SUCCESS STORY
With a net turnover of about 5.5 billion Euros and over 23,000 employees, Hornbach Baumarkt AG is one of the largest home improvement chains in Europe. Just over half of its turnover comes from Germany. Europe-wide, Hornbach operates 167 large home and garden centers and two specialty stores, with a total retail space of almost 2 million square meters, with many of the properties owned by the Hornbach Group. Measured by turnover, Hornbach in Germany is the third largest operator of home improvement centers, by turnover per market or per square meter of retail space, they are number one.
Like all companies of this size, Hornbach is dependent on comprehensive, and above all reliable, IT support for its daily operations. Merchandise management, logistics and other core functions are not the only challenges. Services are therefore ranked very high.
The central nervous system of IT at Hornbach is the Active Directory (AD) of Microsoft which administers all IT objects such as users, groups,applications or devices as a directory service, and which allows administrators to control access to resources through the issuance and management of access rights. Employees should possess targeted access rights which they actually require to perform their jobs. This also applies to the administrators.
However, an Active Directory that has thousands of users and may other objects is a complex structure which is subject to incorrect configurations that have potentially serious effects on business operations. And no one is perfect. The question is not whether errors occur, but when and where they occur, and what type of errors they are. For Hornbach, it is therefore essential that its Active Directory is continuously audited in order to identify incorrect configurations and their reasons and root causes and to remedy them in a timely manner.
Continuous auditing for Hornbach should therefore put in place comprehensive change management in AD and overall should facilitate a user-friendly overview of who is actually doing what in Active Directory. The company had already implemented a commercial auditing solution years ago for this reason, but this solution could no longer satisfy the increasing demands over time. In a discussion with N3K, Hornbach was very interested in Cygna Auditor by Cygna Labs. So both companies quickly agreed to a test installation. Just three months later, the proof of concept (PoC) was successfully concluded, and the results clearly suggested switching to Cygna Auditor.
”Cygna Auditor not only provides us with comprehensive and deep insight into events inside of our Active Directory, but also enables us to remedy errors in a very simple way", according to Florian Johann. "The integrated rollback function, which we lacked in our previous solution, allows us to reverse undesired changes to individual AD objects very granularly and in a very short time."
Also, Cygna Auditor performs much better than the earlier auditing solution, according to Florian Johann.Also, its user-friendly features were another argument for switching to Cygna Auditor. The new solution has a uniform, web-based GUI and a likewise uniform storage area for all audited data instead of individual management interfaces and data silos as in the past. Also, the system's expandability and thus future security spoke highly in favor of Cygna Auditor. It follows a platform strategy supporting a number of auditing modules, including modules for Office 365, Teams, Azure AD, Exchange, SharePoint and others so that Hornbach can easily integrate, license and activate the right modules in the event of additional auditing requirements.
Although the switch from an established solution to a new solution is often very complex and can come with many adaptation and training complications, for Hornbach the migration to Cygna Labs was not difficult. "Data collection basically functions the same in all commercial auditing solutions - we didn’t have to make serious changes in this regard", said Florian Johann. "But due to the uniform and intuitive user interface, we suddenly had a much simpler way of operating so that our AD administrators were able to be immediately productive using the new solution, without needing a long learning curve." Also, the switch was accompanied by the experienced engineers of the German Cygna integrator N3K Informatik, so that it was possible to quickly remedy minor initial difficulties.
"Cygna Auditor not only provides us with comprehensive and deep insight into events inside of our Active Directory, but also enables us to remedy errors in a very simple way."