Capgemini implemented a unified cloud-based platform that took identity information from disparate HR systems to streamline onboarding and employee management

Client challenge: A major fast-food chain with locations across the globe lacked clear visibility into worker data housed in many incompatible systems.
 
Solution: Capgemini created a cloud-based platform that integrates all employee information and grants application access automatically.

Benefits:
• HR data organized across 110 markets worldwide
• Three million application-access requests processed annually, up from one million
• Support ticket requests decreased by 30 percent

A quick-service restaurants (QSR) pioneer discovered a recipe for success: delicious food at affordable prices. But it still needed a key ingredient before it could deliver effective employee management.

The US-based company prided itself on employing millions of people across many different countries. As the business continued to grow internationally, however, identifiable information related to workers became spread across many human-resources systems.

This made it difficult to onboard employees and grant access to the resources needed to perform their roles effectively. Business leadership knew a standardized process for organizing and accessing HR information across regions would benefit the company.

That’s why the QSR business asked Capgemini to tap into its technical expertise and experience working with Microsoft technologies to create a solution that would automatically bring this knowledge together in a single place.

The cutting-edge solution: Microservices authentication creation and access rights

Capgemini developed a highly scalable solution that integrated seamlessly with the QSR chain’s many HR and staffing systems. It’s an identity governance and administration (IGA) platform that helps the organization manage user identities across multiple systems via a highly scalable self-service web application.

The solution removes the need for manual intervention in many instances through automated application access. It grants or removes access to various aspects of different systems based on an employee joining the company, changing roles, or resigning.

An additional benefit to this automation is the guarantee that the business is tracking system-access changes methodically and consistently. This generates detailed logs that demonstrate compliance with company standards and external regulations.

Engineering new value with Microsoft technologies

The customized solution’s various components allow it to accomplish all these tasks reliably. Capgemini didn’t simply deploy a pre-existing product but instead addressed the company’s particular needs.

The project team did so using several cloud-based Microsoft technologies: Azure (cloud-computing platform), Active Directory (access-control system), Entra (IAM service), and ASP.NET Core (open-source modular web-application framework).

By combining the principles of microservices, in which smaller resources are deployed separately yet work together, with event-based architecture, wherein design components react to incidents and updates, the team ensured the new solution would coexist easily alongside the legacy HR systems of local restaurant franchisees.

Multiple engines working together under a shared framework

Capgemini brought these technologies together under an application-access framework, in which structured processes manage applications and sensitive information. This ensures that the IGA automation, which forms the backbone of the solution, complies with the company’s established policies and control.

This feature enables the solution to schedule and monitor identity creation and access updates in near real-time and audit each process. This automates the agile provisioning and deprovisioning of application access, which more reliably matches organizational changes.

An identity-resolution engine integrates employee information from many data sources into the solution and eliminates duplicate records. Meanwhile, a business-events engine monitors and reflects changes to roles or employment status.

The solution automates routine administrative tasks to improve data accuracy and availability while allowing staff to focus on higher-priority or more strategic work. Most of this automation happens seamlessly in the background. However, when needed, employees can request and managers can approve access changes directly through the same web portal that displays relevant information.

Protecting personally identifiable information

Some QSR branches initially raised concerns about moving locally stored data to a cloud-based solution. Capgemini addressed these concerns by adopting a DevSecOps approach that integrated security into every phase of development.

Continuous integration/continuous deployment (CI/CD), a software development process that perpetually incorporates, tests, and implements code changes, allowed the team to build and improve the solution rapidly. It also embedded security checks throughout the development lifecycle.

Throughout the project, Capgemini proactively managed security incidents with vulnerability scanning, which uses automated tools to assess software and network weaknesses. As a result, the system now more secures employee data more effectively.

Accelerating application access, reducing incidents

Capgemini and the company deployed the solution in restaurants across 110 markets over the course of two years. It has drastically reduced the time required to review and approve requests for application access, which has powered greater efficiency and reduced costs.

The company has already seen significant improvements across key operational and security areas.

  • 30 percent fewer support tickets: Automation of provisioning, deprovisioning, and auditing has dramatically reduced manual errors and administrative burden.
  • Enhanced security posture: The risk of unauthorized application access has been significantly minimized, helping protect sensitive data and systems.
  • 200 percent increase in access request throughput: The company scaled from handling one million to three million access requests annually without additional headcount thanks to streamlined workflows.
  • 80 percent faster onboarding: Application access for new users now takes just one hour instead of five, accelerating employee productivity from day one.

The new cloud-based platform eliminated significant bottlenecks and integrates employee information across 110 markets. It’s a solution that delivers just what this QSR organization needed, so it could get on with serving its millions of customers worldwide.