People.ai: Growing Up with the Okta Identity Cloud
minute app adoption process for end users
apps integrated with Okta including Salesforce, Gmail, and O365
- Growth spurts
- Security first
- Access granted
- Check, check, and check
People.ai, a cloud-first AI sales and marketing start-up, is growing up. In a single year, the company expanded its small team of five people to include more than 40 employees. People.ai doesn’t have an IT team, which meant that the rapid growth created a heavy IT workload for developers. The company needed to ease the onboarding process and increase agility.
The company wanted an identity management provider that could also provide high reliability and security. The fact that People.ai has to routinely access sensitive customer data made high security particularly important. After reviewing the options, the company decided to purchase Okta Single Sign-On, Lifecycle Management, and Multi-Factor Authentication.
Security, agility, and productivity came into focus when People.ai’s developers started setting up and building access policies into the new IT infrastructure. These policies made it possible to quickly reject or approve user access, and helped automate the provisioning process.
Multi-Factor Authentication with Okta Verify Push added an extra layer of security and increased control over company data. Single Sign-On and Lifecycle Management took care of the rest by reducing the friction around the provisioning, deprovisioning, and sign-on processes.
We don't yet have an IT team, so I think the productivity Okta gives us, to be able to spin up a new hire quickly and get them into their products, is really important to us.
George Kozlov, Senior Director of Engineering, People.ai
Pioneering sales and marketing company People.ai is a business built on data, agility, efficiency, and above all else, security. The cloud-first organization has built a platform that gives companies the visibility and data they need to make sound, effective marketing and sales decisions.
According to Joshua Hanewinkel, People.ai’s VP of customer success, one client used the platform to identify an important inefficiency within its sales team. “With our data, they were able to see that their salespeople were spending a ton more time on opportunities related to existing accounts, as opposed to adding new accounts,” says Hanewinkel.
Although People.ai is still a young company, it’s growing quickly—last year, the team expanded from just five people to now 40. The company is cloud-first, which makes it more agile than if it relied on on-prem infrastructure, but like most companies that go through rapid growth phases, it started to experience some IT friction.
“As we added people, it became very difficult for the administrative team to add them to the applications, and create the licenses,” says George Kozlov, People.ai’s senior director of engineering. Kozlov knew he needed to streamline the provisioning process in order for the company to stay agile and efficient as it continued to grow.
The company also needed to amp up its security. People.ai was changing, and its IT needed to evolve with it. Since the platform works by drawing data from a variety of sources, including phone logs, sales reports, email accounts, Salesforce, and O365, a strong security posture is critical to keeping customer data protected.
Getting lean, staying strong
It was time to find an identity provider that would keep People.ai secure and agile so it could continue its pattern of incredible growth. Since the company saw Okta as the leader in the identity space, it decided to purchase Single Sign-On (SSO), Lifecycle Management, and Multi-Factor Authentication (MFA), which were rolled out in four phases.
The first two phases involved getting organized and implementing SSO and MFA. First, Kozlov identified all of People.ai’s current employees. Next, he looked at the applications those employees were using, and made a list of which applications each user would need access to.
SSO enabled the third phase, which included getting all the identities set up with the appropriate apps, with streamlined access through the Okta portal. Before this, the company used LastPass. “The problem was that every person used their own LastPass, but we had no control over password security and privacy. That's why we switched to Okta. Now we have unified access to all of our files, passwords, applications, and so on with Okta Secure Web Authentication.”
To make things more secure and move away from passwords all together, the company federated as many apps through SAML as possible. Because SAML configurations are different in every app, each integration was done separately. “Different applications are implemented in different ways,” says Kozlov. “Some of them use a certificate. Others just require the metadata. Some others require the URL to the metadata or certificate.”
Setting up automatic provisioning was the final stage. “My idea was to use groups and order users across groups, but we went even deeper than that,” says Kozlov. “We use rules in Okta. There are rules you can save, for example, so if the new user’s profile says he has a role in sales, Okta will automatically assign that user to the sales group. So we don’t need to assign the users manually. Once they’re assigned, they’re automatically provisioned with the appropriate apps.”
