Like many other mid-large SaaS companies; our client was looking for identity and access management solutions. Given their interest in offering elevated GTM strategies for prospects with stringent compliance requirements (HIPAA, FEDRAMP, etc.) but inefficient systems for access control, we knew there was a need to implement a modern solution.
The Challenge: Provisioning and reviewing access was highly manual, time-intensive, and error-prone. In the past, the IT team spent way too long reviewing and triaging access requests. Not only was this a drain on IT resources, but it also led to long wait times for employees. In addition, access reviews used to be managed via python scripts. While this process got the job done, it was brittle and unscalable. The Solution: Provided by Opal and Implemented by CloudWerx CloudWerx was contracted, initially, to evaluate tools in this space. Given that the client already utilizes Okta, a vendor that could integrate seamlessly was essential. CloudWerx completed a comprehensive proof-of-concept review of several Identity Governance vendor solutions and ultimately proposed Opal as the primary IGA integration combined with Okta and other complementing vendor products existing in the client’s ecosystem.
Featured Vendor: Opal Opal – Opal is the access management platform for modern, cloud-native businesses - unifying identity governance and privileged access management. The platform enables enterprises to implement least privilege at scale while improving productivity. Opal is backed by Greylock Partners and some of the top security experts around the world.
Once the procurement decision for Opal was in place, CloudWerx was able to accelerate the onboarding by designing the process. Our team interviewed each of the client’s stakeholders to populate a CloudWerx-designed schema – ultimately building a unified data loader that included the business logic around governance needed for maximum efficiency. We then used this to write automations that would integrate with the client’s Identity Governance workflows and took this through production at scale. This had a huge impact since the client has a vast and complex environment. The Result: With Opal implemented, the client’s employees now have one central location to browse and make requests from a self-service catalog. Admins can use Opal's rich APIs and Terraform provider to programmatically implement approval and security workflows based on the sensitivity of the permission. Using Opal’s access reviews, system owners can own their access reviews with a superb user experience – improving the speed and quality of audits. The client has ambitious goals with Opal. They are looking to reduce access related to IT support by 50% and reduce the time to complete quarterly UARs by 90%. The introduction of time-bounded access for sensitive data has assisted the client in achieving their FEDRAMP certification. Additionally, it will aid their go-to-market strategy for other prospects with demanding compliance requirements.