A Proven Methodology for Success: A powerful and actionable approach to successful Okta deployments
Today, modern businesses need to put identity first
The ways in which we work today would have been unimaginable ten years ago, and it’s all possible because of technology. But as global enterprises move to the cloud, embrace the Internet of Things, and add smart devices to their ecosystems, they need to protect the identity of distributed users and provide secure access to digital tools and information.
Without a solid handle on the identity of every person, device, and connected object within your network and beyond, it’s impossible to adopt a progressive digital strategy. In a large global organization, you need to understand and manage how all employees, contractors, partners, customers, and suppliers access and interact with your systems and data, as each user will have distinct needs and requirements.
Enterprises today have typically accumulated a patchwork of identity solutions to support various, often siloed, business units. The process of streamlining and integrating those elements into a unified identity strategy can be difficult, involving cross-organizational stakeholders who often have limited experience with identity or cloud infrastructure.
For any large organization that’s been operational for over ten years, it’s likely that on-premises infrastructure has dug deep roots, and past M&A activity may have made things even more complex. When it comes to future-proofing your environment, it can be hard to know where to start.
Okta was built to help tackle these challenges. Our goal is to enable any company to use any technology while protecting the identities of their workforce and customers. We do this with a suite of solutions designed to build safe connections between your users and the applications, systems, and information they depend on.
Our Professional Services team stands at the heart of Okta’s commitment to your success. We’ve developed a rigorous, six-step process that helps your stakeholders amplify learning, adoption, and growth across the Okta platform.
As part of our mandate, we scope your project, assess your architecture, and offer expertise on everything from product selection to best practices. We’re here to help unravel the complexity of your systems and determine how they can come together under one identity platform. Our people, together with our results-oriented methodology, can put your identity project on the road to an accelerated time-to-value, and help you set the stage of integrating Okta into your IT environment.
This eBook is designed to help you do just that. We’ll guide you through our six-phase approach with actionable advice that you can implement at your organization.
Phase One: Get Ready
Getting to know your business
We understand that no two projects are alike—just as no two companies are alike. Whatever the scope of your deployment, we take the time to evaluate your organization’s preparedness, examine the details of your team, and discuss any data and environment challenges. Okta will then provide a streamlined assessment of customer readiness for implementation and deployment, as well as recommended next steps to achieve optimal results. Having a clear path toward delivery is the first critical step to put you en route to success.
This first phase of the project is also the best time to talk about your strategic needs. It’s vital that we understand the following:
What is your long-term vision? What is the primary problem you’re trying to solve?
What is the timeframe involved? Are there any deadlines you must meet as you implement solutions?
Are there other technology partners involved? What is their role in your overall strategy?
Is there an existing steering committee? Can we help to establish one?
Through these conversations, we can align on the best implementation approach for you.
Get Ready Customer Example
“Get Ready” in action: Building a simplified solution for a global user base
To execute a successful modernization project, prioritize bringing experts to the table even before the planning process kicks off. Only then can your organization understand the true parameters of the proposed project and find the most effective way to undertake it.
Okta worked with a firm that initially wanted to set up three separate provisioning interfaces. At the outset, its objective was to sort end users according to their region, thereby remaining compliant with regulations across EMEA, APAC, and the Americas.
Our Professional Services team helped them take a step back and look at the bigger picture. Bringing an understanding of infrastructure to every discussion and refining customers’ proposals into four core components, our team helped distill the project down to its essentials.
The fundamental provisioning of users into the system
Authentication and credentialing to confirm the users’ identities
The facilitation of this process through APIs or another system
The types of applications users are being provisioned for
Breaking it down into those manageable pieces makes the planning process much simpler, while also enabling customers to identify and leverage economies of scale so they can build solutions that address both their present and future needs.
In this particular instance, all it took was a preliminary discussion with the Professional Services team for the firm to see that there was no need for three different interfaces, nor was there any need to build a custom interface to deliver the provisioning service. Instead, the firm realized they wanted to pursue a single interface to seamlessly allocate global users to their various geographic regions via straightforward configurations. They finally understood their own strategic needs.
The customer was elated, and regretted not reaching out to Professional Services earlier in the journey. This is something our team observes often—customers wishing they had involved Okta experts as soon as possible.
Phase Two: Plan
Creating a thorough plan
Once we initiate a project, the key to successful implementation relies on a comprehensive plan.
