Read our case study on Okta SSO Identity Management.

Business Situation

A major American manufacturer based in Kholer, Wisconsin of household products made a significant business technology decision to begin using Okta to improve its SSO and identity management requirements. The company needed a more efficient way to provision sanctioned applications like Microsoft Office 365, Citrix NetScaler, MyCHDBenefits, Workday, ServiceNow, Innotas, an an on-premises Microsoft Outlook Web App. The new SSO and identity management requirements would help to satisfy a more secure IT environment, challenging end users with MFA when appropriate, and even reduce or eliminate password re-set tickets.

Customer

Iron Cove and Okta’s customer is a multi billion dollar Fortune 500 American household goods manufacturer with a long-standing reputable brands and more than 3,000 employees in its multiple business units. Streamlining access to apps and creating a more secure access environment were critical success criteria. Working with a dispersed IT team across multiple time zones meant that Iron Cove had to manage a disciplined approach to this project. Project milestones required fluid teamwork in the truest sense and allowed Iron Cove to draw on its deep knowledge from previous Okta deployments to keep the deployment on time and on budget.

Benefits

• Streamlined customer’s corporate-sanctioned apps access
• Okta for SSO reduced helpdesk support with password resets and cloud app access
• Okta simplifies end-user access to Office 365 and other apps
• Showcased IT’s commitment to security and efficiency

Solution

Iron Cove was selected as the Okta deployment partner because of strong experience implementing Okta in a multi forest, multi AD, complex environment relying on Office 365 as the core of its business productivity apps. In this case, multiple Okta AD agents were installed and configured, allowing for complete synchronization. App assignments from within Okta were made easier by adjusting AD settings to accommodate internal organization requirements. An IWA server was spun up alongside the Okta AD agents for redundancy and to allow for on-premise SSO and domain-validated user access to assigned applications within Okta. The IWA installation meant any domain user logged in to an on-premise domain-joined machine via his or her domain credentials would be seamlessly logged into their assigned applications provisioned in Okta. The subsequent challenges of setting up the application at this point are to make sure that all Big Bang apps (SSO applications that are all-or-nothing) are properly configured for SAML. SAML apps like Workday, ServiceNow, and Innotas were tested in the preview environment, application owners and their teams. MFA was activated for off-premise users, using SMS and Okta verification. After thorough testing and verification, all apps were assigned to end user groups within AD, pushed to into Okta production, and rolled out to end users. Ultimately, end users were exposed to the elegant and easy-to-use Okta interface and quickly began using the application buttons (Chiclets) to launch their applications and organize their workflow. Additional corporate sanctioned apps can be assigned by AD group, showing up on their Dashboard and ready to use. End user confusion was minimized by a clear pre and post launch communication plan. The result? A high level of adoption for an enhanced environment providing security around sensitive corporate information and applications. As an Okta-certified professional solutions provider, Iron Cove has helped organizations of all sizes become more efficient and more secure by using Okta to manage SSO and identity.