Envisioning an enterprise identity strategy
Snapshot
Our Fortune 500 fashion retail client manages numerous disparate identity stores, commonly ending up with a separate directory supporting just one or two applications.
All employees, contractors, and vendors had unique logins and passwords for every internal and commercial off-the-shelf application. There were many shared team accounts as well, so with each role change or termination, each password had to be updated individually. Each new corporate acquisition compounded the problem, introducing dozens of identity systems from another company into the environment.
This inevitably led to high help desk call volumes, lost employee productivity, and excessive patching and upgrading work in an attempt to keep identity data accurate and up to date across the enterprise. The haphazard provisioning system was unmanageable and risky.
The client’s Information Security and Compliance team (ISC) wanted a forward-looking identity strategy that addressed this substantial security risk, while simultaneously improving user experience and reducing operational costs.
Challenge
The client engaged the Kalles Group to document the current state of their identity management, architect a comprehensive identity strategy, and provide a prioritized roadmap for delivery and execution.
The Kalles Group team began by reviewing all existing documentation and inventorying known identity systems. They next held multiple rounds of interviews with all platform and applications teams to document the as-is identity system landscape.
Based on their investigation, the Kalles Group architected a new, unified identity platform that met all of the client’s business and technical requirements. The Kalles Group also produced a roadmap for converging and decommissioning the legacy identity systems.
Approach
The Kalles Group provided a migration plan that would seamlessly transition the organization to where they needed to be from an identity perspective, based on the industry’s outlook. The comprehensive and forward-looking identity strategy included direction for:
- Providing access for all users, including Windows, Mac, and Linux, as well as remote or on-premise
- Introducing a Single Sign-On experience to reduce helpdesk ticket load and streamline user logins
- Adhering to data privacy and regulatory laws within Europe and the U.S.
- Enabling functionality for all mobile devices
- Changing technologies and processes to support a single identity system
- Reorganizing the personnel reporting structure under a single director responsible for the identity platform
Results
The client implemented the proposed strategies, processes, and organizational restructuring recommended by the Kalles Group. They have already executed phase one of the roadmap, which involved reducing the total identity systems down to three. The next phase will reduce those systems down to the single, unified identity system.
Phase one alone was a major optimization win for the organization. The client significantly reduced its security risk, reduced its support volume, and the ISC team now provides an environment that is simultaneously safer and more efficient across the organization.
The identity strategy is a strategic asset and supports the company’s vision for the future, including choices on how to reduce their business risk and liability