IdentityNow aide un détaillant en ligne à redynamiser son programme de gestion des identités
Founded just after the pop of the dot-com bubble, this U.S.-based home goods retailer sells more than 14 million household items from thousands of providers. To create an exceptional online shopping experience, the retailer put into place a modern, agile technology stack. “Our product isn’t just a retail operation. Our product is our entire technology stack,” says the senior analyst of identity and access management at the online retailer. “When you think of us, we want you to think technology company,” he says.
To provide identities for the company’s nearly 20,000 employees, the technology team relied on a provisioning system they built inhouse, based on PowerShell, PHP scripting, and a shared SQL database for employee access to auditing and reporting. However, over the years the system had become monolithic and difficult to manage. To provide the needed enhancements and update the system, the technology team considered continuing the in-house efforts, which would have required considerable rewriting and rebuilding. They ultimately decided it was best to find an external solution. “At the end of the day we’re an identity team. We’re not developers, we’re not infrastructure engineers. We’d rather focus on how to best manage our identities,” the senior analyst says.
With nearly 20,000 active identities, 75 geographic locations, and ever-accelerating growth, whatever the team decided to do when it came to governing its identities would have to be effective. “We have all types of employees, across all of our warehouses, call centers, distribution centers, fulfillment and warehouses and our headquarters,” the senior analyst says. The retailer is also growing rapidly. Just four years ago it had only 10 locations and 8,000 employees.
To determine the best way to govern its identities, the company embarked on a thorough market evaluation.
Next-Generation Identity Governance Platform
After weighing all of their options, the team selected IdentityNow from SailPoint, a cloud-based identity governance platform that enables organizations to increase security and compliance. Because it is cloud-based, this retailer would be up and running quickly. From the first day of its installation, IdentityNow simplified the retailer’s identity governance and improved its ability to automate and control user provisioning, access requests, enforce separation-of-duties policies, streamline access certifications, manage passwords, and more. IdentityNow’s AI-driven insights also help the team make smarter identity governance decisions possible.
“We developed very detailed roadmaps, and we focused on the services we will provide the organization, such as authentication and authorization, automating access requests, and creating a new authoritative identity store. We want to encapsulate those types of workflows in such a way that we can deliver on them continuously in a scalable way,” the senior analyst says. The team decided that IdentityNow best enabled the team to focus on identity management without having to worry about the creation and maintenance of the identity platform itself.
The team had IdentityNow running in February while they were also installing the human resource application Workday and digital workflow software from the provider ServiceNow; they were also simultaneously restructuring their Active Directory implementation during this time. In June, as part of the first phase of their deployment, the team established Workday as the IdentityNow identity data authoritative source. Going forward, IdentityNow will manage access to enterprise applications based on job roles and data provided by Workday. “This was very exciting for us. IdentityNow quickly became our ‘identity engine’ and would provide direct provisioning to Active Directory and our intranet, as well as manage provisioning rules and additional related actions. This means IT no longer must be directly involved in the HR pipeline,” the senior analyst says.
Consolidating and Automating Identity Governance
The team initially focused on streamlining and centralizing the management of employee access attributes. Previously, as staff changed job positions or their roles, human resource personnel had to make the access changes manually. These typically consisted of about 300 manual changes a week, requiring dozens of work hours. “This was not ideal. We decided to implement an automated workflow and set Workday as the authoritative source for employee attributes that manage access rights to the targeted systems,” the senior analyst says.
“We’ve already saved human resources dozens of hours a week by automating these processes,” he says.
The IdentityNow deployment has proven to be a tremendous success, as the team achieved a significant amount of automation and improved identity governance in a very short time. There are even more savings ahead, as the team is deploying self-service password management this fall. “With this enhancement, as staff are promoted or otherwise change their positions, human resources won’t need to be directly involved in data entry. They can actually focus on HR work instead of manual identity data entry,” he says.
# # #