Health Research Inc. Pivots Quickly to Remote Work with Okta
weeks to deployment
apps integrated in the first month
- Support for health researchers
- Transitioning away from DIY tech
- Unprepared for remote work
- Okta integrations, fast deployment
- Better visibility and security for today, and for the future
Health Research, Inc. (HRI) administers grants and program support to leading health and research facilities across New York State. The non-profit’s work requires a wide array of applications for HR, purchasing, accounting, inventory, grant-writing, and more. For decades, HRI’s IT team developed all their own technology solutions in-house.
HRI’s custom software worked for years but, as the organization grew, support needs became unmanageable. Developers struggled to keep up with evolving trends and security requirements. HRI began to move toward cloud-based applications and expert vendors. Then COVID-19 hit.
Suddenly, many of HRI’s employees were working from home. Others were reassigned to different locations. Many of these workers were unable to access HRI’s custom applications from outside the organization’s secure private network—they couldn’t even submit timesheets. HRI needed a new identity and access solution, quickly.
HRI evaluated three potential solutions, but only Okta provided streamlined and secure access to their on-prem and cloud-based applications. HRI and Okta worked together to implement the solution in just four weeks, and went live on a high-traffic timesheet day.
OAG gives HRI more visibility into who is remotely accessing their on-prem apps, and when. By trusting Okta with their identity and security requirements, HRI’s IT team is free to focus on more strategic work, including developing a better user experience, implementing more Okta features, and, crucially, preparing for potential future crises.
It’s nice to say that we bought a solution for a purpose and for a particular goal—in this case to help remote work—but the fact is, Okta has opened up possibilities to accomplish things that we really didn't have on the radar in the first place. There are aspects of the tool that my developers are just discovering and it’s energizing them.
Mike Varney, Assistant Director of Information Systems, Health Research, Inc.
- Secure access to on-prem and cloud applications for remote workers
- Fast deployment in unexpected and uncertain times
- Vastly improved ability to scale IT systems securely and efficiently
- Streamlined workflow and increased productivity
- Improved visibility and security
- Professional and cohesive user experience
- Dramatic reduction of internal support burden allows HRI developers to work on more strategic projects—or even take vacation
Helping health researchers do their work
Health Research, Inc. (HRI) plays a key role in building a healthier future for the residents of New York State and beyond. As a nonprofit corporation, HRI administers grants and other sponsored programs in support of public health and research programs.
“Our entire company is geared toward efficiently supporting grants and providing as many cost efficiencies as possible.”
Since 1953, HRI has facilitated ground-breaking research, including ongoing work with a laboratory in Albany that handled a significant part of the COVID-19 response in New York.
With HR, accounting, purchasing, and other departments, HRI has significant IT needs. For years, the organization met these needs completely in-house.
“We were a do-it-yourself kind of place for technology,” says Varney. “We wrote our own timesheet application, we wrote our own purchasing application. If we had an accounting system that wanted to talk to an inventory system, we just wrote some code and did it ourselves. We felt that we were the best-suited to analyze our requirements and to develop very customized tools. And that was okay for a very small organization, for a while,” he says.
But HRI is no longer a small organization and their technology landscape was evolving rapidly. Varney came to a realization: developing all that software in-house was no longer efficient, cost-effective, or suited to modern security needs.
The move to replace home-grown tech with cloud services
Varney and his team recognized they had to scale the HRI system to serve 4,000 people including employees, lab techs, and researchers. “If we kept going the way we were, we were going to spend a fortune on developers and we were going to have trouble keeping up with new trends, new application concepts, and security. It just wasn’t going to go well,” he says.
Supporting in-house applications was already becoming difficult. “We had to make sure that our developers were available at all times,” Varney says. “My developers couldn’t take a vacation, because if an application broke, I wouldn’t have anybody to call on.
Another challenge arose with the HRI-designed identity management product. Varney implemented the solution, but he had difficulty supporting the technology—even though he had helped develop it. “I actually had to pay a consultant to be my first-level support and the person I called if things went wrong,” he says. “And as time went along, things such as single sign-on became a concept, and the potential for people trying to break into our systems became more of an issue.”
To relieve the internal support burden and to keep all applications up to date, HRI began replacing some of its in-house technology with cloud-based applications provided by outside vendors.
“Instead of being a development house and inventing all the solutions ourselves, we realized we had to be integrators,” says Varney. Vendors would also know the latest requirements, regulations, and advances in their particular space, making them better positioned to make timely updates than HRI ever could be.
“We admitted that we don’t really need to know everything, as long as we know the guy who knows everything,” says Varney.
Pandemic-forced pivot to remote work
In this spirit of HRI’s move toward the cloud, a number of HRI developers suggested the organization implement Okta’s Single Sign-On (SSO) solution about 18 months ago. At that time, Varney says, SSO alone didn’t seem to justify the purchase.
“Well, then COVID happened,” he says. “We were quickly in a situation with a large number of our workforce either working at home or being reassigned to work in areas they weren’t ordinarily assigned to work.”
