Client Overview
The organisation is a retail chain operating 60 stores across three East African countries, selling electronics, household goods, and mobile products. The company employs around 1,400 people across stores, distribution centres, and a head office. Over the past two years it has moved its point-of-sale, inventory, and HR systems to cloud-hosted platforms, which has increased the number of applications staff need to access while also creating new challenges around managing credentials for a workforce distributed across many locations.
The Challenge
Store staff were accessing the point-of-sale system, inventory platform, and staff scheduling tool using separate usernames and passwords for each system. Password resets were a frequent help desk issue — particularly in smaller stores where staff were not always confident managing their own credentials — and the central IT team estimated that password-related support calls were consuming three to four hours of IT staff time per day. An access review conducted during an internal audit found that a number of accounts for staff who had left the company — particularly from stores that had been opened and then reorganised — were still active across the retail management systems. Store managers had not consistently notified the IT team when staff departed.
“Four hours a day on password resets for store staff is time we could not afford to spend, especially with a team of three covering sixty stores across three countries.”
— IT Manager
The Solution
eMudhra deployed SecurePass to unify access management for store and head office staff. Integration with the HR system automated account provisioning and deactivation based on employment records, clearing the stale accounts identified in the audit and establishing a consistent lifecycle process going forward. SSO was configured for the point-of-sale system, inventory platform, and staff scheduling tool, giving store staff a single login for all three applications. A self-service password reset portal was set up, allowing staff to reset their own passwords using a mobile-verified identity check — reducing reliance on the central IT team for routine credential issues. MFA using SMS OTP was enabled for head office and manager-level accounts accessing the retail management backend and financial reporting tools.
Results
Self-service password resets reduced password-related help desk calls by around 65% within the first quarter. Stale accounts were cleared during the initial reconciliation and the automated lifecycle process has maintained a clean account estate since. Store staff report fewer login issues and the IT team has redirected time previously spent on password calls to higher-priority activities.
Metric | Before | After |
Password reset help desk calls | 3–4 hours of IT time per day | ~65% reduction via self-service portal |
Stale accounts cleared | Multiple accounts for departed store staff | Cleared on go-live; automated lifecycle maintained |
Store staff login experience | Separate credentials for 3 systems | Single SSO login for all store applications |
Account lifecycle process | Manual; inconsistent store manager notifications | Automated HR-integrated provisioning and deactivation |
MFA coverage — management tier | Not enforced | SMS OTP for manager and head office accounts |
