Early Learning Coalition

ELC leverages Idaptive for Single Sign-on, Multi-factor Authentication and Enterprise Mobility Management 

Early Learning Coalition (ELC) of Palm Beach County Florida strives to ensure that families in the community have access to high quality, affordable early learning programs and services. ELC is a non-profit, funded through state and federal programs and through a partnership with the Children’s Services Council. 

THE CHALLENGE

Build out a cloud infrastructure to support rapid company growth. Ease the transition to the cloud with single sign-on to Office 365 and other apps. Include two-factor authentication for stronger security. Protect and manage company smartphones with EMM. 

Nearing the end of a contract that outsourced the community services ELC supervised, the company decided to bring the services in house and offer them directly to the public. It was a large undertaking that would require nearly 100 new employees and the opening of new satellite offices. Success would depend on an environment that could support the company’s 300% growth projections. 

“We didn’t have the infrastructure or services necessary to handle the anticipated increase in employees,” says Luis Mena, Director of IT at Early Learning Coalition. “So we were under a tight deadline to roll out an entirely new infrastructure.” 

Mena decided to leverage the cloud to the greatest degree possible. “We considered building out our own on-premises infrastructure, but that approach would have required initial hardware costs in the hundreds of thousands of dollars and significantly more time and IT resources than we had available,” he says. “The ease and speed of building out a cloud-based environment made it a better choice. But we needed a strong solution that would help us in the transition.” 

ELC began looking for a solution that would provide authentication and single sign-on for the cloud services they were evaluating. Security would be a top consideration in any solution, as well as compliance with state and local government regulations similar to HIPAA. Strong, two-factor authentication for remote users would also be required. And if they could locate a complementary solution to securely manage their mobile devices, it would be ideal. 

THE SOLUTION

ELC evaluated several SSO and EMM providers and found the Idaptive solution met their needs across both areas, and also delivered multi-factor authentication for remote users. Idaptive was selected as a three-products-in-one solution. 

ELC evaluated three different authentication providers and selected Idaptive for its more secure technology. “We didn’t like the fact that other solutions cached Active Directory credentials in the cloud,” he says. “With Idaptive, none of our data is replicated, so no credentials could be compromised if there were an intrusion. That was a key differentiator between the services.” 

Another important component was Idaptive’s Enterprise Mobility Management (EMM) features. “We selected Samsung as our smartphone provider precisely because of the pre-existing integration between Samsung Knox and Idaptive and the capacity to build security policies into our devices,” says Mena. 

ELC wanted to leverage Idaptive’s ability to provision company-owned mobile devices and to apply corporate policies to enforce device encryption and password guidelines. The company realized they could create a separate set of policies for user-owned devices managed through Idaptive as well.

ELC was also looking to further boost security with Idaptive’s multi-factor authentication. “Our sites are all trusted sites but when a user is logging in remotely or from home, they can go through the Idaptive authentication window to access any of the services they need.” 

Due to a lack of internal IT resources and minimal experience in rolling out identity management technologies, ELC used Idaptive’s professional services for the implementation. “Idaptive professional services helped us work through several service provider shortcomings. They were able to integrate Office 365 without any assistance whatsoever from Microsoft,” says Mena. “And they helped us with services like DocuSign, Lynda.com, and EasyAppointments as well.” 

THE RESULTS

Simplified device provisioning and management. Increased security through two-factor authentication. More rapid user onboarding and off-boarding. Easy user access to critical applications whether on-site or in the field. 

Today, every time an ELC employee logs into their system, they get automatic access to email, Box.com and a number of other corporate applications. Because authentication through Idaptive is seamless, users don’t even know it’s happening. IT can now easily set up new users in any location. “We have new users starting every day and I set them up remotely with one password that allows them into their computer and virtually all the services they need,” says Mena. ”And when employees leave it’s as simple as disabling one account and all their services are disabled with it. It simplifies onboarding and offboarding and saves time and money. And now, weeks go by without us having to reset a single password or unlock an account.” 

The state of Florida requires that organizations keep the Social Security numbers of parents and children on file, as well as W-4 forms and other documents that need to remain secure at all times. “Every year, we’re subjected to state audits, so we look for HIPAA compliant services like Idaptive, because that usually means they will be compliant with our guidelines as well.” 

In a boost to security, now when users log in from home they use Idaptive’s multi-factor authentication. And all users’ mobile devices have been outfitted with EMM through the company’s integration with Samsung Knox, so the company can rest assured that devices are secure at all times. 

“The fact that your single sign-on provider can also be your mobile device management provider and your multi-factor authentication provider is definitely a positive. In modern IT, you have to cover a lot of bases with a lot of overlap, and dealing with one vendor rather than two or three is optimal.”