Okta’s lifecycle automation tools help Nuvolo make lean IT look easy

Watch the Video
280

employees globally, accessing 67 applications and 195 ServiceNow instances via Okta

One

virtually instantaneous employee onboarding process

140

direct clients with streamlined access to Nuvolo applications

2,000

minutes saved annually by automating manual client onboarding processes

  • Ultra-lean IT, with automation at the core
  • Automating and securing workforce identities
  • Streamlining customer and partner access
  • Using Workflows automation to go even further
  • Taking the mundane out of IT
Ultra-lean IT, with automation at the core

Nuvolo offers an enterprise asset management platform, built in the cloud on ServiceNow technology. The company lives and breathes automation, which means IT runs lean. To meet hypergrowth challenges, they needed a high-performing identity and access management (IAM) partner.

Automating and securing workforce identities

After considering Okta and Microsoft solutions, the Nuvolo team chose Okta for its out-of-the-box capabilities and its ability to start small and scale quickly. They started with Okta workforce solutions, to centralize, automate, and secure employee account authentication.

Streamlining customer and partner access

After success with workforce IAM and experiencing the power of Okta’s automation tools, Nuvolo expanded its solution to include Okta customer identity. Centralizing IAM across the company dramatically improved the user experience for clients and partners, and simplified IT administration.

Using Workflows automation to go even further

In 2020, the Nuvolo team embraced Okta Workflows for workforce and customer identity, achieving even greater automation without code or ongoing maintenance. Today, employee onboarding and offboarding are virtually instantaneous. Manual provisioning of customer and partner accounts is ancient history.

Taking the mundane out of IT

Nuvolo continues its growth, adding 70-80 new employees annually to support a rapidly growing customer base. With Okta, the Nuvolo IT team manages to keep up with a team of three, each doing valuable work that requires human engagement rather than spending time on mundane tasks.

An IT team of one chooses identity that’s ready to go

Nuvolo’s enterprise asset management platform is built in the cloud on ServiceNow technology, so automation is central to the company’s mission and also central to the way IT works. To meet the challenges of an aggressive growth roadmap, IT’s original team of one needed to centralize, automate, and secure account authentication and access for 80 employees—stat. Nuvolo chose Okta for its out-of-the-box capabilities, its start-up friendly pricing structure, and its ability to scale quickly.

I couldn’t manage the lifecycle at the current rate with my staff of two, without Okta and the automation we have in place.

Jason Siegrist, Chief Security Information Officer, Nuvolo

Ultra-lean IT, with automation at the core

Nuvolo helps people connect to their workplaces. The technology startup, based in New Jersey but built in the cloud, offers a platform that allows global teams to collaborate around the same set of data, whether they’re working in maintenance, space planning, field service, real estate, project management, or sustainability.

The Nuvolo platform is built on ServiceNow technology, with automation at its core. When it came time to develop an IT strategy, company leadership brought in Jason Siegrist, a previous Nuvolo customer in the enterprise space. In 2017, Siegrist became Nuvolo’s original IT team of one, charged with automating IT and setting up compliance systems for the company’s 80 employees.

Three years later, the company has more than tripled in size, with 280 employees in six countries, 150 direct clients, and 800-1,000 indirect clients. Meanwhile, Siegrist has added two members to his IT team.

To make lean IT work, he says, they organize around a particular understanding of “cloud first.” Not only does Nuvolo not run any on-prem servers—they don’t manage server space in the cloud, either. “Everything we own is software as a service (SaaS),” says Siegrist.

To address the needs of a large client base with a small IT team, Siegrist puts his entire focus on connecting best-of-breed SaaS applications into automated processes designed to make Nuvolo run smoothly and efficiently.

“I tell everyone I’m professionally lazy,” he says.” I spend energy finding ways I can work less. More importantly—ways I can make more space for the work that requires real brain power.”

High expectations for IAM

When Siegrist started at Nuvolo, he was handed a growth roadmap and a mandate to build an IT infrastructure that could support it. To begin managing cloud services accounts for 80 people, he needed to find an identity and access management (IAM) partner that could help him centralize and automate account authentication. “Okta was one of the first companies I called,” he says.

Siegrist considered a Microsoft IAM solution, but found it wasn’t cost effective for a small organization. He was also a bit skeptical. “Microsoft is broad, but not very deep,” he says. “They have a huge product offering, but they don’t always provide the richest feature sets in a given vertical.”

Coming from an enterprise environment, Siegrist had high expectations for an IAM partner. As a one-person team, he was also looking to buy something out of the box, turn it on, and configure it quickly.

“There’s only so much that one person can get on a plate,” he says. “Maybe we could have achieved our IAM goal with Microsoft—written our own components and used ServiceNow REST—but I didn’t want to maintain that. I wanted to buy it, turn it on, and use it.”

In the end, Okta’s out-of-the-box, cloud-based solution with its ability to start small and scale quickly made it the clear choice for Nuvolo. “Okta was and still is the best technical and financial fit,” he says.

Automating and securing workforce identities

Siegrist hired Iron Cove Solutions to help implement Okta’s workforce identity solutions. They started with Okta Single Sign-On, Okta Universal Directory, and Okta Lifecycle Management to connect employee applications and automate account onboarding and offboarding.

“Implementation took maybe two weeks,” he says. “Once we figured out how to connect applications to our Okta platform, it’s been rinse and repeat.” Today, Nuvolo employees log into Okta to connect to 67 unique applications and 195 different ServiceNow instances.

