Introduction
Explore how Applied Systems, represented by its CIO and CISO Tanner Randolph, tackles the formidable challenges of the insurance industry, focusing on the critical role of identity and security within their organization. Detailed in their strategic adoption of Okta as a key solution, Randolph underscores Okta’s role as their customer identity platform, crucial for meeting rigorous security and scalability demands.
Additionally, Randolph highlights Nagomi Security’s proactive approach in optimizing existing security investments before buying more point solutions. The seamless integration of Okta and Nagomi Security not only enhances operational efficiency, but also bolsters security risk management and regulatory compliance. Randolph advocates Okta as the go-to choice for a modern identity platform and recommends Nagomi Security for cybersecurity executives looking to optimize the tools they already have.
Tanner Randolph
CIO & CISO, Applied Systems
The Challenge
We serve a diverse range of customers in the insurance sector, from the world’s largest carriers facing significant regulatory and security challenges to small, local brokers. This diversity poses unique challenges in delivering a robust security program and platform that meets everyone’s needs—from two-person shops in Kansas to large multinationals.
With a background in identity management, I’ve been deeply immersed in systems like Novell and Active Directory. Identity remains the cornerstone of security, often targeted by threat actors. We prioritize our identity structure, automation, group management, and role assignments across all applications and access points within Applied Systems. Identity management is pivotal—it’s among the most critical systems we manage, crucial for our operations at Applied Systems and in my career across various organizations.
We needed a solution that could not only enhance our security but also align with our commitment to customer trust and regulatory compliance.
What Did NOT Work in the Past?
We previously developed a custom solution for handling a hundred million transactions, but we’re transitioning to using Auth0 from Okta to scale our SaaS platforms effectively. This move aims to consolidate our 40+ customer solutions under a unified customer identity platform. On the corporate side, and despite being an E5 Microsoft customer with advanced features, including conditional access and InTune P2, adopting Okta company-wide for our employees proved simpler and more beneficial internally. While evaluating Ping and Duo, Okta’s platform and its comprehensive approach align best with our needs and strategic investments.
Why Okta?
Auth0 from Okta serves as our comprehensive customer identity platform and Okta serves as our primary IDP and, increasingly, our primary identity platform. We prioritize platform solutions over point solutions and invested in Okta to meet this dual mandate efficiently.
Central to our corporate identity strategy was ensuring robust conditional access rules and a risk-based approach to access management—from user locations to daily activities. Our investment in Okta’s identity governance automation platform streamlined our employee onboarding process, enhancing our day zero experience without unnecessary reinvention.
Implementing this solution also helps us scale, especially in customer identity management, and supports our internal transition away from Active Directory—a major initiative given our two-decade history with the directory. This shift will significantly streamline operations for our engineering team, allowing them to focus more on innovation and less on maintaining infrastructure.
Why Nagomi Security?
The engagement ignited during a productive ideation session with Emanuel, Nagomi’s CEO. Before Nagomi, he grappled with managing numerous platforms and thousands of configurations that frequently changed, challenging engineers to derive continuous value. That’s my favorite part about Nagomi. It enables proactive management without waiting for alerts, ensuring optimal return on our technology investments, especially with high-cost solutions like EDRs. It allows quick validation of potential issues with existing tools, reducing reliance on additional point solutions. This shift from point solutions to integrated platforms like Nagomi helps optimize our toolset, avoiding redundant investments and enhancing operational efficiency across the industry.
Using the MITRE framework also used to take weeks to confidently assess threats and configure our platforms. Now with Nagomi, we save significant time by quickly pulling and analyzing data to ensure our protection is robust and not speculative. This approach enables us to prioritize risks based on real data and informed decisions, avoiding unnecessary disruptions to our engineering operations. It also facilitates productive discussions with our board, demonstrating why certain security measures are prioritized or deferred based on their impact on performance and overall security posture.
Why Okta and Nagomi Security Together?
As early adopters of Okta, our partnership spans multiple years, during which we’ve collaborated closely to enhance user experience and integrate key platforms. This familiarity allows us to swiftly mitigate risks by leveraging Okta’s platform-wide insights and making informed decisions that optimize our security investments and operational efficiency.
To complement, Nagomi Security provides a high-level view, ensuring consistent user configurations and identifying potential vulnerabilities across settings. Together I’m able to simplify oversight, verifying critical details like admin privileges for improved security posture.
If you want a modern identity platform that will scale with you, I would confidently endorse Okta. If you are an executive who wants to make sure that your team is not just turning things on and declaring victory, Nagomi Security is the platform for you.
Results
- Proactive Threat Management: We are now empowered to detect and mitigate threats in real-time. This proactive approach has been instrumental in safeguarding our users’ identities and maintaining operational resilience.
- Compliance Assurance: By aligning with industry regulations and best practices, we strengthened our compliance posture. This not only reassured our stakeholders but also positioned us as a leader in data protection.
- Operational Efficiency: The collaboration streamlined our security operations. This efficiency allowed our teams to focus more strategically on enhancing user experiences and driving innovation.
Conclusion
Through Okta and Nagomi Security, Applied Systems has achieved significant advancements in cybersecurity and operational efficiency within the insurance sector. By strategically integrating Okta’s robust identity platform and Nagomi Security’s proactive management tools, we have fortified our defenses and optimized our security investments.
Auth0 from Okta has proven indispensable as our comprehensive customer identity platform, facilitating seamless management of corporate and customer accounts while ensuring stringent security and scalability requirements are met. The strategic adoption of Okta has streamlined our identity governance processes and enhanced our employee onboarding experience, underscoring Okta’s role as a cornerstone of our security infrastructure.
Meanwhile, Nagomi Security has revolutionized our approach to threat management and platform optimization. Its proactive capabilities enable us to swiftly identify and address potential vulnerabilities, ensuring continuous protection against evolving threats without relying on reactive alerts. This shift from disparate point solutions to an integrated platform has not only enhanced our operational efficiency but also mitigated the risk of redundant tool investments.
Together, Okta and Nagomi Security have empowered us to navigate complex regulatory landscapes with confidence, providing clear visibility into our security posture and enabling proactive decision-making. This collaboration has not only safeguarded our data and operations but also positioned Applied Systems as a leader in cybersecurity and compliance within the insurance industry.
Moving forward, we are committed to further leveraging these tools to innovate and adapt to emerging security challenges, ensuring that Applied Systems remains at the forefront of cybersecurity excellence while delivering exceptional value to our customers and stakeholders.
About Applied Systems
Applied Systems is the leading global provider of cloud-based software that powers the business of insurance. Recognized as a pioneer in insurance automation and the innovation leader, Applied is the world’s largest provider of agency and brokerage management systems, serving customers throughout the United States, Canada, the Republic of Ireland, and the United Kingdom. By automating the insurance lifecycle, Applied’s people and products enable millions of people around the world to safeguard and protect what matters most. Learn more at appliedsystems.com
About Okta
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
About Nagomi Security
Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now. By mapping customers’ existing security tools to the threats that matter and providing prescriptive remediation plans, the Nagomi Proactive Defense Platform finally makes it possible to optimize, measure, and maximize the ROI of security investments. By taking a threat-centered, data-driven, and actionable approach to risk and cybersecurity, customers can provide high-level cybersecurity maturity metrics to executives while simultaneously showing security practitioners exactly what to do to reduce risk, fix misconfigurations, and make strategic decisions with business context. Learn more at nagomisecurity.com.