How Perch Security Eliminated IAM Downtime With Auth0
The security company’s IAM went from a business risk to a selling point
A ConnectWise solution, Perch Security offers cybersecurity solutions focusing on technology solutions providers (TSPs) – detecting threat activity without costly equipment or analyst hours. With next-generation SIEM, a 24/7 Security Operations Center (SOC), same-day setup, and no annual contract required, users can put Perch to work for them right away.
Perch Security is a small company that’s making a big splash in threat detection and response. Perch alerts their customers to potentially malicious activity on their networks by analyzing log data and looking for abnormalities. Perch’s big innovation is to compare security threats from all their customers. This approach allows for richer insights and faster responses, since analysts have a bird’s-eye view of the entire threat landscape instead of just looking at a single customer’s issues.
Since its founding in 2016, Perch has earned a strong reputation, growing its partner community to include companies like Cisco, VISA, and ConnectWise. But the team’s authentication system was slowing them down, and it lacked the features they needed to attract and retain enterprise customers. Perch needed an identity and access management (IAM) solution that was more like Perch itself: secure, feature and integration-rich, and reliable.
“As we grew and got higher-value customers on the platform, it wasn’t really an acceptable option to have downtime for a security system that’s supposed to be 24/7, 365.”
Perch Security started out with a Java-based, open-source IAM solution, which was set up by some of the company’s founding engineers. The problem was, once those engineers left, nobody on the team had the Java expertise to work with the system. Finally, it began to occasionally crash for hours at a time. According to Nick Hagianis, Perch’s VP of software development, “As we grew and got higher-value customers on the platform, it wasn’t really an acceptable option to have downtime for a security system that’s supposed to be 24/7, 365.”
“The scary part was not knowing how long it would take to get back up,” Hagianis says. “It became a serious business risk for us.” It was clear that Perch needed a change. Says Hagianis, “We had to migrate off that system and get onto something that was easier to manage. Something that our developers were actually familiar with and could work with.”
While Perch’s team was looking at more stable open-source options, they found Auth0. “We had a couple of developers who had used Auth0 on side projects before, and they found the developer experience to be very pleasant and easy to use, easy to implement.” They decided to experiment with Auth0’s platform and signed up for a free account. One developer made a proof of concept over the weekend, and it was an immediate hit. “We thought it would be a huge business win for us,” Hagianis says.
“We had a couple of developers who had used Auth0 on side projects before, and they found the developer experience to be very pleasant and easy to use, easy to implement... We thought it would be a huge business win for us.”
Nick HagianisVP of Software Development
Migration Took Just Two Hours
Perch has three types of users: customers, employees, and robotic sensors. Perch’s team adopted a hybrid approach to migrating their user data, allowing them to fall back to their former authentication platform should anything go wrong during the migration. Hagianis explains it was “the safest approach for us because it provided redundancy.”
For the human users, “we did the migration on a Saturday morning, in case it took a long time or we ran into problems, as is sometimes the case when you’re doing major infrastructure upgrades like this,” Hagianis says. “But with the Auth0 migration, we were done in an hour or two, tops. There was zero downtime during that migration process because we had architected the system to be fault-tolerant.” Two weeks later, they completed migration of their hardware sensors.
Since then, Hagianis reports that the Auth0 experience has been smooth sailing. “We haven’t had a single incident with Auth0 to date,” he says. “The API is always up. It’s always available. It always returns exactly what we expect.”
“But with the Auth0 migration, we were done in an hour or two, tops. There was zero downtime during that migration process because we had architected the system to be fault-tolerant.”
Nick HagianisVP of Software Development
Perch Wins Business With SSO and Integrations
Reliability was Perch’s number one priority for an IAM partner, but it wasn’t the only one. “Another thing our customers were starting to demand of us — especially the larger, enterprise-type organizations — was Single Sign On [SSO],” Hagianis recalls. Perch wanted to provide this service without having to charge their customers extra for it, which they were able to achieve by working with the Auth0 sales team.
SSO has been an immediate success for Perch, and they beat their eight-month customer adoption goal in three weeks. According to Hagianis, “Being able to offer that at a reasonable price point and not have to upcharge customers for it has been a great differentiator for us.” Perch has also implemented multi-factor authentication for all their employee accounts, as well as providing it as an option for customers.
Looking ahead, Hagianis says that Perch has “a heavy focus on integrations.” With that in mind, Perch is excited to explore new integrations withAuth0 Marketplace. “People want integrations,” Hagianis says. “And Perch wants to be part of that game. The more data that we can get flowing through our system, the better security we can provide for our customers.”
“We haven’t had a single incident with Auth0 to date. The API is always up. It’s always available. It always returns exactly what we expect.”
Auth0, a product unit within Okta, takes a modern approach to identity and enables organizations to provide secure access to any application, for any user. The Auth0 Identity Platform is highly customizable, and is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visithttps://auth0.com.