Protecting Species360’s global conservation data with Auth0

100+

hours saved on developing Identity features for customers with Auth0

2+

weeks saved in the sales process with proactive security reporting

$100k+

saved by implementing Auth0 SSO vs building in-house

Each year, between 10,000 and 100,000 species go extinct even as conservationists collaborate to protect our planet’s biodiversity. A global network of organizations including aquariums, zoos, wildlife rescue organizations, universities, and governments rely on access to data to effectively care for species under their management.

Species360 is a non-profit that aggregates those global data sets and provides access to standardized information that helps more than 1,300 institutions make informed decisions. The organization's Zoological Information Management System (ZIMS) helps its users around the world manage animals in their facilities by storing information about diets, enclosure details, and medical records. “Our primary source data exists nowhere else in the world,” says Rob Calcagni, Species360’s director of global membership and marketing. “We expand that data every day to make our members more successful because time is vital in conservation.”

Species360 also prioritizes the protection of its data and customers. For more than a decade, the company relied on a custom-built Customer Identity and Access Management (CIAM) solution, but as the organization grew, this solution stopped meeting its maturing security standards. "We had a custom SSO solution,” said Clint Pidlubny, director of technology, “but when I assessed it with our tech team, we were able to poke holes in it pretty quickly. I was concerned it would leave our platform vulnerable."

As part of a platform-wide modernization project, Species360’s security team sought a solution it could trust and deploy quickly. “We want to be good stewards of our data,” Pidlubny shared. “I wanted to hand over our platform’s security to the experts rather than build a parallel application we had to manage ourselves.”

Developing comprehensive security, not a single solution

Pidlubny wanted a CIAM solution that protected Species360 today and could scale alongside the organization with little maintenance in the future. Soon after, the company acquired the plant record-keeping platform, Hortis, which already used Auth0. Following this review, Species360 saw how Auth0 would be the best solution to protect both platforms. “My biggest concern is preventing DDoS attacks or bad actors from accessing our data or taking control of our systems,” Pidlubny said.

The team worked with Okta to join the Auth0 for Startups program to test the solution. "Auth0 had all of the functionality we needed, including Enterprise Connections, and the Auth0 for Startups program gave us the runway and robust documentation we needed to test and ensure it was the right tool for our organization,” Pidlubny shared. Since Species360 is a non-profit, it was also able to work with Okta for Good to get additional support and preferential pricing. What would’ve taken the team months of work and more than $100k to deploy and implement in-house was completed in a few short weeks with Okta.

With Auth0, Species360 replaced its existing CIAM features and prepared for future ambitions. “Ease of implementation is huge for us because we work in more than 100 countries. Auth0's configuration tools allow us to set up localized tenants easily to serve users around the world with minimal additional effort,” Pidlubny said. “These local tenants can reduce latency and can be customized for local data regulations, so we can more easily expand into new regions.”

Leveraging more flexible security controls to grow and expand to new organizations

As Species360 continues to reach new international customers, it uses Auth0 to appeal to large institutions with specific security standards and regulatory requirements. “We chose Auth0 because it’s best-in-class. That means being fast to market and secure with easy-to-use Single Sign-On capabilities,” Calcagni said. “But it also means it's vetted and many of our customers already know and use it themselves, so it’s easier to sell our platform into their organization.“

Large customers—including the Smithsonian Institution—want to know Species360’s SSO solution provided by Auth0 will easily connect to their own identity providers so their systems remain their source of authority.

“When we’re talking to medium or large organizations with their own IT group, we can quickly and proactively respond to their security concerns to speed up our sales cycle,” Calcagni shared. The team has reduced complex sales cycles by more than 2 weeks and continues to save itself 100+ hours of manual reporting work.

Meanwhile, Species360 retains the flexibility to support small institutions by offering varying degrees of identity control. “For smaller, less technically sophisticated organizations, turning on features like Multi-Factor Authentication may be an impediment to their work,” said Pidlubny. “But having more options means we can customize that experience.”

Beyond flexibility, Species360 relies on Auth0 to assure current and prospective clients that they are using best-in-class solutions across their security stack. Organizations, including those affiliated with government institutions, require vendors to submit security questionnaires or a declaration of their security practices and compliance frameworks. With Auth0, the Species 360 team is able to establish trust with their clients and reinforce their commitment to safeguarding data.

Protecting the next generation of conservation data

As Species360 continues to modernize its platform, it looks for new ways to keep its data secure. This includes earning a SOC2 certification by 2025 and implementing additional Auth0 and new Okta Workforce Identity solutions.

“We’re just scratching the surface of what we can do with Okta,” said Pidlubny. “As we modernize our ZIMS platform, we can more granularly control access and improve our user experiences simultaneously. That’s how we can best serve our members and achieve our conservation goals.”