In this keynote session, Christian Loeffler talks about: project conduction, architecture definition, IDaaS election and implementation,key challenges for business and IT, lessons learned.
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
In this keynote session, Christian Loeffler talks about: project conduction, architecture definition, IDaaS election and implementation,key challenges for business and IT, lessons learned.
In this keynote session, Christian Loeffler talks about: project conduction, architecture definition, IDaaS election and implementation,key challenges for business and IT, lessons learned.
Yeah. Hello and welcome to my speech from shadow it to identity as a service solution. So after three days full of workshops, presentations, evening events, I have bad news for you. I prepared also presentation, so, but I can promise, I will try to keep you awake. Okay. So my name is Christian Lela. I'm working for Zoro since a couple of years, I'm leaving the information protection service teams. Our main responsibility is the deal about corporate active directory and also our well implemented access management solution based on Armada.
So as you may can hear from my dialect, I have not been born in an English speaking country, so I am based and living in Austria. So just a few slides about Roski to give you an overview about our, our, when I'm talking about Roski, I'm usually talking about this Roski crystal business. I'm not talking about this Roski group where there belongs other companies and that affiliates to it. So they have their separated it department. So when I'm talking about SROI, I'm talking about crystal business with a revenue of 2.6 billion of euros.
We, our products can sold in 106 70 countries, and we have 2,700 shops. The half is self owned and the other one is operated by our partners. So I hope you can read. There's also behind now, I'm choking. So we don't have to go through all these business activities. It's just to give, give an idea the complexity of our, our, our companies, because we have to deal with many, many different business units. So for instance, crystallized components, grocery glasses, watches, whatever.
So what was now, I'm coming to the what section I would say like this, what was our problem and what happened next? So our problem was that different as I showed before, just different business units, selected SaaS products from the market and tried or did already the rollout to countries to allow countries to different users and so on to our, our customers. I would say C applications have been select. There were some, some shop communication platforms, as well as e-learning platforms. There also idea management solutions under this are solutions.
So there started the problem because they had to deal all with our daily business, with our doing of user lifecycle management, our indication issues, authorization issues. I just mentioned a few there. So they have to think about it. How can users be dismissed after they leave the company to give authorization, access to other applications, whether needed how the password reset process looks like and all this stuff. So really the stuff we are usually dealing with all our daily life within intended index management.
So how do you think this approach would look like for our end users where they're working on the office deals and also in, in our shop environment where they usually have their use IDs with their password, everything is smoothly working on with, with singer and on, and these applications. So how do you think you are, right? Each of them will get the new use idea on each cloud applications. A new new ID means they have also a new password. Maybe also the password length, the complexity differ from the, the corporate ones. And so at the end, it'll look like this.
I mean, there's nothing else to add a pictures, worse, a thousand words. So, but one thing is to add, it'll not for sure efficiency, it'll not secure and for sure not be state of the art. So what happened next? The thing was our businesses recognized that doing all this user lifecycle thing is really a hard job to do so they don't have the time. They don't have the knowledge to do that. They don't have the process and so on.
And so they decided and ask the it to, to please provide singers and non functionality, and also to put into the access management, to do all the user lifecycle management of it. That was the starting point for me, where I came in, I had to do the project, and now we'll tell you how we could solve this problem, and also why we elected this vendor.
So the how, first of all, we conducted a workshop with all our internal business partner, who's elected or applications, and tried to figure out the requirements to try to think okay, where they are and which counties they had already provided these size applications as well. How many users have already been created and also rolled out to this software with all this findings, we come back and design the concept, establish a concept for us, how to can be fit best in our existing on-premise end and access management solution.
So at the end, we decided to, to move forward into the identity as a cloud service approach to find out because the market was picking this in this in these days. So we, we had to find out which one is the best vendor for us. So first of all, we researched on the Gartner on the leaders and the visioners quadrant and get out a long list of approximately 10 vendors of it. Afterwards, we send out a request for information to all these long list vendors and after receiving and checking all the, the answers from it.
