A global immunization alliance
Gavi, the Vaccine Alliance connects public and private stakeholders in global immunization to help ensure life-saving vaccines reach every child across the globe. In 2014, leaders realized its existing, legacy IT infrastructure didn’t enable the full potential of Gavi’s partnerships.
Managing identity in far corners of the world
Gavi begins moving to the cloud, to help strengthen collaboration, and chooses The Okta Identity Cloud as its platform of choice for managing and authenticating users in the most difficult and varied environments on Earth.
A partner committed to the cause
Gavi takes advantage of the Okta for Good program, and rolls out Single Sign-On. In six weeks, the organization integrates 14 applications into Okta. Within two weeks of its launch, 90% of staff are using the solution.
Connecting key players
Gavi implements Okta for 1,500 external stakeholders, and continues to roll out new Okta features. Adaptive Multi-Factor Authentication helps secure transactions, and Universal Directory helps keep profile data synced across the Alliance.
Okta is enabling the world’s poorest countries and more than 1,500 users to gain access to Gavi’s support for vaccines introductions and health system strengthening, all to save kids’ lives.David Nix, Chief Knowledge Officer, Gavi
A global immunization alliance
Gavi, the Vaccine Alliance is a global partnership bringing together public and private sectors with the shared goal of creating equal access to vaccines for all children. Gavi funds immunisation programmes in developing countries, where the vast majority of the world’s unvaccinated children live. They also support the strengthening of health systems to help ensure vaccines reach people everywhere.
As chief knowledge officer, David Nix works on a key aspect of the organization’s mission: The more efficiently vaccine knowledge is shared, the greater number of children get vaccinations. “Gavi’s objective is to bring together stakeholders in a global immunization system and connect them to the best vaccine knowledge available,” he says. From 2000 to 2015, Gavi helped immunize more than 500 million children. By 2020, they hope to reach an additional 300 million children.
While the Gavi secretariat employs only about 300 staff members, thousands of people worldwide converge through Gavi partners to fulfill its mission. When Nix started at the organization in 2014, that mission was operated by a traditional, on-prem IT infrastructure focused on a few core technologies. He quickly set out to change that, moving to an agile, cloud-based architecture made up of best-of-breed solutions.
“Gavi’s going through a transformation across the entire organization,” says Nix. “We’re changing every part of the technology—every part of the business.”
Identifying users in far corners of the world
As they moved to the cloud, the application security architecture evolved more toward protecting applications and data, depending less on maintaining a bullet-proof perimeter. While Gavi started with Microsoft Active Directory Federation Services and Salesforce Identity, it became critical for the organization to find an identity management solution that could work across multiple, heterogeneous cloud services. “Having identity management in the cloud and embedded into everything we did was critical for our success,” says Nix.
Identity management also plays into Gavi’s knowledge sharing strategy. With so many stakeholders and users spread out globally, they needed a platform that could streamline access to data, knowledge, and information services, while securing and tracking those interactions.
“With the increasing pace and acceptance of digital interactions, capturing, reviewing, sharing, and learning happens more and more online, in apps, and on social,” says Nix. “To ensure that the right knowledge is delivered via these digital channels, knowing who is on the other end becomes the key.”
That may sound like a common enough business challenge, until you think about the circumstances on the ground. “We’re connecting stakeholders in some of the most difficult environments in the world,” says Nix. “Users from fragile states like Somalia for example, where the infrastructure challenges are difficult. Now, layer on top of that environments like Uganda, where you have a mobile explosion happening.” The challenge for Gavi is connecting thousands of culturally diverse users in varied and sometimes incredibly problematic environments.
A partner committed to the cause
At first, Nix looked within the organization for an existing identity solution, but quickly expanded his search. “We brought to bear our procurement team, a cross-functional team across Gavi, to really help assess what the market looked like,” he says. The team sought advice from Gartner, and finally settled on Okta as a leading candidate.
“I was pretty adamant that I wanted Okta people on our project,” says Nix. “They knew the product. They knew how to help us solve the problems—but they were also really interested in what Gavi was doing.”
Okta knew the product. They knew how to help us solve the problems—but they were also really interested in what Gavi was doing.
Gavi took advantage of the Okta for Good program, in which Okta donates time, product, and equity toward giving back to the community. Okta supports nonprofits like Gavi, offering free licenses and preferential pricing to help make their IT more efficient. With Okta, says Nix, "it wasn’t just about implementing the technology, it was about saving kids’ lives. That’s a connection you don’t always get when you bring in professional services.”
Compared to other identity implementations, Nix says, “Our implementation of Okta was surprisingly simple. It was a six-week implementation. We integrated 14 different applications, and within two weeks we had 90% of our staff registered and using the solution, with almost zero negative feedback. It was astounding to me what [Okta] helped us do.”
Connecting, securing, and tracking the key players
Since then, Gavi has implemented Okta for about 1,500 external stakeholders worldwide. “We have users across the world using Okta to gain access to the online and digital services that Gavi provides,” says Nix. The team rolled out a country portal connecting countries to the application tool for vaccines and health system strengthening grants.
Next, they brought partners, such as the WHO and UNICEF, onto a Salesforce partner portal, with Okta authenticating and tracking access. “This online partner portal is a great step, in terms of being better and more efficient at how we deliver services to countries,” says Nix.
This online partner portal is a great step, in terms of being better and more efficient at how we deliver services to countries.
Since then, Gavi has begun to expand its Okta feature portfolio. “Single Sign-On was an important step,” says Nix, “but we’ve also rolled out Adaptive Multi-Factor Authentication, which has really helped enable a sense of stronger security across all of our stakeholders. We are looking to embed MFA into our financial transactions online. When someone is approving payments online, we want to ensure that we have the right person on the other end of that transaction.”
“One of the key capabilities that comes with Okta is the ability to master identities from various sources,” says Nix. “It’s been such a huge problem for Gavi—you have all these different applications and identities coming from all these different sources. How do you keep those in sync? It has such a visible impact on users when they don’t see the right information when they log in.”
With Universal Directory, Gavi can easily keep profile information and data up-to-date across all its applications, including Salesforce, FairSail HRIS, Office 365, and other financial and downstream applications. As a result, “we will have higher-quality data about our staff in all the right places,” says Nix.
Technology that works for humans
In the shift from traditional IT to cloud services, Nix sees a move toward stronger human connections. “When we talk about single sign-on and identity management, it somehow comes off like—it’s this piece of technology. It’s a great technology, for sure, but at the end of the day, it really is about people,” he says. “It’s about the person on the other end of that device, who’s trying to do some work or have some sort of interaction with your organization.”
“When we implemented Okta, we thought, ‘We’ll reduce the number of [help desk] tickets,’” says Nix. “’It’ll be more efficient, from an IT perspective. It’ll be more secure.’”
“We achieved all those things,” he says. “What I didn’t expect was how great our users felt about the solution. I had multiple people coming up to me, without asking, and saying, ‘Okta Single Sign-On—I can log in, I can see everything that I have access to, and I can do it from anywhere, any device. This is the best thing you’ve done.’”
“We’ve rolled out some really great applications,” says Nix. “For users to come back and say, ‘This is the best thing,’ it really speaks highly of the whole Okta experience.”
For Okta, the knowledge that we’re a part of that story gives us another reason to get up and go to work every day.
Gavi, the Vaccine Alliance is a global partnership bringing together public and private sectors with the shared goal of creating equal access to vaccines for all children. Gavi funds immunisation programmes in developing countries, where the vast majority of the world’s unvaccinated children live.