Accelerate employee access on paved roads
Enable employees to easily get access in a simple, fast, and secure manner.
Use Cases
Accelerate access requests
Challenge
Managing access requests can be time-consuming, manual, and confusing. Companies often rely on Jira, Slack, and spreadsheets to track and manage access.
Slack automation
Employees don’t have to learn new workflows. They can make requests and manage approvals through Slack.
Decentralized management
Instead of relying on bottlenecked teams, Opal delegates responsibilities to resource owners and managers with the most context.
Dynamic IAM role creation
Engineers can natively request and create new IAM roles. DevOps can approve via one click in Slack without needing to log into the AWS console.
Automated on-call access
Challenge
Managing engineering permissions for on-call rotations is hard. Companies need to make difficult trade-offs between security and agility. Indexing on agility leads to over-provisioned access and increases security risks. However, indexing on security increases operational burden.
Reduce over-provisioned engineering access
Instead of granting engineers with full admin access as a result of being part of multiple Okta groups, Opal grants bundles of permissions leveraging native integrations to cloud infrastructure.
Automate provisioning and deprovisioning
Rather than granting engineers access to production all of the time, Opal’s on-call integration will grant access when they are on-call and revoke it when they are off-call.
Faster Employee Onboarding
Challenge
Onboarding new employees is a difficult balance between unblocking new hires and creating security vulnerabilities through over-provisioned access.
Request access on behalf of new employees
Managers can submit access requests on behalf of their reports when they join the company. All access requests are tracked and audited!
Self-service automation
Managers and admins can curate collections of resources and groups that are useful for employees. New employees can browse collections of bundles when they onboard to the company.
FAQs
Opal accelerates access requests through delegation and automation.
- Delegation: Access requests are often bottlenecked by centralized teams such as IT or DevOps. Centralized teams often lack context on who the requester is and what they are requesting for. This often leads to long and tedious conversations. With Opal, access requests are routed directly to resource owners and managers. All resources can have pre-defined approvers who can easily take action in Slack.
- Automation: Most companies track, manage, and grant access manually. This often leads to long wait times, slowing down both managers and employees. With Opal, access can be discovered, notified, and granted all via Slack!
Yes! Admins can set up approval and access policies for all resources. For example, access requests can be configured to have multi-stage approvals, two-factor authentication, maximum durations, and more. Additionally, admins can also require requesters to answer specific questions before they make the access request
Opal enables employees to make access requests via Opal or Slack, and Opal tracks all access requests in the audit log – including threaded comments in Slack!
All access changes are tracked with Opal’s audit log. Additionally, slack alerts can be set up so that all on-call access grants and revocations can notify a Slack channel.