Fast-food chain slashes onboarding times and go to market with innovative microservices

A unified cloud-based platform took identity information from disparate HR systems to streamline onboarding employee management

Client challenge: A major fast-food chain with locations across the globe didn’t have clear visibility into worker data housed in many incongruent systems.
 
Our approach: Capgemini created a cloud-based platform that integrates all employee information and grants application access automatically.

Business outcomes:
· HR data organized across 110 markets worldwide
· Client processed three million application-access requests annually, up from one million
· Support ticket requests decreased by 30 percent

A pioneer in quick-service restaurants (QSR) discovered a recipe for success: delicious food at affordable prices. But it still needed a key ingredient before it could deliver effective employee management.

The US-based company prides itself on employing millions of people across many different countries. As the business continued to grow internationally, however, identifiable information related to workers became spread across many human-resources systems.

This made it difficult to onboard employees and grant access to the resources needed to perform their roles effectively. Corporate leadership knew a standardized process for organizing and accessing HR information across regions would benefit the company.

That’s why the QSR business asked Capgemini to tap into its technical expertise and experience working with Microsoft technologies to create a solution that would automatically bring this knowledge together in a single place.

The cutting-edge solution: Microservices authentication creation and access rights

Capgemini developed a highly scalable solution that integrated seamlessly with the QSR chain’s many HR and staffing systems. It’s an identity governance and administration (IGA) platform that helps the organization manage user identities across multiple systems via a highly scalable self-service web application.

The solution removes the need for manual intervention in many instances through automated application access. It grants or removes access to various aspects of different systems based on an employee joining the company, changing roles, or resigning.

An ancillary benefit to this automation is the guarantee that the business is tracking system-access changes methodically and consistently. This generates detailed logs that demonstrate compliance with company standards and external regulations.

The development process: Engineering new value with Microsoft technologies

The customized solution’s various components allow it to accomplish all these tasks reliably. Capgemini didn’t simply deploy a pre-existing product but instead addressed the particular needs of the client.

Capgemini used several cloud-based Microsoft technologies: Azure (cloud-computing platform), Active Directory (access-control system), Entra (IAM service), and ASP.NET Core (open-source modular web-application framework).

By combining the principles of microservices, in which smaller resources are deployed separately yet work together, and event-based architecture, in which design components react to incidents and updates, the team ensured the new solution would coexist easily alongside the legacy HR systems of local restaurant franchisees.

How it works: Multiple engines working together under a shared framework

Capgemini brought these technologies together under an application-access framework, in which structured processes manage applications and sensitive information. This ensures that the IGA automation, which forms the backbone of the solution, complies with the client’s established policies and control.

IGA automation schedules and monitors identity creation and access updates in near real-time – with auditing for each process. This automates the provisioning and deprovisioning of application access with agility, to meet organizational changes. 

An identity-resolution engine integrates employee information from many data sources into the solution and eliminates duplicate records. Meanwhile, a business-events engine monitors and reflects changes to roles or employment status.

The solution automates routine administrative tasks to improve data accuracy and availability, while allowing staff to focus on higher-priority or strategic work. Most of this automation happens seamlessly in the background. However, when needed, employees can request access changes – or managers can approve them – directly through the same web portal that displays relevant information.

Security from day one: Protecting personally identifiable information

Some QSR branches initially raised concerns about moving locally stored data to a cloud-based solution. Capgemini addressed these concerns head-on by bringing deep cybersecurity expertise to the table. The team adopted a DevSecOps approach – integrating security into every phase of development, from planning to deployment.

Continuous integration/continuous deployment (CI/CD), a software development process that perpetually incorporates, tests, and implements code changes, allowed the team to build and improve the solution rapidly. It also embedded security checks throughout the development lifecycle.

The team proactively managed security incidents with vulnerability scanning, the use of automated tools to assess software and network weaknesses. The result was a system where employee data is now more secure than it was before the project began.

Business value: Accelerating application access, reducing incidents

Capgemini and the client deployed the solution in restaurants across 110 markets in phases across two years. It has drastically reduced the time required to review and approve requests for application access, which is powering greater efficiency and reducing costs.

The client has already seen significant improvements across key operational and security areas.

• 30 percent fewer support tickets: Automation of provisioning, deprovisioning, and auditing has dramatically reduced manual errors and administrative burden.
• Enhanced security posture: The risk of unauthorized application access has been significantly minimized, helping protect sensitive data and systems.
• 3x increase in access request throughput: The client scaled from handling one million to three million access requests annually – without additional headcount – thanks to streamlined workflows.
• 80 percent faster onboarding: Application access for new users now takes just one hour instead of five, accelerating productivity from day one.

The new cloud-based platform eliminated significant bottlenecks and integrates employee information across 110 markets. It’s a solution that delivers just what this quick serve restaurant needed, so it could get on with serving its millions of customers worldwide.