HR Tech Startup Reduces Threat of Phishing with Beyond Identity
Get a demo
Secure by design
Built with a security-first mindset, our solutions ensure robust protection against evolving threats without compromising on performance or reliability.
Easy to use
Intuitive interfaces and seamless workflows empower users to navigate and operate effortlessly, enabling productivity without steep learning curves.
Simple to admin
Simplify administration with tools that streamline setup, management, and maintenance—saving time while enhancing control and visibility.
- 93% employee enrollment within three weeks
- 700 employees using phishing-resistant passwordless authentication
Company Overview
A growing startup in the HR software industry helping organizations with their performance needs with around 700 employees.
Challenge
The Senior Director of IT and Security for a San Francisco-based software startup was responsible for establishing a comprehensive security program for the company, to include risk assessment, SOC 2 certification, and external penetration tests, with a goal of reducing risk exposure.
The program would also have to be scalable. The company had successfully grown from 70 to 240 employees with only one dedicated IT person, then further expanded to 700 employees supported by a small IT staff. As the company continued to grow, it also experienced an increase in contractors using non-corporate devices and no way to prohibit employees from using personal devices.
If the company experienced a breach of their SaaS systems, a bad actor could potentially get into Salesforce, extract customer lists, send fake invoices and spam, insert malware, or cause other detrimental outcomes. A penetration test revealed a relatively low number of employees falling for phishing attempts, but “it only takes one,” the Director of IT said, to make for a very bad day. “We wanted to get to the root cause and take away passwords. If there’s no password, there’s nothing to be phished.”
Solution
The Director of IT is a strong believer in win/win solutions for both security and the user experience. Making security easy for the user is a key factor in reducing the attack surface and making the company less exploitable. He also wanted the ability to enforce device policies without using mobile device management (MDM), which employees often resist. After researching potential passwordless authentication solutions, he contacted Beyond Identity about Secure Workforce.
“We got to see the Beyond Identity solution and how it actually works in the first call, without a lot of sales BS,” said the Director of IT. “The passwordless authentication really is a win/win, and the ability to check device posture is key. We don’t want non-corporate devices logging in to Okta.”
The company scheduled a proof of concept. “We had a dedicated Slack channel for any questions, and they got answered very quickly,” the Director of IT said. “The POC was a very pleasant experience in a non-pushy way. It was a good fit for us.”
Results
“It’s been a game-changer for our employees and enabled us to disable the password manager in browsers,” the Director of IT said. “They go to Okta, and they get logged in—it’s just a very seamless experience.”
The company first rolled out Secure Workforce to a test group, who were “blown away” by the passwordless experience. “It’s been a game-changer for our employees and enabled us to disable the password manager in browsers,” the Director of IT said. “They go to Okta, and they get logged in—it’s just a very seamless experience.”
After the initial test group, the company pursued an aggressive rollout to the entire company, achieving 93 percent enrollment within three weeks. “Usually, people do something right away or don’t do it at all,” the Director of IT said. “We sent multiple reminders and then started locking down apps for people who weren’t enrolled. We knew it worked and just wanted to get the enrollment completed because we have limited resources.” Since the vast majority of employees loved the passwordless experience, there was little to no pushback.
The ability to check device posture also ensured the company could enforce rules, such as only allowing corporate devices to log in to Okta. And with the uptick in contractors without corporate devices, the IT department can create rules enforcing laptop encryption, antivirus installed, OS up to date, and other protocols depending on what resources they need to access. “We don’t want a contractor to work on a laptop that’s not encrypted, and there’s no excuse for not doing that anymore,” the Director of IT said.
The IT department operates on the assumption that a breach will eventually occur, but the goal is to mitigate the impact by reducing the blast radius to the smallest area possible. “Perimeter security is collapsing, if not dead,” the Director of IT said. “The endpoint is the new perimeter.” Beyond Identity Secure Workforce is a foundational tool for securing those endpoints.
Hear what our customers have to say
“I can see how many devices get blocked by certain policies… being able to see it in action has been valuable for us.”
.jpg)
.jpg)
“We used to get a lot of support calls, sometimes once a week, from drivers who couldn’t remember their passwords. But we’ve virtually eliminated those kinds of calls, which has reduced the burden a lot on our customer support.”
“Beyond Identity helps us guarantee that our US employees are accessing our data through company-issued devices and contractors are accessing our system through devices that are fully compliant with our requirements.”
.jpg)
It wasn’t necessarily a ‘passwordless’ thing - it was more of a security thing for us - but people really dig it. Because they don’t have to worry about passwords anymore!
.jpg)
.jpg)
