NRC in the cloud with Okta
The Norwegian Refugee Council, NRC, engaged Cloudworks as its partner in connection with the foundation’s large-scale investment in cloud services. An outdated VPN platform has been replaced with Okta’s cloud-based and easy-to-use IDM service, that serves as a cloud integration solution for the organisation’s 6,000 users.
– Many of our employees work in crisis regions and depend on mobile and secure solutions. Okta’s IDM service, provided by Cloudworks, simplifies the everyday lives of our 6,000 employees and is the foundation of our cloud venture.
Mads Grand, ICT Manager
Delivering aid where needs are greatest
The Norwegian Refugee Council is an independent humanitarian organisation helping people forced to flee. NRC is a determined advocate for displaced people and promotes and defends their rights and dignity. NRC has 6,000 employees worldwide. Most staff are hired locally to work in the field, and a small number are based at the headquarters in Oslo.
Applications delivered as a service – Software as a Service – is the NRC’s preferred delivery method, not only because it provides financial flexibility and access to “best-of-breed” services, but also because it streamlines the everyday life of a busy IT department. Users get continuous and automatic access to the latest version without the need for IT. This saves time that can be used for the IT department’s actual core tasks.
Identity Management in the Cloud
The foundation of the NRC’s cloud strategy is Okta’s IDM service. It is used by employees as a Single Sign-On portal, meaning they do not have to log in to each application individually.
The IT department uses Okta to centralize user management and access control. Instead of individual access control for each cloud application, Okta provides centralized access management to ensure that users only get the access they need. Without this, it would be difficult to scale, which is why the NRC saw the introduction of the Okta IDM service as a prerequisite for delivering their cloud strategy.
The NRC has long seen that the password is inherently insecure. To be secure, passwords must be very complex and change frequently, but then the company is risking that employees reuse passwords on multiple services, which in turn increases vulnerability when the password is compromised.
More user-friendly and far more secure is multi-factor authentication (MFA). The NRC chose Okta’s two-factor solution because it is integrated with the login portal and offers user-friendly factors such as one-time password generated on mobile or sent by SMS.