Video: Using Rippling IT to Simplify Your IT Stack for Long Term Growth | Duration: 3080s | Summary: Using Rippling IT to Simplify Your IT Stack for Long Term Growth | Chapters: Rippling IT Introduction (1.92s), Scalability Challenges in IT (104.935s), Rippling IT Overview (223.395s), Application Access Management (417.32s), Automated Offboarding Actions (734.805s), Device Management Overview (1159.775s), Software and Security Policies (1494.705s), Advanced Security Workflows (1877.21s), Rippling Benefits Recap (2562.94s), Customization and Scalability (2732.26s), Concluding Remarks and Giveaway (2959.03s), Rippling AI Announcement (3026.465s)

Transcript for "Using Rippling IT to Simplify Your IT Stack for Long Term Growth": Hello, everybody. Thank you for joining another very exciting Rippling webinar. We're gonna get started in just a couple of seconds here. Give everyone, like, another thirty seconds before we kick things off and start talking about how you can architect Rippling IT for long term scalability. What could be more fun? Give people a few more seconds to join up here, and then we will kick things off. Need to get all of my stuff organized. We got our botters, turned off all of our Slack notifications. Alright. Cool. Well, I hope everybody is having a wonderful day wherever you are joining from. Like I said, today, we're going to talk about architecting Rippling IT for scalability. But, some quick introductions. My name is Tyler Coltis. I'm a what's my title? A solution consultant manager for the IT team here at Rippling, but I have spent the last ten years in the IT industry, worked at companies like JumpCloud and Rippling across sales, sales engineering, and now management. I'm joined by the wonderful June Salgado, if you wanna say hello. Yeah. Yeah. I'm also a sales engineer. I'm a senior IT sales engineer here at Rippling. Been in this space for quite some time. Just, like, I think just different names to the game, but, yeah, excited to to jump in. Awesome. Well, we already set a little bit of the expectation with the title of this webinar. But when we talk about, like, architecting any sort of scalable solution in IT, maybe it's better to set the stage for, like, what problems exist so that we've got the right frame of reference, and then we're gonna jump into a little bit more of a demo. But when you're thinking about scalability in the context of IT, there's a lot of problems or things that break down when you are trying to build out your environment. So normally it's like manual policy enforcement is the first thing that comes up. People are just requesting access to Slack or Google or Salesforce, and how are you supposed to monitor all of these things? So then you want to actually like get some tools in place. And then you get more of this tool sprawl. You've got one thing for identity and access management, and one thing for MDM, and then security becomes more important. So you get a different EDR solution. So you just start building this hodgepodge of tools. You get operational overhead, making these things talk to each other and bad data. And then you go back to manual processes again, even though you're spending all of this money, on these different tools. And at the end of the day, you just have like multiple onboarding and offboarding processes or manual checks in between to like make a ticket, to send that Slack message, to have that dreaded Google Sheet or Excel sheet, depending on your tool set. So you introduce more people, you introduce more tools, but at the end of the day, you're just lacking that single source of truth. And as you can probably guess, what I'm going to say next is that Rippling can really help out with this because we are that single pane of glass, that single employee record that's going to give you one place to build a set of rules and automations that are going to manage really your whole user life cycle across a ton of different areas, HR, IT, finance. Today, we're going to spend the most of the time talking about IT. So again, showing how Rippling is architected to scale by design using this employee data. So June already brought up the screen share here. Do you want to give us a kind of the lay of the land of Rippling and the employee graph? Yeah. Yeah. And Tyler, you already said it's single pane of glass and how we do that revolves around that employee information that goes through thousands of different attributes that we can utilize, like department, work location, who's the manager involved. But more importantly, it's the automation engine that will determine what documents people sign, what apps and groups they can access, and device policies, etcetera. A lot of it all due to the information that's collected within Ripple. Yeah. 100%. Like when you have this really rich employee data at the center of your universe, like you will show you some of these rules, but makes it so easy to like give people access to everything that they need to do their job on day one. Yeah. Apologies. I didn't mean to skip ahead here. But, yeah, overall, offer Rippling offers HR, payroll, finance. Today, we're gonna be focusing on some of those IT core products, the three pillars of IT. Everything flowing from employee identity. So think like policies, workflows, and access are as as access are continually continually evaluated, and it's not just one time setups. 