Horangi is a Singapore-headquartered cybersecurity company that provides solutions optimized for cloud-based organizations and leading cloud service providers. Founded in 2016, the company has a global workforce of over 100 employees with offices in Singapore and Indonesia.
In October 2021, Horangi was listed as a Sample Vendor in the Emerging Technologies & Trends Impact Radar: Security published by Gartner for their flagship product, Warden, a multi-cloud security tool with threat detection, CSPM, CIEM, and compliance automation capabilities.
The Challenge: Managing LDAP in the Cloud
As a company focused on helping other organizations strengthen their security, Horangi understands how important it is to lead by example and make sure their own systems are protected.
“Security is at the heart of Horangi,” said Nikolay “Niko” Akatyev, Horangi’s VP of Internal Security and IT. “It matters the most to us to make sure that our employee and customer data is well-protected and safe from any insider or outside threats.”
Staff at Horangi utilize Google Workspace, AWS, as well as Mac and Windows operating systems in their daily operations. That, coupled with the fact that the company has implemented work-from-home arrangements due to the COVID-19 pandemic, makes managing their environment difficult.
To overcome the challenge, in 2017, Horangi started looking for a tool that they could use to manage LDAP in the cloud. The right solution would allow their Internal Security team to manage access to their VPN and ensure that only authorized staff could access the company’s network, applications, and data.
The Solution: A JumpCloud Early Adopter
At the time, there weren’t many solutions on the market that cloud-native companies like Horangi could turn to for the LDAP use case. After much research, Horangi shortlisted their choices to two options and ultimately decided that JumpCloud’s cloud LDAP service was the perfect fit for their needs. The other option, Okta, was too complicated and expensive.
“We were early adopters of JumpCloud,” Niko explained.
The initial implementation of Jumpcloud’s LDAP service quickly proved that it helped streamline access management. Soon after, internal adoption of the platform grew organically, starting with managing access to AWS which lacked its own single-sign-on (SSO) tools at the time.
Elaborating, Niko said, “Engineering discovered it was already very convenient to manage access to AWS. We found it very useful to use JumpCloud to manage access to different accounts and grant different roles and permissions per account, enforcing least privilege easily.”
The Results: A Scalable Solution That Grows Alongside Horangi
JumpCloud has grown both as a company and as a platform since Horangi’s initial deployment. Horangi found the experience with JumpCloud so favorable that the Internal Security team decided to extend JumpCloud’s footprint considerably beyond the LDAP use case in the ensuing years.
Here are some of the ways Horangi uses JumpCloud to protect its systems — and ultimately deliver more value to the company’s customers around the world.
1. Rapid new user onboarding
Horangi uses JumpCloud to automatically provision new users to Google Workspace, resulting in an accelerated onboarding process that enables the IT team to reclaim considerable amounts of time for other important areas of operations.
“We onboard anywhere between six and 10 new users every month. The auto-provisioning of these new users saves a lot of time.”Nikolay “Niko” Akatyev, VP of Internal Security and IT, Horangi
Now, Niko creates an email, loads it into BambooHR, and an account is automatically created in JumpCloud. “My team can just pick it up from there, go to JumpCloud, connect it to a Google Workspace group, and give the user access to other applications, like monday.com and AWS.”
JumpCloud doesn’t just benefit the IT team. New hires also benefit from the streamlined onboarding approach as they can now hit the ground running with all the tools they need as soon as they receive their laptops that have been loaded with JumpCloud.
“We’re getting a lot of feedback from our users that their first steps for onboarding are very easy because they just need to log into one place,” Niko explained. “That’s it! It just works.”
2. Single sign-on (SSO)
Horangi’s users, especially new hires, don’t always know which applications the company uses. To ensure new hires and the rest of the team can be as productive as possible, Horangi integrated its core applications with JumpCloud for SSO purposes — which is one of the CEO’s favorite use cases.
“JumpCloud made SSO much easier and more straightforward to implement. It’s very helpful both for usability and security. Now, we have all our applications in one place. When we log into JumpCloud, it’s easy to access all of our applications.”Nikolay “Niko” Akatyev, VP of Internal Security and IT, Horangi
3. Access control
While JumpCloud was initially used by engineering, the platform was eventually rolled out to the entire organization. Today, that has enabled employees to log into Horangi’s VPN and test their own products from any location.
“We want to dogfood our own products,” Niko said. “So we extended access to our VPN to everyone, which is why everyone has access to JumpCloud. I think one of the most important aspects of security is access control.”
JumpCloud makes access control a breeze by providing a bird’s-eye view of authentication across all applications. “We monitor all authentication activities directly inside of JumpCloud,” Niko explained.
Thanks to JumpCloud, it’s easy for Horangi to comply with both internal and external policies and regulations. For example, the Horangi team conducts quarterly reviews to see which accounts can access which tools and systems.
“It’s very convenient for us to just look at all groups in JumpCloud and see who the members are at a glance,” Niko continued. “We can correlate users through our own product, Warden IAM, with groups in JumpCloud, and that enables us to do access reviews quickly and conveniently.”
Recently, Horangi became one of the first cybersecurity companies in Asia to attain SOC 2 Type II certification, thereby demonstrating the company’s commitment to keeping customer data private and protected.
“It was very helpful to be able to show the evidence in JumpCloud to the auditor,” Niko said.
5. Multi-factor authentication (MFA)
Horangi also uses JumpCloud’s MFA solution to protect its privileged accounts.
“I use MFA with JumpCloud because I think I can be a target because of my role,” Niko explained. “Our CEO definitely uses it because it’s very important to protect his profile.”
6. Streamlined offboarding
The offboarding process using JumpCloud has made Niko and Horangi’s security team’s life a lot easier. JumpCloud has also been instrumental in helping Horangi offboard users within 48 hours, a requirement for SOC 2 Type II certification.
“As soon as offboarding data reaches BambooHR, the user is automatically suspended in JumpCloud, and once they’re suspended in JumpCloud, all access to other core applications is disabled.”Nikolay “Niko” Akatyev, VP of Internal Security and IT, Horangi
Any advice for customers just starting out with JumpCloud?
“Check out the documentation to find similar cases or deployment models, then design how you want to manage identities, which systems you want to connect, and what the end-to-end process for onboarding and offboarding would look like,” Niko concluded.
For more information on Horangi, visit https://www.horangi.com/.
To learn more about the easiest way to ensure only authorized individuals access your network, applications, and data, get started with JumpCloud today.