HRI wasn’t ready to support that volume of remote workers. Users couldn’t access HRI’s highly customized in-house applications unless they were on the organization’s private network.
“Our private network was our way of securing the apps and there was just no way to get to them from the internet,” Varney explains. “Overnight, we found ourselves in a situation where our protected network had to be open to people who could be working anywhere in the state. Redesigning the applications or putting them through penetration testing and making them available on the internet would have been risky, time-consuming, and not viable.”
Finding a solution couldn’t wait. A significant number of HRI employees couldn’t access the homegrown timesheet app remotely, meaning they couldn’t submit timesheets.
Varney acted quickly to piece together a temporary access solution. “It worked, but only about half the time,” he admits. “We realized that we needed to get another product. We needed to buy something.”
Secure access to hybrid IT environment
Varney and his team looked to the marketplace for an effective identity solution that would seamlessly integrate with their home-grown and cloud-based apps and offer secure anytime, anywhere access for workers without requiring changes in app code. They evaluated three vendors and ultimately selected Okta.
Okta could easily integrate with HRI’s existing suite of applications, offering HRI employees access to cloud apps. And with Okta Access Gateway (OAG), the security could be extended to on-prem solutions through a single login. “We can no longer rely on the private network, and Okta offers quick access to internal resources, wherever our people are,” says Varney. But it wasn’t just OAG that caught Varney’s attention.
“We also knew that once we got OAG going, we’d have extra benefits down the line,” he says. “We would get the SSO that developers had been asking for a year prior, and we’d get all this extra security that Okta could provide—all in one basket. That’s what made the decision.”
Considering the complexity of HRI’s hybrid environment, Varney was prepared for a four- to six-month implementation timeline. “But Okta said they were going to get the entire implementation done in a month,” Varney says. “We thought they were crazy.”
Varney and his team worked closely with Okta Professional Services and Tecnics, a consulting firm, on the implementation. The group decided to launch Okta with dual sign-on instead of taking the time to integrate SAML (which would enable SSO) with all the home-grown applications. “The benefit was going to by far outweigh the inconvenience of typing in a password twice,” says Varney.
Less than a month later, HRI went live with Okta on the same day that 1,200 users had to log in to submit timesheets. “We went live at pretty much the busiest time possible, with so much activity in the system,” Varney says. It was a good stress test for the new product, and the system passed with flying colors.
HRI integrated more than 25 apps with Okta that first month. They also implemented the Okta dashboard, which provided a single portal for users to access all apps. “We realized it was going to give us infrastructure that we didn’t have to maintain. It would give a menu that people could click on and was the place where we could communicate with the end-users,” Varney says.
Okta also allows the IT team to delegate administrative tasks. For example, Varney let the HR department determine access privileges for Litmos, HRI’s employee training tool. HR no longer had to wait for IT to make changes, which saves both teams time, streamlines the training process, and better serves the end user.
“Successfully implementing Okta has reinforced the corporate decision not to self-design software anymore,” says Varney. “Instead, we outsource and make it a requirement of any arrangement that it supports our people, regardless of where they are.”
Better, more secure user experience
Okta lets HRI offer a more professional user experience, Varney says, which helps the end-users feel they’re getting more value out of their relationship with the organization.
HRI also now has more confidence in its security posture. Okta offers improved visibility: for the first time, the IT team can see who’s logging in, when, and how many timesheets are submitted. And Varney relies on Okta’s expertise to stay on top of security trends.
“I know that Okta knows what they’re doing at this moment, and they also know where security is going in the future, and they have a plan to keep things up to date. I don't have to worry about that kind of stuff,” he says. “I also don’t have to worry about how much storage the security system requires because it’s all just in the cloud.”
By taking much of the responsibility for security and support away from the IT team, they have more time to tackle other goals. “Instead of constantly churning out update after update of a software package, now I can pay a little more attention to things that my end users really need,” he says.
“It’s really been a different mindset; now we're more of a solutions house than we are a development house,” he continues. “It’s not the software itself that makes you powerful, it’s the time it frees up to do strategic work.”
Ready for what the future may bring
Varney says HRI’s relationship with Okta is still in the early stages. He plans to deploy Okta Multi-Factor Authentication to all users, and implement Lifecycle Management to streamline provisioning and de-provisioning.
“It’s nice to say that we bought a solution for a purpose and for a particular goal—in this case to help remote work—but the fact is, Okta has opened up possibilities to accomplish things that we really didn't have on the radar in the first place; there are aspects of the tool that my developers are just discovering and it’s energizing them.”
But most importantly, Varney is grateful for connecting with Okta at a very tough and uncertain time. “We were in a situation where we were completely unable to do certain tasks,” he says. “We knew our system was taxed and we didn’t want to use it for more than three weeks. Okta came in and recognized what needed to be done.”
“Okta got us through,” he continues. “It gave us the ability to respond to the COVID situation and get help to the people who really needed it. And so right now—everybody keeps on talking about a second wave—we know that we're completely ready.”