100%. So can you give us a little bit of, like, orientation, just what we're gonna see? Like, what is identity and access management? What is the MDM? What is this inventory management service that we offer here? Yeah. So when we're when we're talking identity and access management at Rippling, think automations for provisioning specific applications. It it deprovisioning when employees leave your company, single sign on, being an identity provider, you can utilize one set of credentials to log into various applications. We also offer a password manager, skim over a couple of different things here. And then we'll introduce our app shop, which has close to 700 integrations available, not not even including some of those custom offerings, utilizing SAML and SkinProvision. Device management, we are cross compatible today with macOS, Windows devices, iOS, and iPadOS, really streamlining all of those into one consolidated MDM. Endpoint protection, we do partner with SentinelOne. So we'll definitely be touching on that a bit here today and various other components around security. Maybe you have audits going on and really streamlining, making it very easy to do. A lot of easy buttons involved here at Ribbon. And last piece here is gonna be inventory management. With inventory management, think logistics and warehousing, we can do it all for you in regards to onboarding, offboarding, sending devices and equipment to your employees and vice versa. Employees leave, we'll send them a box automatically. They'll ship it back to Rippling. We'll wipe them, clean them up, have them stored securely. And of course also offer offering partnerships through our device store. So if you do wanna purchase devices directly from us, being able to purchase those and then send them directly to your employees or even stock up your inventory. Awesome. I we're gonna show you some of these things live. That's actually the the next thing we're gonna do here is jump into the platform, but just to prime you for what you're about to see, like building these different rules, and then really managing the whole user lifecycle in the context of IT based on these rules. When you hire somebody, we'll deliver them a Mac or a Windows computer. It'll already be enrolled in the MDM. And then on their start date, they get access to, you know, the ten, twenty, 30 applications that they need, but the right groups inside of those different applications. And when somebody leaves the organization, get that computer back from them, store it in our warehouse, turn off their access to applications. That's not even touching on all the different HR things. So be thinking like user life cycle management based on rules. So let's go into the platform. If you don't mind switching over to our demo account here. I think just for the continuity of story, let's start with like the identity side of things. Great. You already have the AppShop up here. Yeah. Tell us a bit about the AppShhop here, June. Yeah. So with the offerings that I had mentioned earlier in regards to the the close to 700 applications that you can integrate here, think think about different components like single sign on, creating accounts, suspending accounts. There are so many different integration offerings dependent on the applications. So we're gonna we're gonna jump into a couple of them here, making it a lot a lot easier for you to be able to manage in a single pane of glass, knowing who has access to what, and on top of that, automating access assignments, even third party group assignments, etcetera. Yeah. A 100%. So App Shop is where you're going to find all of these pre built integrations. Worth flagging that if something supports SAML, it supports SCIM, and it's not in our App Shop, you can still make those integrations. But, yeah, let's go and show people, like, how you start building some of these rules to grant access to some applications here. Yeah. Yeah. So first ones that I'm gonna jump into is gonna be Google Workspace. And just to give you an idea of how to kinda review some of these applications, as mentioned earlier, we have our integration quick look here on the left column. That's what's going to give you an idea of what you're gonna what you're gonna have offered to you once you actually run the integration. We're gonna jump into the app so you can see what it looks live in regards to it being integrated or fully integrated in your environment. First, you're gonna get that bird's eye view of all of your users and who has access, who doesn't, you can assign or revoke access, but really the magic's happening under access assignments here. And we're gonna go bounce between two different applications here, but just to start off Google Workspace, definitely an application that you're gonna be configuring or provisioning for all of your employees. So as you can see here, I've set up a group of users, excluding contractors to have an account created automatically. Yep. So an access assignment is just simple rule who gets an account created in that application and you're configuring different rules for these different apps. Right? Exactly. Exactly. So that kind of takes me into talking about Salesforce, for example, might not be an application you're going to provision for every single employee. So being able to automate that based on some rules that we've applied. So here, as you can see, I have any of my employees in my sales departments, sales managers, customer support implementation. So you can set those roles there. So as long as those employees meet those conditions, they'll have access to that specific app. And those groups that you're showing in these, these are saved super groups. Right? So it's already got like some of this conditional logic built in. Let's show people like how you can actually build some of these in the context of third party groups. Because we're not just making their account inside of these applications. We're also giving you, like, full visibility into the different group types that exist inside of Google. Not not to steal your thunder, but let let's show some building some groups here, June. Yeah. Yeah. No. You called it out. So being able to streamline a lot of that. And here I am in Google Workspace groups. And I guess, actually, I'm gonna back out of this quickly just so I can give you some context. But being able to integrate your third party groups, they do go to both ways, right? You can create groups within Google workspace. So you don't have to recreate them here in rippling, you can integrate those or sync those over and then vice versa. So if you wanna start streamlining within Rippling, have those created here, that would then funnel into your Google environment. So I'll jump in and we'll touch on how you can actually make these more dynamic. And Tyler also called out that piece of utilizing or reusing super groups as we go through this. But here's the super group box. This box here, you're gonna see it across our entire system, not just IT. So just being able to utilize those same, you know, super groups to then tie into different parts of the