Takeda accelerates service delivery with Workflows and API Access Management
providers and patients using TakedaID
to integrate employees and apps following M&A activity
downtime over 2+ years of Okta customer identity services
faster to deploy identity with Okta than with an in-house solution
authentications per minute
Having infrastructure is a pain. I’m not in the server business—I’m in the service business. I don’t want to manage servers, and that’s a big reason to choose Okta.
Bob Durfee, Head of Digital Engagement and DevSecOps
Information security in the modern age can seem like a Catch-22. Customers and partners demand fast, easy access to data, while the threats to the confidentiality, integrity, and availability of that data grow more ominous every day.
It’s a problem that Mike Towers has built a career on. Today, as Chief Digital Trust officer for Takeda, he’s focused on building trust—tightening controls over sensitive company data, while also streamlining digital experiences for patients, caregivers, and partners around the world.
Shortly after he arrived, the company acquired Shire Pharmaceuticals and Bob Durfee joined Towers’ organization as manager of DevSecOps. Together, the two of them partnered with Okta to build a centralized identity platform for Takeda, forming the foundation of a modern, Zero Trust security strategy while simultaneously simplifying access for the Takeda community.
Today, rather than spending time administering a complex identity and access management (IAM) system, the Takeda team is seeing benefits beyond their initial expectations. They’re more agile and responsive than ever before, and business leaders across the company are finding innovative ways to take advantage of the data and insights that the new platform makes possible.
A long history with Okta and a logical choice
When Durfee and Towers came on board, the former Takeda Technology team was spending a lot of time administering IAM with one of Okta’s top competitors. Towers had seen the benefits of Okta in roles at several previous companies, and Durfee had been using Okta at Shire. After a thorough market analysis and RFP process Okta was a clear choice.
“It was obvious on the workforce side that the administrative effort that went into using the competitor’s product was much more than it was for Okta,” says Durfee. “It was an easy choice to unify on Okta, and the choice from a customer identity perspective was just as obvious.”
The two also appreciate Okta’s neutral position relative to other vendors. “Okta customers are unrestricted by platform, device, or location,” says Towers. “To me, that freedom is mandatory. I can’t imagine a world where I have to accept parameters that others in the business seem to be okay with.”
Unleashing the team’s potential
The team worked with Okta Professional Services to help Takeda transition to Okta and merge with Shire after the acquisition. The six-month project involved setting a single authentication source for the combined organization's 71K global workforce to securely access their 1,300+ work applications.
Going into it, Towers and team focused on the basics: centralizing identity, getting everything behind Single Sign-On and Okta Adaptive Multi-Factor Authentication (AMFA), while simplifying the user experience. They knew their Okta contract included additional products and features, but they didn’t know the power of what they had initially purchased.
“At first, we thought things like Okta Workflows and Okta API Access Management were just nice-to-haves. Then, we started using them and the world opened up,” says Towers. “What took a thousand lines of code to do before, we could now put together in 10 minutes.”
“API Access Management provides way more capabilities than we thought at first,” says Durfee. “Say I need additional information about a user that I don’t store in Okta. With API AM, I can have an API call to it and then decorate the users token with that data. That type of capability is massive because it’s all running within OAuth.”
The team uses Inline Hooks to modify inflight Okta processes with custom logic and data from non-Okta sources. The heavy lifting is on the inline hook side, but it’s API-driven, so it’s a one-time build.
“Sometimes I’ll be talking to coworkers: ‘Have you thought about what you could do—say if you mint a token and have an inline hook gather additional information out of the database and populate that inside your IT or access token?’ Their eyes get big, the light bulb comes on. That’s exciting,” says Durfee.
There’s a workflow for that!
Workflows, Okta’s no-code identity automation and orchestration platform is another favorite. “One of our team members has made Workflows his go-to solution,” says Durfee. “I’ll come up with an idea and an hour later, he’s back with a perfect workflow.”
Durfee used to be one of the sole developers, writing code for API calls in Python or C#. “If I was out of the office or on holiday and somebody had a question about it, nobody else could answer that question,” he says. “The fact that I can take that same code and create a workflow instead means 10 people can answer those questions now.”
In fact, Workflows improve manual coding outcomes. “Say, for example, I want to delete a provider who hasn’t logged in recently,” he says. “To do that manually with millions of users, would be virtually impossible. Even just running the report would be extremely time intensive.”
Instead, the team created a workflow that runs once a week, goes through the user directory to see if anyone hasn’t logged in within X years, and puts those users in the recycle bin.
“The benefit is immeasurable, but I’d say we have a significant improvement in outcomes as a result of Workflows,” says Durfee. “There are five of us who can write a workflow, but just one who can write code, so Workflows has been a massive help.”
Today, Durfee no longer spends half his time writing code. “Thanks to Okta, I’ve been 100% redirected,” he says. “It’s all done with Workflows.”
The team is also using Workflows with their ServiceNow help desk application. “One of our biggest help desk issues was when somebody got a new phone and they had to reset their Okta Verify,” he says. “Before, we had to go in and reset that factor manually. Now, it’s 100% self-service. They go to ServiceNow, ask to reset their multi-factor, and it validates who they are and generates a workflow that resets the factor automatically.”
Addressing individual concerns at scale
Streamlined processes and increased productivity on the administrative side translate to trusted digital experiences and deep relationships with patients, partners, and healthcare providers throughout Takeda’s ecosystem. “We are rewiring the company to be driven by data and digital,” says Towers. “From here on out, we are a digital biopharmaceutical company.”
“Okta’s an enabler for us,” says Durfee. “We didn’t realize how much other parts of the organization would stand on our shoulders and use Okta features to build commercial capabilities that we never would have thought of.”
For example, today the marketing team uses Okta data sets to run more targeted and relevant campaigns. “Okta allows all of us to be creative in how we help our customers—to add real value to those digital relationships,” says Durfee. “It’s not just a way to secure logins, it’s a way to identify each individual customer and help them solve their individual problems or concerns—and to do it at scale.
“With Okta, we can address the individual concerns of millions of people,” he says. “That’s a big deal.”
Takeda is a global, values-based, R&D-driven biopharmaceutical leader headquartered in Japan with offices in 80 countries and regions. The company is committed to discovering and delivering life-transforming treatments, guided by a commitment to patients, employees and the planet. Takeda focuses its R&D efforts on four therapeutic areas: Oncology, rare genetics and hematology, neuroscience, and gastroenterology. It also makes targeted R&D investments in plasma-derived therapies and vaccines.