Selecting Okta for security, manageability, and cost
To pick a new AM vendor, Mark and his team decided to build on Telenet’s long-standing partnership with Upright Security, a dynamic team of identity specialists. “We’ve been working with Upright Security for more than 10 years and know how committed the team is, and that they go above and beyond to support us,” says Mark.
When comparing Okta’s capabilities with other vendors, Mark and his team had three major criteria: security, manageability, and cost. Telenet’s infrastructure consists of nine different environments, from development to testing and production, with many on-prem applications. This required a solution that could dynamically cater to these environments and provide adaptive authentication processes, including header-based authentication. With more powerful multi-tenancy capabilities than the competition, Okta pulled ahead.
“Addressing multiple tenants with the other solutions we’ve looked at would have been more complex to manage and also more costly,” says Mark. “But unlike other vendors, Okta doesn’t choose convenience over security either: my security team and I really have ownership of the platform and can decide on rules and policies, which makes it easier to meet our security requirements.”
Overall, Okta best met Telenet’s three selection criteria. “We need to manage more than 14,000 identities in a secure, compliant, cost-efficient, and flexible way across multiple environments,” says Mark. “Okta enabled us to do just that, and with a level of end-to-end implementation support from Upright Security that’s difficult to find for other identity solutions.”
Connecting the legacy stack with the cloud future
With the convenience of more than 14,000 users in mind, Mark and his team didn’t want to go ‘big bang’, but onboard identities and applications gradually. This is often done during a digital transformation of a complex environment. The initial Okta setup, however, didn’t take long: “After signing the contracts, Okta’s connections to our nine tenants were up and running within days, and Upright Security helped us to configure everything properly,” says Mark. “We didn’t experience any real bottlenecks and got the environments operationally running quickly.”
Despite a huge number of applications and a complex hybrid environment, Telenet was able to leverage the power of Okta from the get-go by connecting the new solution with the legacy stack via programmatic IdP Discovery and inbound federation. Upright Security helped set up this connection within the initial set up of a few days, laying the foundation for a soft migration with maximum convenience.
This approach meant Telenet didn’t have to build out things like MFA on top of their legacy solutions’ nine tenants. This meant SSO integrations were made to Okta directly, instead of connecting each app individually to each tenant, avoiding another complex project. Okta's approach also meant Telenet didn’t have to reengineer these connections every time they did a major upgrade, saving more time and cost down the line.
“With programmatic IdP Discovery and inbound federation, we can use Okta to authenticate applications that are still coupled with the legacy stack,” says Cédric Gossé, Security Architect & Partner at Upright Security. “Because of that, we were able to leverage Okta features, such as Adaptive Multi-factor Authentication, from the beginning.”
From lengthy Captchas and frustrating certificates to instant access with MFA
Today, all 14,000 internal and external users at Telenet interact with Okta. After logging on with Okta and with security provided by Adaptive Multi-Factor Authentication, users either Single Sign On into apps via their home dashboard or access the Telenet's old stack (as it is being migrated over time). This makes for a seamless transition.
“Okta’s integrations enabled us to onboard users at their convenience, before making the change mandatory,” says Mark. “This meant less work for us, because we didn’t have to migrate all the apps at once, and made the onboarding process easier for our employees.”
Telenet had an SSO solution in place prior to Okta, but getting users through the login process in a secure and convenient way used to be difficult. What was missing was an elegant way to connect non-corporate devices with certain apps, such as Salesforce. Employees had to either install certificates via help desk support, which was time-consuming and didn’t work for all applications, or log in with Captchas, which was tedious and didn’t account for stolen devices.
With Okta’s Adaptive Multi-factor Authentication, Telenet’s login processes have become more secure and convenient: employees can use several authentication methods, such as Okta Verify, and easily verify their identity by approving a push notification.
“Allowing the use of applications on non-corporate devices used to be a true hassle,” says Mark. “Logging in with Captchas used to take 45 seconds, now it’s almost instant. That’s why people really like the simplicity of Okta Verify.”
Going cloud to connect Belgium
Telenet has seen tremendous growth in the past years and continues to expand, sometimes by acquiring new companies. For Mark and his team, consolidating the IT landscape and identity processes after an acquisition is usually the first challenge, and Okta has greatly reduced friction during that stage.
“Okta’s fast deployment and its scalable flexibility, combined with the subscription-based model, enables us to integrate new companies quickly, without having to worry about individual apps, certificates, or devices,” says Mark. “Having Okta’s cloud solution in place, which is accessible from anywhere, adds a huge convenience factor.”
Currently, Mark and his team are rolling out Okta Access Gateway to enable employees to access all of Telenet’s on-prem apps. Next, they’re planning to use Okta to further shore up convenience and security at the company. With Okta’s FastPass solution, Telenet could move beyond passwords to make logins even simpler and more secure. Because the number of external users will only grow in the future, the team is looking into Advanced Server Access to apply secure access control to servers. Further down the line, Okta’s customer-facing initiatives could become relevant as well.
To provide perfect digital experiences to customers and employees alike, Telenet needs to be at the forefront of digital transformation and evolve to meet changing employee and customer requirements. Thanks to Okta, the company’s large on-premises footprint isn’t in the way of digital innovation, and lengthy updates are a thing of the past.
“Being able to bring cloud agility to our hybrid stack and on-prem apps is a huge motivator for us,” says Mark. “It allows us to evolve alongside Okta and leverage new cloud features quickly. Combined with end-to-end support from Upright Security, Okta will enable us to move even faster in the future.”