system. So as you can see here, anybody in my back end department that has been here for longer than two months and has completed a cybersecurity training. So we do also offer learning management, That's also kind of tied into this grouping to my back end group. And I'm excluding ten nine ten nine nine contractors. But as you can see here, and Tyler, I don't know if you want to jump in and kind of talk about some of these attributes. Yeah. It's every attribute. It could be a custom attribute. It could be things that are tangentially related to the employee. It could be course certifications. But if you click on view all attributes, or even the relative relationship between employees, really everything is at your fingertips. I want to make a group for people who work in the same location as this person, or they're in the same department as this person. Or maybe I wanna go crazy and say, like, if you make a $100,000 a year, then you're in the Slack channel for, you know, high earners. You know, something silly like that. But the point is that all of these attributes are at your fingertips. And when you meet that criteria, your access is going to change. Right? So like right on that two month anniversary, and the example that June has given for this backend department, as long as you've also done your security training, you're gonna get access into this particular group. And, June, if you wanna tell them all about our crazy Slack channels and, like, the the Slack channels of shame when we miss our our course completions, that's always a good one. Yeah. Yeah. Yeah. And that comes down to, like, access access assignments to specific applications. And cybersecurity training is also something that can be tough to gain engagement, have all your employees completed at a, you know, at at that day that those are due. So something that we do here at Rippling is in the event that you don't complete it after a certain amount of time after you don't or after the certain amount of time after it's due, you first, you get added to a Slack channel, which as Tyler had mentioned, is a Slack channel of shame. And then you start getting revoked access to different applications. So for example, Salesforce might be something that you need to utilize every day, cutting access from that. Then, of course, we start seeing people going, hey, I don't have access to Salesforce anymore. What's going on? And a lot of the times the answer is, have you completed your cybersecurity training? Goes quiet, they complete it, they all of a sudden have access again. So just a couple different things that we can play around with. Yeah. So using this like one thing, the cybersecurity training, we add and remove you from Slack channels, gain or lose access to applications. It's always fun when when due dates come up and then people start losing access to things over here at Ripley. But it does really drive enforcement. Yeah. Forgot to mention the c our CEO is actually part of that Slack channel, so it makes it a big deal. Yeah. He makes the rules, and he's the one that invites you in. That's always a fun one. Cool. So, just quick recap. This group management is gonna apply across the board. Right? So, there's Google Groups in the context of Google. There's Salesforce roles or profiles or permissions. There's public or private Slack channels. Like, what a group is, is going to vary depending on the application, but the way that we are interacting with these groups and driving the membership, that's what we're talking about with this this rules based assignment model inside of Rippling and how we're gonna help you ultimately scale. So, yeah, let's do some lip service to attribute mapping and then hit on offboarding actions here, June. Yeah. Of course. So just getting that bird's eye view of all of the different attributes that can be fed into the system. You can specify the cadence. You can disable any enable any of these. Being a source of truth for HR data, having that be consistent across your apps, and then also just leveraging that automation to then save you an admin time or even your employees not having to do any of that redundant work. Yep. And it does support custom attributes as well. Like, if you've got unique fields that you wanna pass over into Google, we've got an extensible schema. So your favorite ice cream flavor, which is super important, obviously, that can be passed over into Google and in your signatures wherever else you need to use them. Great call out. Which leads us and leading us into offboarding. Right? A lot of it a lot of the times, the customers that I'm engaging with are running on checklists. Right? Being able having to track everything of who has access, did we revoke access, all on one spreadsheet managed by several people. Being able to streamline that, not just for onboarding, but also offboarding is gonna save you so much more time. The reporting capabilities, of course, are gonna be there as well. So a lot of the things that you're seeing throughout this demo, you're gonna be able to report on. You're gonna be able to go and look at some of this data and then ensure that maybe you are meeting some of those audit or those audit requirements. Uh-huh. So here, by default, we're gonna be suspending an account at termination. But something that we can actually do on top of that, more specifically around Google environments is off boarding action policies. As you see, I've created three different ones. We have one configured specifically for individual contributors, managers, and then one for exact level employees. I'm gonna jump into one of these to give you an example of what it looks like. But essentially what I'm tying in here is on my first group is all of my employees that have been here for at least four months. Anything before that, not necessarily something that I wanna be able to pull or want to pull. But what's gonna happen is when that termination goes into effect, we're gonna specify a recipient of who to transfer data to. Then from here, we'll remove recovery info, app specific passwords. We'll also revoke access given to those third party apps connected to Google. We can also provision temporary action access to this recipient. So here I've specified the number