Not only has all this work been streamlined, but Kozlov is also notified if something still needs to be done. “If it's not able to automatically provision or deprovision, it creates a task that’s visible on the dashboard, so I always know,” says Koslov. “If I forget about something, it always lets me know that I need to go and provision the user, and that's cool. For applications that support automatic provisioning and SAML integration, it's perfect. I like how it's done. Salesforce is the most powerful. Its deprovisioning and provisioning is fully automated. It's perfect.”
Getting it done
Once everyone was provisioned with the apps they needed, People.ai’s already impressive security posture improved dramatically. “The easy onboarding and offboarding was a big driver for our Okta adoption,” says Hanewinkel. “It was a part of that whole process, like cameras in the office—one of the things you have to do from a compliance standpoint.”
And it worked. Because of these changes, People.ai was able to get its SOC 2 Type 1 certification in just 60 days—an impressive feat for an organization handling such sensitive data.
“You always want to give or reject access to some people very fast,” says Kozlov. “And rejecting access is even more important than granting access, because if someone leaves the company, you want to cut off access to company information.” The Okta Identity Cloud, combined with some custom-built software, made this possible.
Okta MFA, in combination with Okta’s flexible engine policy, has done a lot to help as well. Kozlov can now set up rules to require step up authentication through Okta Verify with Push when users request access to specific apps, from an untrusted device, or from a specific location or IP range. Okta Verify with Push will prompt a user when step up authentication is required and allow them to verify directly on their phone.“When I am accessing an app, it tells me that someone from San Francisco is accessing, and I can either prevent or approve on my phone. Now, logging in with Okta Verify is just a rule in the company. There’s no way to connect to your account if you don't have it.”
Okta has also made it easier for People.ai’s customers to get their work done. Customers who want to integrate into an existing identity provider can now access Okta directly through People.ai. The result? Customers who integrate Okta and People.ai now benefit from an improved People.ai rollout and access experience.
In order to further streamline access, People.ai now supports automated provisioning and deprovisioning.
“Customers just provide the application key,” says Kozlov. “They put the application key into People.ai and then click the 'refresh' button. People.ai calls Okta’s API to retrieve the list of the groups, then you just mark which groups you would like to input. Then you click 'next' and you can review your other options, like inputting all users from each group or selectively. And that's it. It makes the integration very smooth.”
Taking back time
With Okta in its back pocket, People.ai is perfectly positioned to stay agile and secure as the company continues to grow. And the whole rollout occurred with minimal impact on the employees. Kozlov says the rollout was “very smooth for the end users,” and Hanewinkel agrees. “My total time spent with this transition as an end user was ten minutes, maybe,” he says. “I didn't really have to migrate passwords or anything, so that was impressive.”
The best part of all might be Kozlov’s ability to refocus on People.ai’s product offering. Because People.ai doesn’t have an IT team, Kozlov was spending a lot of time provisioning users before Okta came along. Now he’s able to go back to spending most of his time developing products. “The productivity aspect of this, of being able to spin up a new hire quickly and get them into their products, is really important to us,” says Hanewinkel.
The simplification doesn’t stop there, though. Kozlov is still actively working on rolling out new benefits designed to streamline everyone’s day, including key card access and WiFi whitelisting--all made possible by Okta.
With Okta, everything is within People.ai’s control. Now the company benefits from the same kind of visibility, efficiency, and security its own clients enjoy, and everyone involved can breathe easier.
People.ai is the AI platform for data-driven sales and marketing. It gives sales leaders a complete picture of sales activities and leverages AI to help them manage their teams based on hard data, rather than assumptions. Marketing teams gain visibility into how their leads move through the funnel after being passed to sales, allowing them to attribute sales activity to the right leads, campaigns, and opportunities. With AI, People.ai is finally bridging the gap between sales and marketing.