Mirador connects the best financial reporting technology to the wealthiest of clients, with Okta as the identity foundation

A small but mighty team

Mirador builds technology solutions that help its clients understand their net worth, evaluate the performance of their investments, and identify risks and opportunities. The firm is relatively small—with about 160 employees in offices across the United States, Ireland, and Scotland—but casts a long shadow. 

Current CEO and President, Joseph Larizza, founded the firm in 2015 and has grown the organization to include 30 client platforms that connect diverse financial reporting services to serve thousands of customers representing more than $369 billion of wealth.

“We set up the software, we write the reports, we make sure that the data that gets in is accurate, and we answer any questions clients might have,” Joseph says. “It allows customers to focus on the output of the information, as opposed to making sure all the data is right.”

Cloud-first strategy as a key differentiator

Mirador operates in a cloud-only environment with a small IT staff of two. “I’m a big believer in not having any IT staff, per se,” he says. “We don’t have servers that hold any software.” So Larizza’s team is committed to using best-of-breed technologies that make them more efficient or help them offer better client services.

To build financial reporting platforms for clients, Larizza, and team members work with a large number of disparate cloud vendors. “It’s the best part, and also the hardest part,” he says. “The cost, in dollar terms, to switch from one solution to another is minimal, so we always stay with the best-in-class. But, the real challenge is identity management and getting the systems to talk and pass data to each other.” 

The real cost of switching solutions rises when changes directly affect Mirador’s clients. “Having [clients] re-enroll in the systems is one of the biggest costs in our cloud-first strategy and solution,” says Larizza.

Security concerns also top Larizza’s list of identity management priorities. According to Larizza, “it’s not about guarding the castle, it’s about the person entering the castle.” 

The likelihood of an account takeover resulting from compromised user IDs or passwords is much higher than the risk of a malicious third-party hacking into Salesforce or Addepar to steal data. “A robust and uniform security policy is very important to us, particularly as it comes to client access,” he says.

An Okta believer from way back

Larizza first worked with Okta as chief administrative officer at Fieldpoint Private, a wealth management firm created by and for those same high-net-worth clients. When he decided to start Mirador, he knew Okta would play a significant role. “Okta might have been the second or third contract that we signed,” he says. “It was that important to us.”

“Okta checks all the boxes, from a security perspective,” says Larizza. “The fact that Okta is in the upper-right-hand quadrant for Gartner and that large companies with massive information security departments rely on Okta—puts our clients at rest.” 

“[Okta] is an incredibly powerful tool that’s simple to use and administer,” he adds. “If it’s too hard, no one will use it. If it’s not secure enough, that doesn’t help, either. Striking that balance is important, and Okta offers the right features for us to do that.”

As technology consultants, the Mirador team closely follows and evaluates 15 technology categories. One is identity management. “We have a working knowledge of all the top players in the market,” he says. Mirador continues to choose Okta because the technology balances usability with a robust, forward-thinking security model.

Speedy, secure identity integration

Okta provides the identity foundation for all of Mirador’s customer service offerings. The firm deploys Okta Single Sign-On (SSO) as a simple portal where clients can log in securely and access all the enabled applications.

Clients use Box or Citrix to store and retrieve documents, along with various financial industry solutions such as Addepar and eMoney, or custodian-specific solutions from Fidelity, Schwab, TD Auto Finance, Pershing, and others. “Most of those applications are SAML 2.0-based. Some of them are proprietary SSO implementations. In some cases, we leverage SWA,” says Larizza. 

At the end of the day, it’s not about providing a single, Mirador- or client-branded platform, but about providing a single ecosystem that clients can access with a single ID and password. Clients appreciate being able to swap out applications quickly and easily to achieve the results they want. “That’s a tremendous uptick from a traditional legacy platform, where everything had to be working in lockstep,” he says.

“We try to push our clients to a forward technology position,” says Larizza. “We often challenge their need for Microsoft Active Directory, for example. Why not use Okta Universal Directory? You get better SSO, better security, and better business continuity.” With all their critical applications and data in the cloud, clients don’t have to worry about losing access, should their physical premises be hit with a catastrophic event.

Okta Multi-Factor Authentication (MFA) serves specific client needs. Security is a high priority, and MFA offers an extra layer of assurance without added complication.

Unified, secure views for clients and admins

Mirador uses Okta Universal Directory to store customer profiles. “The reporting behind it makes it simple for us to report, manage, administer, and audit profiles,” Larizza says.

He says the single most important thing that Okta has helped Mirador with is customer adoption. “If you’re a full-service customer of First Republic Bank, you could have up to six separate IDs and passwords to access all your applications and services at the bank,” he says. Having so many passwords is a security risk, and also makes it less likely that customers will use those apps and services.

To meet the requirement of high-net-worth clients, the Mirador team is laser-focused on providing seamless customer service. “Bringing all clients’ financial information into a single picture, under a single login ID, is more secure, easier to administer, and more uniform, from a client perspective,” Larizza says.

Okta Universal Directory makes it easy for Mirador staff to administer accounts, as well. With a consolidated view of customers, “they can look at user statistics, see who hasn’t logged in, see who hasn’t finished the enrollment process, and react to that.”

That consolidation and visibility also strengthen the company’s security position. If someone leaves, “ideally, you want to go through all the underlying systems to make sure all the identities are turned off there—but you can just deactivate a user within Universal Directory, and you’ve limited your exposure,” he says.

Replicating a successful identity model

Today, Larizza runs a successful technology company with practically no IT staff and no help desk. That’s not to say Mirador doesn’t have a service model that is extremely focused on clients. “Typically, it’s an advisor or the advisor’s assistant who fields day-to-day client calls,” he says. Because of the single global client ID, Mirador has fewer password problems than traditional high-net-worth solutions.

“We train advisors in simple password issues. If they need to escalate something, they can send it to someone with more of an IT background.” Most issues can be resolved by someone who has very little technical knowledge.

That strategy puts the technology ball squarely in the court of Mirador’s partners, so Larizza is careful about which companies he works with. “The Okta team has been very responsive, both in terms of our sales cycle and then working with me as we’ve sold into other organizations,” he says.

“Our goal is to replicate this by helping more clients develop financial reporting portals that use Okta for identity,” says Larizza. “The Okta sales team has taken the time to understand Mirador’s business. At this point, I can almost order new capabilities and capacity like a Big Mac.”

Clients continue to turn to Mirador for go-to-market speed and comprehensive financial industry knowledge. Mirador, in turn, “will continue to bring additional clients over to Okta,” says Larizza. “We have no reason to say that anyone other than Okta is the best choice for identity access management.”

About Customer

Grounded in Wall Street and enabled by technology, Mirador, Inc. combines powerful data science and deep financial expertise to provide best-of-breed financial reporting services, middle office services, and technology solutions and products for U/HNW investment portfolios. Through partnerships with leading technology platforms, Mirador’s service offering creates insightful, consolidated, real-time views of all assets and liabilities –strategically constructed to identify opportunities and expose financial risks. Mirador's performance reporting experts – drawn from family offices and wealth-management firms – create true, ongoing partnerships with clients to ensure data integrity, cull new insights from the data, answer questions, and resolve inconsistencies. The firm supports the performance reporting requirements of family offices, wealth managers, endowments, and foundations throughout the Americas, EMEA, and Asia Pacific.