We onboard the extended Okta and customer project teams, and begin planning for project kickoff, designing workshop content, and coordinating attendees and scheduling. Regular steering check-ins are planned and scheduled during this phase, and continue throughout
the rest of the project. The Plan phase concludes with
a project kickoff event and completion of a high-level timeline. We also conduct a formal project overview to determine the budget, resources, risks, and tasks involved.
This includes aligning on the following:
- How is your IT currently set up?
- What are the high-level milestones on the path to your end goals?
- What measurable objectives or metrics will be tracked throughout?
Our goal throughout this stage is to figure out the most seamless way to plan your implementation, and assess opportunities for you to receive appropriate training on the identity space to get long-term value out of our products.
Plan Customer Example
“Plan” in action: Unifying the authentication experience across subsidiaries
When it comes to extending the enterprise to external stakeholders, one of the most common use cases is providing a portal that allows subsidiaries, partners, and suppliers to access applications. In one notable example, a large corporate entity wanted to create portals for all its subsidiaries, while also building a branded, unified authentication experience that would be consistent across platforms.
Thankfully, our team was used to these types of requests. Our experts understood that while approximately 80% of use cases for B2B and B2E portals can be satisfied by Okta’s out-of-the-box solutions, there’s no such thing as a one-size-fits-all fix.
That’s why it’s always so important for the Professional Services team to walk customers through a comprehensive planning phase. Simply by having a conversation to align on scope and timing, they could start coming up with the best possible implementation for the customer’s specific needs.
This is crucial. Even if customers have already leveraged Okta’s extensive documentation to set up their own dev tenant and embark on a project, we still regularly find opportunities for improvement.
Organizations tend to take a piecemeal approach, rather than thinking holistically through the process and outcomes at the start.
Customers are often unaware that there are easier solutions for certain use cases, and build experiences that are overly complex.
For this corporate customer, our Professional Services team realized that even though the request was for a unified authentication experience for several subsidiaries, the user credentials for each of the secondary organizations only existed within their individual systems—there was no centralized user store. Okta Professional Services therefore helped them devise a type of IdP discovery that would automatically load Okta tenants for the subsidiaries based on their users’ credentials and domain names.
Every situation and use case has unique considerations, and the key to building an effective solution is strategic communication and collaboration that starts right at the outset.
Phase Three: Design
From planning to design
The key to successful implementation relies on a thorough design. Through strategically planned workshops, we partner with you to further outline, design, and thoughtfully start framing your Okta solution. We conduct efficient, design-focused sessions to help answer the following questions:
Where is your team, department, or initiative struggling to modernize the most?
What roadblocks or bottlenecks exist in your current workflow?
What solutions can help you tackle your largest identity challenges?
We also align on the customized solutions you may need, and provide a robust design for all your specific configuration requirements.
Design Customer Example
“Design” in action: Unifying customer information for a seamless experience
As our customers modernize to the cloud, their first priority is typically the user experience: how will this deployment affect workflows, employee engagement, and customer satisfaction?
For instance, one customer started off with two portals. One was a portal helping customers to research and make decisions on the entire product suite; another was an order management system for partners, allowing retailers and resellers to access information on products in their specific repository.
The customer wanted to improve their marketing capabilities on the consumer side to gather appropriate information about customer interests. While they had an SAP backend for both environments, the frontend was more informational and the backend catered to customer order management and tracking.
In an attempt to unify customer information across both environments, the customer planned to add a third portal, SAP Hybris, which would allow them to show partners a more context-specific catalog presentation with pricing guides custom to their business agreements. It therefore became critical to better manage user identity and show all partners customized information.
Our Professional Services experts came in to craft a future-state design. After understanding the customer’s pain points with the existing IT structure, our team designed a solution that provided consumers and partners with the same user experience and integrated information across multiple environments.
They configured two registration processes: one for the consumer, focused on their marketing profile; and another for retailers and resellers, which would verify the nature of the user’s partnership with our customer.
They then assigned a single identity that spanned all three platforms and implemented a sign- on widget that integrated those unique identities seamlessly with the customer’s portals. This gave users the ability to adopt a new platform, while maintaining a consistent user profile and credentials across all tools.
In taking the time to design a thorough future state, Okta enabled identity consolidation with minimal disruption to the user experience.
Phase Four: Build
Configuring a solution that fits your business needs
Once you have the proper plan and design in place, the fun starts—building your solution.
Our Professional Services team includes identity and access management professionals with extensive experience in the industry. Our team is with you each step of the way, working closely with your internal stakeholders to provide configuration, development, and project management expertise for deploying your Okta solution.