We requested two vendors to do a proof of concept in, in our environment, ATS, Roski with our requirements. And at the end, Centrify has been elected as incident and access service provider fors Roski. Now you would be interesting why with elected Centrify. So the conduction of this BOC was excellent at all. They could be answer all our questions. They also requested, or they could shown us and, and demonstrate all the requested feature we asked for. And the staff who came there to do the, the BOC were very skilled.
And, but the best thing was that we wanted to see how an integration and always when I'm talking about how an application integration, especially from massage product is doing, is that there is always two time of it. First of all, you have to do the authentication part of it, which is normally easy, easy to done with some, but also to do an API integration, to get all this user provisioning stuff done. So this was very perfect.
And also Centrify consented that they will do during this free POC had to be mentioned that they will do and show us how this integration of this application can look like, which processes, how long does it take and you know, everything around us, they, they did it within this POC. Then the user interface is very, I would say indicative also, not, not for the users only, also for the, for the administrators. So the price performance ratio is good and general. And now I can say that after a couple of years, we are using this software right now is that the support is really outstanding.
Whenever you, you raise a request, the incident you get really fast and also knowledgeable response back. And so at all, I would say the whole vendor is very flexible.
And, and open-minded, I would say like this, another important decision why we took it was that the services from Centier are based on Microsoft technologies. So that means that the data we had transmitted use IDs, we transmitted to them is based on, on the data centers of, from Microsoft. But they are stored in, in Europe.
Now, a few facts, figures, benefits, and also lessons learned to the facts we have currently now, six application running on Xandr five with more than 6,000 users until now. And the project duration took 10 months. It had been started 2014. And now as the business known that this is really running smoothly, we are receiving new application integration requests. Each two month.
The benefits we see right now, or we have right now is that we could increase the efficiency to do all the user provision in part of it as well, with, with all our processes behind and also the transparency for security to do the reporting, the locking and so on. But also we, we made, I would say that the business happy because now they have the singles and on functionality, the possibility to provide their users.
Also, the singers are non functionality, as I said. And another part of it is that we have a very flexible multifunction and dedication possibility. That means that you can provide your own authentication policies there.
And, and on this software where you can decide whenever some customers are outside of the, of the, your company network, they have to use a multifactor authentication to, to get in. So now I'm coming to the last slide. The lessons learned, I think it was, we learned a lot from, from all of this, but one of the important part of it was that we had to, to adapt. We had already software election policy, but we had adapt to do the part of all application election things. So because that the, the business, because the idea was not in at the beginning.
So the business did all the contract thing, but didn't mind that to, to get it in, to get the software in. There are technologies at least some and scheme necessary to do to all the stuff.
So this has been added into, so that also the business, when, when each time they get and, and select another SA product, that they are asking the right questions or better at all, they have to move the it in that we are at the beginning, right bank from, from the, from the start of the project at the beginning on, as every company has, I would say their own philosophy and, and the processes have been adapted currently. So it's very important.
Also, you are looking for promising vendor, maybe Centrify what fits. Thank you very much. Thank you, Christian there's are two questions. How many of your systems are connected now through this interface for This? I said already six, six applications are connected From, from how many or to overall.
I mean, our on premise and Texas management solution has 34 different application integrated. It started from SAP and so on, but goes through all these things which are necessary to do a really smooth user life cycle management. Okay. And what effort, what effort you experience on average to integrate shadow it app into the centralized system?
Ooh, that's a difficult one. The thing is always that it differ from the technology, which, which is provided also from the SA application, because if there's scheme or, or rest APIs available, and it's also already in the contract, then it's easy because when Centrify or the, the identity service provider has already the visibility and also it's a kind of app store where you can choose this application from this app store, and then it's easy. It depends on the, on the implementation and technology, which this us products are provided. Okay. Thank you again.
Thanks, bye.