of days to seven. We can transfer any unshared files and, Google Calendar events. A lot of the clients or prospects that I have conversations with, a lot of this is already, being being done manual, or it's an afterthought. Employee leaves, manager reaches out two weeks later, they can't access a doc because it belonged to a a different employee. Yep. Yeah. And worth calling out here, like, multiple different policies applied to different people. These off boarding actions exist for Google, and we just recently launched Microsoft off boarding actions as well with a very similar set of actions here. But it's just automating that busy work. Like, you know that there's a laundry list of things that need to happen as a part of this termination. Rippling is just built on stuff that happens to you as an employee, ultimately. So major quality of life improvements here. Set as many policies as you want. We're going to onboard your employees at the right time. We're going to give them access to the appropriate groups. We're going to send over the right attributes. And then we know what to do when it comes time to terminate somebody as well. Exactly. Cool. So we need to move things along. Like there's so much to show inside of rippling. I know we're just kind of paying lip service to some of these things, but hopefully you can see, like, we're building persistent, consistent rules. You hire like a 100 people. It's all gonna function the same way. But, yeah, perfect. Let's switch over to devices and talk a little bit about the user life cycle here. You know, getting people their computers, getting that asset list. I'm jumping the gun again. You can take over here, June. No. No. That's it's it's helpful. It it then also helps me stay stay in line with the the main topics, because you're right. We are limited on time, and we can talk all day. So starting here with the overview, getting again, that bird's eye view of everything that's going on in your environment. I know I had mentioned reports earlier. You can gain some ad hoc reporting here as well. So maybe you can look at some of these installation errors, being able to review that quickly, download that, you'll have the ability to view any of the employee and the device serial number, etcetera. Jumping in, and I believe we wanted to talk device store. So before we actually start jumping into some of the configuration components, but do want to touch on how you can procure devices, you know, today, you might have different vendors, or maybe you're going directly to the Apple Store, we do have a device store available where we do have a partnership. Keep in mind, it's more of us. The biggest value here is really having that single pane of glass, not having to go to different distributors to have those purchase and have it be more streamlined during your onboarding. You can configure approved devices, but it's not just computers. What's really awesome here is the various computer peripherals that you can also tie into some of these approved items. So think displays, headphones, headsets, you name it, you're probably gonna be able to find it here. Yeah. So like pure convenience thing here. Right? We're selling stuff for just like MSRP, but we already know where your employees live, whether we're the native HRIS or we're integrated with your HRIS. You just say, my marketing team, they get like a MacBook Air, and my engineers get a MacBook Pro, and my finance people get whatever flavor of Dell that they want, and everyone gets a, you know, a monitor or keyboard or a mouse. You'd never need to buy stuff through Rippling if you don't want to. But if you do, it shows up at their door. It's configured and enrolled inside of Rippling MDM. You basically have everything you need to do your job on day one. So just another process. When we talk about scale, It's really annoying to like leave for FedEx to go and ship something out. So just one other thing we're crossing off your list. No, definitely. Yeah. Let's go ahead and jump into people, the people tab here. So you can get an idea. IT, HR, all in one place. I can see all my employees, but then I can also see the devices that are assigned to those specific employees. So here I have Abigail Price, four devices that are assigned to Abigail. Let's go ahead jump into that MacBook Pro to gain visibility on what we can do. Essentially being able to lock the device, assign it, maybe it needs to be assigned to a different employee with other action items here, such as wipe wiping the data, resetting password, restarting shutdown. Again, a lot of this information able to be reported on. Piece here that I'll I'll look at here, it's gonna be software. You can see the software that's installed on the device, what version, was it managed by Rippling or the individual, policies applied or installed to the specific device? So having a perspective of everything that's going on as far as even looking at specs for the device, maybe you wanna be notified or pull reports on devices that are older than four years. So having all that information at your fingertips. Yeah. So we're just linking that employee record and the device record. We'll show you not only like the software policies, but also things like the security on this device. You know, what's the recovery key on this particular computer? What are all the user accounts that are on this device? Maybe you need to reset a password. Right? You can do that right from the Rippling portal as well, or promote somebody to an administrator. So we're giving you this list of the people, the things that are assigned to them, the devices in this case, and then a really easy single pane of glass to do those common operations, to handle a wipe, you know, in the worst case scenario, to handle a password reset, which is always inevitable here. But we don't just do assigned devices. Right? Like, with inventory management, if you wanna go over to that unassigned tab. Not a whole lot to demo because it's a logistics service, but want to talk a little bit about the inventory warehouse service here. Yeah, of course. Yeah. So you can so any of the devices are sent to the warehouse, you'll be able to see the condition that those devices are in. So maybe they're recycled