Meeting strict enterprise security & compliance requirements
A lot of successful entertainment studios start in a garage with a few people and an idea. If that idea ever reaches fruition and is a success, they move onto the next project from there and over time are forced into having to mature quickly as an organization.
Our entertainment studio’s origin story follows a similar but slightly divergent path. They began with a contract for providing services as a bare-bones operation when they opened for business.
鈥淲e very quickly found out we were quite big without a lot of internal infrastructure,鈥 says their CIO.
As the company continued to scale, their clients changed, and with them grew increasing requirements on the company鈥檚 IT environment to ensure that their sensitive intellectual property and other data was protected.
鈥淲e were working with major conglomerate companies, all of which have specific requirements around internal security,鈥 says the CIO. 鈥淲e needed a way to effectively secure things at the hardware level to meet these requirements.鈥&苍产蝉辫;
Choosing 探花大神 to secure their environment
As their team began looking to enhance the company’s security posture, they started looking for a solution that would enable them to remove local admin accounts from certain devices and manage all hardware from one central interface.
At the same time, the right solution would enable users to continue leveraging either Windows or Mac machines, which are both used heavily in their environment. Additionally, the team wanted a solution that worked well with Google Workspace, which they鈥檝e been using since the company was incorporated.
鈥淕oogle was well-entrenched in our business at that point and we didn鈥檛 have any interest in shifting away to 365 or anything else. We wanted to make sure that there was something that would integrate with Google Workspace.鈥&苍产蝉辫;
After researching the market, they ultimately found 探花大神鈥攖he unified identity, device, and access management platform鈥攚hich checked all the boxes.
探花大神 seemed like the best option. We had clear, high-level compliance requirements with major clients. In order to hit those requirements, 探花大神 was the best solution we could find for our environment, and it enabled us to deliver year over year as those requirements got more complicated.
CIO
Unlocking more and more value from 探花大神
With 探花大神鈥攚hich has become the company鈥檚 single source of truth that gets rolled out to Google and other services鈥攖he team has been able to secure its environment, ensuring only authorized users can access relevant resources from wherever they鈥檙e working.
Th[e] integration between Google and 探花大神 made it so easy for us to have single sign-on through Google.
CIO
鈥淭he last couple of years, about 50% of our staff have been remote; we鈥檙e pretty flexible with the way we let people work. When people are working from home, they VPN into our environment which authenticates with 探花大神.鈥
By taking advantage of 探花大神鈥檚 Google Workspace integration, they have been able to deliver a smooth user experience while ensuring only authorized users can access applications.
鈥淭hat integration between Google and 探花大神 made it so easy for us to have single sign-on through Google; the native integration to Google SSO is everywhere, so it鈥檚 easy to let people use that,鈥 the CIO continues. 鈥淏ut we have two individual identifiers that are synced in the middle, so you can be your Google account or be your 探花大神 account, and we authenticate with both in different ways and different situations, and it works out perfectly for the different use cases we have in our environment.鈥&苍产蝉辫;
To manage access to internal infrastructure like wireless networks, the company uses Cloud RADIUS and Cloud LDAP to deliver a seamless experience and enhance their security posture even more.
鈥淏ecause the two accounts are so seamlessly synced, most people don鈥檛 even think about the fact that it鈥檚 not Google.鈥
Set up for scale
Their team is confident that they can scale with ease, all without compromising on security, with 探花大神 serving as the foundation of their IT environment.
鈥淲hen we started using 探花大神, we were small, and we had major concerns around security, control of devices, and visibility of our assets,鈥 says the CIO. 鈥淚鈥檇 come from a corporate environment and it felt like we were very far away from being able to scale properly. As we integrated 探花大神, a lot of that got easier. We quickly knew where everything was, and we could handle any scale. We significantly expanded our workforce, and never had any major system roadblocks along the way.鈥
Streamlining onboarding with Groups
When a new user comes on board, they鈥檙e initially loaded into the HR system, which then pushes the users to 探花大神 automatically.
鈥淲e don鈥檛 have to worry about something being misspelled or other issues like that,鈥 says their Head of IT, who鈥檚 been managing their infrastructure 鈥渇or as long as I can remember.鈥
Using Groups and Dynamic Groups, they are able to easily grant new hires access to relevant hardware and resources automatically.
