Gavi’s mission with Okta to share valuable immunization knowledge

Jessica Twentyman Profile picture for user jtwentyman May 18, 2017
The vaccine alliance has implemented the cloud-based identity management service to give stakeholders working on vaccination programmes across 73 countries access to data, information and knowledge.

Late last week, an Ebola outbreak was confirmed by the Ministry of Public Health in the Democratic Republic of Congo (DRC). Gavi, the vaccine alliance, has already stepped forward with the offer of help and, more specifically, 300,000 doses of an experimental Ebola vaccine, to be made available through its agreement with pharmaceutical giant Merck. As Dr Seth Berkley, CEO of Gavi, announced:

It is a sad fact that the people of the DRC are all too familiar with this horrific disease. The fact that this is a country that has experience dealing with Ebola should give us hope that we won’t see a pandemic on the scale of the 2014 outbreak that hit West Africa. We stand ready to support the DRC Government in its fight against Ebola.

At the time of writing, it remains to be seen whether that help will be requested by the DRC government. Even if it is, there will be regulatory hurdles to cross, as the Merck drug has not yet been authorized in that country, even for emergency use, according to press reports. And the location of the outbreak, in the hard-to-reach, northern Bas-Uele province, some two to three days’ travel from the DRC capital of Kinshasa, will make transportation of vaccines tricky in any case.

A complex community

On the positive side, these are exactly the kind of complex issues with that Gavi, a public-private partnership created in 2000 and involving the Bill & Melinda Gates Foundation, the World Health Organisation (WHO), UNICEF and The World Bank, is more than accustomed to navigating. Since its inception, the organization claims to have vaccinated some 580 million children and helped developing countries to prevent more than 8 million deaths from diseases including yellow fever and measles-rubella.

Between 2016 and 2020, it’s Gavi’s goal to protect the next 300 million children - work that will continue to require close collaboration between alliance members, health ministries in supported countries, government workers, donors and vaccine manufacturers, a community that spans some 73 countries worldwide, explains David Nix, Gavi’s chief knowledge officer. Along with the 300 employees who work as part of Gavi’s internal secretariat, they all need to be given access to a wide range of data, information and knowledge held on Gavi systems, he says.

Vaccine manufacturers want to understand likely demand levels for their products, for example. Government workers need to apply for grants. Local health programmes must report on how they’re doing against the immunization targets set for them. Gavi needs to be able to share much of this data with its alliance partners.

With that in mind, it has implemented the cloud-based identity management system Okta, to give all these various stakeholders access to the information they need. Says Nix:

I see my own mission within Gavi as enabling the alliance, and all the stakeholders within the alliance, to have digital access to the data, information and knowledge that improves immunization practices – but we need to make sure we know who they are, and that they’re authenticated and that, through authentication, they have appropriate access to the right data, at the level they need based on their specific role.

Okta plays a huge part in the security aspect of this, because it helps us to know who’s on the other end of the digital line and understand the context within which they’re coming to us for information.

Welcome on board

In a more traditional organization, employees are typically handed user IDs and passwords as part of an HR-led, face-to-face process - but that wouldn’t work for Gavi, Nix says:

We work in far too decentralized an environment. So Okta provides digital onboarding where stakeholders can come in, request access and their request is validated via a third-party mechanism - that is to say, another authorized stakeholder can validate them or we can search through our CRM for them and validate them ourselves based on what we already know about them and their role. That gives us good confidence that a person is who they say they are.

Once validated, they can then access information held in a variety of different cloud-based systems. Gavi uses Salesforce, for example, to manage stakeholder interactions. It uses Microsoft Office 365 for productivity and content management. Its operations are managed using ServiceNow, and it’s in the process of putting in place a cloud-based financial system for managing grants alongside general ledger and other finance functions.

A government worker from an implementing country, for example, would need to authenticate via Okta in order to access to Gavi’s Country Portal, built using to provide them with real-time access to their grant status, the ability to apply for new grants or update the status of their programmes. They can connect to the Gavi network of immunization experts for help and advice through that online portal, too.

Looking ahead

The integration with Okta of new cloud services as they come online is a pretty simple process, says Nix. It takes a security manager around three or four days to get everything configured and, these days, it’s pretty much just a standard service desk request. The bigger challenge, he say, is the synchronization of identity data across all of the solutions:

So what we’re in the middle of implementing right now is using Okta to master identify data and synchronize that across all the cloud-based solutions, so that whenever a user logs in, the right information about that person is available in all the applications to which they have access. That has the biggest potential to really improve the user experience as they navigate this heterogeneous cloud environment.

After that, the piece we’re really focused on is the capability Okta provides for mobility management, so not only are we managing the identity of a person, but we can also start to integrate security into the mobile devices that are connecting to our data.

A grey colored placeholder image