Inflection’s products and services empower companies to make better and faster people decisions about who to hire, who to trust, and who to grant access. For more than a decade, the Silicon Valley-based company has organized billions of public records into solutions that verify identities and check backgrounds while safeguarding the privacy of sensitive data.
Because trust and safety are central to its mission, Inflection emphasizes security inside its organization.
In the company’s early days, internal corporate applications were secured behind a firewall, and employees used devices locked down with tools like antivirus protection and a host-based firewall.
As the company grew, Inflection took advantage of new tech options, including Amazon Web Services (AWS) infrastructure and cloud-hosted applications. Despite the efficiencies those applications allow, they posed a significant challenge for the IT team: User identities began to sprawl.
Access management became challenging because IT had to keep up with several user directories to assign and revoke access, monitor and reconcile access privileges, audit and report user access, and more.
Duo’s secure single sign-on (SSO) let Inflection consolidate user directories and consistently apply multi-factor authentication (MFA) for access into all cloud applications, including critical infrastructure hosted in AWS. Duo's secure SSO also provided a flexible and granular policy framework, allowing IT to determine which users and devices should be granted access to applications based on risk.
Easy Win for Inflection
Inflection started by consolidating user identity sprawl from several directories to a single on-premises directory service. With a single location to manage identities, they reduced time spent on user provisioning, deprovisioning and access audit processes from several days to just hours per quarter.
However, a single identity increases the security risk of end-user credentials getting compromised. To mitigate the security impact of compromised user credentials used for data breaches, IT deployed Duo’s secure SSO with MFA to provide users consistent, secure access into any cloud application.
“Utilizing Duo’s SSO, employee authentication to cloud assets is streamlined and secure,” said Chuck Kim, Inflection’s Director of IT. “At the same time, having a quick solution for revoking access when needed mitigates risks.”
Granular Access Policies
IT enhanced Inflection’s security posture by applying policies based on the risks of each application, with consistent MFA usage and audit trails, while blocking risky devices and logins. A user with admin privileges might only be able to access the AWS Management Console, for example, from a corporate-owned device or trusted network, but could access an application without sensitive data, like Google, from any device (including a personal one).
With granular policies, IT classified applications based on risks, and implemented application policies when they roll them out to users.
Increased User Productivity
Duo’s secure SSO also helps Inflection employees get things done. Inflection users previously needed to enter credentials for multiple applications several times a day. With Duo’s secure SSO, they can log in just once to gain access to cloud applications from a single dashboard, using their existing credentials and strong MFA.