Tomorrow’s Guides is a UK-based company specializing in directory services for care homes and day nurseries. Their review websites help 22.5 million visitors each year to find a perfect spot for family members in need and assist over 15,000 organizations in finding professionals by posting job vacancies.
Owned by a parent company, A Place for Mom, a leading senior living service provider in the United States, Tomorrow’s Guides is a local representative that continues its good practices. Thus, high-quality standards make network security one of the primary objectives of the company’s work culture.
Adapting to a situation and security requirements, Tomorrow’s Guides is an outstanding example of how the organization achieved its goals using NordLayer. Leon Tanner, the TechOps Manager, shares the company's journey of protecting and optimizing team segmentation and access controls to internal resources.
The challenge
Adapting to a hybrid workforce
Tomorrow's Guides faced the challenge of securely managing network access for its dispersed team. This included a mix of web developers and other internal technical staff with varying levels of access needs to cloud resources and secure systems.
Click to tweet“We've transitioned to remote work during the pandemic. Most people were 100% remote, but as we came out of the pandemic, we moved to a hybrid model."
Transitioning to a hybrid work model after the pandemic, the company needed a robust solution to manage access permissions efficiently and securely, especially with their increased workload from the US-based parent company, A Place for Mom.
The solution
Implementing granular team segmentation
Tomorrow's Guides adopted NordLayer as its network security solution. The decisive criterion for the company was NordLayer's capability to provide a single IP in the cloud via a VPN gateway, allowing them to restrict access to specific resources efficiently.
Click to tweet"The major selling point for us was having a single IP represented in the cloud, so gateways allowed us to restrict access to specific resources."
NordLayer offered the flexibility and simplicity needed for their diverse and distributed team. The tool enabled the company's IT admins to create separate gateways for different user groups, like developers and standard users, and tailor access accordingly.
Click to tweet“We group users together by their function, and then these functions get attached to specific gateways that are relevant for their team.”
Tomorrow’s Guides approach is to manage user access by applying a more precise strategy. Instead of broadly categorizing users based on existing teams tied to organizational structure, the company provides access to groups organized by individual roles.
Why choose NordLayer
The client wanted a solution to clearly define and control access rights to internal resources and applications. The main objective was to separate developers and regular users from the rest of the organization who worked with less sensitive data.
In 2020, when Tomorrow’s Guides selected our solution, at that time NordLayer had the capability to create two separate organization accounts for a more granular segmentation within the organization. The two different accounts had a clear distinction between cloud-based resources and access rights.
Click to tweet"It was quick, it was flexible, and it was easy to implement. NordLayer was the solution that gave us the flexibility of cloud solutions."
As soon as the functionality of the segmenting network by teams was introduced to secure remote access solution, the publishing house initiated the migration to one NordLayer account.
Centralized organization network management by segmenting teams with NordLayer
Consolidation of NordLayer accounts also helps consolidate and optimize the team’s processes and IT managers’ workload. Segmenting the entire workforce into teams, assigning them to gateways, and adding allowlisted IP addresses to each unit gives better visibility and control over network access management.
Click to tweet“We're going to use the spare server for backup, so the other server with our service will still be up.”
The capability enabled organization administrators to add and create separate Virtual Private Gateways. By grouping employees based on their roles, the system ensures safer resource accessibility and more accurately minimizes the attack surface of their network.
The outcome
Enhanced security and flexibility
The implementation of NordLayer greatly benefitted Tomorrow's Guides, providing a streamlined and secure method of network management.
Click to tweet"One of the biggest use cases for us is the ability to offboard as well as onboard quickly and to remove access. It reduces the work noise."
Key benefits included the ability to onboard and offboard team members quickly, manage access permissions efficiently, and maintain high levels of security for remote work. The single IP feature made resource allowlisting straightforward.
Click to tweet"It's really easy to manage. Our ability to get someone on and working is really rapid. And NordLayer also gives us that single IP, which just makes allowlisting resources easy."
The flexibility of the solution was particularly valuable, accommodating the varying access needs of their team across the UK and potentially in the US in the future. Additionally, the solution's ease of management reduced overhead for the IT team, making it an effective tool for ensuring network security in the hybrid working environment.
Pro cybersecurity tips
Organizational cybersecurity starts before deploying a technological stack and solutions—small steps and actions can greatly impact network security. Leon Tanner from Tomorrow’s Guides has valuable tips on crucial areas to focus on when protecting a business.
If you are looking for a solution that adapts to your cybersecurity needs, helps find an easy and simple answer to network security challenges, and constantly evolves to offer a comprehensive service, contact us to help guide you in your business cybersecurity journey.
