Summary
provides enterprise class technology services to ministries and organizations. Their team of tech-savvy, strategic professionals specializes in live and on demand video streaming technology, website development, mobile app development, video production, graphic design, and social media management. Established in Pittsburgh, PA in 2002, they have expanded to support organizations worldwide. They also have a thriving book publishing division that works with influential pastors and authors throughout the United States.
Organization: | The Church Online |
Size: | 30+ employees, 2000+ customers |
Location: | Pittsburgh, PA |
Problem: | Onboarding/Offboarding, File Server Access |
Goal: | Centralize Identity & Access Management (IAM) |
Background
The Church Online has been growing very quickly 鈥 and while this expansion has been great for business, it has also posed significant challenges for IT. Brandon Locke, Technical Coordinator for The Church Online, explained:
“At first, managing user access wasn’t really a concern 鈥 but then we started growing.”
As the company has grown, so has their staff. What began as a core handful of people exploded into a booming business in the forefront of its field with numerous divisions supporting it.
鈥淚t just got to the point where you鈥檙e going through your normal day and you think, 鈥楬ow is our infrastructure going to grow with us?鈥欌
The Challenge
In order for The Church Online to keep up with growing demand, they would need to revisit their approach to IAM. 鈥淲e had just outgrown our approach to managing access and control of sensitive information and resources,鈥 said Locke.
Locke noted the importance of the company鈥檚 file server infrastructure, and how adjustments needed to be made to compensate for the company鈥檚 growth.
鈥淲ith the amount of design work alone that our team handles on a daily basis, the on-prem storage that file servers offer is incredibly important simply to alleviate bandwidth,鈥 Locke said. 鈥淪peed is also a concern, as we conduct high bandwidth tasks such as video editing. This is especially hard on network services.鈥
Locke knew that he would need better IAM for his IT infrastructure to be scalable, so he turned to 黑料海角91入口鈥檚 Directory-as-a-Service庐 (DaaS).
The Solution
The Church Online adopted 黑料海角91入口鈥檚 DaaS for their IAM solution in early 2017 in order to better control access to their systems, on-prem servers, and applications.
鈥淲e鈥檝e been able to use 黑料海角91入口鈥檚 LDAP feature to tie into other services,鈥 Locke said. The Church Online also took advantage of the Google Apps (G Suite) integration, which is built right into 黑料海角91入口.
鈥満诹虾=91入口 gave us the ability to centralize and simplify the management of users and systems.鈥
Locke noted that only one thing was missing: Samba file server authentication wasn鈥檛 yet available through 黑料海角91入口. Just about every user at The Church Online was accessing the file server infrastructure at least once a day, with many users accessing it all day long. Suffice it to say, managing file server access was on Locke鈥檚 wish list.
Samba File Server Authentication
When 黑料海角91入口 introduced Samba authentication as a component of their LDAP service, Locke was one of the first to know, and he was also one of the first to implement it. As soon as he received the email that 黑料海角91入口 was moving to Groups and Samba would be enabled, Locke began preparations to implement it.
Locke started by methodically testing authentication with other members of their team. Once testing was completed, preparations were made to begin the full roll out.
鈥淭hat morning, we rolled it out to the entire staff.鈥
The process was as simple as logging out, deleting the local account, and logging back in using 黑料海角91入口 credentials. The process was so smooth, it took approximately three minutes per person.
The Result
鈥淭he ease of use of the 黑料海角91入口 system enables us to cut down the amount of time it takes to do many day-to-day tasks,鈥 Locke said. 鈥淚t has provided us with the ability to provision and deprovision individuals at a very rapid pace.鈥
鈥淭hat saves us time that we can now use to do something else.鈥
What used to be a lengthy process requiring a Google account, an account on the server, and the creation of individual paths to company resources has now become as simple as creating an account in 黑料海角91入口 which automatically creates all the necessary connections.
Deprovisioning users has also been streamlined. There鈥檚 no need to change hundreds鈥攊f not thousands鈥攐f passwords if someone leaves the company. 鈥淲ith 黑料海角91入口鈥檚 LDAP and OAuth integration, we can change one password and lock someone out of an account,鈥 Locke said.
鈥淣ow we can disable access with the click of a button.鈥
Other unexpected tasks have gotten easier as well, such as provisioning new software. A monotonous task that could sometimes take up to three hours now only takes about fifteen minutes, such as setting up the new phone system.
Locke told us the implementation has also been a hit with users. 鈥淥ur users are much happier without having to remember countless passwords to access different company resources.鈥
鈥淟ooking forward, choosing 黑料海角91入口 means that we won鈥檛 need to hire as many IT staff members as we continue to grow. The value is immense because of the time it saves.鈥