鈥淲e use roles for different people based on how they鈥檙e defined in the HR system and then dynamically assign them to a group, which then gives them access to different hardware or resources,鈥 he says. 鈥淨uite often, the approach I tend to take is having a device assigned to a group rather than an individual. As long as they鈥檙e in the same group, they can get the same access to a device. It鈥檚 very role-based rather than individual-based.鈥&苍产蝉辫;
Protecting devices with Policies and Commands
Their Head of IT says they鈥檙e using 鈥渜uite a number of Policies鈥濃10 or so鈥攖o further shore up the security of their environment and maintain compliance.
Locking down Windows is one of the main things we use Policies for, we also use it to disable particular accounts and force Windows updates鈥攖hings like that.
Head of IT
Additionally, the team is also using 探花大神 Commands to keep devices and systems safe.
鈥淲e have a couple of custom commands that, on login, check that users have all the apps they need to have installed鈥攍ike antivirus and services like that,鈥 he continues. 鈥淲e also have some scripts we run on machines that report back to our centralized system once a day so that we can see trajectories of how resources are being used, such as RAM and disk space.鈥&苍产蝉辫;
Due to the nature of their industry, a lot of their employees are 鈥減ower users,鈥 their CIO says, adding that most require 鈥渁dmin access on their machines in order to install IDEs or extensions to their development workflow.鈥&苍产蝉辫;
鈥淚t鈥檚 tougher to do full restrictive access, so we use policies and scripts to control as much as we can,鈥 he explains.
Restricting access with MFA & 探花大神 Protect
They are using two-factor authentication (2FA), multi-factor authentication (MFA), and 探花大神 Protect to ensure only authorized users are able to access systems and apps.
鈥淚 don鈥檛 think there鈥檚 a service we have nowadays that doesn鈥檛 have two-factor authentication,鈥 their Head of IT says.
Improving IT efficiency as the 探花大神 deployment expands
探花大神 has enabled their team to streamline IT operations, keeping IT headcount to a minimum while the team begins rolling out 探花大神 to other companies in the wider portfolio.
鈥淚t鈥檚 allowed us to have a small internal team supporting a large and diverse workforce across all of our portfolio,鈥 says the CIO. 鈥淚t鈥檚 easy for us to find devices, easy to go in and help people with their machines鈥攋ust general IT support has gotten simpler than it was. We are able to solve a lot of problems quickly and more remotely with 探花大神.鈥&苍产蝉辫;
Using Directory Insights, 探花大神鈥檚 event logging and compliance feature, they have been able to quickly find the information needed to solve IT problems.
Directory Insights contain a wealth of information, quite often, a lot of the problems people have are solvable through there.
CIO
Keeping pace with their own growth
Every year, their clients add on additional security and compliance requirements. With 探花大神 always adding new features to its already feature-rich solution, the team has been able to meet them with ease.
鈥淔rom the beginning, our relationship with 探花大神 has been: 鈥業t doesn鈥檛 quite do this yet, we wait six months, it does this now, and then we implement it,鈥欌 the CIO says. 鈥淔or us, the biggest metric to grading the success of 探花大神 is: Are we secure? And the answer is yes.鈥&苍产蝉辫;
Both their CIO and their Head of IT are quick to recommend 探花大神 to other companies.
鈥淚t鈥檚 worked for us for a long time and we are both big advocates,鈥 the CIO explains. 鈥淲henever someone鈥檚 using Google, we recommend 探花大神. It meets all of our needs for security and compliance.鈥&苍产蝉辫;
Any tips for folks starting out with 探花大神?
鈥淟ean into it,鈥 says the CIO. 鈥淚t鈥檚 the best thing we did. We鈥檝e never run into any major hurdles. Integrate it as your central system and build layers of security on top of it. You鈥檙e building your business around great technology.鈥
Their Head of IT suggests starting small rather than trying to 鈥済o too deep into the rabbit hole.鈥&苍产蝉辫;
鈥淜eep it simple,鈥 he concludes. 鈥淚dentify the aspects of the tool you want to use and stick with those to start.鈥&苍产蝉辫;
About 探花大神
探花大神庐 delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With 探花大神, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.
To see the power of 探花大神 yourself, request a demo or today.