Okta’s integration with ServiceNow is a huge benefit, says Siegrist. “With as many ServiceNow instances as we have, automating the provisioning of that application alone has saved me a mountain of time."

The Nuvolo implementation also includes Okta Multi-Factor Authentication, adding another layer of security for applications, such as ADP, which hold sensitive personal information. IT admins also receive frequent MFA prompts.

As Nuvolo’s client list expanded from facilities customer services to clinical asset management and laboratory sciences, identity verification became increasingly critical. Okta SSO and MFA play an important role in helping the company maintain digital signing processes that comply with Title 21 of the Code of Federal Regulations, Part 11—the U.S. Food and Drug Administration’s standard for electronic signatures.

“To implement these additional controls, we just check a box in Okta to turn on re-authenticate or MFA,” says Siegrist. “Okta’s flexibility and the ability to make those changes on a per-application, per-user, or per-environment basis make compliance substantially easier for us to manage.”

Today, the Okta Integration Network plays an important role when Nuvolo business leaders are requesting new solutions. “We encourage all of our application holders to use applications that are Okta enabled and supported,” says Siegrist. “If it’s not covered by Okta, we have a serious conversation about why not.”

Streamlining customer and partner access

As Nuvolo matured in the Okta workforce IAM environment, it became clear that expanding the solution to clients and partners would offer a multitude of benefits. “Many Nuvolo clients and partners were accessing multiple systems that we managed locally,” says Siegrist. “Although that was less of a security risk, we knew we could improve the user experience for them.”

Nuvolo Legacy Client and Partner Authentication Flow

The team added customer identity products to their Okta solution, including Okta Authentication, Okta Authorization, Okta User Management, and Okta Lifecycle Management, to create one IAM platform solution for employees, clients, and partners.

Customer IAM (CIAM) was simpler to implement because Nuvolo customers and partners have just a few points of access: a partner portal, a combined customer-partner portal, a learning management system, and a project management space. Once those applications were all integrated into Okta, users could move from one to the other without logging in multiple times.

The team called the new platform Nuvolo Connect, customizing the sign-in screen using an Okta widget. “It’s one space for everyone to access all of our systems,” says Siegrist. “It’s also just one space for us to manage, and it reduces our overhead on password problems.”

Using Workflows automation to go even further

Because Siegrist and his team are so focused on automation, they embraced Okta Workflows right away, after it was announced in 2020 as part of Okta Platform Services.

Workforce and Customer Identity Workflows allows Nuvolo to take its Okta solution even further, automating complex lifecycle tasks specific to the company. With Workflows, IT admins use APIs to create bespoke business processes without code, connecting Okta product features with third-party applications and systems.

“Today, we have 216 rules that automate how we assign and provision access to all of our applications,” says Siegrist. “Everything we do is completely automated. When a person’s role changes, we simply update their record in ServiceNow, which in turn updates their information in Okta.”

That efficiency pays off in decreased security risk when it comes to offboarding employees or updating access as people change roles. “Deprovisioning access in a timely manner is as important as provisioning access for new employees,” says Siegrist. “I couldn’t manage the lifecycle at the current rate with my staff of two, without Okta and the automation we have in place.”

Nuvolo’s CIAM implementation included a short Okta Professional Services engagement, to fully automate client and partner provisioning via Customer Identity Workflows. “Some of the data we were trying to pull out of Salesforce wasn’t easily acquired,” says Siegrist. “Professional Services built a custom script that reached out to Salesforce, pulled the data in, and then built groups according to company.”

From there, the team created a workflow that takes the Salesforce information and creates or updates user profiles in Okta, so that clients and partners can be privileged into Nuvolo applications.

Nuvolo Updated Client and Partner Authentication Flow

Taking the mundane out of IT administration

Today, Nuvolo continues its pace of growth, hiring 70-80 new employees every year and supporting a rapidly growing customer base. “Without tools like Okta, it would be impossible to keep up with the pace of work,” says Siegrist. “We’re always looking for efficiencies, whether it’s how to answer an RFP faster or how to build a computer with zero touch—just log in and it builds itself.”

When Siegrist first started at Nuvolo, onboarding a new employee was a process of 16 manual steps. Today, ten of those steps have been automated. Where it used to take two weeks to build a new computer and onboard a new hire, today it’s virtually instantaneous.

“We’re looking to move Microsoft Office 365 authentication to Okta as well, so that everything is centralized,” he says. The goal is to put onboarding completely in the hands of HR. “We’re taking IT out of the loop for IT onboarding, other than the technical aspects of shipping the hardware—and we might be able to get HR to do that, too.”

The results on the CIAM side have been equally positive. Where before, each customer and partner had to be manually provisioned into each Nuvolo application, today they register once to gain access to all their apps via Nuvolo Connect.

“For every 100 new clients we bring on, we save five minutes of manual work per client for each Nuvolo app, so we gain about 2,000 minutes back,” says Siegrist.

The numbers don’t speak to the deeper benefits of automation, however. “Those mundane, boring tasks provide no real value and little job fulfillment,” he says. “It’s like the little bird from the Simpsons clicking the ‘Yes’ button. That’s no fun. So, we like to automate those things.”

About Nuvolo

Nuvolo is a global leader in modern, cloud-based enterprise asset management solutions, providing a single platform to manage all people, physical locations, assets, and work, and enabling data sharing across departments. Headquartered in Paramus, New Jersey, with a global workforce distributed throughout North America, Europe and Asia, the company serves the healthcare, life sciences, financial services, retail, government, higher education, and enterprise industries. Nuvolo is the largest and fastest-growing independent software vendor globally, built on Now technology from ServiceNow.