Energy supply is becoming an increasingly charged issue. From longstanding concerns over the environmental impact and sustainability of generating electricity to recent tensions over energy security and pricing, nations worldwide are struggling to get to grips with a rapidly shifting landscape. Tibber was established in 2017 by two energy industry insiders on a mission to remove everything ‘bad, unfair and irritating from an industry that’s stuck in the past’. Tibber buys the cheapest electricity available per hour for its customers while empowering them with smart technologies that help to lower energy usage and drive down costs, whether that’s charging electric vehicles overnight when prices are more competitive or enabling real-time monitoring of household power consumption to increase efficiency.
Tibber’s suite of digital tools quickly disrupted the market in its native Sweden and the popularity of its approach saw the company expand into Norway, Germany, and the Netherlands, becoming a major player in these markets almost overnight. But this success led to challenges in managing a growing workforce. As a digital-first, cloud-native company that began life as a startup and which maintained that mindset, Tibber knew it needed an Identity and Access Management (IAM) provider that could scale with its growth. Jon Westholm, Tibber’s Security Captain, has been a key figure on this front, describing himself as a ‘lone ranger’ who manages IT security and operations for the entire Tibber group.
Jon worked with Okta in a previous job and says he was impressed by the IAM platform’s capabilities. At Tibber, he encountered a drive to challenge and question "normal practices." By suggesting an Enterprise solution from Okta to standardize and optimize the user lifecycle management, there were eyebrows raised–would this Okta initiative kill creativity and make Tibberinos less empowered in their workday? But the concern was short lived.
“We chose Okta because I knew from experience that it could strengthen our security at Tibber while increasing efficiencies in our processes, without adding extra burdens to my workload,” Jon says. “That meant I could continue to focus my time and energy where it matters most. Designing and creating a whole IT/Operations department was never going to be a priority, so my job has been to address the challenge of scaling up our technological infrastructure across the business as an agile ‘one-man-band’.”
Working with Advania to empower rapid deployment
Once Jon had successfully convinced the Tibber “original team”, the first 50 employees, and other senior decision-makers of the benefits of adopting Okta, he was keen to move quickly. Working with information technology specialists Advania as a source of strategic support, he leveraged the Stockholm-based organization’s team of certified Okta specialists to drive the project forward. As a result, Jon was able to devise, design, and deploy an Okta infrastructure suitable for the whole Tibber organization in just one and a half months.
“Given our startup mentality, time to market is crucial at Tibber,” Jon adds. “Advania helped me to get to grips with this project and deliver it as quickly and effectively as possible. The strategic support and quality of service we receive, all in my native tongue, is second-to-none.”
Automating routine processes to increase efficiency
Having joined Tibber in January 2022, Jon saw the company grow from 150 to around 300 employees within the year. With a rapidly expanding workforce, one of Jon’s first priorities was to integrate Okta with the HR processes used at Tibber.
The company had begun to use Hibob HR at around the same time as Jon was working on his Okta implementation. So it made business sense to use Hibob as a single source of workforce truth for Okta’s HR-Driven IT Provisioning capabilities. Prior to Okta, one of the ‘original team’ of 50 employees had the permissions and therefore the responsibility to pick up a slack message and create the user in IT, as a result of a request from HR. This was only 15 mins worth of work per user but depending on when the request was seen it usually took a day to do this, and wasn't an example of best practice.
With Okta Workflows, Tibber sends an automated welcome newsletter triggered by account creation as a result of HR to a new user asking for what setup they want. Okta Workflows then notifies the manager 1 week prior to the new employees start date and sends pre-onboarding emails, before undertaking automatic provisioning.
Okta integrated to Hibob in less than 50 mins for a read, write & bi-directonal sync with a multi-master relationship and was able to 100% automate this creation of a user within IT, removing 38 hours of manual work by those with authority to provision and roughly 1,200 hours of elapsed time or $36K of average wage productivity cost by employees waiting for access on day 1. If Tibber had wanted to integrate IT with HR and achieve this benefit without Okta, a large project would have been required to custom code this integration that typically run up to $384K for the deployment and management of a custom provisioning solution with associated hardware & service ops cost.
Prior to Okta, Jon lacked transparency around routine joiners, movers, and leavers (JML) IT events, such as the provisioning of around 20 birthright apps for new starters and the timely removal of access for employees leaving the company.
