An international litigation and business law firm with some of the world’s largest corporations as clients, Sedgwick LLP excels in handling high stakes business deals and cases involving significant exposure or sensitive public relations issues.
Interim Chief Information Officer, Sedgwick LLP
Sedgwick is highly attuned to protecting the confidentiality, integrity, and availability of customer and employee data, and is pursuing ISO 27001:2013 certification for information security to help enable centralized identity management.
To keep malware and viruses from coming up through the browser, it runs office internet traffic on a virtual session instead of its own servers. “While this worked really well, we grew tired of having to feed end user names and credentials to a third party for them to manage. We wanted to bring the directory management in house, specifically because we’re a law firm, and we’re really sensitive with our data,” says Matt Fuller, Interim Chief Information Officer at Sedgwick.
"As we begin to add more finance applications, we need the ability to terminate a departed employee’s access pretty quickly, and the only way to do that is if we control access to those sites. That’s one of the top business drivers for us, and security is hugely important to us," states Fuller.
"But to maintain our agility as an organization, we need to grant people access to everything they need access to quickly. Whether for a new employee, attorney or partner, to do that by just adding them to a group so we don't have to manage them individually, that’s a major factor for us," says Fuller.
"We were using Chrome River for expense reimbursement, and they recommended we look at OneLogin. We also checked with the International Legal Technology Association (ILTA), and asked folks what they were using for a single sign-on (SSO) solution. Almost in unison people responded, 'OneLogin is the solution you need,' and as we dug deeper, it was a no brainer to pursue it," states Fuller.
"The OneLogin support folks were really gracious and helped us configure it to get it set up and going," mentions Fuller. Sedgwick initially launched OneLogin to a handful of people in the finance and accounting group that use Chrome River, and watched how they used it for a few weeks. From there, they began to broaden the scope of the application to address other challenges—such as, people remembering passwords and having to send end user data to vendor hosts for sites that required end user access.
Prior to bringing in OneLogin, provisioning new users was done manually, making it a time consuming and error-prone process. Now, when someone joins the firm, a OneLogin account is created automatically, since it’s connected to Active Directory (AD). Additionally, when someone leaves, it is now possible to deprovision them in real time, thanks to the tie-in with AD Change Notifications.
"With all of these hosted services that we use, we were concerned that departing employees would still have access to those systems. But with OneLogin, when that person’s Active Directory account is closed, the access to those external sites is terminated as well—instantaneously," comments Fuller.
With most systems, it’s no big deal to make sure people aren’t signing on to them. But as we leverage OneLogin for finance applications, specifically banking, obviously we want people to be out of those systems as quickly as possible. And with the number of banking systems that we’re attaching to, it would be almost impossible to kill someone’s access, and make sure that we removed them in all locations. OneLogin takes care of that for us — it’s a product we really believe in," says Fuller.
"All the time spent from users having to remember what their password is for a given site or service, and then when they don’t remember it, clicking the “send me my password" button— that’s virtually nonexistent now. The savings benefit both IT and regular end users. They’re not bothered with having to remember login credentials, and we don’t have to help them remember them or reset them on these systems,” comments Fuller.
"Another area we find both valuable and a best practice is that in IT, we’re not spending as much time sharing data with our vendors. We don’t have to send them updates, and we’ve pretty much eliminated phone calls -- it’s just removed that from the things we need to worry about,” states Fuller.
OneLogin brings speed and integrity to the modern enterprise with an award-winning SSO and identity management platform. Our portfolio of solutions secure connections across all users, all devices, and every application, helping enterprises drive new levels of business integrity and operational velocity across their entire app portfolios. The choice for innovators of all sizes such as Condé Nast, Pinterest and Steelcase, OneLogin manages and secures millions of identities around the globe.