Support major international expansion by changing business processes and governance for a more flexible and centralized identity management policy.
Over recent years Kiabi has expanded its operations internationally. Identity management had always been the responsibility of the IT organization, but Annie Kionga, Identity Product Owner at Kiabi, explains why the focus needed to shift: “With a growing and decentralized user base, and many applications to provide access to, we wanted to simplify our identity management processes. We saw the limitations when employees moved roles or countries within Kiabi. Their digital identity could not follow them through their career at Kiabi and we would need to set up new identities for each significant move. This resulted in redundant and unused accounts which pose a security threat. Employee productivity would suffer with account access issues, while IT would spend unnecessary time recovering accounts.”
Kiabi wanted a consistent identity model supported by structured governance and agile delivery that would follow employees throughout their Kiabi lifecycle and provide better and more flexible security. It aimed to give employees a level of autonomy and self-service capabilities that would free up precious IT resources for more high value-add activities. Business value was put at the center of the decision and it was clear that this was not only a technical project, but required change management at its core.
The team worked closely with OPNS as an IT service provider. Following extensive market research into the desired functionalities, they recommended wider leverage of Identity Manager, which had been used in a limited fashion within Kiabi. With over 10,000 users, Kiabi wanted to automate identity workflows, both based on role, e.g., an accountant needs automatic access to an accounting database, and on request, e.g., employees who need access to certain applications as part of a project or assignment.
Through Identity Manager’s flexible workflows we were able to eliminate numerous redundant accounts and because a digital identity is set up for the life of the employee within Kiabi, we no longer create multiple accounts, which helps our security.
Francois Hubau, Product Manager SIRH, World Services IT Department at Kiabi, explains the implications: “We manage approximately 200 applications with some 1,000 defined access roles which all needed to be included in the new identity management model. Users can be direct Kiabi employees, but they also include franchise holders and external partners working in centralized services, such as logistics. Identity Manager is designed to simplify complex identity environments, and that is just what we needed. Working with OPNS, we were able to translate manual processes into automated workflows to save time and reduce human error.”
As part of a change management project, the team collaborated with the HR organization on an internal communications program to inform and train users. A community of user ambassadors relayed information and presented demo sessions. Annie, as the Product Owner, interacted closely with the different user groups and collected business feedback: “It’s the people on the ground who will make a difference in using these new processes so we want to create the dialog, visit them in the stores, and see how they use Identity Manager on a daily basis for their requirements. It’s all about streamlining business processes and making our employees’ lives easier.”
Within the first quarter of introducing the new identity management processes the team noticed a significant drop in IT support tickets. “With employees able to manage simple requests, such as resetting their password, we saw a 65 percent decrease in the number of low-value support tickets,” says Annie. “We outsource our support call management, and so there is a direct cost benefit when users can take responsibility for simple requests.”
With employees able to manage simple requests, such as resetting their password, we saw a 65 percent decrease in the number of low-value support tickets. We outsource our support call management, and so there is a direct cost benefit when users can take responsibility for simple requests.
It is also clear that several NetIQ Identity Manager by OpenText-driven workflows have improved security measures. Accounts are now created in a 2-step provisioning process with managers activating the account and the employee confirming this separately. New employees then follow a workflow to enter their unique password, without the use of generic passwords. “Through Identity Manager’s flexible workflows we were able to eliminate numerous redundant accounts and because a digital identity is set up for the life of the employee within Kiabi, we no longer create multiple accounts, which helps our security,” comments Francois. “We can set up temporary worker accounts which are active for only six months and then close automatically. In the previous model these accounts would remain live and pose a security risk for us.”
Annie concludes: “Clear processes, governance, and communication are the key to success in this project. Without these, we would be failing in our objectives, even with a great solution such as Identity Manager. In working closely with our business partners and understanding their requirements we have given our users accountability within a defined identity framework which benefits them and our overall security position.
Kiabi is France’s largest fashion retail brand with its own fashion label across womenswear, menswear, children, and babywear. Kiabi revolutionized off-the-peg fashion with the introduction of low-cost fashion. The organization is active in over 15 countries.