devices from ex employees, seeing if they're suitable, maybe they're good. But then also having the option to buy back or having Rippling buy back some of these devices and utilize it utilize that towards towards rippling bill itself. Right? Yeah. So we're gonna issue you credits. We can buy back these computers from you, and then you're just like basically, it pays for itself at the end of the day. If you've got a bunch of computers end of life, we'll buy them back from you. We can destroy them for you for no extra charge as well, and give you that data destruction certificate. And the only other thing I'd throw out here for inventory management is it's not just a US service. We are global with this, like EU, Australia, and more coming soon. I won't prime you too much on that. But, lots lots of exciting stuff happening in inventory management. Yeah. Yeah. So let's get over to more of like the functional elements. Right? So we're gonna give you this asset list. We know what's assigned or unassigned, can buy from us. But let's talk more about like, the stuff that needs to go onto these devices. Yeah. Yeah. Yeah. So I'm gonna jump into software just to give you an idea of how we can actually mainstream or streamline I don't know. I said mainstream. Streamline the streamline and automate kind of like who gets what software installed. Right? That way on day one, that all gets done or maybe even some forward movements. Someone moves from one department to another, and they have that software installed so they don't have to go and request anything to be accessed. I'm gonna use some examples here. The first one I'm gonna utilize is Chrome. In most environments, you're probably gonna see that tied to everyone needing to have that specific browser installed on their devices. I'm actually sending it to specific people, but I'm gonna show you a couple other examples, maybe specifically for Excel, right? This one's more for my finance department salary full time, but I'm excluding contractors. Last one that I'm gonna showcase is gonna be GitHub. This is gonna be a bit different. So instead of users or people, I'm actually gonna be tying in some specific device data. But I'm kind of I'm I'm doing two and two here. One, it's all devices, but as long as you're part of the engineering department and you have SentinelOne installed. I'm also powerful group. Yeah. Like, if on this thing in particular, you can have conditional dependencies. Like, we can look at employee data, or we can look at device data here. If you don't meet this criteria, then you're just not going to be able to use GitHub from your device. And we'll show you some tie ins later on in this demo with the security elements here, and how you can build conditional access policies as well. But this ability to reference either employee data or device data for really everything in the context of MDM gives you so much control over how these things are deployed. I have one other question. So we've got this catalog of software that you were showing here. And I think what, there's like 200 applications or something like that that we support out of the box. What's our count now? Yeah. I believe yeah. 203 now. What happens if somebody's got some software that is not in our list? Yeah. That is a great question. So you have a couple different options. First option's gonna be maybe it's Apple Business Manager, tying that in to have all your applications synced over, or custom software. So maybe you don't find it in catalog. Maybe it is a custom piece of software that requires pre and post install scripts. Having the ability of doing that based on the operating system. So for Mac OS, it might be PKG, DMG for for Windows. Might be more on the MSI, EXE front. But as you can see, as I go and specify the operating system, or you can add a add a category, you'll have the options for silent arguments and pre and post install scripts. Yep. So we're gonna make sure that you have the ability to deploy anything that you want. We're gonna make sure the right permissions are applied to this, either with some of these scripts, or we could talk about policies as well. But ultimately you've got all this stuff on your computer. All those desktop applications, you need to do your job as well. And I think I cut you off when you were about to show some cool SentinelOne stuff. You were showing that dependency on SentinelOne, right? Yeah. Yeah. Yeah. Just a quick yeah. Just wanted to quickly touch on the partnership that we do have with SentinelOne. That integration's gonna then give you the ability of viewing active threats, seeing what the statuses are, what the last mitigation action was, and also, of course, having the ability of marking any of them as benign, killing quarantines, or quarantine, those environments. Yeah. So we are a SentinelOne reseller. Lots of different SKUs we can talk about in a follow-up call for all the interested people coming out of this webinar. But one of the really nice things is that we give you this integrated threats dashboard when you purchase SentinelOne through Riplane. And while we're talking about security, let's bounce over to policies. Right? So giving people their computer, tracking it, installing the software, and now we get more to that policy layer of making sure that the right things are enforced here. Yeah. And I mentioned this earlier, but then in regards to the easy button. Right? Especially as you're trying to streamline or maybe get to like a SOC two, for example. I'm gonna jump in and create a new operating system update policy. Going to preview the SOC two in this recommended option. And as you can see, it's already built everything out for me across the different operating systems from Apple devices to Windows devices. You can see or even configure the enforcement timing. You can edit these and reconfigure them making more making them either more restrictive or more lenient. But yeah. So just being able to have that at your fingertips, no no longer having to go and find or pick and choose those different configurations and then applying them and hoping that they make it to the machine, but instead having that single pane. Yeah. So we're building, like, a compliant framework for you