Embracing flexibility as an IT strategy
Wacom leaders embrace a best-of-breed IT strategy, rather than constraining themselves to full stack solutions from a single vendor. As the company moves from legacy software to the cloud, IT confronts technology management challenges, along with new opportunities to innovate.
A vendor-neutral decision
The team identifies identity management as a key cloud strategy and begins implementing Microsoft Enterprise Mobility + Security. After encountering difficulty integrating the company’s multiple Active Directories, they find a simpler solution in Okta’s AD integration.
Simplifying identity across the company
Wacom IT deploys Okta Single Sign-On along with Okta Adaptive Multi-Factor Authentication, giving the team confidence in the security of their IT infrastructure, while supporting an increasingly mobile workforce.
Mastering employee life cycles
Next, the Wacom team sets up HR-driven IT provisioning and deprovisioning using Okta’s integration with SAP SuccessFactors. Okta Lifecycle Management automates employee life cycles and makes it easier to manage all users, reducing the risk of intellectual property loss.
Staking a customer-driven position
As Wacom reinvents itself to be digital first, leadership positions the company to increase its direct-to-consumer business, improve access to B2B services, and incorporate customer insights into marketing, sales, and product development strategies. Okta is the glue connecting all those dots.
Okta enables Wacom employees access to cloud services and applications from anywhere in a secure and seamless manner. Okta has greatly helped automate the user lifecycle management within Wacom through the HR as-a-master function.Balaji Ganesan, Vice President of Information Services, Wacom
Embracing flexibility as an IT strategy
Wacom is in the business of creativity. Since 1983, the Japanese company has been developing solutions that help artists, designers, editors, educators, and everyday doodlers interact more freely and intuitively with technology. The company builds tablets and stylus input devices of its own, but its interface technology is also integral to most tablets and PCs on the market today.
Wacom has 10 locations around the world, including in Portland, Oregon; Tokyo, Japan; Beijing, China; and Duesseldorf, Germany. Despite its internationally recognizable brand name and its $850 million in annual revenue, it remains fairly small, counting about 1,300 people on the payroll, in addition to contract workers.
Balaji Ganesan, vice president of information services at Wacom, understands that, as a small player in a world of giants, Wacom must move toward an ever more flexible IT environment.
A cloud first strategy is essential for Wacom’s IT transformation, he wants to provide the best solution available to meet the ever changing business needs.
Cloud challenges. Identity opportunities
The cloud plays a central role in building out that flexible infrastructure. Over the past few years, Ganesan has overseen a move from legacy on-prem software to cloud-based solutions, such as Microsoft Office 365, SAP SuccessFactors, Adaptive Insights, Concur, Coupa, and Box.
The shift presented a technology management challenge, however. Each standalone solution required separate provisioning and management of roles and security policies. The number of new applications and URLs could also be confusing for employees.
“People needed to know which URL to go to for doing that expense report, that indirect procurement, or that budgeting and planning exercise,” says Ganesan. “As we were going to this cloud-first model, the complexity increased several-fold for employees—and for IT, as we tried to stay on top of provisioning and security management.”
The team was also keenly aware of the potential risks of leaving their old, homogeneous IT infrastructure for the cloud. “With the cloud-first approach, employees can access applications without logging into the VPN,” says Ganesan. They needed to be sure that the company’s cloud strategy wasn’t exposing the company to credential theft.
At the same time however, Ganesan saw tremendous potential in developing a cloud strategy that put identity management at the center—both in terms of securing individual identities and in terms of offering greater insight into customer and employee behaviors.
“We’re moving more and more into direct to consumer models,” he says. “We’re getting to know our customers more intimately, to understand their use cases better.” A strong identity partner could help the company tailor its offerings and sales promotions to individual customer preferences, increasing customer loyalty and engagement.
The same potential was true on the employee side. Wacom productivity managers were looking to understand workflows and behaviors better, so they could make decisions about which solutions or tools were worth company investment and which ones were not.
“Identity connects all these different elements,” says Ganesan.
A vendor-neutral partner who makes identity management look easy
Wacom has big investments with enterprise partners like Microsoft and SAP, and initially the team planned to deploy Microsoft Enterprise Mobility + Security (EMS) for identity management. That project ran into obstacles because the company had separate Active Directories (ADs) for different regions of the world. “Leveraging multiple directories and enabling single sign-on on top of that wasn’t easy with Microsoft EMS,” says Ganesan. “That’s when we started looking for alternatives.”
Okta quickly rose to the top of the list because of its simple integration with AD and its ability to centralize profile information across multiple directories. Okta’s vendor-neutral position fits right into Wacom’s heterogeneous landscape. “It gives us the flexibility to pick the best solution for our use case,” he says. “That’s critical for us, moving forward.”