Without any formal processes in place, these tasks lacked ownership and oversight. New starters requested access to the apps they needed via a dedicated Slack channel. That took roughly 15 minutes out of someone’s busy schedule for each new joiner. It also meant that new starters didn’t always get the tools they needed to do their jobs right away, or had to make additional requests for apps specific to their role. That might not sound like a lot of time, but considering the company has more than doubled in size in 2022, it soon adds up.
Tibber had 20 birthright apps for all new starters, each taking 15 mins to provision a user to an app prior to Okta. Okta has 100% automated the provisioning and deprovisioning of 20 birthright apps at Tibber, saving 750 hours or £29K of hard cost spent by people doing tasks that are now automated, for new joiners alone. This means that each new joiner gets the apps they need day 1 second 1. Integrating these apps for LCM with Okta took 15 mins an app, due to Okta’s Integration Network of pre-built integrations. Without such a network, integrating an app for lifecycle management can involve custom building integrations, taking up to a month to do, that would have cost Tibber $133K for the 40 apps they have integrated so far.
When Jon joined Tibber, he identified a gap between IT operations and his main area of responsibility, Information Security. This forced him to expand his domain, but he knew that he wouldn’t have time to action them all manually. With Okta connected to Hibob, any changes made to a user’s information in the company's HR system are now automatically communicated to Okta and synced across applications. This means that Okta Lifecycle Management is able to automate many JML and other tasks that were previously managed ad-hoc. The company currently has 100+ apps running in Okta from which a third have SCIM capabilities. And, with Universal Directory, Jon was also able to establish a ‘single-pane’ view of all of the business’s users and identity sources. That was particularly important when the company’s Series C round of capital funding arrived, reassuring investors that Tibber had plans in place to remain security compliant as it grew.
Strengthening security while delivering seamless user experiences
Jon was also quick to take advantage of the security benefits of Okta, integrating 50 apps with Single Sign-On in a month and a half. 80% of these apps were already pre-integrated by the Okta Integration Network. With a more than capable DevOps team on-hand, Tibber made quick work of the remaining 20%, mostly using Okta’s integration wizard that accomplished these integrations in minutes and for a smaller set of fully self built custom apps in less than an hour. But Tibber saved significant time and money by not having to manually pre-integrate their apps with Okta.
For end-users, it also enables a seamless, unified identity that grants access to all of the Tibber tools they’ll need throughout their working lives.
Adopting Multi-Factor Authentication further fortified Tibber’s cyber defences. Before working with Okta, Tibber relied on any additional authentication methods included as standard with some apps. Now, all 50 of its apps are protected without adding unnecessary time to an employee’s already busy day. Around half of Tibber workers use Okta Verify to provide their additional identity authentication factor.. And policies such as IP zones, managed devices, and impossible travel provide contextual information that ensures staff are only prompted to authenticate their identity when absolutely necessary.
This smarter & more modern way of doing security also vastly increased user experience. If Tibber had used MFA at each app level authentication prior to SSO, it would have generated 50 challenges per user per week taking a typical 45 seconds to respond to an SMS one time password, resulting in 9,375 hours a year spent responding to security across the workforce. With Okta, using a combination of policies to remove prompts based on security state as well as vastly faster push prompting in Okta Verify, Tibber has saved 90% of MFA time or $256,370 of average wage productivity cost.
Staying ahead of the curve through constant innovation
Tibber has come a long way in a very short time, both as a company and in its journey with Okta. With its gaze firmly fixed on the future, Tibber is always looking for the next opportunity to innovate. When it comes to IAM, Jon has been exploring the potential of Okta Workflows to further simplify and automate identity-centric processes at scale. Jon is already utilizing an end-to-end user onboarding Workflow which ensures that new user accounts are activated one week prior to their start date. That means onboarding employees are able to access their email inbox immediately, giving them a head start in getting settled into their new role. In the future, Jon says he will further explore the power of LCM automation in these kinds of everyday processes.
“Okta is our identity assassin, quietly and quickly cutting through our challenges and making every day easier for me, and for Tibber,” Jon adds. “But if you asked our average employee about Okta, they wouldn’t have much to say. We’ve integrated Okta seamlessly so that, from the user’s perspective, their journey is entirely Tibber branded.”