Aaron Zander:  Massdrop is a community and commerce company. Our goal is to provide our members with the products that they both request and the quality of products that they like, even if it's not necessarily the ones that they were originally after. We can provide them a better option that maybe they didn't know about.

Identity is tricky at Massdrop. It was chaos. There was twice as many users as we had in the company when I started, a lot of service accounts, and so it was taking a long time to turn people on and shut them off. There were potential holes and security issues with that, and we needed to fix it.

When we were looking for a solution for single sign-on and identity management, the biggest criteria I had were I didn't want to install an LDAP server. We literally have no server infrastructure in our office. I needed a tool that was going to be my directory. We had evaluated OneLogin and Okta side by side, and Okta was the better tool overall.

When we were implementing Okta, the first step was really trying to get all the users in. Once we got everything in Okta, the next part was syncing Google Apps into that, because Google Apps is such a core part of our business. From there, we really had a solid foundation to add things onto, and so we just started adding apps, and that was really easy.

When we brought Bamboo internally, it also helped that whole flow of knowing exactly who's here. Who are contractors? Who are employees? What their status is in the company. When they're leaving. When they're starting.

With Bamboo provisioning, we essentially entrust that HR is going to do their job. If a person's employed or not, it's not my job to know that. It's HR's job to know that, and I don't need to get involved with it, because it just goes very streamlined from one to the other. So identity really just flows through our company, from our HR tools into Okta, and then into everything else. It makes that process automated. It means that HR can do their job, and they don't have to wait for me to do mine. They just know it's going to work.

If you're a junior engineer, you see something different than a senior engineer. All that's done through Okta's directory tools, the universal directory tool, and profile editing, and it works really, really well.

One of the biggest markers for success is being able to gracefully terminate an employee in just a few minutes, and depending on what applications they have access to, I might not need to do anything at all. Someone in HR can terminate an employee, and within 60 minutes of that termination time, the employee will be shut down in Okta,and all the tools that they had access to will be removed. So it went from two hours to either 0 or just 5 minutes. That was my biggest measure of success.

I think the next step for Massdrop and Okta is really pushing which services are going to be coming down the line. We really want to look into better security management of individual devices. Okta has tools for that. Okta has helped me and it's helped Massdrop really get a handle on all of our tools. It's provided a safer way for our employees to do their jobs every day.

At one point, Massdrop had twice as many users in their system as actually worked for the company. Managing identity had become chaos, and onboarding and offboarding employees was taking up to two hours. Once Massdrop chose Okta, they quickly integrated their users and Google Apps into the system, and then had a solid foundation. Now onboarding and provisioning accounts can flow through Okta, BambooHR and Massdrop so HR can do their job without waiting on permissions from other places. Now the process for offboarding takes just minutes, and Massdrop is looking to Okta to manage the security of their devices next.