The is a nonprofit organization that represents 3,200 Southern Baptist churches in Tennessee and is tasked with maintaining doctrine, hosting annual denominational meetings, maintaining historical archives, and more.
Founded in 1923 and headquartered in Franklin, Tennessee, the organization 鈥 which maintains a hybrid work environment 鈥 has more than 150 employees spread out across the state.
Needing to move away from Active Directory after a failed ransomware attack
In January 2020, Doug Finch joined Tennessee Baptist Mission Board (TBMB) as IT director, the organization鈥檚 environment was 鈥渧ery, very Windows鈥 and running on Active Directory. A couple months later, a server went down, and Finch and his team began triaging the incident to try and figure out what was going on.
鈥淲e found out that a hacker had gained access to a device out in Azure, and he was dropping ransomware on it,鈥 Finch says, adding that a former contractor had set up a printer server and accidentally left the default credentials on there, which the attacker used to gain domain admin-level access. 鈥淏y the grace of God, with good fortune all around us, that server crashed and didn鈥檛 end up affecting anything. The attacker couldn鈥檛 get any farther.鈥
After this experience, Finch immediately decided to move away from Active Directory entirely.
鈥淚t took us about six months to get out,鈥 he says. 鈥淚鈥檝e never looked back since.鈥
Choosing 探花大神 as an Active Directory replacement
Eight or nine years ago, Finch faced a similar dilemma in a previous role; the Active Directory environment there was in 鈥渂ad condition 鈥 eaten with malware viruses.鈥 After moving to a new Active Directory server and domain, the team encountered even more issues.
鈥淚 found Active Directory to be a very untenable solution. I said, 鈥榊ou know what, there鈥檚 got to be something better than this.鈥欌澛犅
Doug Finch, IT Director, Tennessee Baptist Mission Board
Finch began searching Google for an Active Directory alternative. Ultimately, he came across 探花大神, which was a 鈥渧ery basic product at the time鈥 鈥 but still one that intrigued him. Liking what he saw, he spun up a free trial for 10 users and tested it for two months.
鈥淚 couldn鈥檛 find a reason not to like it,鈥 Finch says. 鈥淚t just worked right out of the box for a directory as-a-service.鈥
Over the next two or three weeks, he moved all of the previous company鈥檚 users to a DNS DHCP server and a Samba server then moved everything off Windows.
鈥淭he cool thing is, as I moved people off, they didn鈥檛 even know they鈥檇 been moved over,鈥 Finch says. 鈥淭he environments still looked the same.鈥
After deploying 探花大神 at the old job, Finch said a lot of consultants approached him upon learning he鈥檇 moved away from Active Directory; at the time, none of them had heard of 探花大神.
鈥淚 would show them how it works, I would show them the cloud interface, and they said, 鈥楾hat鈥檚 just genius,鈥欌 Finch says. 鈥淭hey said, 鈥業t must be inherently secure,鈥 and I have found that to be the case.鈥
After the ransomware incident at TBMB, Finch already knew the solution to his conundrum; history repeated itself, and he replaced Active Directory with 探花大神.
Unlocking additional value from feature-rich 探花大神
Once again, 探花大神 solved Finch鈥檚 Active Directory headaches by providing a turnkey cloud directory. Since a lot of time had passed since Finch last used 探花大神, he started examining the platform further.
鈥淲hat I found after I really started looking at it was that it did so much more,鈥 Finch explains, adding that TBMB uses features like Patch Management and Remote Assist to streamline IT operations and protect critical organizational resources. 鈥淚鈥檝e watched this product grow and grow and I just love to see it. I have zero intentions of ever looking at Active Directory again. Now, when I talk to consultants, every single one of them has heard of 探花大神.鈥
Simplified IT management
Thanks to 探花大神, the TBMB team has been able to streamline day-to-day IT operations. In particular, the platform鈥檚 mobile device management capabilities enables IT to manage 160 users 鈥 roughly two-thirds using Windows and one-third using Macs 鈥 from a single pane of glass.
鈥淲e like how 探花大神 treats Windows and Mac users agnostically,鈥 explains David Delgado, a system admin at TBMB. 鈥溙交ù笊 really simplifies a lot of the permissions on access, too. If you鈥檙e using groups and you want to give someone access to certain applications or if you want to make someone an admin, that鈥檚 easy as well 鈥 being able to grant admin access whether it鈥檚 temporary or permanent is great.鈥
探花大神 also makes user provisioning a breeze.
