Senior Service America, Inc. (SSAI), a nonprofit organization headquartered near Washington, D.C., is committed to making it possible for low-income and other disadvantaged older adults to participate fully in determining their own future and the future of their communities. The organization was launched in 1961 as an advocacy group for older Americans and traces its roots to the National Council of Senior Citizens. Today SSAI operates through 81 local partners serving more than 10,000 disadvantaged seniors in 430 counties spread over 16 states.
For more than 40 years, SSAI has operated the US Federal Senior Community Service Employment Program (SCSEP) through a network of local sub-grantee organizations, as well as two other programs—the Senior Environmental Employment Program and the Agriculture Conservation Experienced Services Program.
As part of its overall cloud IT strategy, Kamal Elharam, director, information systems and technology for SSAI, introduced Salesforce Service Cloud to its 60 employees and 500 sub-grantee users. The change meant that users needed to use their email addresses and new passwords to access the SSAI cloud platform.
While SSAI’s employees adapted quickly, the sub-grantee users struggled to adapt to the system. In some cases, due to local policy, users couldn’t get a separate email address. SSAI needed to solve this problem to ensure adoption of its new partner portal, increase user convenience, and keep costs down. SSAI determined that it wanted to enable single sign-on (SSO) for its users, using an existing web application portal.
SSAI researched a number of solutions that it identified in a Salesforce conference, as well as alternatives proposed by a local system integrator.
At first, Elharam’s team tried to build a solution internally to that could be used to manage SSO using the security application markup language (SAML) standard. When that approach proved unfeasible, he decided to investigate commercial options.
The key features and capabilities required by SSAI included:
At first, SSAI evaluated two on-demand SaaS vendors—OneLogin and Ping Identity—and decided to try the OneLogin product. However, the SSAI IT department quickly discovered that it didn’t work well with the on-premises partner portal, and was not pleased with the level of support received from the vendor to help make it work.
Then, the system integrator gave a demo of McAfee Cloud Single Sign On and provided an evaluation copy for testing. IT was pleasantly surprised when McAfee was able to set up a McAfee Cloud Single Sign On system in the test environment in less than an hour. As a result of the evaluation, SSAI decided to proceed with deploying the solution throughout their enterprise.
“McAfee has been excellent to work with. McAfee Cloud Single Sign On is responsive to all of our needs and helped us, as well as our system integrator, to ensure the best implementation of our business case. Other vendors weren’t as eager to adjust to our business case and expected us to do business differently to allow us to use their tools.”Kamal Elharam
Information Systems and Technology SSAI
After what Elharam described as a “smooth” rollout process, the system was placed into production for 60 employees and 500 sub-grantee users. SSO enables sub-grantee users to gain access to the partner portal, built on top of Salesforce, through the Internet. The partner portal gives them access to an internal knowledge base, program, and technical support, and is used to collect subgrantee information relevant to SSAI’s program operations.
By deploying SAML to manage authentication, SSAI not only improved the end-user experience with the convenience of SSO, it also enhanced security, since SAML doesn’t use a password. This ensures that users can only access the partner portal using the SSAI infrastructure and can’t bypass the organization’s security system. Elharam reports that the new system “ensures our sub-grantees are connected to SSAI via additional channels besides phone and email, empowering them further to contribute to the overall health of our program.”
Automated user provisioning also saves time and money that used to be spent creating accounts and email addresses for all users, while deprovisioning enables SSAI to quickly shut down access to individuals who are no longer sub-grantees. This not only saves further time and effort, it also delivers greater assurance that only authorized personnel can access internal data.
When asked about the top three McAfee Cloud Single Sign On capabilities that were most important to them, SSAI responded:
Given the successful deployment, SSAI plans to extend the system’s SSO and provisioning capabilities to other SaaS products as they roll out additional strategic SaaS applications. “Intel has been excellent to work with. McAfee Cloud Single Sign On is responsive to all of our needs and helped us, as well as our system Integrator, to ensure the best implementation of our business case, said Elharam in his assessment of the project. “Other vendors weren’t as eager to adjust to our business case and expected us to do business differently to allow us to use their tools.”