Mergers and acquisitions (M&A) are common for organizations seeking new markets, technologies, and resources. Not only do they provide organizations with an accelerated growth path, they also allow them to gain key assets rapidly.
Although M&As are great for business, they produce a range of challenges for IT teams. Consolidating multiple directories or domains is costly and time consuming. Integrating legacy systems is complex and slow. Managing disparate security policies can create security risks and a lack of visibility into who has access to what. These actions all have to take place without impeding everyday operations, while also ensuring that employees have all the tools and information they need to ensure a seamless transition.
Identity and access management solutions are a key component of any IT system, but they become absolutely critical when organizations are joining together—that’s why they turn to Okta. As mutually distinct directories must be unified under a common framework, and users from one company demand access to the services and applications of the other, Okta provides solutions tailored to fit each customer’s’ unique needs. Sometimes these solutions are straightforward—and other times they call for drastic customization and problem solving. Here are three different case studies of how companies utilized Okta to increase their agility and successfully navigate their M&A transitions.
The Association of International Certified Professional Accountants
The Association of International Certified Professional Accountants ranks among the world’s most respected networks of accounting professionals. It was formed in 2016 by the combination of two different associations, The American Institute of Certified Public Accountants (AICPA) and the Chartered Institute of Management Accounting (CIMA).
Once the two independent organizations had merged, the new business required a unified email solution—but they were met with a few challenges. AICPA operated a very old EBS system that stored credit cards on its network and did not use payment gateways. Because the network was not segmented, and because no PCI audit security controls existed, the entire network was in-scope for PCI compliance and was deemed incompatible with CIMA’s network.
Both AICPA and CIMA utilized Office 365, albeit in slightly different ways. AICPA depended on Azure AD Sync to populate user accounts from their Active Directory (AD) to Office 365, and integrated Okta Universal Directory into Office 365 for authentication. CIMA, on the other hand, ran an on-premises Exchange server, and was using Office 365 for a separate client.
Integrating both organizations into a single Office 365 tenant proved challenging. Neither of the approaches Microsoft would normally recommend were workable in the context of this specific merger due to a complex mosaic of rules, stipulations and technical limitations.
The team resolved this by building off AICPA’s current system, using Okta Universal Directory integration in conjunction with Azure AD Sync. They simply added CIMA into that infrastructure by syncing CIMA’s AD into Okta, and then allowed Okta to provision the accounts on Office 365. This solution also enabled the team to leave the CIMA Office 365 tenant, and their on-premises Exchange server, untouched and operational.
The solution also provided additional benefits down the line. The Association of International Certified Professional Accountants has since removed the second Office 365 tenant and the on-premise Exchange server with no impact to the business. The solution has also provided them with flexibility to accommodate their affiliate, cpa.com, on their shared Office 365 infrastructure. Thanks to their simplified setup, they have also transferred operational IT support to an external vendor, saving their team time and effort.
DigiCert purchased Symantec Website Security and its associated PKI solutions, completing the transaction process at the end of October 2017. This acquisition needed to occur rapidly due to an issue involving the Symantec Website Security Certificate Authority, with Google threatening to distrust the Symantec roots.
The merging of the two companies was no small exercise. DigiCert was only one quarter the size of Symantec Website Security, with only 200 employees as opposed to Symantec’s 1,200. In addition, the two companies combined had 9 data centers, over 330 different applications, and 15 offices, all of which needed to be merged and consolidated.
As of December 2017, Symantec Website Security could no longer issue digital certs within their backend infrastructure. This meant that DigiCert now needed to go back and revalidate all the valid certificates which had been issued to date. However, where DigiCert expected 10,000 validations per day, the actual number was more than 10 times higher—over 100,000 validations—which put an immense amount of pressure on the business. This resulted in DigiCert needing to onboard an additional 500 contractors within two weeks to meet the increase in demand.
Okta’s Lifecycle Management was critical in order for DigiCert to onboard so many employees in such a short time. The solution provided them with the functionality needed to implement a 0-day start, and as contractors departed, rapidly deprovision them with a 0-day stop. As a security-based organization, DigiCert had multiple security controls to adhere to, and Okta’s Adaptive MFA gave them the necessary multi-factor authentication functionality they needed to achieve compliance.
As a burgeoning IT security and compliance business, DigiCert quickly identified other areas where Okta could help improve their systems and infrastructure. Okta Single Sign-On with federation capabilities allowed them to limit password reuse, while connecting different user accounts to multiple applications. Furthermore, Okta Universal Directory allowed them to map user attributes from their on-premises Active Directory to these cloud applications..
TP ICAP is a global brokerage and information firm, playing a central role at the heart of the world’s wholesale financial, energy, and commodities markets. It was created when Tullett Prebon (TP) agreed to acquire ICAP’s global broking and information business in November 2015.
The merging of the organizations post-acquisition involved over 5,300 staff and a combined technology stack of approximately 400 IT systems. The newly-formed company set an ambitious target: they wanted to reduce costs across corporate and technology functions by 100M pounds sterling. In addition, TP ICAP has aimed to consolidate their IT systems from 400 down to 200 and decommission 33 systems by 2019.
With communication and collaboration being key during such a disruptive phase, Okta helped TP ICAP rapidly connect their different Active Directory infrastructures so that they could share resources and applications. In addition, Okta also enabled TP ICAP to manage their migration path without affecting their day-to-day operations; the solutions allowed them the freedom to expand their existing architecture, as well as to lay a strong foundation for future development. Finally, Okta also helped TP ICAP achieve their ambitious cost reductions by consolidating and simplifying their authentication services. This included the integration of four Active Directory forests through Okta’s Universal Directory.
Mergers and acquisitions can spell turbulent times for even the most well-established companies. In many cases, the integration and consolidation of separate IT proves to be complex and time-consuming. However, Okta’s identity management solutions significantly improve the M&A process by unifying hundreds of applications, systems and users.
Looking for more details? Watch the full customer stories in our Oktane18 session here.