Orum case study
Verifying Users and Devices Without Slowing Down Users
Orum protected remote employees with Beyond Identity’s frictionless, device-bound authentication. No passwords, no unprotected unmanaged devices, no risky logins.

Eliminate identity-based attacks
Enforced compliance requirements, denied access for jailbroken devices, ensured identity verification, and utilized geo-fencing and 30+ policies.
Full access visibility and security assurance for every device on any operating system, without user privacy complaints.
Reduced friction in user authentication, making it seamless for users to access applications.
Challenge
As Orum grew, the VP of Security and Compliance, Rolland Miller, faced the difficult task of implementing robust security measures for a fully distributed workforce, while minimizing friction for employees.
"We were creating a lot of friction as I was deploying new security processes," explains Miller. "As I started implementing controls around ISO and SOC compliance, I had to deploy things around that, like mobile device management, new password policies, and password vaulting.”
This created significant friction and workflow disruptions for employees:
- Constant authentication requests when switching between applications
- Cumbersome multi-step logins, requiring phone checks and verification codes
- Device and access sprawl across various platforms and locations made control difficult
- Limited geographic control, as remote employees worked from anywhere without visibility or restrictions in place
"Every minute they're having to check their phones, they have to enter in the key as they switch contexts from, say, Salesforce to another application. They're always constantly logging in and logging out with their applications."
Solution
After discovering Beyond Identity at RSA, Miller selected it as the best passwordless, phishing-resistant authentication solution for securing a diverse device environment.
“I had a whole variety of endpoints, Macs, Windows, iPhone, Android, that needed a common technology across all platforms. Beyond Identity’s passkey technology really worked well.”
Beyond Identity’s solution provided:
- Universal Passwordless Authentication across all OS types
- Device Security Checks at login to verify antivirus, root status, and compliance
- Geofencing Policies to control access per user by location
- BYOD Controls for mobile devices, blocking jailbroken or non-compliant phones
“When accessing corporate data, I want to be sure it’s not just the right person, but the right device. Everybody has an iPhone or an Android, and I can apply security controls to those to verify that the devices aren't rooted or jailbroken. If they are, my policy blocks them from being able to access data from that device. I can sleep at night knowing the devices my users are accessing through are safe”
Miller also appreciated the flexibility to test policies before enforcement:
“I didn’t have to turn these things hard on or off. I could set policies to monitor first, then refine.”
Results
Implementing Beyond Identity helped Orum eliminate friction for his employees while ensuring only trusted users and devices get access.
“The key benefit is assurance, knowing it’s my user on a trusted, safe device.”
Frictionless Logins
Employees noticed the difference.
“A new Customer Success Manager saw how her peers were logging in instantly without 2FA prompts. She came to me like, ‘How do I get that?’ And I said, 'It's actually really easy, the email is already in your inbox. You just have to go through the final setup steps to get that passkey.'"
Blocked Risky Devices
Beyond Identity denies access if a device is compromised, even on unmanaged devices. Typical endpoint solutions can’t be deployed on mobile devices, but Beyond Identity's light-weight authenticator provides visibility without privacy concerns.
“An hour ago, my device might have been fine. But all of a sudden, my phone gets hacked in some way, they jailbreak it. And then the next time I log in Beyond Identity goes, 'Hey, this device has been jailbroken... I'm gonna deny access.'"
Full Access Visibility
Centralized logs for all login attempts and devices.
“I can see where users log in from, and even trace phishing attempts back to a specific location and IP address. For instance, I saw an unsuccessful login where somebody tried to register a device in Pakistan and it failed. I went to look at it, and it was an unknown device.”
No More Password Reset Headaches
Less time on password resets means more time for productivity.
"I really don't have issues around password resets. If somebody's resetting a password, they probably did something terribly wrong. From a help desk standpoint, there are very few requests around password resets at all."
Key Benefits to Orum
At Orum, Beyond Identity shifted the focus from patchwork technology and remediation to a unified prevention solution that eliminates unauthorized access outright, stopping risky logins before they ever happen. By verifying the user and the device continuously, the VP of Security and Compliance knows they’re protected.
“Rather than trying to capture and react to incidents after the fact, it'd be better to have a tool in place that allows me to block those kinds of attacks and have an anti-phishing style identity solution in place before the attack can happen. It's hard to be 24/7 so the more I can do to prevent people from getting into trouble, the better.”