DigiKey’s “MFA Everywhere and Passwordless” Strategy Saves Hundreds of Thousands, while Better Serving and Protecting its Global Team and Customers

DigiKey is one of the world’s leading electronic component distributors with a truly overwhelming operation. A multi-billion-dollar company, DigiKey sells more than 15 million components, works with 2,900 suppliers, and serves nearly one million customers in 180 different countries. Jeff Johnson, director, information technology security for DigiKey has been with the organization since 2015. Jeff offered a great visual of the products the company sells, “Imagine if you smash a smart phone–DigiKey sells most of the pieces.”

Within DigiKey’s organization, identity acts in a similar manner: Authenticating and authorizing employees and customers to access the right apps and data physically, digitally and remotely, all working together to create a positive, efficient, secure and successful enterprise. Recently, DigiKey’s "MFA Everywhere" project delivered substantial gains in user productivity and user experience, driven by reducing the need for daily MFA prompts by approximately 82%. This decrease equates to approximately $570,000 annually in recovered productivity time, as users are no longer interrupted by frequent authentication prompts. Here's how…

DigiKey delivers components to major manufacturers of items like satellites, prosthetics, universities with teams of students building projects, and even individuals innovating out of their garages. In the past ten years, DigiKey’s growth has boomed, going from <$1b per year in revenue to over $5B in 2022. “I have been here for eight years and it’s been fun watching the company grow. As a result, scale and performance have been top priorities, with security and excellent customer service always top of mind,” Jeff shared. “One of the things I love about DigiKey is that we have an SLA to answer the phone within five seconds by a person. We want to make sure we deliver that same level of service digitally.”

DigiKey began its identity journey in 2015 with PingFederate, deploying single sign-on (SSO) to improve the user experience for its workforce. It has since become the de facto architecture for new systems and provides a frictionless experience for every system that supports open-source standards for federation.

Jeff and his team quickly saw an opportunity to wield identity as a competitive advantage. Jeff said, “In 2017 we bought the whole Ping stack. We were able to secure their accounts, offer better capabilities long-term and higher performance than what we had before.”

Indeed, the platform performed as well if not better than expected. “Throughout the years, Ping has proven it can scale with us. Ping has bigger customers than us so it is really not a concern.”

Jeff also applauded Ping’s transparent capabilities to track and monitor performance for customers on https://status.pingidentity.com. “It makes it easy to know if there’s an issue and the status of it, but also provides a transparent way of demonstrating Ping’s track record”.

DigiKey’s team is constantly looking for new ways to provide secure and yet exceptional user experiences so they had their eyes on multi-factor authentication (MFA) and passwordless for many years. “We’ve been working on passwordless for years, getting the ingredients in place for a better customer experience and to protect against security attacks that focus on passwords,” Jeff said. “Once hackers are in, they move laterally and quickly. About an hour is the average breakout time, according to Crowdstrike’s Global Threat Report.”

The clincher was that DigiKey’s cyber insurance agency mandated an improved security posture. Just as hackers were getting smarter, so were cyber insurance agencies. Luckily, Jeff and his team were prepared.

In 2022, DigiKey deployed PingOne Protect (formerly PingOne Risk). Jeff explained, “Instead of taking a risk-based approach on where we enable MFA, we changed all our policies to include PingOne Risk and MFA as our standard practice. So even with our non-risky SaaS providers, we have MFA-enabled because it does not affect their experience or friction. So we thought, ‘Why not be safe? What if their site ends up being sensitive in some matter or becomes a jumping off point for testing credentials, etc.’ So we are putting MFA everywhere.”

One place that matters most is DigiKey’s workforce and its exceptional 2.2 million square foot Product Distribution Center expansion (PDCe). This state-of-the-art facility includes innovative technology, tons of automation and designed to scale and optimally serve customers throughout the years. Jeff said, “If you took the Empire State building and laid it corner to corner, it would fit inside the building.” The facility, in conjunction with DigiKey’s partnerships with companies like UPS, USPS, DHL and FedEx, help ship an average of 25,000 orders each day. Since adding PingOne Risk, DigiKey has experienced a significant reduction in MFA prompts.

DigiKey is deploying MFA for workers in this enormous facility and offices around the world as well as contractors and remote workers–about 5,000 total. “We had the technology turned on and up and running within weeks,” Jeff said.

DigiKey is also beginning to execute upon an ambitious passwordless strategy. “We have some authentication flows where we removed the password and the user experience is seamless,” Jeff said. “And we are looking for more saturation in the near future to continue our goal of passwordless for workforce.”

“We expect to see continued growth in our customer count,” Jeff said. “And we want to make sure they are served in the very best way we can.”

To meet those goals, DigiKey rolled out customer MFA. Jeff explained, “MFA is the necessary ingredient to offer future frictionless digital experiences we hope will delight customers.”

Stay tuned as Ping reports on DigiKey’s ongoing identity innovations, learning how identity provides a secure and frictionless experience, which helps fuel growth.