Rootz Reduces Onboarding and Offboarding Time by 80% and Automates Access Requests via Slack

About Rootz:

Rootz, founded in 2018 and headquartered in Malta, is a leading iGaming platform offering five online casinos - Wildz, Wheelz, Spinz, Caxino, and Chipz. With just under 200 employees, Rootz serves markets across Scandinavia, Germany, Canada, and Europe, earning recognition for world-class entertainment and numerous industry accolades.

Challenge: Outgrowing Spreadsheet-Based Access Management

As Rootz expanded, managing employee access to applications during onboarding and offboarding became increasingly complex. Due to the absence of an automated platform-based solution, the IT team initially relied solely on spreadsheets and manual coordination to map application access based on job roles, often requiring follow-ups with managers. While this method worked in the company's early stages, scaling it as the team grew became unsustainable.

While access provisioning was in place, the manual effort involved in onboarding could be streamlined. The increasing operational load underscored the need to automate access provisioning to improve IT workflows and enhance the employee experience. Similarly, access revocation during employee offboarding was time-consuming, and automation was essential to ensure timely and consistent deprovisioning, reducing potential security risks.

Solution: Zluri's Automated Access Management Workflows

Zluri helped Rootz automate and scale their access management processes, introducing the following key capabilities:

1. Dynamic Conditional Workflows: Zluri enabled Rootz to build smart workflows using "if-then" logic based on departments and job titles. This removed the need for creating and maintaining numerous spreadsheets, significantly reducing manual overhead and increasing flexibility.
   
   
2. Pre-Onboarding Automation via HiBob Integration: The Zluri–HiBob integration ensures new team members are equipped with the right tools from day one. As soon as an employee’s start date is confirmed, access is automatically provisioned based on their job title and department, covering essential applications like Google Workspace, Jira, Slack, JumpCloud, and 1Password.
   
   
3. Advanced Provisioning & Deprovisioning Actions: Zluri executed deep, context-aware actions such as adding users to specific Google Workspace Org Units, Slack channels, and Jira groups, and removing them from all Google Groups or Slack channels during offboarding. These granular actions helped Rootz maintain strict access hygiene, reduce security risks, and enforce least-privilege principles across the organization.
   
   
4. Automated Task Notifications & Compliance Tracking: Zluri's workflows triggered provisioning and deprovisioning task alerts to app owners. IT teams and app owners could track and verify completion via Zluri's centralized Task Dashboard, ensuring visibility and compliance with internal policies and audit requirements.
   

Outcomes:

• The mean time to provision employees has decreased by 87.5%
• The mean time to deprovision employees has decreased by 75%
• Day 1 access to critical birthright applications
• Clear access provisioning and deprovisioning logs

Challenge: Inefficient Access Request Management

Employees faced difficulties when requesting access to applications, especially for time-sensitive needs. Requests were submitted via Jira, but employees often lacked clarity on the appropriate approver (app owner), leading to confusion, delays, and longer turnaround times. This process was even more complex for external users, requiring multiple follow-ups and increasing the chance of errors.

Solution: Zluri’s Slack-First Access Request Workflows

Zluri automated the access request process, allowing employees to initiate requests directly from Slack, with key details such as business requirements, access duration, and role information. This triggered automated approval and provisioning workflows—routed to the appropriate admins, app owners, managers, or other approvers—with support for multi-level and group approvals.

Zluri enabled the IT team to curate access request automations based on departments. Custom fields allowed employees to request access for external users by simply entering their email addresses.

The new workflow not only reduced manual effort and turnaround times but also minimized errors, improved transparency, and enhanced auditability, creating a more efficient and compliant access request experience.

Outcomes:

• Hundreds of hours saved annually with Slack-first automation
• Faster Time to Resolution (TTR)
• Clear audit trail for all access requests, improving accountability

You Can’t Manage What You Can’t See!

Zluri’s discovery capabilities uncovered over 800 apps within Rootz’s ecosystem. This eliminated redundant and shadow apps and provided visibility into inactive users who still had access to managed applications.

Zluri also provided visibility into AI apps in use across the organization, identifying AI tools like DeepSeek that operated outside the company’s formal security controls.

What’s Next: Zluri is expanding Access Management coverage through Custom Actions and HTTP request-based workflows. Zluri and Rootz also plan to automate Access Reviews for critical apps by leveraging Zluri’s ability to deliver audit-ready certifications and ensure ongoing compliance.