Our client, a major player in North American cross-border trade, has service locations at major gateways along the Canada-U.S. border, in addition to trusted logistics partners around the world. They help ensure on-time and cost-effective distribution of their customers’ goods and offer services to importers and exporters across the continent. They use real-time and innovative technology tools, web portals and service specialists to provide a wide variety of time-sensitive and logistically complex services. They facilitate global trade through Canada/U.S. customs brokerage, non-resident importer customs brokerage, international air and ocean shipping and logistics and LTL cross-border shipping and logistics.
The Initial Challenge
DRS was approached to implement a comprehensive Identity and Access Management (IAM)/ Okta™ solution that could accommodate many third party and custom automated mail tools. The impacts of integrating Office 365 with Okta™ and switching the domain from managed authentication to federation were unknown. Several of these tools lacked official Okta™ documentation detailing how they would function after the changeover, and the client was worried there would be serious disruption to daily operations. The client also sought to empower its in-house IT staff with expert training on administering the soon-to-be implemented IAM solution, to keep business systems running smoothly 24/7 afterwards.
Why DRS Was Selected
DRS was selected because of its flexibility and willingness to accommodate the existing systems that served a critical role in the clients’ day-to-day operations. DRS could install the clients’ tools in a lab environment and accurately detail the process and down time associated with the switch from legacy authentication (username and password) to single sign-on (SSO). DRS offered 100% clarity regarding the changeover to migrate authentication schemes while minimizing business impacts. Additionally, DRS’ Okta™ Level 3 certification made them ideal candidates to train the client’s in-house IT staff and ensure a smooth transition post-mortem.
What Was Implemented
Although Office 365 is a well-known integration, the client leveraged a plethora of automated mail systems via scripts and third-party tools. Whether these tools/scripts would support an updated authentication scheme was a big question mark, as most of them relied on legacy protocols.
DRS worked painstakingly to set up a small-scale clone of the clients’ IT landscape to reproduce daily operations through scripted events. DRS then performed the Okta™ integration and analyzed all functionalities and impacts, identifying some abstractions in the way some scripts were behaving after the SSO changeover. As a result, DRS orchestrated extensive troubleshooting to synchronize the client’s tools with SSO and developed a comprehensive report on the timelines associated with the integrations.
Most application integrations were straightforward once DRS laid the foundations and configured the client’s Okta™ tenant to match security best practices. However, enabling SSO for their VPN was a hot-button issue, as the client sough to implement extremely specific configurations. Remote access was critical to their operations due to the nature of their business and DRS minimized stoppage and delivered a seamless integration.
The client’s IT staff was involved from the onset. Training was scheduled at the end, but rather than take a hands-off, behind-the-scenes approach during implementation, DRS involved the IT team in everything from tenant configuration to specific application integrations. By the time the project had concluded, they had a deep knowledge of how the system functioned from front to back. Most integrations were done in a series of piloted sessions in which configuration changes were executed and explained.
DRS still maintains a close relationship with the client and serves as a trusted advisor when it comes to all Okta™-related questions. When the needs arise, DRS offers guidance related to the integration of new enterprise applications and checks in from time-to-time to make sure that operations are running smoothly.