The Wacom team also appreciated the fact that Okta expanded the identity management value proposition beyond SSO and MFA. “One of the main differentiators for us was Okta’s capability around human resources information systems (HRIS) as a master,” says Ganesan. “User lifecycle management was a big gap for Wacom.” Wacom leaders saw the potential for Okta to streamline life cycles for employees and also, eventually, for customers.
After signing with Okta, the Wacom team first deployed Okta Adaptive Multi-Factor Authentication (AMFA) along with Okta Single Sign-On (SSO). Today, Wacom employees sign in once to their Okta portal to access all the applications they need, including SuccessFactors, Jira, Confluence, Concur, Coupa, Box, and Office 365. SSO and MFA give the team confidence in the security of their IT infrastructure, and support their increasingly mobile workforce.
“We do a lot of code development and co-engineering work with customers at their locations. We definitely wanted to ensure that flexibility of allowing employees to access applications from anywhere, while at the same time making sure everything remains secure,” says Ganesan. The team set up their MFA solution so that employees logging in from outside the Wacom network are always prompted for a second authentication.
Mastering employee lifecycles
In the next phase, Wacom IT implemented Okta Lifecycle Management and set up HR-driven IT provisioning and deprovisioning. Okta’s pre-built integration with SuccessFactors connects HR and IT systems together so that HR changes to user life cycles seamlessly propagate to IT systems across the company. Okta Universal Directory serves as the central repository, keeping track of which users have access to which applications.
The team expanded the list of applications managed by Okta Lifecycle Management to include custom-built applications that are provisioned manually. Putting everything into a central location helps ensure that onboarding and offboarding is triggered from a single source, says Ganesan.
“With additional regulations around [the European Union’s] GDPR, California Data Privacy laws (CCPA) and other regulatory measures, we wanted to make sure we could secure personal and private data in a single place,” says Ganesan.
Okta Lifecycle Management not only secures employee applications and data, but also makes it easier to manage contingent workers, integrating them into Universal Directory along with everyone else, and solving what had been an ongoing Wacom challenge. “Now we can onboard them in a timely manner, providing the right access and application provisioning,” says Ganesan. “At the same time, we can quickly cut off access and reduce the risk of intellectual property loss when they leave the company.”
Security + productivity across the company
Wacom’s Okta implementation has improved productivity and operating efficiencies, says Ganesan. Those benefits go hand-in-hand with strengthened security.
IT used to spend a lot of time managing access and authentication issues, including manually resetting user passwords. “That has come down quite drastically,” he says, “which has enabled our users and our infrastructure team to focus more on value-added services.”
Okta Lifecycle Management also reduces the manual workload for Wacom’s application owners, minimizing time spent assigning roles and going through formal approval channels. Employees and contractors can be more productive, gaining access to applications on Day 1 and using the company’s Okta portal to see all their applications at once.
“I’ve gotten a lot of positive feedback,” says Ganesan. “Some people mentioned they’d never accessed certain applications and dashboards before, because it was difficult to access and they always forgot the password.”
The improved access and reduction in manual work has the added effect of increasing security. When passwords are minimized, profile permissions update automatically, and users easily log into their apps without resorting to security workarounds—errors, delays, and risks are minimized. By securing employee identities in the cloud, Wacom IT can now expand its perimeter to encompass any application or data access point, anywhere, while making sure its security policies and infrastructure expand with it.
Easy-to-use MFA offers an additional layer of security. “Employees feel more comfortable knowing that when they access their applications from a parking lot or an airport terminal, they’ll still be secure,” says Ganesan. “That definitely gives them peace of mind.”
As for Wacom IT, they appreciate having one screen to view and manage administrative tasks and security logs within Okta. “That ability to drive everything from a single pane of glass is definitely a big productivity improvement for our internal teams,” says Ganesan.
Evolving for the digital age
As Wacom reinvents itself as a digital first organization, leadership is positioning the company to increase its direct-to-consumer business. They’re also looking to improve access to B2B services, such as the popular Wacom Ink Layer Language software development kits.
Wacom is already strengthening customer connections through its improved direct to consumer model. A stronger identity management focus going forward offers marketing, sales, and product development teams greater insight into the customer experience.
“Customer identity and access management is a critical factor as we transform the company digitally,” says Ganesan. With the right identity management tools, Wacom team members can easily incorporate knowledge from social and digital channels into their work. “Identity is the glue that connects all the dots,” he says.
Founded in 1983 and based in Japan, Wacom is the world’s leading manufacturer of pen tablets, interactive pen displays, and digital interface solutions. Wacom is a technology leadership company providing a unique and innovative digital pen experience—writing and drawing—to its customers. Wacom’s products and technologies are widely used, and found throughout various aspects of people’s lives, from creative studios and movie production, to industrial designers, manga artists and hobbyists—ranging from beginners to professionals alike.