already. And you can customize these policies if you want. But we say, these are the SOC standards. You know, these are the NIST standards that you might need to adhere to, or go crazy. Have a different policy for engineers than you do for salespeople on your devices. Right? So there's the easy side of things, like June said, but we're not going to prevent you from making these custom policies either. So what are some other examples here? Right? There's OS updates, password policies, like, and then a whole a whole series of other things. Right. Yep. Yeah, so I wasn't getting when I said easy button. I and I've lived in pretty much every MDM that you can call out there. And I think when I first joined rippling, that was one of the things that I had to really kind of work around understanding why was why everything was such an easy button or like a template. But that goes far as that does go as far as even macOS or Windows policies, you can apply to those devices. Provide you with templates, of course. Yeah. Yep. Big library of the most common things like you want to share the Wi Fi password. You want to set up a wallpaper on the device. Or if you're coming from another MDM and you love your existing policies, that upload button over there lets you deploy some of these custom policies as well. So we've got the easy button. You can customize this stuff, or you can build entirely custom policies and deploy them via Rippling as well. Okay. I have to time check myself, because we love going deep into these things. But let's pivot over to some of like the employee life cycle itself. We built these rules. Right? Who gets which applications? What policies are delivered to a device? Let's just show an onboarding flow in action here. Yeah. So here I'm hiring an employee. I've already added all the information as far as offer details, agreements, and documents. And as soon as I start adding information here, everything else is gonna then ripple down. Right? So for example, maybe device configurations, types of devices to purchase for this individual, having that device be assigned to that employee automatically, then shipped out to that specific employee. Integration. So I'll go ahead and jump in here so you can view at a high level of all the different integrations that will be created or provision for this input for this employee all based on those specific groups. Yeah, the device, the device itself, all the policies on the device, all the applications, like, this is just the fruits of your labor in action here. And what's normally, like, multiple people and multiple departments is all just consolidated into one flow. We can even like create different templates for your work email. Right? So like first name dot last name is already enforced in these. Or down at the bottom, can see approvals. Right? So maybe somebody else needs to sign off before you give them that sweet $2,000 MacBook. So it's really just making your life easier. Build the rules once inside of Rippling, and then onboarding just becomes a breeze for all the other people that, that you're going to bring on in the future. And offboarding here, I think I see that tab floating around up there, kinda like what we just showed, but in reverse. Right? Exactly. Exactly. So here as and then same, you know, same run of show in regards to that being that one point of contact, doing all of this and not having you go and either work off of a spreadsheet, right, create Jira tickets, contact employees via Slack and ensure everything, you know, that specific person has all their ducks in a row. I'm going through and offboarding an employee can be as easy as scheduling it or even doing it ad hoc, you'll get a bird's eye view of all the third party app access, deep provisioned, or access or applications that will be deep provisioned. Here, I'm timing it for the April 30 at 5PM. So that 05:00 hour, everything will then be suspended. And not just for the application, but also deciding on what to do with your devices. So as we mentioned earlier, in regards to the inventory management, automating, sending out boxes to those employees. So here I I'm I'm selecting that option to be done, but then you can also decide on what to do to that device at that 05:00 hour. So in this case, I can just lock the user accounts, but you'll be rest assured that when it gets to that warehouse, we'll wipe it, clean it up, and have it ready to go for the next employee. You can, of course, still decide to do a soft wipe. It's completely up to you. Yep. And anything we receive at the warehouse, we don't want your data in our warehouse. So this is like before it goes in the mail, you know, let's make sure that this thing is wiped. When we get it at the warehouse, we're going to make sure that your data is removed anyway before we go and put it on the shelf for you and you can redeploy this to other folks. Yeah. So and yeah. Now that we've seen, you know, how to grant access to resources and secure devices, Let's get a bit deeper with security and policies and operations. Yeah, love to see it. So I'm gonna start off here with behavioral detection rules. And a couple of things that I wanna call out here in regards to how you can get granular. I'm gonna utilize one one example here of long term lead access. So because we're because we're storing a lot of that employee data along with maybe employees are out of office or in this case on long term leave, preventing them from having access, I believe there are policies out there depending on their location where that is a requirement. So as you can see here, that being the conditional rule for all applications at every sign in, blocking access, and, of course, providing them with the message on the reason why that is actually happening. Everything customized by the admin, of course. Yeah. Especially if you're like an international company where maybe you literally can't work. Right? If you're on some sort of leave, we're just going to block this by default. And it's not a manual check that you need to do as an administrator, you've just built these rules. Like when you meet this criteria, go and do this thing. I know I sound like a broken record, because it's like the same idea that's powering everything, but