By Ngen IT / 2023-02-02 / Topics : Cybersecurity
A long-standing fashion retailer, with brick-and-mortar stores across the U.S. and an online presence that launched in the early 2000s, has since increased its reach, opening storefronts in more than 30 countries across the globe.
The challenge: Create an economical, healthy cloud landing zone for future growth and seamless user interaction.
Originally, the client created its cloud structure in-house on an as-needed basis. Because the network was created in the early stages of companies moving online, the structure was not built with a global transition in mind. Without a unified network environment, the client faced challenges in upgrades and expansion, as well as gaps in its security environment and communications.
Before expanding on front-end ideas, improvements on the back end were critical.
The client knew a stronger, more cohesive network was needed to better secure customers and employees, clarify user roles and create a more seamless user experience overall.
For the first round of updates, the retailer wanted to ensure all aspects of the cleanup were completed as securely as possible, compliance measures were on track to pass and a Single Sign-On (SSO) implementation was completed. From there, further enhancements could be discussed.
The solution: A comprehensive health check of the landing zone leading to on-premises upgrades, quick fixes and SSO implementations
The retailer enlisted the help of NGen IT to conduct a health check of its Azure® Landing Zone and Azure Active Directory® (AD), and discuss options for SSO implementations and future improvements.
At the start of this engagement, the retailer was already in the middle of an upgrade on an AD environment. Together, we made a strategic plan — ensuring that the upgrade would finish with the newest version, and that improved performance would enable smooth integration of subsequent updates and add-ons.
With an open line of communication, NGen IT was able to assess the client’s Azure Landing Zone from a security perspective, making a list of items that were in good condition, and those that needed updating. The same was done for the AD on-premises. From there, we could immediately tighten security of the landing zone, clean up the AD, implement an SSO experience for users and create a foundation for structured expansion, as discussed.
The benefits: Improved security and a solid foundation for growth across all platforms
Today, the retailer has reshaped global admin access. With an audit of current user role assignments, the company strategically reduced its once ad hoc user base from 16 to five and enabled multi-factor authentication.
NGen IT also helped the client shift to Webex® pointing to the Azure AD rather than Active Directory Federation Services (ADFS) on-premises, completing the desired SSO implementation.
Using quick fixes, Azure Security, and Azure governance and connectivity, the client’s identity secure score has tripled, moving from 16% to 53% — with a projected short-term target of >60%.
Additionally, we now have short-term targets of increasing the subscriptions secure score to above 80% and passing all 44 controls of regulatory compliance.
The new, updated Azure AD Connect server and future-state governance blueprint provided by NGen ITÂ laid strong groundwork for further applications and developments for the client, its employees and its customers. NGen ITÂ and the client continue to work together to elevate user experience and online security.
Safeguard your users and customers. Security services from NGen IT deliver the protection you need to maintain a competitive edge.