Recently, we kicked off our new customer spotlight series by highlighting one company’s digital transformation journey. In today’s installment, we’ll explore how the IT team at a leading genomics company supports fast growth. With their clever use SaaS automation, they adeptly balance employee experience and compliance.
Read on to learn how they automate day one onboarding to keep pace with their blistering hot hiring velocity, how they keep shadow IT to a minimum while maintaining a secure environment, and how BetterCloud helps them do all of this with ease.
Unique and complex IT challenges
When the COVID-19 pandemic hit, this genomics company quickly set up a new arm of their business that provided testing support and variant surveillance tracking. That bold move meant they needed to ramp up hiring like it never had before—and they needed those people to be on the job as soon as possible. In response, their IT team needed to cleverly automate a best-in-class onboarding experience to get new hires up and running.
To compound this unique onboarding challenge, they needed to maintain processes for both sides of the business and comply with the many healthcare compliance requirements and secure its intellectual property and patient data. They were also charged with doing this while providing employees with access to a broad selection of sanctioned SaaS apps.
How they created a best-in-class onboarding experience
This genomics company manages roughly 100 SaaS apps, some of which have multiple instances to meet both Health Insurance Portability and Accountability Act (HIPAA) and non-HIPAA requirements. All told, 30 of their SaaS apps are managed in BetterCloud.
They have a total of 169 workflows that trigger an initial on-demand workflow. When BetterCloud sees that a new employee has been added in Google Workspace, it executes a series of additional onboarding workflows. Based on the new employee’s department, that person’s apps are provisioned automatically.
But how they use automation for employee experience extends to one more step.
Using onboarding workflows to create badges for new employees
As 2020 progressed and hiring was ramped up to support its new COVID testing operation, IT became the bottleneck to hiring. In spite of their high levels of onboarding automation, it wasn’t enough. They found that they needed to make changes to have true day one onboarding in these new circumstances. One area where this became abundantly clear? Creating badges that would grant new hires access to the testing sites.
Today, they use a series of workflows to make this process smoother for everyone involved. When a new employee joins their COVID testing team, they gain access to that team’s applications. Additionally, a workflow notifies the team responsible for creating badges and provides critical information such as the new hire’s name and start date.
How workflows enabled IT to develop a stronger partnership with human resources
To reduce friction even further, their IT team created a day one onboarding workflow that gives its human resources department direct access to BetterCloud. By working together with the BetterCloud team, they created a specific and limited set of access privileges for HR that allows them to start the on-demand workflow that triggers all app provisioning processes and badge creation messaging.
Once the workflow begins, BetterCloud sends a Slack message to HR that notifies them that a new user’s accounts have been created. Additionally, these notifications inform HR of the next steps they should take to complete the process.
To make it even easier for HR, their IT team devised a “naming” convention that makes it easy to find the correct workflows in BetterCloud. HR knows that its workflows begin with a number, and when sorting them in BetterCloud by name, HR’s workflows appear first.
IT’s simple idea of extending limited permissions to BetterCloud for HR boosted the business time-to-revenue because they could staff up fast to meet demand.
Balancing employee experience with complex compliance requirements
Since this company generates and stores healthcare data, they must comply with strict healthcare security and privacy requirements. This means they must work hard to prevent shadow IT and keep users on IT-sanctioned SaaS applications. They also must follow a robust review process that requires a user to present their business case for approval.
As part of that approval process that balances employee experience with compliance, their IT team considers the following:
- APIs to automate app into onboarding and offboarding processes
- The level of effort to automate and integrate into existing processes
- Permissions and security in product design of a requested app
- Similarity to existing sanctioned apps
- Business requirements and value that results from paying licensing fees
- Whether a non-HIPAA instance or a separate HIPAA compliant version of the requested application is required for to process HIPAA data
This company aims to have very few applications that require HIPAA compliance. This enables the organization to ensure compliance, facilitate ease of compliance processes, and keep data protection levels high. They also must ensure that data is stored in as few locations as possible. This work helps keep costs down, increases their security posture, and makes it easier to meet all compliance requirements.
So once all the information is collected, company management, along with IT, then reviews it all. They carefully weigh trade-offs on the SaaS app, how it fits into automation, employee experience, and compliance needs. Only then do they either approve or deny the request for a new SaaS app.
Using BetterCloud alerts to maintain compliance and an incredible employee experience
While it’s mostly a Google Workspace shop, they still manage a few Microsoft 365 users.
However, IT previously had to take time out of its day to monitor activity across Microsoft 365 applications. In an effort to save time, IT locked down users in 365, which had a dramatic (and obvious) impact on Microsoft users across the organization.
Pursuing this course of action did not align with corporate employee experience and compliance expectations. This is when their IT and SaaS operations functions turned to BetterCloud alerting and customized it for their environment.
Now they can take proactive action based on the file security notifications they’ve built in BetterCloud. They no longer actively block sharing, but they actively examine it and follow up with users when something appears suspicious. If necessary, they reach out to users to tell them IT works with users to confirm if sharing is valid. When necessary, their IT administrators re-train users to operate in an approved manner.
Supporting a large organization without increasing IT headcount
The keys to success for the IT team at this company is that they partner with stakeholders across the business to determine next steps, evaluate how well a SaaS tool solves a challenge, and ultimately how to automate the solution in a way that meets employee experience and compliance goals. Their IT team enabled the business to grow its staff significantly, all while maintaining a large library of SaaS applications—and without increasing IT’s headcount.