ultimately, that's what's giving you all of this power. When we talk about scalable IT, it's this, like, set it and forget it model. When this happens, take this action. Yeah. And yet, it it it almost does feel like that. Like, we're broken records talking about the same thing. But, really, that's like the again, going back to the fundamental of for them, the foundation of what Rippling is is utilizing that employee data across our entire system to just be able to power everything across automation, reporting, etcetera. Here, I have another detection rule for AWS threat detected if a threat is detected to block. So again, utilizing device information in regards to that antivirus detecting anything equals true, we're going to immediately block access for any applications that we designate. So in this case, anything in regards to AWS, but you can go and fine tune that as you as you will. And, of course, then configuring it to why there were blocks. As you can see here, threat detected, and, of course, sending him a link to how to not click email attachments. Yeah. You got that, like, training enforcement built in, which is another rippling product that you guys should consider here. What else? I'm just doing a time check on this. Did we I think we have one other example of device trust. Right? Yeah. Yeah. And then one other piece here in regards to device, yeah, device trust. And a lot of a lot of times when you're looking at other identity providers, you have to utilize a STEP policy, have that tied into a third party MDM and hope that they, you know, that they communicate effectively together or more consistently than anything else. With rippling, it's really again, going back to that easy button is having everything housed within that single environment. Having a security certificate configured, pushed out to all of your devices, and then utilizing that because we're also the identity provider to ensure that employees can only access specific apps on a managed device. So in this case, the way I built it out, being configured for everyone, of course, for specific applications like GitHub, Jira, and AWS IAM. At every sign in, they are required to log in on a managed device. So a lot of that's already kind of streamlined or effective effective here at Rippling. I think the only things I can really access on my phone is my email and and my Slack account. Right. So if we zoom out, you get to build whatever policies make sense for your business, contextual to all of your employee or device information, but it's all operating on this principle of least privilege. You know, you're only giving people access to the specific things that they ought to have based on their role, or the specific standards that are occurring on their device. But we know that not everything is going to exist in Riplane. Like we can eliminate a lot of these other vendors, but we do also have the ability to like interact with some other tools. So let's do one quick workflow if you've got that pulled up and just like show people some of the neat stuff we can do here. And then let's go and talk a bit more about like, you know, the recap and and some next steps. Yeah. Yeah. Let's do it. Yeah. I have a I have a neat one that I created here, And I'll just hover over this so you could take a look. But as we can see that if a threat is detected on the device, and and there are so many different components that could be tied into this environment, utilizing workflows or even advanced workflows. Some of the options that I have configured here is space more specific to Sentinel one detecting a threat. And if it does equal true, we're gonna jump into a conditional branch. Right? Is this an engineer? Is it not? If it is, we're gonna send a Slack message to the respective team member's manager. Then from here, tying in a call to a public API for Freshdesk ticket. I'll actually jump into that so you could take a look, but along with various other options, being able to tie in a call for a public API. Yep. So like, for whatever reason, compliance, just your own record keeping, you might just need tickets. So Rippling is taking these actions like you can remediate these threats directly with our SentinelOne integration, but you still want to know that something happened. So a workflow is just an if then statement on steroids. In this case, when a threat is detected, we're taking all these different actions. But if you scroll down through this list of different things, we can send a Slack message, Teams message. We could send a report to an auditor for, you know, how many threats have been detected in the last year or for your different devices. So lots of different things that you can do. Think of this like a Zapier or Workato, but like built in the context of rippling, and pretty much anything can be a trigger. Right? It could be a threat is detected. It could be an onboarding or an off boarding action, or just something that happens to you throughout your user employee journey in your business. That's great. Cool. Let's go yes. Perfect. So I know that we've spent a lot of time hammering home these same points, like reuse all of your user data to build these really smart rules inside of Rippling that are going to give you the scalability. That's the whole reason why we're having this webinar today, to narrow in on what you can do with a system like Rippling. We're going to reference that employee data. You're going to build those policies. You can augment it with workflows to ultimately govern access to not just IT resources, but kind of everything else that you see on the screen here. And what it enables is faster scaling, stronger security, and way lower operational overhead. You don't need as many people that are like holding all of these different tools together when it's all consolidated into Riplan. Really, is what IT looks like when it's architected for scale, and not managed reactively. It's just set it and forget it. Build some rules and then watch them work over time for you. So, let's wrap up with a couple of talking points here. Just want to make sure that you guys want to know where you can go from here. Like, are you the right fit for rippling? And then we can do like a couple of, FAQs here