CyberArk > Case Studies > CyberArk Enables Single Sign-on Authentication of 30,000 Worldwide Employees at Shiseido

CyberArk Enables Single Sign-on Authentication of 30,000 Worldwide Employees at Shiseido

CyberArk Logo
Customer Company Size
Large Corporate
Region
  • Asia
Country
  • Japan
Product
  • CyberArk
  • App Gateway
  • Microsoft SharePoint
Tech Stack
  • SAML protocol
  • Active Directory
  • Microsoft Internet Information Services
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Productivity Improvements
  • Customer Satisfaction
Technology Category
  • Infrastructure as a Service (IaaS) - Cloud Computing
  • Infrastructure as a Service (IaaS) - Hybrid Cloud
Applicable Industries
  • Consumer Goods
  • Retail
Applicable Functions
  • Business Operation
  • Quality Assurance
Services
  • System Integration
  • Cloud Planning, Design & Implementation Services
  • Cybersecurity Services
About The Customer
Shiseido Company, Ltd. is the largest cosmetics firm in Japan and a global supplier of personal care products including skin care, hair care, cosmetics, and fragrances. With a workforce of 30,000 employees worldwide, Shiseido is a major player in the beauty and personal care industry. The company has a rich history and a strong presence in both domestic and international markets. Shiseido is known for its commitment to innovation, quality, and customer satisfaction. The company’s products are widely recognized and trusted by consumers around the world. Shiseido’s strategic initiatives, such as VISION 2020, aim to strengthen its IT infrastructure to support global internal and external collaboration, reflecting its forward-thinking approach and dedication to maintaining its leadership position in the industry.
The Challenge
To enhance global collaboration and integration, Shiseido planned to move to an entire portfolio of cloud-based applications but needed a single sign-on capability to provide robust user authentication for both Active Directory and external users. Shiseido’s legacy environment utilized an on-premise application, accessible via a domestic portal for its Microsoft Windows-based users. The company recognized that it would be impractical for the existing corporate infrastructure to support new cloud applications because it would force users to set up individual IDs and passwords for each application that needed to be accessed. Worse still, it would significantly increase the security risk with so many different passwords having to be created and memorized. In addition, the company estimated there would be a significant reduction in user productivity associated with managing the numerous log-ins, and an associated increase in IT support and administrative work to keep everything running smoothly. Leveraging the portal concept, Shiseido’s plan called for implementing an Infrastructure-as-a-Service (IaaS) environment but to be successful, there was an urgent need for an authentication infrastructure that could enable single sign-on access to cloud-based applications via a globally available portal.
The Solution
CyberArk met all of Shiseido’s stringent criteria and was deployed as the keystone of the company’s new global authentication infrastructure. Shiseido formed an evaluation team for the selection of an authentication solution and it was tasked with examining four vendors’ offerings, which included CyberArk. The selection criteria and capabilities included SSO access to cloud applications as well as on-premise applications using the SAML protocol, supporting the authentication of Japan-based users via credential information held in Active Directory, enabling verification of non-Japan-based users outside of Active Directory, and facilitating future multiple Active Directories without the need for domain integration. Additionally, the solution needed to have a user interface that offered local languages including Japanese, and administrator screens with similar multi-lingual capabilities. It also had to support automatic authentication connections between Microsoft Internet Information Services, Internet Explorer, and other Active Directory-aware applications, and avoid replication to the cloud of information held in Active Directory. When evaluated against all of the criteria, CyberArk scored the highest — in part because of its App Gateway feature that enables single sign-on to cloud applications without the need for a virtual private network (VPN) connection. Consequently, Shiseido deployed the CyberArk solution as the keystone of its global authentication infrastructure. CyberArk was integrated with Active Directory in Japan and worldwide employees outside of the directory were enabled to leverage SSO via App Gateway.
Operational Impact
  • Leveraging SSO via CyberArk, users are enjoying greater productivity and higher job satisfaction. Administrators are spending less time keeping user access current, which has increased security.
  • Immediately after CyberArk was implemented, users began enjoying the convenience and time-savings of single sign-on. For global employees as well as Japan-based users listed in the Active Directory, there was no longer any need for separate credentials for cloud-based applications; greatly improving productivity and user satisfaction.
  • CyberArk has simplified the administration of creating new users, retiring departed users, handling those on a leave of absence, etc. — as well as managing their access to the suite of user applications. In addition, it has been accomplished without the need to copy the Active Directory information into the cloud. Based on the speed at which users’ access can be updated, Shiseido has benefitted from both a reduction in administrative man-hours and an increase in security.
  • Having an SSO solution that bridges the Active Directory implementation in Japan and all of the worldwide employees beyond it — and that enables user access to a portfolio of cloud-based applications — has allowed Shiseido to progress the strengthening of its IT infrastructure in support of its goal of greater global collaboration.
Quantitative Benefit
  • 30,000 employees enabled with single sign-on authentication.
  • Significant reduction in administrative man-hours.
  • Increased security due to streamlined user access management.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.