Through hands-on configuration sessions and workshops, we set up your Okta Identity Cloud and implement the specific products you need. We also develop application integrations and other features to meet your requirements. Your final configuration may involve a hybrid of Okta’s versatile out-of-the-box solutions and customizations specific to your unique business processes.
Build Customer Example
“Build” in action: Custom solutions to help protect sensitive data
It’s important to find a solution that meets your direct needs. One of our customers owned a customer-facing insurance portal and encountered security challenges because their multiple backend systems exposed APIs via an API gateway.
In the past, the companies’ applications would have a service account which would be accessed by all users of that application, integrating back to the API.
Our Professional Services experts came in to build an Okta API management functionality that linked the end-user identity context from the web application back to the API. This would protect the information and control what each user should have access to.
The Okta team came up with a custom solution that helped protect the customer’s core business data and optimized the interactions between APIs and stakeholders. In addition, Okta was available to conduct workshops, build custom solutions, and efficiently transfer knowledge to testers, so that the customer received a complete Okta solution that was ready for user acceptance testing.
Phase Five: Test
Testing and optimizing your solutions each step of the way
Having configured and built a solution to accomplish your objectives, the next step is to make sure it meets expectations. At this point there are many moving parts: you’re migrating data, streamlining and simplifying admin processes, and fine-tuning security policies, while making sure your new solution can integrate with the applications your company, customers, and partners depend on. How can you be certain you haven’t missed anything important?
The key is to test methodically: from day-in-the-life, weekly, and monthly milestones to quarterly and annual operations and significant event scenarios. Our team of experts work with you through your testing cycles to ensure that your Okta solution is ready for Go Live.
We work with you through three stages:
Planning, where we identify all the systems and integrations that need to be tested, and lay out a strategy for testing each of them as efficiently
End-to-end system testing to ensure that everything is running smoothly across your infrastructure
User-acceptance-test coaching and triage assistance, to help you confirm that your Okta solution is ready for final production
Should we encounter a problem, we provide a framework for issue resolution and re-planning.
Test Customer Example
“Test” in action: Secure provisioning at scale
Before deploying a new solution across the enterprise, it’s critical to ensure that it is functioning perfectly.
One particular customer in the healthcare space was making the switch from CA Siteminder to Okta, and that meant migrating every integration in their application landscape over to the new system. They wanted to reduce ongoing maintenance costs and complexity by moving from on-premises software to a cloud-based solution; they also wanted to minimize helpdesk calls by implementing self-serve password reset flows. Since the customer needed to migrate over 100 applications, testing was complex, which is why we adhered to a rigorous process of test planning, unit and system testing, user acceptance testing, and issue resolution.
Our team recognized that many applications either lacked a viable test environment or had test environments which were not set up with a standard enterprise sign-in process. At times, they encountered sensitive applications and did not receive separate IDs from the customer for testing. This all added complications around the testing process, but the team deciphered the architecture for common integration patterns, and then designed for those patterns.
This not only accelerated the migration process, but allowed them to add more functionality, such as multi-factor authentication and provisioning at scale. They had to be careful with scheduling the testing process, since some applications operated specific change programs and deadline cycles, and it was challenging for the team to take applications offline for testing because of a lack of available downtime.
In the end, all 130+ applications were tested and transitioned from CA Siteminder to Okta overnight with no issues, and the customer was extremely satisfied. Their users encountered a new, cleaner sign-in page, with the applications unchanged so that business could continue as usual. Without the right expertise, it’s difficult, costly, and risky to change out legacy software like CA Siteminder, but Okta allowed the two solutions to co-exist and quietly phased out the old technology—all without disrupting the user experience
Phase Six: Go Live
Deploying your solution with confidence
Once you’ve tested your new solution, you’re almost ready to deploy—with “almost” being the operative word. Before you launch, there are a number of factors you need to take into consideration, the first being your users.
Do your teammates, partners, and customers understand the new technology?
Have they been effectively onboarded so that they have easy, frictionless access to the updated system?
Is your helpdesk armed with the tools and documentation needed to address inbound requests?
If not, then you need to develop a communications strategy ahead of rollout, and work to bring users up to speed—both inside and outside your organization.
The bottom line: don’t assume that the journey is over just because you’re getting close to your goal. Deployment can involve complex and intricate decisions, such as when and how to go live. It is better to take the time to ensure your test cases are proven and your company is 100% prepared, rather than charge ahead with a premature solution.
As you evaluate your go-live readiness, we help you prepare for how a rapid cutover or possible roll-back will affect your business. Our team is on hand to help you solve all these challenges, as well as assist you in assessing and measuring success.