before we wrap up. So when we think about, like, who Rippling is ideal for in the context of IT, it's really best for companies that are scaling quickly, companies that have diverse users, like across The US or even globally. We do operate very well in this global infrastructure. And just people that are looking to level up their security posture. Like you're spending too much time in all of these manual processes, and you want to zoom out and focus on the more important things. The rippling motto is free smart people to work on hard problems, which I almost messed up there, even though I've been here for four years. I hope that was helpful for everybody. I hope you've kinda seen the light for how Rippling can can make your life a bit easier. If you wanna take some next steps, you can sign up for a demo. Hopefully, you get June in those demos, but we've got a wonderful team of other IT AEs and solution consultants that can give you that, like, deeper architecture overview, or give you, like, an environment specific demo as needed. And we do also have like a great pre post sales team. So migration planning, just understanding what's next for your business is all part of the process in working with the folks over here at Rippling. So let's go let's hit like maybe two or three questions, and then I think we can wrap up for everybody. I had a couple of things that generally come up in our audiences. So, Jin, I'm gonna put you on the spot just a little bit here. I didn't I know that we didn't get time to talk about, like, organizational changes. Like, what happens when you change the name of a department, or what happens when somebody moves between departments inside of Rippling? Yeah. A few different things. One, it's, you know, any anytime that you're changing anything about the employee or what the what the employee's doing, you're gonna get a change management page where you're gonna be able to see maybe they're getting access to a different applications because they because they've changed department or maybe they just got promoted to being a manager. So now they have different visibility to, you know, to Slack channels, etcetera. So a lot of those things effectively are viewable or as as that changes to those being made. Yeah. So you get to see, like, they're gonna sign these 10 documents, You're gonna gain or lose access to these applications. You're gonna get these security policies. But my favorite thing is effective date too. You can actually say, two weeks from now, that's when I want all of these different changes to go into effect. So what happens when something changes? Well, kind of whatever you want it to have happen. It's that same rules engine. Right? And then this is probably a layup, but why not to end things off? Like, how customizable are these policies? Like, can anything be a part of this employee graph, June? I mean, yeah, of course. I mean, anything that we've, you know, provided at your fingertips, but also custom fields are always gonna be part of the mix. You can create different objects and then fields within those objects, and then utilize that information across all the different super groupings or super grouping abilities in the system. Yeah. One really cool example is like just integrating Salesforce data. Right? So when you've got like Rippling, we have a lot of Salesforce things, opportunities, you know, who closed X, Y, Z deal. We can bring all of this stuff into Rippling, and now you can start building these reports based on like, who is going to Presence Club this year. Right? Or it can be much more advanced than that. Like, who has closed 10 deals? And now let's give them a spiff because they closed the right number of deals in this month. So exactly right. Like, anything can be a part of the employee graph, custom fields, importing things from other systems. So we can get really creative at the end of the day. Whatever data point you want in Rippling, you can use it in this rules engine that we keep showing off. Yeah. And for more advanced environments, like you like you mentioned, just just pieces of the APIs that are available to then implement a lot of those more complex environments or situations. Yeah. Yeah. We're just scratching the surface. Like, we try and cram as much information as we can into one of these presentations, but there's way more cool stuff to show. So please do sign up for a demo. Give us a shout if you have any other questions. We can always follow-up over email if there's anything specific that we didn't cover in this call. But again, I hope this was helpful. I hope you all have a better understanding of like what scalability looks like in the context of rippling IT, and we hope to see you soon in a demo or otherwise. But thanks, everybody. Have a great rest of your day. Good afternoon, everyone. Thank you so much for joining today's session. We are really grateful for you to join us. We hope that you found the session helpful and informative. We responded to most of the questions that we got during our q and a. If there are any outstanding questions, we will definitely follow-up with you via email. And I know the moment everybody has been waiting for, the winners of today's giveaway, which is a twenty fifth anniversary LEGO Millennium Falcon. We are giving away two today to two very lucky people. Drum roll, please. The first winner is Steve Hyde, who's the VP of IT at Great Northern. Our second winner is Danny Law, the IT director at FCL Dental. Congratulations to both of you. Thank you so much for joining today's session, and we hope to see you at any future sessions. Just one last thing while I have you all here. We have announced today Rippling AI. I'm not sure if you guys have seen the announcement out there on social channels and other avenues. We do have an AI focused webinar next Wednesday. If you are curious in seeing what Rippling AI can do for all of you IT folks, definitely sign up for that session. You can find it in the docs section of the apps, and I will quickly just drop a registration link into the chat for you all. If you're not interested, once again, thank you so much for joining today, and we hope to see you all soon, specifically next week. Have a lovely Wednesday, everyone. Bye.