To reduce costs and improve access to information, this medical school was aggressively looking to adopt more cloud applications into its operating environment. And like many organizations, the school was using Microsoft Active Directory (AD) to manage its user access control within the various domains and apps on its local networks.
Along with introducing its first organization-wide SaaS service—Box for cloud file synchronization and collaboration—the school encountered the challenge of integrating Box into its existing directory system. Put simply, it needed to provision user accounts to Box and synchronize with their existing AD service.
Another challenge they uncovered was one of security and compliance. “We’re trusting (vendors) with the information...maybe they’ve got a shared data center, they use some other app, or they get a breach—it’s just too much risk,” says the systems engineer for the college.
Considering the future of the medical school’s systems, the systems engineer knew that health information management in an increasingly cloud-oriented environment would require centralized control. New users would need quick provisioning and departing users would need instant revocation.
Given their challenges, Box offered the school several suggestions including Microsoft ADFS and two enterprise cloud identity and access management (IAM) providers. Microsoft would have been cost prohibitive, as it would require additional infrastructure to deploy.
The two IAM vendors offered to solve the same problem for similar pricing, but the school ultimately chose OneLogin due to better support and onboarding experiences.
With AD synchronization, OneLogin performs real-time user provisioning to Box, eliminating the manual effort of creating and revoking user accounts. The systems engineer notes, “We just disable them from Active Directory and that’s it.” The medical school was able to leverage its existing AD system with no added hardware.
OneLogin helped the medical school to quickly and easily provision users to their Box accounts, eliminating what would have otherwise been extensive time costs and hardware expenses.
In addition, using OneLogin has made life easier for employees using Box. As the systems engineer mentions, “We knew we were going to see increased productivity and reduced complexity, just by having people use their Active Directory credentials. That’s been our number one complaint, that we use so many apps and different systems so that people have to remember a dozen passwords. It was kind of a no-brainer for everyone here, because if people need to log in to a portal, they get everything they need and it’s easy to lock it if someone leaves. We didn’t have to sell that part of it. It kind of sells itself, given our environment.”
The systems engineer is now intent on getting other applications such as their payroll service into their SAML environment. In fact, their HR and IS teams are already asking potential vendors whether they support SAML as a prerequisite to using the service. Looking forward, the school’s partnership with OneLogin is going to enable them to continue a secure transition with their expanding cloud app set.
OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on and identity management platform. Our portfolio of solutions secure connections across all users, all devices and every application, helping enterprises drive new levels of business integrity and operational velocity across their entire app portfolios.