Striking a Balance Between Flexibility and Security to Enable Unfettered Growth

About

Qonto is the leading European business finance solution. It simplifies everything from everyday banking and financing to bookkeeping and spend management. With its fast and innovative product, highly-responsive customer service and transparent prices, Qonto energizes SMEs and freelancers so that they can achieve more. Launched in 2017, Qonto serves more than 220,000 clients in 4 countries (France, Germany, Italy, and Spain) and employs more than 500 in Paris, Berlin, Milan and Barcelona.

Challenge

As is true of many fast-growing companies, Qonto calls upon a combination of employees and contractors to support its business. Previously, when onboarding, both employees and contractors received multiple emails with passwords to relevant applications. Workers struggled to know who to turn to when they experienced app access issues. For many teams, onboarding quickly became an exponential nightmare as Qonto welcomed up to 20 people every two weeks and provided access to as many as 60 applications. While each employee is associated with an HR file, contractors come and go, introducing different challenges for the security team when it comes to maintaining app access and credential lists. The challenge continued with the offboarding process. A point-in-time audit that was quickly out-of-date was insufficient for understanding who still worked for Qonto and who didn’t. Plus, it was complicated for the security team to revoke application access in shared access situations.

Enter OneLogin. “We chose OneLogin because it elegantly solves a difficult equation involving flexibility, security, and automation,” says El Aassal. With robust support for integrations within OneLogin, Qonto deployed 60 apps within three months. “We’re a relatively small security team. OneLogin provides APIs that streamline integration and makes it easy to create OneLogin accounts and automate many core processes,” says El Aassal. He also appreciates that OneLogin unleashes innovation. “We can easily scale, such as by connecting an app with 1,000 users using just three lines of script.”

In the past, when new employees requested app access, each request generated a ticket for the team owner of the tool. This used to be the norm and overwhelmed teams over time. Now, it’s an anomaly for the security team to receive those tickets. When employees and contractors join today, their access permissions and rights are set automatically, based on their role and/or groups. This reduces friction during onboarding, enabling workers to access needed apps without delay. At the same time, Qonto no longer needs to dedicate one engineer to spend a full day every two weeks provisioning app access for new joiners since OneLogin handles this automatically.  With OneLogin in place, Qonto doesn’t have to worry about security as it scales and yet knows new workers are empowered to work efficiently on day one.