SUSE: Simplifying, modernizing, and accelerating digital transformation with the Okta Identity Cloud
to roll out new applications for the relevant users with Okta
use SSO and MFA to work from anywhere in the world
integrated with Okta to auto-update access rights throughout the employee lifecycle
- Simplifying identity and access management to support expansion
- Engineers select Okta as the tool they want to work with
- Establishing just one place to manage user identities and application access
- Enabling easy login experiences for employees and customers alike
- More automation to fuel more innovation
Software company SUSE powers digital transformation by simplifying, modernising, and accelerating the existing IT environments of its customers. When SUSE itself became an independent organisation and began expanding organically and through acquisition, it decided to switch from its legacy identity management system to one that could manage new and different user groups more easily, in just one place.
SUSE engineers proposed Okta as an ideal solution for managing different user groups in one place, due to its out-of-the-box integration features that are easy to put into place. On top of that, as a customisable solution built on standard protocols, Okta resonated with SUSE’s approach to open technology.
In less than a week, SUSE engineers set up a testing environment to familiarise themselves with Okta, and based on this experience, were able to kickstart the implementation journey. First, by creating user identities for all 1,900 SUSE employees and contractors on Universal Directory, then by integrating it with the 74 applications they wanted to manage in just one place.
Next, SUSE is using Okta to automate more tasks by integrating systems that are being kept in sync manually. The company’s goal is to automate all identity and access management-related tasks so it can focus exclusively on its business proposition: helping customers innovate everywhere – from the data centre, to the cloud, to the edge and beyond.
With Okta, in less than a week we can go from deciding we need a new application to making it available for all the relevant users. Okta provides out-of-the-box integrations and all the instructions we need to do it successfully. It hugely streamlines our process.
Artem Chernikov, Head of Infrastructure, SUSE
- SUSE employees now use Single Sign-On with Adaptive Multi-Factor Authentication to access all applications they need through just one portal.
- The time needed for SUSE to introduce new applications into its identity stack has gone from weeks to less than a week.
- With API Access Management, SUSE enables customers to access applications and services quickly via its portal with no need for login support.
As digital transformation reaches buzzword status, it’s important to remember that its definition can vary widely. Beyond simply adopting new technologies, digital transformation is about reimagining processes and business models through those technologies. And because all organisations are unique, so are their digital transformation needs. That’s why open source software company SUSE, which has been powering digital transformation for enterprises for 28 years, tailors its solutions to every single one of its customers.
Using open source infrastructure and applications, SUSE simplifies customers’ existing IT environments so they can modernize and accelerate their business. Open source, for SUSE, is more than an approach to technology. It is also a business model and a culture. “It’s about harnessing the power of many,” explains SUSE’s Global Procurement Manager Gary Fentiman. “One individual can’t have all the answers all the time, but a team can.” That’s why SUSE encourages everyone in its team of nearly 2,000 people to propose ideas for improving the SUSE solutions used by customers and internally.
Maintaining this mindset remained one of SUSE’s priorities as it gradually expanded over the years organically and through the acquisition of other businesses with complementary technology to support its mission and strategy. The expansion entailed changes to SUSE’s processes, protocols, and policies. More changes unfolded in 2018, when SUSE prepared to become an independent company for the first time since 2004. When it came to choosing a new Identity and Access Management solution to manage the growing number of user identities independently from its former parent company, SUSE’s approach was open as usual: Artem Chernikov, Head of Infrastructure at SUSE, started by listening to what his team members thought the company should do.
Traditionally, Artem explains, SUSE used a closed-source legacy IAM system that he found challenging to operationalise for managing different user groups, such as internal SUSE engineers, the wider SUSE corporate team, and customers. “We wanted to be able to unify these different identity groups into one solution that was easy to use,” he recalls. With this in mind, SUSE engineers proposed migrating from the legacy system to Okta.
“Many SUSE engineers were passionate about Okta’s out-of-the-box integration features and how easy it is to operationalise them and make policy changes whenever needed,” says Artem. “Additionally, Okta builds everything using standard protocols, which gives us the instruments to adapt the solution to our specific needs. This fits perfectly with SUSE’s approach to open technology. We decided to give it a try and found that Okta is a breeze to work with. We’ve never looked back,” he adds.
Simplifying processes with out-of-the-box tools
Before making a decision, SUSE created a staging environment to integrate different user groups and non-active applications with Okta. By simply following Okta instruction manuals and documentation, this prototype was created in less than one week, and the first-hand experience SUSE engineers gained from the exercise gave them the confidence to start the migration.
First, SUSE created user identities for its 1,900 employees and contractors on Universal Directory. Then, SUSE started integrating applications and systems as needed, starting with ServiceDesk, the most widely used application across the organisation.
“It used to take weeks to introduce a new application into our identity stack, and it had to be done by someone with very specific skills to navigate our systems. With Okta, in less than a week we can go from deciding we need a new application to making it available for all the relevant users. Okta provides out-of-the-box integrations and all the instructions we need to do it successfully. It hugely streamlines our process,” Artem shares.
With support from a designated Customer Success Manager, who provided best-practices insights to ensure the successful deployment of critical applications such as Office365 and Workday, SUSE has integrated 74 active applications with Okta. Today, the company enables employees and contractors to access these applications from anywhere in the world via a fully customisable login page and self-service password resets powered by Single Sign-On. Additionally, SUSE is eliminating the risk of credential attacks by encouraging employees to use device-driven Adaptive Multi-Factor Authentication, which prompts them with a one-time password to certify their identities when they request access to applications.
More recently, conversations with its Customer Success Manager helped SUSE to uncover more opportunities for automation, resulting in the adoption of Advanced Lifecycle Management to automate the on and off boarding process of team members when they join, leave, or move into new roles that require access to new tools. Previously, applications needed to be accessed via the different systems where they were stored, Artem recalls: “When I joined the company, I had to learn four different ways to access different systems. Now, everything is easier and more automated. When someone joins SUSE, they only go to one place to access applications without giving much thought to identity because Okta does it for them. A great tool is like great design: it facilitates things by getting out of the way – you may not even notice it’s there,” he says.
Enabling employees and customers to focus on valuable interactions
But aside from internal processes, SUSE’s switch to Okta also entails changes for its customers who need to log in to SUSE’s portal to access applications and services. “We have service-level agreements (SLAs) with our customers which determine that we need to react to their requests very, very quickly. This is directly linked with customer identity and access management, because customers need to log in to our system to access our service. So the fact that we haven’t violated a single SLA due to our identity change is a success factor for us. We work with critical businesses that need to serve their own customers in a time-sensitive way, so a smooth switch to Okta has been key for us and them to maintain reliability,” Artem shares.
Using API Access Management, SUSE enables customers and partners to access data via APIs and kick off a workflow. Since this is an automated process, SUSE can focus on value-added interactions with customers, rather than login and access support.
“We’re all about solving problems,” Gary adds. “By removing login-related friction for our customers, Okta is solving an identity problem for us so that we can instead focus on solving the problems that matter most to our customers,” he explains.
More automation to power more innovation
Next, SUSE is using Okta to automate more tasks by integrating systems that are being kept in sync manually. SUSE’s goal is to achieve zero IAM manual requests. “More automation will mean more time to focus on our value proposition. Identity is not part of our business. By leaving it to Okta, we can focus instead on enabling our customers, building our next new product and driving our business forward... The sky's the limit! Like SUSE, Okta is continually evolving, so we’re confident that whatever we do, Okta will be able to support us,” Artem concludes.