How a biotech start-up is building better internal work culture with identity and access management.
Noul Co., Ltd., is a biotech start-up in South Korea that has developed the next generation POC (Point-Of-Care) blood testing platform for resource-limited medical facilities, clinics, and local hospitals. Its signature Lab-On-A-Chip (LOC) technology developed in the first five years of its establishment in 2015, and miLab platform, has enabled a number of underfinanced small local hospitals home and abroad to diagnose health issues without professional technicians and costly equipment.
As the business expanded operations in 2020 with a production plant and diversified their product portfolio, there was a rapid increase in new hires. Within a year, the number of employees almost doubled. Nam Sang-su, an IT Security Lead at Noul found it necessary to systematically manage the employees' access and applications with high security. In September 2021, Nam adopted Single Sign-On, Universal Directory, Advanced Lifecycle Management and Adaptive MFA for better employee experiences.
User- friendly platform with high security
"I am familiar with Okta and several other single sign-on services. Which allowed finances and resources for maintenance and operation work to be taken into consideration, even in the long term," says Nam.
Convenient access to company resources with high-level visibility and control is a user-friendly trait of Okta, shares Nam. "Before adopting Okta, anybody with an account had access to all resources, including those that they shouldn’t, because there was no centralised management system. But implementing controls over access then proved challenging and inconvenient. Okta is significantly user-friendly while guaranteeing high-level control."
Nam adds that passwordless access with Okta Verify is also very convenient. "Okta Verify removes the need for users to type in passwords. Any smartphone user can authenticate themselves with Face IDs. Many of our in-house developers find it very convenient to access the SSL-VPN now that complex passwords have been removed."
Automated user provisioning thanks to Okta Workflows
Okta has proven invaluable when it comes to provisioning new users to a cluster of applications. "When I joined Noul in 2020, I was expected to be ready to create accounts one by one for new employees to be onboarded to a cluster of fundamental applications. It was cumbersome to manually create accounts and configure separate security policies by application. Now all I have to do is set up an Okta account in advance so that new starters will be automatically onboarded to our email system and other necessary services from day one."
Other benefits with the Okta implementation include automated access for user groups to a security-sensitive Virtual Private Network (VPN). "I previously had to manually renew user access to the VPN on a regular basis. Now, thanks to Okta, all I have to do is hit a button to automatically update users monthly, quarterly or biannually, to use the VPN. If users don't request renewed access a week from the expiry date, the system automatically removes their access to the VPN."
Agility for future growth with more integrations
Currently, seven services are integrated into the Noul's Okta interface: Box, Atlassian JIRA, Notion, Google Workspace, Microsoft Office 365, Smartsheet and a custom SSL-VPN developed by its local technical partner Daon Technology Corp. With these basic team communication and safeguard tools in place, Nam plans to integrate more communication applications such as Slack and Zoom to increase cross collaboration for all employees.
Nam has also run the tests with several function-specific softwares. For example, Amazon Web Services for software and artificial intelligence development will be integrated in May. Tools like Figma,, Zapier, office bookings, and marketing software are under consideration too. DevOps platform GitLab is also on his list for future integration.
Along with new application integrations, Noul will also look to add more security features. "Noul has been using CrowdStrike's cloud-native antivirus product for security. As I plan to deploy an Endpoint Detection and Response (EDR) initiative for comprehensive threat management, integrating CrowdStrike Falcon could be the next step," says Nam. He adds that integrating Okta Device Trust, a package of contextual access management solutions, will be another future step that allows end users and partners with managed devices to access Okta-integrated applications.
"I recently ran a check on VM Workspace ONE integration to Device Trust which is supported exclusively on Okta Identity Engine. Noul still uses Okta Classic Engine as a platform, so adding Device Trust will follow when I migrate the system to Identity Engine in the future."
Nam says Okta integration has become the benchmark for seamless integration when it comes to new application adoption. "In just six months, Okta has proven to be a trustworthy partner for the Noul employee ecosystem. Moving forwards, we’re looking at integrating new applications onto the Okta platform," concludes Nam.
About Noul Co., Ltd.
Based in South Korea, Noul Co., Ltd. developed the next generation POC (Point-Of-Care) blood testing platform for resource-limited medical facilities, clinics, and local hospitals, with a mission to solve global challenges that threaten human life, to discover novel solutions, and to establish a new gold standard in POC blood testing. Noul’s solutions aim to improve accessibility to proper health care by integrating innovations in biology, artificial intelligence, mobile technology, robotics, and software/hardware engineering. Noul has filed over 65 global patents, conducted more than seven field clinical trials, and has research partnerships with world-class global institutions.