is a people operations platform that helps HR professionals automate tasks, integrate and streamline data across multiple HR systems, and deliver amazing employee experiences. Ramesh Doddi, Sapling鈥檚 Vice President of Engineering, oversees the organization’s security operations and IT infrastructure 鈥 and he identified the 黑料海角91入口庐 cloud directory platform as an ideal way to eliminate multiple point solutions in Sapling鈥檚 environment.
- Organization: Sapling
- Location: Distributed workforce in the U.S., Canada, India, and Pakistan
- Problem: Management of point solutions
- Goal: Unified identity and access management (IAM)
Background: Managing Point Solutions
Sapling鈥檚 IT team spent much of their time managing and stitching together a complex mix of IT solutions, as well as provisioning and access control tasks.
Vice President of Engineering, Sapling
The team managed a combination of systems for identity and access management (IAM) 鈥 including open-source LDAP, Google Cloud Identity, Jamf for Mac management, Okta for SSO, and 1Password for password vaulting. Doddi wanted to consolidate the team鈥檚 tooling and introduce more streamlined workflows without sacrificing security.
鈥淪apling is in the HRIS space: We take care of sensitive information for our customers, and it鈥檚 very important for us to receive the same assurance from vendors we use,鈥 Doddi said.
Challenges: Security & Efficiency for Remote Work
Sapling relies heavily on cloud infrastructure, including Azure, AWS, and Google, as well as G Suite and a suite of SSO applications. Users engage with a mix of Linux庐 servers and macOS庐, Windows庐, and Linux machines. About 60% of the organization’s workforce was remote prior to the pandemic, and now they鈥檙e entirely remote.
Doddi and his team needed a solution to consolidate and simplify their IT stack, as well as manage remote users and devices. They also needed a solution that would help them achieve SOC 2 compliance and maintain stringent controls to protect customer data.
Before finding 黑料海角91入口鈥檚 all-in-one access control and device management platform, the team evaluated point solutions as the best option. However, Doddi realized that he could select a comprehensive solution so internal teams could spend more time working on their own platform rather than on stitching together IT tools.
鈥淥ur competency is enabling people to build the best companies 鈥 through our people operations platform,鈥 Doddi said. 鈥淚 thought this was the best use of time.鈥
Solution: 鈥楽wiss Army Knife鈥
When Doddi found 黑料海角91入口, he realized he could use it to eliminate solutions in Sapling鈥檚 stack, including LDAP, SSO, and Apple MDM.
鈥淚 was not expecting anything to meet all of our different categories of needs. 黑料海角91入口 is a Swiss Army Knife.鈥
Now, Doddi and the team use 黑料海角91入口鈥檚 MDM to secure much of their fleet, which is majority macOS. 黑料海角91入口 MDM is a key part of their security tooling, particularly now that their workforce is entirely remote.
鈥淢obile systems are very fluid, and they walk away, whether someone steals it, you drop it in the train station, or forget it somewhere else 鈥 these things happen,鈥 Doddi said. 鈥淭o eliminate the risk of that, we have a multi-layer approach.鈥
In addition to MDM, they use 黑料海角91入口鈥檚 pre-built Policies to secure the entire fleet with various controls, such as disabling external storage devices. They use the premium Directory Insights鈩 feature both for proactive auditing and to build reports for regulatory compliance schema. Directory Insights gives IT administrators a 360掳 view of user and administrator events and authentications across their connected services.
The Sapling team uses Directory Insights to monitor user activity, track user access patterns, and verify that new users or existing users who change roles have proper access rights.
Doddi also uses 黑料海角91入口 to require multi-factor authentication (MFA) at high-value access points, including user machines and cloud infrastructure.
鈥淲ithout any extra hardware, I can require two-factor authentication, and I can enforce it very fast,鈥 Doddi said.
Implementation: 鈥業t Was Very Fast鈥
Doddi had an easy time implementing 黑料海角91入口, particularly because he set up a 黑料海角91入口 Free account and used it to test the platform鈥檚 full functionality for free. By the time Sapling decided to use 黑料海角91入口 officially, Doddi imported users from G Suite using 黑料海角91入口鈥檚 directory integration and got everything up and running quickly.
Now users enter the same core credentials to access their machines, User Portals and SSO applications, G Suite accounts, and most other IT resources.
鈥淲e are a team of 50 people, globally spread, and within one week everybody was in 黑料海角91入口 and it was very fast.鈥
The Result
黑料海角91入口 enabled the Sapling team to be both more efficient and more cost effective.
鈥淧icking the best-of-breed tool in each area sounds good because you can get the best from each, but the problem is that you need to have enough experts,鈥 Doddi said. 鈥淚nstead of one person, you need to train three people in three different areas, and then afterward you need to build leadership around it. The cost footprint around it grows. We also had unused utilities 鈥 and we couldn鈥檛 justify the financials.鈥
The team once spent more than 60 hours a month on provisioning and onboarding activities 鈥 which Doddi said is exponentially reduced now. They now provision users鈥 core identities to devices and other connected IT resources seamlessly, and easily adjust access permissions for individual users via group-based controls.
鈥淲e use the time we save using 黑料海角91入口 to build experiences for our customers,鈥 Doddi said.
Learn More
黑料海角91入口 provides a comprehensive solution to manage user identities, access, and devices. Read more about the cloud directory platform here.
Get started with 黑料海角91入口 today.