a good thing!
Use Identity to Optimize Your Supply Chain and Workforce
We all hear stories about the changing landscape of retail. Tales of cashierless stores, interactive mirrors, drones delivering packages and many others make it seem like we’re living in a sci-fi novel. There is no doubt that these advances are changing the way people shop, but there is another way technology is affecting retailers—by greasing the wheels of retail supply chains and making employee interactions with customers more efficient and worthwhile.
Even though these technologies may not make headlines, they’re just as important in helping your employees create meaningful customer experiences, and ensuring that your partners are able to deliver the products and services your customers expect.
For retailers, management systems can help facilitate tasks for different groups of employees. Handheld IoT devices can get customers information about the products they’re looking for, mobile POS technology can streamline purchases, and much more. To properly leverage these technologies, retailers have to make sure employees can easily access the technology when they need it.
Furthermore, retailers must ensure access is restricted from those who don’t need it. The right employees need access to the right resources, quickly and easily.
The first step to creating smooth access is to give employees single sign-on (SSO). This enables them to use a single set of credentials for all applications and makes it easy for them to quickly log in to whichever resource they need to manage other employees or service customers.
That ease of use has to be counterbalanced by security. This is achieved by leveraging centralized access policies across all of your applications. Such policies enforce adaptive authentication to evaluate the contextual risks associated with employees accessing high-value resources, and can require multi-factor authentication (MFA) in high-risk scenarios. Access policies are continuously evaluated to make sure someone who no longer works for you doesn’t retain an active session that gives them access to your applications.
By combining evaluations of user attributes, resources (apps, APIs or URLs) and contextual risks, you can balance the security and convenience of the technology your employees and partners are leveraging.
Partners also need access to many of your applications. Large retailers in particular may have many partners of all sizes. The same balance of security and convenience required for granting employee access to your resources must extend to these partners so that they can keep delivering the products and services your customers expect.
Managing partner access, however, comes with challenges that aren’t present when managing employee identities. For example, you may not have any real insight into when your partners’ employees leave their organizations. Without this information, it’s often impossible for you to know for sure whether someone who logs in to your resources should really have access to them.
It’s much easier on all parties if partners are allowed to manage their own identities. Not only does this remove that identity management burden from you, but it facilitates more secure access as partners are more likely to know the status of their own employees.
This may not be as easy as it sounds. A partner with a couple dozen employees may not have their own directory to store their employee identities, while a global partner that employs 10,000 people may be required to store their employee identities in their own on-premises directory.
Enabling these partners to manage their own identities means being able to accomodate partners of all sizes. Giving small partners, without their own directory, access to a cloud directory to store and manage their employee identities is ideal. Larger partners can use SAML and single sign-on to allow them to leverage their existing identities to connect to your retail applications. For partners that aren’t SAML enabled, specific connections can be made to Active Directory to facilitate SSO.
By accounting for this broad spectrum of scenarios, you can allow partners of any size to manage their own employee identities, while delivering seamless and secure access to your retail applications.
To learn more, read our guide on IAM solutions for retail.