Imagine having to securely manage social media accounts in 50 languages, around the clock across the globe every year, for high-profile clients like MTV, LEGO, Sony and Hyundai. For Technology Manager Paul Elson and his IT team at eModeration—a global social media management agency—ensuring secure application access and user provisioning was a challenge.
Most eModeration staff work from home using a computer and a secure Internet connection. These individuals use multiple accounts as well as many different password-enabled applications. But as Elson explained in a recent OneLogin webinar, finding ways to ensure robust security without hindering team productivity is not always easy.
“Usually, improving one degrades another,” Elson said. “For instance, making something easy to use can take time to implement and potentially make it less secure. Security also takes a hit when you react to change quickly. Conversely, if you focus on security, sometimes applications become harder to use and the ability to quickly adapt goes out the window,” he added.
For eModeration, however, reacting to change quickly is imperative, especially since the social media management agency now has a team of over 300 people on its books. The company needs to be able to scale users up and down quickly based on changing customer demands.
For example, last year eModeration was able to successfully accommodate the needs of a global launch for one of its clients in the entertainment sector. OneLogin had only two weeks to authenticate 200 new staff members spread across different IP addresses throughout the world. Each user had four different client-built tools, and each login was unique to the tool and user.
To make matters more complicated, there were four stages to each tool login. Authentication requirements for each user included:
- A single whitelisted IP address
- Basic authentication
- Form-based authentication
- Secure location assurance
To address this demand, eModeration used a CSV upload to create the required Google Apps accounts (the company used Google Apps as its user directory). Then, OneLogin authenticated Google Apps so that no additional user passwords were required. User mapping was established to automatically allocate applications, and unique credentials were uploaded in bulk to save time.
Additionally, enhanced security measurements were established using OneLogin’s Application policy, which proxied users and established session timeouts to prevent users from accidentally remaining logged in.
eModeration was able to securely onboard 200 users in just 67 hours, instead of the 10 weeks it could otherwise have taken. Moreover, the company was able to bring authentication time down to just 20 minutes per user. Additionally, the 67 hours that it took to onboard users encompassed the entire technical enrolment. OneLogin was responsible for only one 10-minute process. And, as Elson explained, about half that time was spent waiting for CSVs to upload.
Using OneLogin, eModeration was able to overcome time and security constraints and can now efficiently control application access. Moreover, the company no longer has to rely solely on passwords as OneLogin’s OTP App adds a second layer of authentication.
“The send code button on OneLogin’s one-time password app is one of those features that shatters the notion that you need to sacrifice security for convenience,” Elson added. “In fact, the opposite is true. Our users love the convenience of clicking the send code button versus having to enter digits manually in their own browser.” The send code button is also more secure than traditional solutions because it is sent out-of-band through the cell phone or wireless network. This prevents man-in-the middle attacks. Users then gain access to apps in neatly organized tabs, which helps reduce confusion when switching between accounts.
According to Elson, OneLogin has helped give eModeration:
- Enhanced security: OneLogin provides second factor authentication, and client passwords are never known to end users.
- Real-time activity reports.
- Ease of use: One-click access to applications that are organized in tabs.
- Agility: IT managers can effortlessly grant and deny user access to ensure that no end user has access to restricted information.