How Penta unified identity and access to strengthen cyber security after global acquisitions

Penta operates at the intersection of analytics, research and advisory strategy, helping organisations understand how they are perceived and how influence moves across complex stakeholder ecosystems.

As the business expanded globally through acquisition, its internal technology environment had grown increasingly complex. Identity systems had evolved separately across different entities, creating fragmented access environments and inconsistent policies across the organisation.

Leadership recognised that a more unified approach to identity and access management would be essential to support the company’s long-term growth.

The challenge: identity fragmentation after rapid growth

Penta had grown quickly through acquisition. While the business had integrated strategically, the identity infrastructure supporting it had not yet caught up.

“We were managing multiple tenants with inconsistent access policies and legacy configurations across entities. It was preventing a smooth user-friendly workflow.”

Multiple tenants existed across the organisation, each with their own access structures, configurations and security policies.

Employees were required to manage separate identities and accounts across different systems, creating friction in everyday workflows and making it difficult to maintain consistent access governance.

“We had separate passwords, separate identities and separate accounts across multiple tenants. Infrastructure is often the hardest part of integration.”

Without a unified identity framework, leadership lacked a centralised view of access permissions across the organisation.

This made it harder to enforce consistent policies, manage risk effectively and support future acquisitions.

Penta needed a solution that would not only unify existing environments but also create a durable identity foundation capable of supporting future growth.

The solution: scalable identity and access management architecture

Strategic: designing a long-term identity governance framework

Rather than simply introducing new tools, the focus of the engagement was to design a scalable identity architecture aligned with Penta’s long-term strategy.

During the discovery phase, the teams worked closely together to understand how the organisation’s existing identity environments operated and where consolidation would create the most impact.

This involved open discussions about current limitations, future growth plans and the trade-offs involved in different architectural approaches.

In Frank’s words: “there were a lot of architectural questions. What do we currently have in place that’s working? What’s not working? Where do we want to be in the next few years?”

LeftBrain helped Penta evaluate different identity models and define an approach that would consolidate legacy environments while supporting future acquisitions.

“LeftBrain helped us think holistically. Not just installing a tool, but architecting a scalable identity strategy aligned with our long-term growth.”

This strategic foundation ensured identity management would become an enabler of the business rather than simply an operational control.

Tactical: consolidating identity systems and implementing zero trust access

Once the strategy had been defined, the focus shifted to implementation.

Identity environments were consolidated, governance controls were introduced, and new policies were established to enable consistent access management across the organisation.

Single sign-on was implemented across key systems, while conditional access policies helped establish a zero trust framework designed to scale alongside the business.

As with many infrastructure transformations, the rollout revealed unexpected challenges. “Deploying something you’ve designed for months always has speed bumps,” explained Frank. “Devices are older than you thought, people are on leave, and sometimes you find hidden surprises.”

Through close collaboration between the teams, those challenges were addressed quickly, allowing the project to move forward while staying aligned with the overall strategy.

“When we hit some unexpected hurdles, that’s where the LeftBrain team really shone through, helping us pivot our strategy in the moment, work through the challenges, and get back onto the roadmap.”

Over the course of a nine-month engagement, the organisation moved from fragmented identity environments to a unified access framework.

The results speak for themselves

• Unified identity and access management across the organisation
• Centralised visibility into user access and permissions
• Consistent security policies enforced across systems
• Improved onboarding and offboarding processes through automation
• Clear governance for contractor and BYOD access
• A scalable identity foundation ready for future acquisitions

For Penta’s leadership team, the most significant change has been clarity. “We now have centralised visibility into access and can enforce consistent policies across the enterprise.”

The unified identity environment has also enabled improvements in operational processes, including onboarding, offboarding and contractor access management.

With identity governance now embedded into the organisation’s infrastructure, Penta is better positioned to integrate future acquisitions while maintaining consistent cybersecurity practices.

A collaborative approach to cyber security

Throughout the engagement, Penta worked closely with LeftBrain as a strategic technology partner rather than a traditional vendor.

The project combined deep technical expertise with a collaborative working style that allowed both teams to navigate complex architectural decisions together.

In Franks words, “the end result wasn’t just a successful deployment. It strengthened the foundation at Penta and helps us continue to grow.”