How Nortec Restored MyEyeDr.’s Confidence in External IT Partners
MyEyeDr. operates 550 optometry offices throughout the U.S. and plans to have 600 locations by the end of 2019. They have an acquisition-based growth strategy, which they’ve successfully used to expand from 100 locations 5 years ago to where they are today, with an expanding presence along the East Coast and throughout the Midwest and South.
This continual growth created a common dilemma for MyEyeDr. The internal IT team did not have the bandwidth to fully manage the company’s technology. To overcome this, MyEyeDr. contracted with external providers and had poor results. Previous IT providers made promises they couldn’t deliver on, causing MyEyeDr. to spend millions on IT support without seeing a meaningful return on investment.
When the leadership identified proactive, preventative security as a top priority, they knew implementing solutions, like multifactor authentication (MFA), would stretch internal resources too thin. After evaluating their options, MyEyeDr. partnered with Nortec. The project had two goals. First was to use MFA as a tool to better manage identities and safeguard medical, financial and personal data. It was also a test to see if Nortec could be an expert IT partner they could trust with ongoing projects
Early on, Nortec encountered an issue. MyEyeDr.’s on-premise Active Directory had been set up with conflicting parent-child domains and, at times, users had to use 2 logins to access systems and information. This created a roadblock for a straightforward deployment of MFA using Microsoft Intune. At MyEyeDr.’s request, Nortec maintained the system and created a workaround.
But this proved unreliable during the pilot. Because of the parent-child domain relationship, MFA wasn’t consistently triggered. Users were only occasionally asked to verify their identity and, sometimes, MFA needed to be turned off so accounts could access information. When Nortec and MyEyeDr. reviewed the results, MyEyeDr. agreed it would be better to pause the MFA project to resolve the parent-child domain problem, which was causing other security and access issues for the company.
Nortec brought in Kevin Wills, VP of Professional Services, for an additional round of discovery. Working closely with MyEyeDr., Wills developed and tested a script to collapse the child domain into the parent, allowing all logins and identities to be synced in Active Directory. The script considerably sped up the process. Initially, Nortec projected to complete 3-6 offices per week but, following successful testing, was able to complete 40-60 per week as the project neared completion.
To further resolve the parent-child domain relationship and more effectively manage user access, Nortec recommended migrating Active Directory to Azure. Working closely with MyEyeDr., Nortec executed the migration simultaneously with the parent-child domain collapse, finishing the entire project in approximately 2 months.
Once the parent-child domain issue was resolved, Nortec was able to focus on implementing multifactor authentication throughout MyEyeDr.’s network. The MFA centralized access control and improved security for all 550 of MyEyeDr.’s locations. The MFA was enhanced with an identity management policy and a streamlined onboarding and offboarding process, managed remotely, to ensure incoming employees have appropriate access with MFA and outbound employees have their access terminated promptly, without disruption to other users at their location.
Resolving the parent-child domain created the structure to roll out the comprehensive identity management protection that MyEyeDr. needed to protect their information. The project is ongoing and initial tests have been positive, including an early, seamless rollout for a member of the C-suite. In Azure, MyEyeDr. can access a single portal to see reporting around all users and identities. Combined with MFA, Azure is creating a more transparent and simplified environment while maintaining a high level of security.
Perhaps the strongest benefit for MyEyeDr. is they’ve finally found a reliable, trustworthy IT partner. “I don’t know how to be more positive,” Shane Fisher, Senior Manager of IT Technical Services, said. “Initially we were timid, given our experiences with other IT providers. But Nortec has been there for us and I am confident they will grow with us.”