Groupe Rocher streamlines its identity security with unified solution in six months
Groupe Rocher was founded in 1959 by Monsieur Yves Rocher in La Gacilly, Brittany. Monsieur Rocher's life experiences led him to believe that nature has a positive impact on people's wellbeing, which inspired him to take action in protecting the planet. In 2019, Groupe Rocher was the first international group to become a “Mission-driven Company” under the French PACTE law for business growth and transformation, with a purpose to reconnect its communities to nature.
The group has eight brands (Yves Rocher, Arbonne, Petit Bateau, Stanhome, Kiotis, Dr Pierre Ricaud, ID Parfums, Sabon) dedicated to several industries: the cosmetics, apparel and home furnishing sectors. It is present in 118 countries worldwide.
Challenge
Groupe Rocher, which was already using several identity security solutions, some of which were reaching the end of their lifecycle, wanted to standardize its processes through a single SaaS solution. The identity security solution needed to be implemented within six months, and within budget.
Solution
SailPoint's solutions, combined with the expertise of its integrator partner I-Tracing, enabled Groupe Rocher to implement a new identity security capability using Agile methodology, within timeframe and budget. Some 25,000 identities were successfully managed.
We had limited time and strict parameters, yet we successfully carried out this identity security project in record time and with a ‘One-Team’ spirit."
Régis Lucas, CISO EMEA Groupe Rocher and project leader
25,000
Identities managed20
Applications integrated to date<1 hour
Access creation time
Helping Groupe Rocher deploy a tailored identity security solution
With eight brands, more than 13,000 employees worldwide and a commercial presence in more than 118 countries, Groupe Rocher’s IT system was highly fragmented and needed to be reorganized.
The Yves Rocher brand had already embarked on an identity security transformation project in 2015, while the Arbonne brand operated on a competitor capability. So, in 2021, Groupe Rocher launched a global call for tenders to streamline its IT systems and set up a centralized information system (IS), with a particular focus on identity security.
Impressed by its technical know-how, international remit, SaaS solution, and the energy of its team, Groupe Rocher chose SailPoint, with support from integrator partner I-Tracing, whose reputation for expertise in project management and integration made it the perfect fit.
A three-stage project: Data quality a key element
From the outset, SailPoint, Yves Rocher and I-Tracing agreed that not everything needed to be reinvented. It was important to define achievable objectives, identify the best KPIs to quickly add value to the project, and avoid any disruption to existing application provisioning. The project was planned methodically and precisely from the outset, and three sprints followed:
- Sprint 1: The first sprint focused on implementing the HR source and lifecycle state into the identity security system. This involved constructing an identity repository for external identities and organizations, developing a HR entry point and creating populations in Identity Security Cloud, SailPoint’s SaaS-based identity security solution. Additionally, this addressed the basic requirements for workflows and the creation of all processes linked to identity management.
- Sprint 2: Step two focused on the provisioning of Active Directory (AD), Office 365, and business applications, covering manual provisioning for four out of the eight identified applications. The AD and Azure AD components were major expectations of Groupe Rocher. SailPoint's SaaS solution was praised for its capacity for seamless integration.
- Sprint 3: The final step addressed workflows, applications, and reports. This included manual provisioning for the four other applications identified by the team, as well as the implementation of an authorization-request process based on the criticality of the application. It also involved defining SailPoint Identity Security Cloud reports based on existing reporting processes.
The project was successful since it was built on solid foundations, particularly in terms of data quality and input/output processes, meaning commissioning was straightforward.
The strength of the “One Team” spirit
From an organizational perspective, using Agile methodology was a crucial success factor, particularly given that the project’s scope, budget and schedule were all fixed.
When the project began, the three stakeholders—Groupe Rocher, SailPoint, and I-Tracing—formed a tightly knit taskforce. Adopting a “One Team” mentality, the taskforce communicated frequently with the utmost transparency. When problems inevitably arose, they were examined collectively. Everyone played an important, specific role. Thanks to I-Tracing’s strong project management, the taskforce was able to get the most out of SailPoint’s tools. Groupe Rocher’s Human Resources team also had to be included in the decision-making process, and through confident communication, were effortlessly brought on board. How? By recognizing that bringing internal teams along for the ride is paramount when striving for effective change management.
Thanks to the structure established by the steering committee, the sprints overlapped. The first deliverables were completed after the start of the second sprint, using an iterative approach. This Agile methodology allowed the teams to readjust and modify the content of the sprints as needed.
Convincing results in record time
Rapid progress was made despite the short timescale, due to effective project management established at the outset. The project has now been in the “run” phase for more than a year. Since its launch, some initial results include:
- 25,000 identities have been managed
- SailPoint's identity security solution has facilitated 5,000 movements
- Seven new sources have been added, along with 70 new roles.
In short, among other outcomes, the application catalogue has been enhanced, the HR source implemented, Active Directory and business applications provisioning set up, integration with IT service management completed, and processes and workflows standardized. This marks a significant improvement compared to its past situation, when the Groupe Rocher IT system contained numerous exceptions. Moreover, the platform is easy and intuitive for users to navigate.
Lastly, automation has delivered substantial value for Groupe Rocher. Now that processes are embedded and operational, Groupe Rocher has taken full ownership of the project and is able to adapt the solution to their needs, supported by SailPoint as and when needed.
