Part 2 of 3 in our series about Identity Access Management for Retailers.
In part one of our retail blog series we discussed protecting consumer identity. Read on as we discuss other identity issues retailers face.
Every customer vertical has unique needs related to identity management. Retail has several. Retail companies have many branches and a transitional workforce outside the home office, which include contactors and seasonal workers. Because of this, retail is being hacked from within and from exterior forces in the branch offices.
As you read a few of these examples, remember this: “Identity is today’s firewall!”
Median turnover rates for part-time retail workers have been as high as 74.9 percent in 2013. Every admin who administers a directory service is aware of the amount of work it takes to provision and deprovision users to each application a new employee needs to use. Productivity in retail requires quick access to systems and services in the stores; however, most organizations do not have the same urgency to deprovision (disable or delete) a user account in the directory service(s) when they leave. Often there are thousands of orphaned accounts in those systems.
Not to mention, the primary concern for a terminated user is immediate, real-time denial of access. Many identity management vendors cannot provide real-time access denial as their systems rely on a synchronization cycle between directory services and possibly some workflow decisions between systems, like HR and payroll. While the workflow could kick off immediately, there could be a significant waiting time for the synchronization cycle to complete. This window of time waiting on a synchronization cycle (or even on a helpdesk or admin to manually disable/delete/deny access) puts you at risk during that window of time.
Disconnected Directory Services
Islands of disconnected directory services put retail companies at risk. Orphaned objects, privileged accounts, lack of password policies are just a few of the issues that lead to major security issues.
Multiple A.D. Forests provide another obstacle. Often companies pay hundreds of thousands of dollars to pull in consulting services to consolidate and/or migrate many forests into just a few. This, in our view, is often a waste of time, resources and money. What if you could connect, manage and authenticate to hundreds of A.D. forests in a matter of moments? #OptimalDifference
Optimal IdM’s customers have often asked us to tackle unique workflow and customization needs in the authentication process. Most vendors are not able to meet these needs because they offer a cloud option that requires companies adopt to that vendor’s offering — often at a compromise of compliancy or secure business processes. But Optimal IdM is different.
Why Optimal IdM is Different
Optimal IdM provides a distinctly separate, siloed, single-tenant private cloud solution to each and every customer. You share nothing with our other customers. This means we are able to adapt and customize our offering to your business and compliancy requirements, rather than vice versa. Optimal has some of the largest, most complex federation implementations on the planet. With our concierge services (included in all of our solutions), customers simply call us with needed customizations and configuration changes, and we’ll do them for you — no expertise needed in your staff.