, a leader in frictionless commerce, strategizes, designs, builds, and manages digital Commerce, Data Management, and Supply Chain solutions for over 200 major retailers and branded manufacturers globally. With a portfolio of digital products as well as managed and professional services, Pivotree provides businesses of all sizes with true end-to-end solutions. Headquartered in Toronto, Canada, with offices and customers in the Americas, EMEA, and APAC, Pivotree is widely recognized as a high-growth company and industry leader.
Today, the company has more than 600 employees spread out across the world, the majority of whom work remotely.
Needing to replace an aging on-prem Active Directory server
Before Clinton Halston joined Pivotree in 2016, the company鈥檚 environment consisted primarily of Windows machines managed through a 鈥渧ery aging on-premises Active Directory that was not well-maintained.鈥
鈥淲e were starting to see more MacBooks in our fleet, so the previous IT manager chose to deploy 探花大神 to manage workstations,鈥 says Halston, the company鈥檚 IT director.
When Halston came on board, one of his first responsibilities was helping Pivotree get through an audit.
鈥淚 was asked to show whether people had firewalls enabled,鈥 he explains. 鈥淚 went, 鈥榃ell, great.鈥 Most of these people weren鈥檛 in 探花大神 yet, so I said we should finish rolling it out.鈥
Standardizing IT management during a period of fast growth
At the time, Pivotree was growing rapidly through a series of acquisitions.
鈥淲e went from a couple hundred people to 600-plus, and everybody was managing their company鈥檚 IT differently,鈥 Halston continues. 鈥淲e made it a point to roll out 探花大神 to all employees for workstation management, converting people from different AD systems or just local management, as well as a bunch of Mac stuff and a couple Linux machines.鈥
Thanks to 探花大神鈥檚 support for cross-OS device management, Halston and his team are now able to manage all company devices through a single pane of glass.
鈥淚t鈥檚 nice to have endpoint protection for all the different operating systems.鈥
Consolidating IT tools with feature-rich 探花大神
With device management shored up, Halston and his team continued rolling out new 探花大神 features to further simplify IT management. As a second order of business, they took advantage of 探花大神鈥檚 single sign-on solution for 鈥渘o additional cost鈥 since it was already offered in the package the company was paying for.
鈥淲e use it to authenticate to all critical business systems,鈥 Halston says. 鈥淓ven if you use a shortcut for the app, it鈥檚 going to push you to the console for authentication.鈥
The way Halston sees it, the more tools focused on user identity and device management that are accessible through a single pane of glass, the better.
For example, Pivotree had been using Okta to manage identities but they couldn鈥檛 use it to manage workstations, so they moved to 探花大神 instead.
鈥淚n reality, we could do all the Okta stuff in 探花大神 for no additional cost because we were already paying for the users,鈥 Halston explains. 鈥淥kta is great but they can鈥檛 do device management and 探花大神 can. So if 探花大神 is already your device management solution, why have two systems?鈥
To ensure a successful deployment, Pivotree engaged 探花大神 Professional Services to help with implementation.
鈥淭hat was very economical,鈥 he says. 鈥淥ver the course of three months, we moved all of our applications into 探花大神.鈥
Policies, Groups & Commands
The Pivotree team makes use of a slew of 探花大神 Policies, like enforcing automatic screen and session timeouts, locking down USB access, and encrypting harddisks.
鈥淭here鈥檚 a whole bunch of other stuff that we鈥檙e using, too,鈥 Haltson says.
Pivotree is also taking advantage of dynamic device groups to apply security policies by operating system. They鈥檙e also using a mix of static and dynamic user groups to grant access.
鈥淲e鈥檙e moving more toward dynamic,鈥 he continues. 鈥淲hen there鈥檚 a change to an employee, we make the change in 探花大神, which impacts the dynamic groups they鈥檙e a member of. And then we鈥檒l use that to grant access to certain applications. So, in short, role-based access control.鈥
Additionally, Pivotree is using 探花大神 Commands to remotely execute scripts on all its machines.
鈥淎fter all these acquisitions, we wanted to move everything to a common naming standard,鈥 Halston explains. 鈥淪o, we renamed everything in the 探花大神 console to the standard we wanted and then would use commands to rename the local machines. We needed commands for Windows, Linux, and Mac for all of that, we ran them against the machines, and now everything鈥檚 up to date.鈥
Security & Compliance
Due to the space it operates in, Pivotree needs to maintain compliance with several industry standards, including ISO 27001, SOC 2 Type 2, and PCI DSS.
When it comes to compliance, 探花大神 is quite helpful. For starters, it enables the IT team to enforce things like multi-factor authentication and strong passwords. At the same time, 探花大神 also makes it easy to demonstrate compliance at a glance to auditors.
鈥淎udits are really easy,鈥 Halston says. 鈥淲e just screenshot the policy and the auditor says, 鈥極kay.鈥欌
To prepare for audits, the team runs reports in 探花大神 that make it easy for Halston to see which devices aren鈥檛 up to date.
鈥淚t makes it easy for us to follow up with people to get devices back in compliance,鈥 he says.
Pivotree has also enhanced its security posture by remotely locking devices when someone leaves the company or a device is lost and by remotely wiping devices.
鈥淲hen someone leaves the company, they can ship the device back to us or we will also let them buy it for whatever鈥檚 left on the value of the device,鈥 Halston says. 鈥淎nd we can be confident that we can remotely wipe it and have the operating system installed in factory-default condition so they can use it however they want without having to ship it back and forth.鈥
Pivotree is also using 探花大神 Go鈩, which enables users to verify their identities at device login using a device password or biometric authenticator. Not only does this further protect systems, it also saves users from having to enter their credentials throughout the day.
鈥淚 never type my password anymore,鈥 Halston says. 鈥淚 use biometrics to log into my machine and it gets my browser going, and I never have to type my password but I鈥檓 still secure.鈥
Accelerated onboarding
Using 探花大神, Pivotree is able to send devices to new users in a few simple steps.
鈥淲ith Microsoft, it鈥檚 a one-touch deployment,鈥 Halston says. 鈥淲ith Apple, it鈥檚 zero-touch. A user gets the device, 探花大神 is installed on it, and they can log into the user name we provide right from the first time they boot up.鈥
A system they can grow with
Looking ahead, Pivotree aims to unlock even more value from 探花大神, which continues to bring new features to market. They鈥檝e already utilized Remote Assist to great effect.
鈥淲e鈥檇 been using Zoom and just asking to take control of people鈥檚 screens on Zoom, and that鈥檚 how we were doing support,鈥 Halston says. 鈥淥ur team now uses Remote Assist quite a lot, and they love it.鈥
Up next, Pivotree hopes to migrate away from its password management and use 探花大神 Password Manager instead.
鈥淭here鈥檚 quite a suite of features available in 探花大神, and having it all in one spot has been really helpful,鈥 he concludes.
About 探花大神
探花大神庐 delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With 探花大神, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.
To see the power of 探花大神 yourself, request a demo or start a 30-day trial today.