CA

SE

ST

UD

Y

Dell Software creates simple-to-use IT management softwarethat saves time and money across physical, virtual and cloudenvironments. The company’s innovative solutions helpsimplify the toughest IT challenges for customers worldwide. Toensure that employees and contractors can easily and securelyaccess the data and applications they need when they’re notin the office, Dell Software relies on One Identity CloudAccess Manager, a part of its One Identity products.

Supporting remote employees and contractorsDell Software’s IS department supports hundreds of users who are 100 percent remote—they don’t have a Dell office at all. And many more need remote access occasionally, either from home or while travelling, particularly to HR applications and internal library data. In addition, Dell Software

Key Facts

Company Dell

Industry Technology

Country United States

Employees 65,000 +

Website www.dellsoftware.com

Challenges

Dell Software needed to enable both employees who are travelling or working from home and contractors to access only appropriate data and applications—while eliminating the management overhead and security risks inherent in VPN.

Results

• Reduced security risks by limiting contractor access to a subset of data and applications

• Made remote access easier and more convenient, as well as more secure

• Extended single sign-on capabilities of the One Identity products to remote users

Products

One Identity Cloud Access Manager

Dell Software uses Cloud Access Manager to ensure that contractors and employees working from home or travelling can conveniently access the data and applications they need—while maintaining security

Dell Software ensures secure and convenient remote access for its users

Quest, and the Quest logo are trademarks of Quest Software Inc. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Quest disclaims any proprietary interest in the marks and names of others. Availability and terms of Quest Software, Solutions and Services vary by region. This case study is for informational purposes only. Quest makes no warranties – express or implied—in this case study.

employs a number of contractors who need to be able to access specific data and applications without having the broader access employees are granted.

The challenges of a VPN

Dell Software was using a virtual private network (VPN) to enable remote access for users, but found this approach had limitations. The first was complexity: getting VPN set up can be complicated, especially if the employee’s home computer is a Mac. VPN was also a challenge for travelling employees. “Hotels often block VPN, either accidentally or intentionally,” explained Wayne Smiley, senior IS project engineer at Dell Software. “So our employeeswere often forced to leave their hotel and find a local Starbucks to do their work, which was inconvenient for them, to say the least.”

Moreover, the security of VPN was a concern, in two ways. “First, connecting through VPN is like sitting at a desk at Dell,” said Smiley. “That’s great, but it’s also

problematic: if I VPN in from my home computer and my homecomputer is not controlled by Dell IS, it could have a virus or some sort of malware on it, and the next thing you know it’s now pushing that stuff into the Dell network. And on the flip side,if there’s a problem on the Dell network, my home computer may become infected with it. Neither of these is good.”

The second security concern applied primarily to contractors. “Dell Software Professional Services uses a lot of subcontractors,” Smiley explained.”They have to put their time into our Oracle system in order to get paid, so we had to give them VPN access. But once they get on the network, they have access to lots of things beyond what we want them to access, which introduces security risks.”

Finally, the solution Dell Software was using had important technical issues. “In particular,” noted Smiley, “it did not have adequate case sensitivity. For instance, if certain letters in a URL were capitalized in one entry but not

another, the product would not send the user to the correct page. And there was no workaround for this issue.”

Enabling easy—yet secure— access without adding infrastructure or complexity

To eliminate these issues and enable easy yet secure remote access for users, Dell Software implemented Cloud Access Manager. Cloud Access Managerprovides secure access to critical web resources while protecting systems from direct exposure. Authentication and authorization are based on Microsoft® Active Directory® (or any existing directory) and group membership.An integrated security solution, Cloud Access Manager enables organizations to provide employees, customers andpartners with secure, browser-based access to essential information without adding infrastructure or complexity.

Cloud Access Manager has delivered the secure and convenient remote access that

“Employees who are working from home or travelling can simply log in to Cloud Access

Manager, and from its landing page they can access the data and applications they are authorized to use.”

Wayne Smiley, senior IS project engineer, Dell Software

Quest, and the Quest logo are trademarks of Quest Software Inc. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Quest disclaims any proprietary interest in the marks and names of others. Availability and terms of Quest Software, Solutions and Services vary by region. This case study is for informational purposes only. Quest makes no warranties – express or implied—in this case study.

One Identity and the One Identity logo are trademarks of One Identity LLC. Other trademarks are property of their respective owners. Availability and terms of One Identity LLC, Solutions and Services vary by region. This case study is for informational purposes only. One Identity LLC makes no warranties – express or implied—in this case study. © 2015 One Identity LLC. All Rights Reserved.

Dell Software needs for both employees and contractors. “Employees who are working from home or travelling can simply log in to Cloud Access Manager, and from its landing page they can access the data and applications they are authorized to use,” explained Smiley. “It’s easy and secure—no more hiking from the hotel to Starbucks and no more transmission of viruses or malware,”

Cloud Access Manager simplifiesremote access by conveniently placing everything an employee or contractor needs on a single web page—eliminating the need to remember specific URLs orsearch through numerous bookmarks. Furthermore, the end user does not need to configure a VPN connection on their home computer.

“We are able to publish Oracle through Cloud Access Manager, so now contractors can log in to Cloud Access Manager and report their hours worked,” added Smiley. “They can access only thethings we want them to see and nothing else. That’s a huge security win for us.”

Easy, seamless integration with other solutions

Moreover, Cloud Access Manager is easy to maintain and use. “We use defined roles in Active Directory through another One Identity product, Active Roles, which is integrated with Cloud Access Manager,” explained Smiley. “The synchronization component of Active Roles pulls employee data from HR in near real time and assigns users to AD groups automatically based on the criteria we specify. Forexample, if HR indicates that you’re a full-time employee (as opposed to a contractor), you’re automatically added to the Cloud

Access Manager intranet group. If you’re an Oracle financialsuser, then you’re automatically granted the ability to see Oracle through Cloud Access Manager. We don’t have to set up individual authorizations or rules within Cloud Access Manager becauseit trusts the much more granular and powerful stuff that we’ve already got going via Active Roles Server using the very accurate and up-to-date HR data. It also enables us to further secureremote user logon by requiring a second authentication factor through One Identity Defender™, if we choose.”

In addition, authentication is simpler and more convenient for users with Cloud Access Manager and the other One Identity products. “Using VPN, usershave to log in first to the network, and then log in again to each application, such as the library or Oracle,” noted Smiley. “Cloud Access Manager takes care of those subsequent logons for theuser, automatically. Having AD-based enterprise single sign-on saves our users a lot of time and frustration.”

Dell Software uses Cloud AccessManager to control access not only to local applications and data, but also to SaaS solutions like Salesforce’s customer relationship management (CRM) products. “Cloud Access Manager enables us to control the access of cloud-based applications through our existing identity managementsolution,” said Smiley. “Users can log on to Cloud Access Manager and then go to Salesforce, without having to authenticate to Salesforce. And if we disable a user in AD for some reason,the next time they click a button in Salesforce, they’re logged out.”

About One Identity

The One Identity family of identity and access management (IAM) solutions, offers IAM for the real world including business-centric, modular and integrated, and future-ready solutions for identity governance, access management, and privileged management.

Learn more at OneIdentity.com