Grupo Boticário automates 100% of access provisioning

Operational inefficiencies drive the need for a modern approach

Before implementing SailPoint, Grupo Boticário struggled with inefficient manual access management and a lack of centralized governance. Identity and access processes were handled manually, creating significant risks of human error and inefficiencies across the organization. With digital fraud on the rise in Brazil and an increasingly complex business ecosystem, the company needed a secure, automated, and scalable solution.

The manual access management processes affected not only IT but also employee productivity and compliance readiness. Previously, each new hire required multiple teams to coordinate access manually, often taking days to complete. These inefficiencies led to delays in onboarding and increased frustration among new employees and managers. Additionally, with Brazil’s General Data Protection Law (LGPD) introducing stricter requirements for data security and access control, Grupo Boticário recognized the need for a more structured identity governance framework. The company sought to move beyond traditional IT administration and adopt a business-driven identity approach that aligned with regulatory demands and the company’s fast-paced digital growth.

Operating in an omnichannel environment with a franchise-based business model, Grupo Boticário faced complex identity journeys involving internal employees, franchisees, direct sales representatives, and partners — all requiring secure, timely access to digital systems.

Grupo Boticário partners with SailPoint implementing a cloud-first strategy

After evaluating several options, Grupo Boticário implemented SailPoint Identity Security Cloud in partnership with Deloitte, becoming the first company in Brazil to deploy the solution in the cloud.

Grupo Boticário implemented the solution in several phases, beginning with internal employees and expanding to franchisees. The deployment integrated seamlessly with core systems such as SAP, Azure Active Directory, and HR platforms, ensuring synchronized provisioning and deprovisioning across departments.

As part of the rollout, the IT team launched Meu Acesso GB, a communication and engagement initiative designed to educate employees about the new system. The campaign included webinars, tutorials, and internal newsletters explaining how identity management contributes to both security and user convenience. This approach helped demystify identity governance, positioning it as a benefit rather than a restriction.

Expertise in process mapping and change management was key to accelerating adoption. Together, the teams defined governance models, approval workflows, and automated policies aligned with corporate standards. Within months, provisioning that once required multiple manual steps became a fully automated and auditable process, available in real time.

Throughout the implementation, Grupo Boticário also strengthened its maturity in identity governance and security. The initiative contributed to the development of internal expertise and the formation of a diverse, high-performing team, supporting the ongoing evolution of the SailPoint platform. This foundation enables continuous expansion, new use cases, and sustained improvement of identity processes as the organization’s needs evolve.

Increased employee satisfaction and productivity achieved

Beyond operational efficiency, the project fostered a cultural shift within Grupo Boticário. Employees began to perceive identity governance not as a technical process, but as an enabler of productivity and trust. Managers gained visibility into who has access to what, while auditors benefited from streamlined compliance reporting.

The IT department, once overwhelmed with access requests, can now focus on strategic innovation instead of repetitive tasks. According to internal feedback surveys, onboarding satisfaction increased significantly, as new hires receive all necessary tools and system credentials before their first day. This proactive approach also minimized the risk of orphaned accounts and strengthened the company’s security posture.

Since implementing SailPoint, Grupo Boticário has achieved measurable improvements across its identity management program. Automated provisioning and deprovisioning now operate at full efficiency, reducing security risks and manual workload. The full automation of access provisioning has transformed productivity, strengthened user confidence, and increased employee satisfaction (NPS) by 90%, marking a significant improvement in the onboarding experience and a significant reduction in access-related support tickets, demonstrating strong adoption of the new system.

The company now manages more than 60,000 identities, with integrations to over 170 internal systems.

Looking ahead

Grupo Boticário plans to expand its identity governance program to include direct sales representatives and other non-employee users, a move that could expand governance and will be supported by SailPoint in meeting the challenges.

Grupo Boticário aims to extend the same governance principles to its vast network of external users, including suppliers, partners, and consultants. The company is exploring advanced AI-driven analytics to predict access risks and recommend intelligent policy adjustments. By leveraging these insights, Grupo Boticário plans to further improve decision-making and reduce potential security gaps.

As part of its sustainability and innovation agenda, the company continues to invest in cloud-native technologies that balance agility, security, and compliance, while prioritizing user experience as it scales its digital transformation efforts across LATAM. The collaboration with SailPoint remains a cornerstone of this digital transformation journey, reinforcing Grupo Boticário’s position as a technology leader in the global beauty industry.