of the cloud means companies needed to consolidate 20 years of infrastructure into a single, manageable system – but there’s no singular solution either. Some systems need that centralized management system, while others need to be fully automated and human-free. Not only is Okta’s Universal Directory flexible enough to enable that, it can connect to an unlimited number of directories and bring legacy data to the web. This means users have access to their login data from day one. Companies can also connect their data and safely migrate their systems in the backend without any impact on their users.
A shared services layer
Devoting itself to flexibility again, Okta embraces requirements such as allowing some ADs to communicate with others, while fully segregating a number of them from the rest. Companies may also need several other third-party services, all of which can interact through a single layer of interface rather than being spread across different ones.
Automating lifecycle management
The cloud explosion hasn’t only affected the storage of existing data – incoming data from other online sources also need a place in AD. There’s been a significant increase in the number of web-based apps used by HR departments, and it should be easy to introduce this new data into AD. With Okta, it’s seamless to connect everything and bring accurate data directly from the source, whatever and wherever it is.
Case Study: Engie Sets a Foundation for Modern IAM
Of course, talking about capabilities is one thing, but showing its benefits through a proven use case is another. Frédéric Poncin, Lead Architect IAM/Security at Engie, took the stage at Oktane17 and described how his company had 120,000 users around the world and over 300 ADs that needed to become a part of one manageable system. Naturally, Okta was up to the task.
Two years ago, energy company Engie was looking to increase its global presence and branch into different businesses. To cement its position as a leader, it executed a series of mergers and acquisitions, and with this accelerated growth found the urgent need to consolidate data.
One of the key challenges Engie encountered, according to Poncin, was the wide range of teams the company now has across the globe. Each team worked efficiently on their own, which meant that each one of them had their own AD schema. There was no simple rule that could be applied to normalize and migrate all datasets. This also meant there was a wide variety in operating systems and hardware that needed to be utilized. It wasn’t feasible to upgrade every user at once, or even impact a small subset of them during the migration. Furthermore, they faced concerns about onboarding local IT and their local data. How could they effectively deploy a solution to every smaller entity? How could they guarantee the quality of the data they imported? With 20 plus years of legacy data, it would be ideal to start the digital age with a clean and reliable data set.
With Okta’s help, Engie was able to bring their entire global network into the cloud in just six months. Okta’s ability to have an unlimited number of ADs connected meant there was no worry about going to each local entity to bring them on board. With unified management, they were able to specify technical rules about joining data with local teams, and leave them to implement the changes autonomously. In addition, these strict rules enabled explicit filtering of old data, keeping the newer sets clean. Finally, with users maintaining access from day one of the Okta deployment, Engie was able to release the backend architecture change from an urgent timeline. They could work on the hidden parts of the system without any impact on users.
Vaidya and Poncin effectively showcased the power of Okta, especially given the overwhelming success Engie has experienced connecting multiple business units around the world. Not only that, their examples emphasize how it important is to not always leave behind old technology and information for the sake of modernization. You simply need to adapt and enhance it.
Update your modern access strategy with Okta’s Universal Directory – just $1 per month per user.