Microsoft

Retailer Triples Identity Secure Score With Improved Cloud Ops and Modern IT Strategy

By Ngen IT / 2023-02-02 / Topics : Cybersecurity

To keep pace in a fast-moving industry, a major retailer leaned on NGen IT to streamline back-end operations with an updated cloud structure and a more secure foundation for future growth.

A long-standing fashion retailer, with brick-and-mortar stores across the U.S. and an online presence that launched in the early 2000s, has since increased its reach, opening storefronts in more than 30 countries across the globe.


The challenge: Create an economical, healthy cloud landing zone for future growth and seamless user interaction.

Originally, the client created its cloud structure in-house on an as-needed basis. Because the network was created in the early stages of companies moving online, the structure was not built with a global transition in mind. Without a unified network environment, the client faced challenges in upgrades and expansion, as well as gaps in its security environment and communications.


Before expanding on front-end ideas, improvements on the back end were critical.


The client knew a stronger, more cohesive network was needed to better secure customers and employees, clarify user roles and create a more seamless user experience overall.


For the first round of updates, the retailer wanted to ensure all aspects of the cleanup were completed as securely as possible, compliance measures were on track to pass and a Single Sign-On (SSO) implementation was completed. From there, further enhancements could be discussed.

The solution: A comprehensive health check of the landing zone leading to on-premises upgrades, quick fixes and SSO implementations

The retailer enlisted the help of NGen IT to conduct a health check of its Azure® Landing Zone and Azure Active Directory® (AD), and discuss options for SSO implementations and future improvements.


At the start of this engagement, the retailer was already in the middle of an upgrade on an AD environment. Together, we made a strategic plan — ensuring that the upgrade would finish with the newest version, and that improved performance would enable smooth integration of subsequent updates and add-ons.


With an open line of communication, NGen IT was able to assess the client’s Azure Landing Zone from a security perspective, making a list of items that were in good condition, and those that needed updating. The same was done for the AD on-premises. From there, we could immediately tighten security of the landing zone, clean up the AD, implement an SSO experience for users and create a foundation for structured expansion, as discussed.


The benefits: Improved security and a solid foundation for growth across all platforms

Today, the retailer has reshaped global admin access. With an audit of current user role assignments, the company strategically reduced its once ad hoc user base from 16 to five and enabled multi-factor authentication.


NGen IT also helped the client shift to Webex® pointing to the Azure AD rather than Active Directory Federation Services (ADFS) on-premises, completing the desired SSO implementation.


Using quick fixes, Azure Security, and Azure governance and connectivity, the client’s identity secure score has tripled, moving from 16% to 53% — with a projected short-term target of >60%.


Additionally, we now have short-term targets of increasing the subscriptions secure score to above 80% and passing all 44 controls of regulatory compliance.


The new, updated Azure AD Connect server and future-state governance blueprint provided by NGen IT laid strong groundwork for further applications and developments for the client, its employees and its customers. NGen IT and the client continue to work together to elevate user experience and online security.

Safeguard your users and customers. Security services from NGen IT deliver the protection you need to maintain a competitive edge.

Releted Industry

Releted Categories

Releted Brand

Releted Solution

Your privacy

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. You can get more information by going to our Privacy Policy or Statement in the footer of the website.

Strictly necessary cookies
Always active

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Cookies details
Performance cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. Most of these cookies collect and process aggregated (anonymized) information without identifying individuals. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Cookies details
Functional cookies

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Cookies details
Targeting cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Cookies details