CIAM & Workforce Case Study
We helped our client seamlessly and transparently upgrade customer identity and access across multiple sites and apps by orchestrating a strategic migration of old systems, users and rules with zero customer impact. For the same client, we also performed a full migration and upgrade of their Identity Governance Solution (previously Omada) that had limited support, broken processes, and functionality that could never be leveraged as promised by the vendor.
As part of their digital transformation initiative, our client sought to leverage data across sites, mobile apps, rewards programs and in-store interactions for both customers and employees. The client was also experiencing several slowdowns in their Joiner, Mover, and Leaver processes as a result of poor functioning from their existing Identity Governance Solution. It was our mission and mandate to rectify both situations with cloud-based offerings with industry leading support organizations behind them. The existing, on-premise solutions for both workforce and customer use cases presented several issues, including a disjointed customer U/X, hosting and maintenance overhead, a cumbersome support process, and a lack of scalability. Most importantly, the program did not meet the organization’s future requirements for rapid deployment of new employee and customer-centric programs.
We conducted a thorough analysis of business and marketing goals, drawing up a 5-year identity plan that aligned with those as well as enterprise-wide needs that would alleviate Identity lifecycle and Governance/Administration issues the organization had been facing on a daily basis. RAAH recommended, implemented and managed a Dev-Ops, rapid deployment and scalability-friendly CIAM system that allowed for the rapid rollout of applications, services and in-store events that all leveraged User Identity data. We migrated an in-flight environments rules and users with zero customer impact and seamlessly transitioned to a new CIAM solution. Additionally, we built a model for Workforce Identity that included all Joiner, Mover, and Leaver (JML) use cases, integrations of IGA and ITSM tools for issue control and resolution, and full documentation of organization roles, processes, and info-sec compliant attestation and audit requirements for access control and visibility. We also built a plan for tightly integrated privileged access management (PAM) for high privilege service accounts and user/machine specific accounts. Using this model, we orchestrated a selection process for IGA and PAM product partners based purely on a 5-10 year roadmap of needs, and thereby proceeded with the implementation process.
By placing Identity at the center of the organization, we created a seamless environment in which our client could consistently roll out digital programs to customers and workforce. For Customer facing programs, the solution held true to our single identity principle, enabling convenient customer experiences and delighting business units previously struggling to see a single view of customers across all digital touchpoints. In the realm of Workforce, we decreased onboarding times from 1 week + to 3 hours or less. The solution also allowed for clear, and admin friendly audit and tracking processes that provided clear visibility of user identities, privileges, and overall identity lifecycle reporting that will prevent/mitigate risks the organization could face in as a result of insider or external threats.
– Auth0 (Customer Identity and Access Management)
– Saviynt Security Manager (Identity Governance and Administration)
– CyberArk (Privileged Access Management)