Until recently, identity wasn’t a priority for SGN who managed a complex legacy estate that resided on on-premise infrastructure. Identities were managed separately within each individual application, leading to complexity – the enemy of security.
Up in the clouds
SGN decided to move its tech infrastructure to the cloud, which would increase security and agility, while decreasing business costs. IT knew identity management would be a core component, so the team began looking for a holistic solution that could tie its new infrastructure together.
A secure solution
SGN was focused on finding a solution that could help it do two things: secure its cloud-based environments within AWS and help secure Office 365, which it was rolling out as part of its technology overhaul. Okta was the perfect fit, especially since it also had ISO 27001 certification.
With a little help from Okta Professional Services, the solution was deployed in under three weeks, and O365 was integrated just a few days later. Now, SGN benefits from a high level of security, agility, and productivity—and clients enjoy a seamless, reliable experience.
We like to form strategic relationships with our partners and we've absolutely found that with Okta. They innovate. They drive us forward. They're always trying to help us think slightly differently. Okta is absolutely a strategic part of our cloud-based future.Mo Ahddoud, Chief Information Security Officer at SGN
A fragmented identity experience
SGN is a major UK-based gas distribution company bridging the gap between gas suppliers and its customers. Responsible for managing and supplying gas to about 6 million homes in both Scotland and southern England, it’s a critical part of the UK’s utility infrastructure.
SGN’s commitment to innovation is one of the values that set it apart from other utility companies. Over the past few years, it’s demonstrated that commitment by improving areas like real-time network monitoring, robotics, and analytics. Ultimately, SGN’s goal is to improve the security, reliability, and efficiency of its gas network.
SGN’s technology infrastructure also needed the same careful planning and attention. “Traditionally, our identity management has been quite complicated and disjointed,” says Mo Ahddoud, Chief Information Security Officer at SGN. “Typically, identities were managed within individual applications that resided on backend systems that were not compatible with SSO. This led to administrative overhead when managing the joiners, movers and leavers process.
A better way
SGN’s first step was to adopt a cloud-first strategy, with an eye towards improving security and agility, and reducing unnecessary costs. The organization also wanted to give its individual business units more control by providing easy access to best-of-breed applications. This would not only increase agility within each business unit, it would also give IT the freedom to focus on more important, innovative projects.
To accomplish this, it knew that placing a strong identity management solution—with ISO 27001 certification—at the core of its cloud-first strategy would be key. It was also extremely important for Ahddoud and his team to find a provider that would work with a wide ecosystem of software providers.
Although a strong technology solution was an obvious requirement, SGN also wanted a provider that would align with SGN’s corporate culture. Okta fit the bill. “We like to form strategic relationships with our partners,” says Ahddoud. “We like our technology partners to be agents of change within SGN and we've absolutely found that with Okta. They innovate. They drive us forward. They're always trying to help us think slightly differently. That's helped us establish those senior strategic relationships. Choosing Okta was very straightforward, and Okta is absolutely a strategic part of our cloud-based future.”
SGN adopted a range of Okta solutions for its 4,500 users, including Single Sign-On (SSO), Lifecycle Management, and Adaptive Multi-factor Authentication (MFA). At the same time, it was rolling out Office 365 across the organization. As a result, the first order of business was to use Okta to facilitate a seamless integration and add a layer of security.
SGN also has a strong relationship with Amazon Web Services (AWS). The service provider played a major role in helping SGN move about 100 apps, including Splunk, DocuSign, and BlueCoat, away from physical data centres and into the cloud. Security was an important factor here as well—one that was easily managed by incorporating Multi-factor Authentication into all their access management processes. “We used Okta to help us achieve our goals of a zero-touch, zero-trust environment with AWS,” says Ahddoud. “We maintained very, very tight control over access.”
Now, SGN plans to integrate Single Sign-On and Lifecycle Management with as many apps as they can. “As we adopt more and more SaaS services, the ability to easily integrate apps with Okta is proving to be a massive benefit for us,” says Ahddoud. “It’s enabling us to accelerate the adoption of new SaaS services. We're not building a complex manual process around managing identity anymore. And now, Okta provides a single source of truth that creates a consistent, secure, repeatable pattern for identity.”
Now that SGN’s adopted Okta, Ahddoud and his team enjoy a seamless identity management process, and a straightforward sign-on process. In fact, the sign-on process is now so streamlined that users barely notice Okta.
The adaptive features of Okta MFA allow Ahddoud to customize his access management processes depending on the situation. For example, he can force MFA if users are off the corporate network, or he can allow access without MFA if they’re on the corporate network. “The granularity that Okta provides allows us to apply patterns that best fit the user case. That way we can provide access and imbed security into a seamless user experience.” says Ahddoud.
Now that SGN has resolved its identity challenge by firmly embedding Okta in its digital strategy, Ahddoud’s looking forward to trying out some of the more advanced SSO and MFA features.
“As a utility, we always need to be aware of persistent threats,” says Ahddoud. “The ability to add geographical views to Multi-factor Authentication will help us add an additional layer of security to our supply chain to make sure that people accessing our systems are who and where they say they are.”
With its partnership with Okta in place, SGN is well positioned to provide its customers with reliable, secure, and efficient service.
SGN manages the network that distributes natural and green gas to 5.9 million homes and businesses across Scotland and the south of England. Their pipes deliver gas safely, reliably, and efficiently to every one of their customers.