OneLogin enabled us to create a single, secure entry point to applications while enabling our member firms to keep their local compliance measures in place.
Founded in 1999, CMS is an organisation of independent law firms around the world providing legal and tax solutions across a wide range of industries including banking, finance, energy, hotels, infrastructure, insurance, and real estate industries. Ranked as a Top 10 global law firm, CMS has operations in 40+ countries and 70+ offices worldwide. Its 4,800+ lawyers offer business-focused advice tailored to client needs, whether in a local market or across multiple jurisdictions.
Like many organizations that expand organically over the years, CMS found itself with an array of custom applications that introduced problems as operations grew more complex. Moreover, its 17 member firms need to address local requirements around compliance and regulations while operating as part of a global organization. This mix of local and global infrastructure along with unwieldy custom applications made it challenging for CMS Legal Services, CMS’s central service unit, to quickly deploy new tools and products.
“When your custom development relies on the knowledge of just one or two people, it’s hard to be agile,” explains Hélder Santos, Director of Digital & Information Technology at CMS Legal Services.
Complicating matters was the fact that one of those custom solutions residing on an on-premise server in Germany enabled single sign-on (SSO). This SSO app had to work in concert with the distinct identity and access management (IAM) platforms used by the different member firms. According to Santos, users around the world were often frustrated due to the SSO app’s slow response. Plus, users didn’t understand why they sometimes needed to use passwords and other times not.
At the same time, the IT group found it hard and time consuming to maintain and update this custom SSO solution. Even worse, CMS was exposed to security risks – such as the possibility of someone’s credentials being stolen – because a single developer was trying to keep pace with ever-evolving security threats.
CMS tried to manage its requirements in Azure and Microsoft Office 365, but couldn’t because Microsoft didn’t understand the company’s structure. “It’s very complex for us to work with large providers because they struggle to understand we are a single global entity comprising multiple member firms around the world,” says Santos.
Needing to provide secure access to central services while enabling each member firm to address their unique needs, CMS Legal Services began exploring its options. “We needed a way to ensure that our independent firms could satisfy their local needs but that we act as a single entity,” explains Santos.
OneLogin, CMS Legal Services gained a flexible way to connect all member firms while managing identity via a single entry point. According to Santos, “We liked OneLogin’s flexibility and the fact that its plug-and-play nature meant our member firms did not need to change their infrastructure to use it.”
OneLogin’s implementation process impressed Santos. “We have very smart IT people but your extremely knowledgeable engineers had no problem staying in sync with them,” continues Santos.
In addition to providing secure access to its custom applications via OneLogin, CMS Legal Services provides access to Skype, Slack, Office 365, and JIRA, to name a few.
With OneLogin as part of its global infrastructure, CMS Legal Services is empowered to consolidate all identity and access management requirements to enable global access to applications, services, and tools. “Our member firms continue using their local identity providers but we can be confident about secure access to commonly used resources,” says Santos.
This consolidated approach makes it far easier for employees to use global resources and for the company to roll out new applications. “We have aligned our security controls using OneLogin. That means each member firm’s CISO knows that access is strong and validated using OneLogin so we don’t need to reinvent the wheel with each of them whenever we bring on new applications,” continues Santos.
In fact, CMS Legal Services is able to onboard new member firms far faster than in the past. “If the member firm provides the server, we can onboard them in as little as two hours – down from two weeks in the past,” explains Santos.
Currently, CMS Legal Services is expanding trust between OneLogin and its member firms’ local identity providers so each firm can use their own multi-factor authentication to access global resources. “OneLogin will act like a broker so that it appears to users as if they’re accessing a local resource,” explains Santos.
Long term, CMS Legal Services is exploring the use of OneLogin as a customer identity management platform so its clients can connect to applications hosted, delivered and built by member firms. “We are excited by all the possibilities enabled by OneLogin,” concludes Santos.
OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on and identity management platform. Our portfolio of solutions secure connections across all users, all devices and every application, helping enterprises drive new levels of business integrity and operational velocity across their entire app portfolios.