A platform that centrally manages identities is essential for future growth

When the listing of Goodpatch came into view, Mr. Yusuke Endo, who is in charge of information systems in the administration department, secretly felt a sense of crisis. After 150 members, managing identities and applications started to get complicated.

In addition to full-time employees, the company has members with various employment forms and work styles, such as outsourcing members, interns, full-remote members, and sideline members, and also has bases in Europe. Therefore, in order to restrict information according to attributes, Google's containers are divided into three types: for domestic employees, for full remote members, and for external users. The challenge was not being able to manage members in one place. As a result, it seems that there were cases where the accounts of retirees and contract terminations remained without being deleted.

In addition, we use multiple applications such as Microsoft 365, Salesforce, and Notion in our daily work, but the management of them was siloed for each application. For this reason, it is said that it was not possible to keep track of who was using what, and there were times when things that no one used were left as they were.

In addition, because "who should be assigned what" was not organized, "assignment omissions" often occurred in which the necessary members were not assigned to the necessary applications. Even when introducing a new application, it took time to create a sign-up procedure manual on the information system side, troubleshoot, and sign-up work on the member side.

Logging into various applications was also a huge hassle for members. In order to make this process a little easier, we had introduced a password management tool, but as the number of people increased, some members began to be unable to use it. Above all, as the company became a public company and its social responsibility increased, Mr. Endo began to feel uneasy about managing information on the cloud using only passwords.

Against this background, Mr. Endo came to the conclusion that it was necessary to introduce a platform that centrally manages all accounts and applications. However, due to the nature of a design company, he wanted to leave an environment where members could freely try out various applications. Our aim was to create a flexible environment in which various applications could be seamlessly connected, and where changes could be made immediately.

Flexibility, stability, and scalability that only Okta can provide

Around July 2020, immediately after the listing, Goodpatch began considering an identity management platform to introduce. At that time, three companies' services were nominated, and Okta was selected as a result. Mr. Endo talks about the reason as follows.

“By being able to flexibly design dynamic groups, identity management was greatly facilitated. It was also important that it was running stably, and that anyone could set it up because the procedure manual was automatically created. was".

Nonetheless, it seems that the management said, "Why Okta when there are other Japanese services?" Looking back, Mr. Endo said, "If we don't create a foundation that can handle future business scale now, it will be bad. We concluded that Okta was the only way to do that."

“After the public offering, M&A will become possible, and there is a possibility that the number of people will increase at once. We have Attribute members, but when we think about making it easier to assign people to various applications when we have more people, I thought it would be difficult without Okta.”

Selecting Macnica as a partner to support business growth

In fact, Mr. Endo had almost no knowledge of identity management platforms until he introduced Okta. In a situation where there was no one in the company with insight, I was looking for a partner who would accompany me and provide meticulous support.

While researching primary and secondary distributors that handle Okta, Endo caught Macnica 's attention. He had previously contacted the company for a different matter and felt that he could trust the company's response. Mr. Endo then talked with the sales person and said, ``I thought it would be the best fit for our phase.''

“Goodpatch is currently in the phase of transitioning from a venture to an adult company, and the introduction of Okta is an important measure to prepare that foundation.After talking with Macnica, we hope that we will be able to accompany Goodpatch through this phase and help Goodpatch grow.” I am confident that they are a committed partner."

After actually proceeding with the introduction, Mr. Endo says that he is "very satisfied" with the support. “Especially, I felt a strong commitment from the fact that there were various plans, and that they organized the necessary items based on our company's needs and outlook and supported the introduction design.”

Another thing that Mr. Endo appreciates is Macnica 's wealth of knowledge. ``I can see that the sales staff has a thorough understanding of the product, and that their knowledge is not just an afterthought.It's also helpful because when I ask a question, I get an answer right away.The other day, I requested a technical investigation. I felt very reassured because they were able to accurately reproduce and verify the results. Even now, if there is something I don't understand, I immediately ask Macnica."

Reduce security risks and streamline processes with centralized management

In September 2020, Goodpatch introduced three products: Universal Directory, Single Sign-On, and Adaptive MFA (adaptive multi-factor authentication). Like a design company with a deep rooted prototyping culture, they proceeded with the integration of applications one by one while observing the situation. And just two months after the start of consideration, full-scale deployment was achieved without any problems.

One of the major benefits after the introduction is that it is now possible to centrally manage identities that were previously distributed. In particular, with the introduction of the Universal Directory, members previously managed in three containers can now be managed in one place. In addition to assigning outsourced members for each project, the company also has various internship periods and times, so the human resources are very fluid. With Okta, we were able to quickly suspend the accounts of retirees and contracted employees, greatly reducing the risk of information leaks.

Mr. Endo especially appreciates the ease of use of dynamic groups with Universal Directory. By creating groups according to attributes and requests, such as employment status and location, and establishing a mechanism for automating application assignments, we were able to eliminate human errors and significantly reduce assignment omissions. Even if the same application is billed separately on the European side and the Tokyo side, it seems that it has become easier to manage by dividing the dynamic group.

It also greatly reduces the time it takes to introduce new applications. In the past, when introducing a new application, the information system took about an hour to create a procedure manual and deal with troubles related to signup. However, if you integrate with Okta's Single Sign-On, newly introduced applications are automatically added to the dashboard, so the work time on the information system side is practically zero. On the user side, by eliminating the sign-up required for each application, the process that used to take 5 minutes has been reduced to 30 seconds.

“With all members working remotely due to the corona crisis, it is difficult to follow up on the introduction of new applications online. Okta’s Single Sign-On has made communication much smoother. says Endo.

In addition, Adaptive MFA enables logins that assess risk factors such as the context of the user's network and location before providing access. Users can log in using passwordless authentication in their usual low-risk environment, and by entering their password only when logging in in an environment different from their usual environment, the effort of entering a password on the user side has been greatly reduced. “From a user experience point of view, we were looking for a convenient method. With Okta's Adaptive MFA, we can change the authentication requirements according to the level of trust in the environment, which greatly reduces the risk of unauthorized access.”

Further use of Okta to improve trust in design