A successful project represents a win for all of us, and it’s important to take the time to fully analyze and understand what worked. That’s why we end all of our collaborations with a formal closing to reflect on the purpose, execution, and final outcomes of our engagement.
Of course, we always strive to maintain lasting relationships with our customers. Our Professional Services team will be ready to help with your next identity project.
Go Live Customer Example
“Go Live” in action: Automating onboarding and offboarding
We always test carefully before deploying any new Okta solution with our customers. However, some companies make the mistake of deploying before they are completely ready, and then they contact our team for urgent assistance.
One company had invested in a new HR system. They thought they were prepared for rollout, but then identified significant problems with their onboarding and offboarding processes. Tensions emerged, as the HR team was trying to simultaneously learn how the product worked and deploy the new product for the first time.
Thankfully, our Professional Services experts were familiar with the product line and able to design a quick fix, implementing new architecture that not only solved the immediate problems, but enabled the customer to further automate their onboarding processes.
Phase 0: A Proactive Approach
Perhaps you’re not sure about committing to an implementation in the midst of so many unknowns, but you’re realizing that a future state design and roadmap could be hugely helpful. We hear you, and that’s why we also offer Phase 0—providing a chance for a preliminary collaboration with our specialists and no pressure to commit to the entire, end-to-end engagement.
An Okta Phase 0 engagement works through a streamlined Get Ready, Rlan, and Design process with our Professional Services experts. The result is a future state recommendation for the identity architecture and infrastructure you require to reach your business objectives. Oftentimes, organizations seek an Okta Phase 0 when:
They want to roll out a sophisticated, multiphase workforce identity solution.
Their customer identity needs are complex or require extensive customization.
They’re interested in which Okta products and features fit their ideal future state.
They’re curious how their current architecture aligns to identity best practices.
Our team prepares documentation so that you come away with a referenceable asset and a comprehensive walkthrough to inform your journey.
Okta Diagnostic: A Look Ahead
If you’re one of our existing customers, we offer special 2–4 week engagements to showcase how your current state experience can be enhanced. Based on your business objectives, the Professional Services team will undertake a comprehensive analysis of your Okta identity infrastructure, and use that data to refine a more specific, strategic set of future state architecture recommendations customized to meet and surpass your targets.
Okta Diagnostic is an excellent opportunity to:
Align with best practices to ensure that your Okta configuration is fully optimized from an identity and security perspective.
Review the current usage of your existing Okta deployment in order to examine its efficiency and effectiveness.
Evaluate the compatibility of your infrastructure with the latest Okta products and features to help you reach your future-state goals.
Help your admins understand how to operate your Okta solution if the team that originally implemented it is no longer there.
Through the Okta Diagnostic process, Okta’s Professional Services team recommends an actionable future state that you can begin building right away, whether that involves simple configuration changes, adoption of Okta best practices, new feature recommendations, or overall architecture suggestions.
Delivery Assurance: Marking Your Milestones
We’re here to support you in your Okta deployment journey even if you’re designing and conducting it on your own, or working with a third-party service provider. With Delivery Assurance, you can enlist the help of Okta Professional Services in ensuring that your deployment aligns with best practices and benefits from our experience deploying thousands of Okta customers.
Our team of experts will proactively check in at each stage of your deployment lifecycle, providing in-depth reviews
and assessments to help you achieve success in your deployment while reducing any risks that could be caused by error, oversight, or the rapidly evolving identity landscape.
The reviews—and the resulting reports—focus on the following areas:
- Project readiness
- Project planning
- Future-state design
- Data migration
- Rate limit and performance planning
- Test planning
- Deployment planning and readiness
Through the Delivery Assurance process, Okta Professional Services is there to support you and your partners and give continuous guidance in complex deployment scenarios. If this is something that would benefit your organization, we recommend you include it your budget plan at the very beginning of your project, rather than contacting Okta when you’re already partway through, so that we have full context, are able to map our methodology to your needs, and can maximize the value we provide.
Your success is our success
Identity and access management that “just works” can yield a great return on investment. Your employees and partners can find and log in to their applications in a single step. Teams no longer face tradeoffs between security and productivity. IT teams can redirect time previously spent resetting passwords towards adopting innovative new solutions. Through Okta, companies can integrate complex applications in record time, request custom solutions and services, and receive support from our deployment experts every step of the way.
With Okta Professional Services at your side, your cloud aspirations are absolutely within reach.
Learn more at: okta.com/experts