Apparel Giant Enhances Identity Security Program through Modernization

The Opportunity:

Modernizing Identity Management to Drive Operational Efficiencies

In retail, customer experience underpins brand loyalty and lifetime value. Access provisioning has an immediate impact on how in-store associates serve customers. When they’re granted seamless Day One access to the applications they need to get their jobs done, the company can see significant improvements in customer satisfaction and revenue.

“For us, operational excellence means innovating and leveraging automation to improve end-user experience,” says Bashira Baset, Head of Identity and Access Management at VF Corporation. “Associates are our internal customers, and we evaluate the return on our technology investments based on whether they will make it easier for an associate to make the sale. Our industry moves fast. We’re always trying to simplify access while making sure that identity isn’t a source of friction for customers, internal or external.”

To manage more than 50,000 identities across its ten retail brands—as well as an ever-expanding ecosystem of non-human identities (NHIs), VF Corp had deployed Oracle Identity Manager (OIM) as its core identity management tool. OIM required extensive customization, so that the identity team had to make manual changes nearly every day. This legacy system also left VF Corp with disjointed processes for application onboarding and managing joiners and leavers. It took four weeks—or longer—to onboard an application into the system, slowing innovation and consuming resources. With the need to adopt new generative and agentic AI apps quickly, this time lag was no longer acceptable.

“We are still in the early stages of AI adoption,” Baset explains. “But AI is putting new pressures on access governance. We don’t want to block everything, but we do need to understand where every access request is coming from—whether it’s an NHI, an employee, or an AI app—and categorize the data to ensure that only necessary access is granted, so that we can reduce the risk that these tools will surface information that shouldn’t be made available.”

VF Corporation lacked centralized visibility into identities across the organization, but they also lacked control. Identity management was outsourced to an external vendor, leaving the internal team with a black box implementation, where they couldn’t control configurations or immediately understand what went wrong when problems occurred.

With several new acquisitions planned, VF Corp had an immediate need: improve operational efficiency across the company’s entire identity ecosystem. After a lengthy evaluation process that involved testing more than 150 use cases on multiple identity platforms, it became clear that Saviynt’s cloud-native, AI-powered platform was the best one for the job.

“We were not looking for a vendor,” says Baset. “We were looking for a partner. When we buy any product, we want to have a long relationship. We treat our partners as if they are part of the VF family. When Saviynt came in, they immediately understood our needs and they were willing to work with us.”

The Solution

Reclaiming Control of their Identity Security Ecosystem

With the Saviynt Identity Platform, the VF Corp team has been able to create an application onboarding process that is at least eight times faster than their old way of doing things. Leveraging automation and a standardized, repeatable set of steps, VF Corp can onboard at least two applications onto the Saviynt platform every week, and sometimes as many as ten.

“The time savings are immense”, Baset says. “Our internal customers can see how much faster we are able to onboard applications today. We can offer them options based on the design of the application, as well as application owner preferences.”

In addition, VF Corp’s identity team enjoys a great deal more visibility and control. After moving development and configuration of the platform in-house, they’ve created new efficiencies while giving internal stakeholders more data on how the system is performing.

“We now own the code,” says Michael Considine, Senior Manager of Identity and Access Management at VF Corporation. “It’s faster, because we can do the configuration work ourselves instead of waiting for a third party to do it. And we can see for ourselves the nuts and bolts of what’s going on. We also have access to custom reports, so we can delve into the data and immediately react to issues we see. We now have one common place we can go to see VF Corp’s identities across all the applications we’ve onboarded. As we add more, that viability will just continue to grow.”

VF Corporation is beginning to use the intelligent recommendations from Saviynt Identity Security Posture Management (ISPM) to guide birthright access determinations. “Today, when there’s a new hire, many managers don’t immediately know which applications the new employee needs access to,” Baset says. “AI will help them better understand what access is needed. This is especially valuable for employees who are moving from one group to another. They can carry the recommended access with them, while the platform will automatically remove access that’s no longer needed—an immediate reduction in risk.”

The Saviynt platform has simplified compliance, too. “With our old technology, we had layered controls over controls, because we weren’t 100% sure that any individual layer was meeting our compliance needs,” Baset explains. “In the end, there was a human being who was monitoring for deficiencies. Today we’ve simplified those controls, we’ve automated most of the processes, and it’s much easier for our team to maintain segregation of duties (SoD) controls within Saviynt.”

VF Corporation’s relationship with the Saviynt team remains strong. A number of the original team members have worked together since 2023, so they know each other very well.

“We have an excellent working relationship with the Saviynt team,” says Considine. “We’re able to co-develop with them, we can bounce ideas off them, and when we get stuck, we can ask if they’ve seen our challenge before. They’ve been immensely helpful, and we have a great consultative relationship.”

The Results

Driving Ongoing Process and Technology Improvements

Rapid AI adoption creates the need for faster technology modernization across industries, and retail is no exception. With Saviynt, VF Corporation has been able to prepare for a future where automation is expected by customers and employees alike. The identity team has simplified application onboarding and access provisioning while streamlining compliance and adding operational efficiencies. They’ll continue to extend these benefits by onboarding additional applications onto the platform, helping customer-facing retail sales associates gain immediate access to the tools they need to deliver exceptional customer experiences.

The Saviynt platform has given VF Corporation’s identity security team greater visibility into identities across the organization, but it has also given them greater confidence and control. “Saviynt is our partner of choice because they have a vision and a team that’s willing to listen,” Baset says. “Those qualities have enabled them to become a leader in identity security.”

Impact:

• Accelerated average application onboarding time from 4 weeks to 3.5 days

• Onboarded 35,000 human and 17,000 non-human identities onto the platform

• Leveraged intelligent recommendations to improve birthright access provisioning

• Streamlined compliance, boosting visibility and control