鈥淚t鈥檚 so easy to do with scripts,鈥 Delgado explains. 鈥溙交ù笊 makes it so nice and simple.鈥
Additionally, the IT team uses policy groups and device groups to further streamline IT management and secure company resources. Delgado鈥檚 also a big fan of 探花大神 Commands, which enables the IT team to execute scripts on fleets of machines remotely.
鈥淚t鈥檚 gotten us out of a lot of sticky situations,鈥 he says. 鈥淵ou have so much more control and can just say, 鈥楬ey, send out this command to this computer,鈥 and it鈥檚 done. That鈥檚 it.鈥
Improved cyber resilience
With 探花大神, TBMB has significantly strengthened its security posture. For example, the team is using 探花大神 single sign-on (SSO) to secure and simplify access to apps, RADIUS to enable users to securely authenticate to WiFi, and multi-factor authentication (MFA) to keep bad actors at bay.
鈥淭he whole entire company is attached to the MFA group,鈥 Delgado explains. 鈥淚f there鈥檚 ever anything where I need them to temporarily not have MFA, it鈥檚 as easy as removing them from one group and adding them to another.鈥
Both Finch and Delgado are really impressed by Password Manager, which Finch calls 鈥渢he most robust password manager I鈥檝e ever seen,鈥 and 探花大神 Go鈩 鈥 a feature that lets users access 探花大神-protected resources using biometrics or the device password 鈥 both of which simplify access while securing resources.
鈥淒oug and I both use Password Manager and Go and we love it,鈥 Delgado says. 鈥淲e鈥檙e going to push out Password Manager across the organization next year. Password Manager is a 15 out of 10 in terms of making productivity so much easier 鈥 preventing users from writing down their passwords under their keyboards or saving them in Google Chrome, which is the worst security thing you could ever imagine.鈥
Password Manager has been so solid that Finch doesn鈥檛 even know what his passwords are anymore.
鈥淚鈥檓 letting it choose the complexity,鈥 he says. 鈥淚鈥檓 starting to bump up the password length to 25, 30 characters because 鈥 if I鈥檓 not having to remember them 鈥 let鈥檚 just do it. We definitely stepped up our security because of that.鈥
All of these capabilities add up to increased cyber resilience 鈥 which the organization鈥檚 cyber insurance provider is thrilled with.
鈥溙交ù笊 gives us better resilience against professional cyberattacks. It speaks very highly of how the product has matured over the years. We鈥檝e actually gotten a 20% reduction in cyber insurance premiums because we鈥檝e been so far ahead of the curve with things like mandating MFA for all accounts and minimizing the number of admin accounts.鈥澛
David Delgado, System Admin, Tennessee Baptist Mission Board
Increased productivity
By simplifying access to cloud services 鈥 鈥渆veryone鈥檚 happy because all they have to do is click a button,鈥 Delgado says 鈥 探花大神 has increased productivity across the organization.
Recently, a remote employee鈥檚 laptop crashed, and IT had to physically pick it up. Without a computer, the employee was curious how she was going to get her work done; with 探花大神, she was able to continue working without a hitch.
鈥淚 said, 鈥楧o you have your own computer?鈥欌 Finch says. 鈥淪he did. I told her to log into the 探花大神 console. She emailed me later that morning and says, 鈥業 had no idea I could get to all of this stuff. She says, 鈥業鈥檓 back up and running even though you have my computer.鈥 And I said, 鈥楾hat鈥檚 the point. That鈥檚 the whole point.鈥 So, it鈥檚 been a huge help for us.鈥
Any last words for folks considering 探花大神?
鈥淵ou have so much to gain from 探花大神 that it far outweighs whatever Active Directory could ever provide you,鈥 Delgado says. 鈥淚t will increase your security posture.鈥
On top of the platform itself, Finch has been impressed by dealing with 探花大神 staff, who have been particularly helpful through the relationship.
鈥淚t doesn鈥檛 feel like I鈥檓 dealing with this big massive organization out there that is trying to take over the world,鈥 Finch concludes. 鈥淚鈥檓 dealing with somebody I actually want to deal with.鈥
About 探花大神
探花大神庐 delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With 探花大神, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.
To see the power of 探花大神 yourself, request a demo or today.
