How Three Brands Are Using IAM to Enable Secure Remote & Hybrid Working
In the early days of the COVID-19 pandemic, workers worldwide found themselves improvising workspaces at home, hopeful that we would soon “go back to normal”. But as 2022 approaches, forward-thinking business leaders have shifted their focus from a return to the pre-pandemic ways of working to a new, more flexible approach. They aim to build strong, employee-centric working experiences that empower people to continue working wherever works best for them, for the long run. But if success now relies on embracing flexibility, each business is discovering for themselves what that flexibility looks like – and what IT and business challenges it entails.
Despite accelerating digital transformation journeys, the global shift to remote working has also highlighted inefficiencies in technological processes. Our New Workplace Report shows that even after a year of working remotely, over a quarter of office workers in Europe still rely on on-premise IT systems to be able to do their job, 34% still rely on passwords as their one and only security measure, and 16% are unaware of any IT security measures at all.
So how can organisations be certain that they’re taking appropriate precautions when enabling workers to access work tools from any location and device? How many tech and security protocols are necessary to support a remote workforce? And how can they enable employee empowerment without compromising business output?
One way to answer these questions is by looking at how other organisations are succeeding in keeping workers satisfied and equipped with the right tools to work, whether from the office or from a different country. When taking measures to establish secure and seamless remote working practices in 2020, three organisations built the foundations to proactively provide safe access to applications and data to their distributed teams for the long run, while ensuring collaboration is as easily available as it used to be – or even better.
Leveraging IAM to power a new style of information flow
For 20 years, EG Group has been synonymous with convenience. But during COVID-19, the conglomerate of petrol pump operators and convenience stores spanning 6,000 sites across 10 countries, and employing 55,000 people, also became synonymous with essential services. “We were fuelling ambulances, serving medical workers with free coffee, and keeping all of our stores open for people who came to rely on us for essential goods such as food and drinks,” explains Graham Billsborough, CIO at EG Group.
While countries gradually unveiled new lockdown measures to protect citizens from the virus, EG Group had to reinvent its processes to keep an efficient information flow between remote employees, partners, and customers while minimising their exposure. Graham’s team, which oversees EG Group‘s global IT strategy from its UK headquarters, knew that IAM would be a critical piece of this puzzle.
To mirror local demands, EG Group rolled out new processes on a country-by-country basis. In Germany, for example, it built intranet sites so that all staff and thousands of external partners could access information about new processes and safety measures for stores across the country from a distance. Because much of this information is company confidential, the Group needed full visibility and control over the access rights of users requesting to see it. So EG Group leveraged Okta Universal Directory as a repository of user identities to establish different access rights for different user groups. Then, it integrated its intranet sites with Single Sign-On and Adaptive Multi-Factor Authentication to enable stakeholders to access them after verifying their identities, making training information available for thousands of remote staff, third-party organisations, and external business partners, quickly.
By the second quarter of 2020, EG Group had moved from having 6,000 locations, including forecourts and head offices, to 12,000 locations as people began to work remotely. By integrating Single Sign-On with Zoom, the conglomerate facilitated worldwide collaboration and saw its Zoom usage go from 1,000 minutes a month to more than three million minutes a month.
“Linking our IT collaboration tools with Okta was essential for the IT team to support people in double the number of locations because it automates identity verification processes without complicating the user experience,” says Graham.
Overcoming roadblocks to deliver local government services from home
Meanwhile, in the United Kingdom, many people rely on their local council to interact with the government and access essential services, from waste collection to housing support. Even more so in 2020, when lockdowns led the 140,000 people of Thanet to stay at home. To continue serving the population while working remotely, the staff at Thanet District Council implemented a fully-featured IAM platform by leveraging Okta. “We wanted to make it possible for workers to access a range of cloud-based SaaS platforms from home just as easily and securely as if they were in the office,” explains Joe Brackenborough, Digital Transformation Manager at Thanet District Council.
With 90 applications integrated with HR and ICT platforms shared with two neighbouring councils, Thanet District Council workers used to maintain a multitude of passwords to access work tools, which often came with restrictive identity management practices. Password resets took up 4,500 hours a year of IT time, and users took to writing their passwords down in ‘password books’ to avoid having to reset them so frequently.
From home, council workers were logging in via RSA-based physical tokens and struggling to find the right password and username for their applications. Each worker was doing two Multi-Factor Authentication prompts a day with their hard token, taking up as much as 3,333 hours of workforce time a year across the council. These had to be resynced every month and had minimum orders of 100, costing time and money from the IT team.
“We had this big drive to move to the cloud but we were being slowed down on the IAM side of things,” says Joe. So he and his team implemented Okta’s Adaptive MFA to remove two-thirds of those prompts with contextual access management. The remaining third took a few seconds to do with a push notification, saving roughly £90,000 of resource time per year previously spent on MFA burdens.
Meanwhile, by deploying an inventive combination of Okta’s Universal Directory and Lifecycle Management with its existing directories, the Council gained a complete and up-to-date picture of its IAM landscape while automating key processes (such as provisioning and de-provisioning employees) without disrupting other councils in the shared HR and ICT platforms. More importantly, Thanet District Council workers have expanded on the work they do to help the people of Thanet through a difficult time. “Despite working remotely, in some ways, we’re more accessible than before,” says Joe.
Making remote work simple and secure for 1,300 workers at home
Under the difficult circumstances of 2020, the FREE NOW Group in Europe also relied on a combination of technological innovation and creativity to maintain “business as usual”. The multiservice mobility joint venture from Daimler and BMW consists of the ride-hailing services FREE NOW (formerly mytaxi), hive (micromobility), and Beat. Combined, these services attract 26 million users in 11 markets and more than 100 cities, from Warsaw to Paris. When coronavirus forced FREE NOW’s 1,300 employees to work from home, the organisations’ priority was to make work as simple and secure remotely as it was on-premises.
To help its development teams to cooperate easier, faster, and more efficiently remotely, FREE NOW focused on establishing protocols that could ensure only authorised people gained access to company resources to abide by GDPR regulations and secure its data and that of its customers. “To do this, every architectural decision we make has IAM, as well as information security, at its core,” explains Jan Ramm, CTO at FREE NOW.
Emphasising the importance of security in all aspects of the organisation without putting an extra burden on its users had long been a priority for the company. That’s why FREE NOW has been leveraging the Okta Identity Cloud since 2017 to automate access rights for 1,950 user identities and enable Multi-Factor Authentication and Single Sign-On for workers to access work tools via a single portal, securely. But even then, with coronavirus requiring them to work outside the relative safety of the office, where strict security policies are in place governed by FREE NOW’s information security department, the organisation watched simple processes gradually become more challenging.
“Many aspects of our work have changed,” says Jan. “Traditionally, we’ve worked from our offices and always knew more or less where everyone’s personal desk stood, where their hardware was. COVID-19 has changed all of that, so we’re continually being forced to rethink our meeting structures, logistics, the way we support our colleagues, and the way we operate in general to continue functioning as an agile team without sacrificing our security.”
To facilitate the transition while ensuring that every person trying to access its resources is really who they say they are, FREE NOW set in motion a project to automate its onboarding and offboarding processes with Okta and make the transition into remote working easier from a technological perspective. “Moving forward, to keep supporting our workforce and customers remotely, we’re looking once again at how innovative technology such as automation can continue to bring value to us,” Jan concludes.
While it’s clear that identity is a key ingredient to build trust at work and empower remote employees, it’s also clear from these three stories that IAM is no “one size fits all” solution. Learn how Okta is supporting businesses in building identity solutions that allow them to adjust to a dynamic workplace and secure their flexible future.