My name is Martin sand, and I'm very happy to be here again at copy cold EIC. It's been a long time since we had the, the talks. I'm gonna talk a bit about digital onboarding. So a little bit about what Al Delas is while we are trying to get my slides to work. So we are a green grocer, quite large green grocer, about 440,000 people globally.
Most of the businesses is in the us and Europe and in Indonesia, and we are being a very large company or one of our main challenges of course, onboard and off board, especially in your retailing, you have a lot of people who work part-time and who you don't need to hire. So we have of course gone through the, the pandemic and as you all know, being a food retailer pandemic was quite good generally. And our main problem has been basically to get the product out to our customers.
We did this decently well, partly because we've been investing a lot in what we call mechanized distribution centers and a mechanized distribution center that serves 2 million population or so has about 50 engineers that takes care of the robots and about 50 manual workers that does, we still have some manual. Yes. Now I got the clicker there. So perhaps I can also get, you're not seeing it.
So yeah, well, so the mechanized dispute centers has about 50 robot engineers and 50 task workers. While the old style dispute centers had about 350 task workers do the same. So there are two things that we still can't do with robots. Can anyone in the audience can guess who those two things are
Maybe distinguish between good food and, and spoiled food.
So that is actually one thing, but that is correct. We actually do have robots that does these things.
Although in these distribution centers, we primarily handle the basically there's, there's large trucks coming in and we get the stuff on pallets and then we break, put it into our warehouse and then break it down to what we call. Let's say a tray. So it's like a lunch tray. So store can get, can order down to about, well, say between four and 20 units. And then all of those goes into a roller cage. And then they go to, to the, the store in another truck. So the two things we can't do, one is to take away the foil on the, the pallets that come in. So they're often there's plastic around them.
And that is too hard for robots. They cut too deep or too shallow. The other thing is to handle toilet paper because toilet paper is squishy. So if all the products, all different 50,000 products that we have here, somehow you, our customers manage to pick the one product. We can't handle the robots
So expensive.
Correct. So next time please hamster like coffee or, you know, sugar or something. So to handle all of this work, we've gotten some new colleagues. And one of this is this robot here they're used mostly in the us they're primary use to, to circle around the store to spot.
When we run out of product on the shelves or spot when there's a leak or something that could present the hazard to customers. Another thing we have invested in is these exoskeletons. So on the back of my colleague, there, he has a power unit that actually it measures the, the signals going out their muscles and then makes them stronger. It makes them primarily have dried posture. So if you work for, you can get Ono skeleton.
So these are actually helping quite a lot.
And the robot was also for a while, had a special UE lamps that could kill off viruses, the cleaning, but as security professionals, this of course causes new problems. So in the old world, you used to have ransomware people who stole you data and encrypted it. And in the future, you're gonna have ran where people who says that, well, I turned all of your robots into dox.
So they run around chase your customers and say exterminate, or they gonna say that, unless you give us a large pile of Bitcoin, you're gonna have your entire warehouse stuff, dancing ballet, and that's gonna be a bit of a challenge. So we spent quite a lot of time trying to make sure that all of this new infrastructure we, we are putting in will actually be safe. So it's an interesting IOT use case.
So we not only got robots, Ando, skeletons, but we also hire a lot of people.
So for example, in Q2, we hired 45,000 people to cover the extra demand and as well as cover for the colleagues who got sick. So the way we handle this is that in, out in the stores, we do basically role based and rule based provisioning. So if you're a store manager in a specific brand, you get exactly the same access as other store managers has. So we have 800 stores, we have 800 store managers, we have 800 associate store managers.
Also, we get access. This works great when you have jobs that are, there's lots of them. And they're all basically the same. If you look at the headquarters, you have a completely different solution. Now you might have a lot of jobs that it might be 2, 3, 4, 5 people at us.
So having defining rule based for each one of these very, very small roles that doesn't really have very many people is not really doable from a maintenance perspective. So for those, we do request based self service, delegated access. So there's a person per the department that can raise the access on approvals.
What we have seen is that the area between those two extremis, that we have new business that come up, that don't have a huge amount at the start and they have, they don't really know who's doing what so they're kind of trying to learn. So a lot of the ebusinesses are some on the, of the, the brands are like this. They sometimes start growing so that they start having hundreds of users per week, that gets onboarded. And then we have the challenge that the old style rule based works fine. If that you have to have an IM factory that does the right new policies.
So one thing we're looking at is try to have more business friendly rule engines that where the business can, can define their own rules. So you can cover the, the area in between.
And this, of course, also very interesting for as we are moving more and more from the, the old style, it where you made a huge investment at start, and you know, it didn't really matter if you had 10,000 users or 20,000 users, you had already all the cost for sunken already to the new world, where you have a lot of things that are per or month. And if you have one package that cost two Euro per month and cost 20, if you can transfer a thousand users that becomes money quite quickly, if you can transfer 10,000 users, well, quite easily looking at the business case to do that improvement.
So the, the hardest of these challenge was actually not with our employees, because with employees, we have a quite good idea. If we, if we still still work for us or not, police tends to be quite angry. If their payroll doesn't come. And usually we manage to figure out if someone is not no longer working. So we stop paying the money. And then we can see that in the flow from HR, but for externals, it can be quite tricky. And we work a lot with externals. We have a lot of partners who work for us, and a lot of that needs access to our systems.
So being able to have good end user certification, both from a quality perspective and trying, working really hard and avoiding that you will have a single internal person that's been responsible for hundreds or thousands. It's very important. And it's not so easy to execute on that consistently. So it's something where you can apply analytics and try to figure out why you have to go from extreme amounts of certain places.
So, one example is not from the hospital, it's from another major Dutch firm, but they had a partner who had 800 accounts. The partner had a cybersecurity problem. So they shut down all the access and did a review after review three people needed access.
So another thing we have been doing the last couple of years with the digital onboarding is to get the MFA in place. And MFA is an interesting subject because, you know, as identity profession, we think that like everyone should use MFA. Why not everyone using MFA? And it turns out that there's certain things that are complex.
So we started with five different MFA systems because our different opcos picked different systems. So the thing we, we concluded on this during this journey to go from five to one was actually connected with the picture, which is my backyard in Amsterdam. And what you see here are my children and a Swedish moose hunting tower. So these towers, if you go to Sweden, you'll see that there's, I think like hundreds of thousands of them spread out over the, the countryside.
And if you live in the countryside one week, a year in the fall, you go hunting moose with your buddies, you sit in those towers and then you drink coffee, and then there's a moose walking by you shoot it hypo rifle.
And it's mostly about the chance to get away into the nature from kind of your, your everyday stuff. But for the people in the rural part of Sweden is very important. You can see that like a, but with, you know, fewer high power rifles, hopefully, but the, the reason why there is a moose hunting tower in my backyard was because my son wanted a swing.
And I managed to convince my wife that instead of just buying a swing and setting it up, I could build one of these towers, which is built from a standard construction pattern that the Swedish authority for promoting timber construction has, can go to internet and can download all kinds of stuff. If you want to build timber buildings and timber constructions. So I got managed to pass by the, the management, my wife to build this by claim was Sweeney.
And you see it's a swing. My son is very happy with the Sweeney.
The other thing that connects to the MFA is what actually is the hardest in MFA rollout in, in our experience is this is not really visible. So below the, the level of the ground here, there's about a half a meter long steel spikes, and then there's half a meter of the vertical pillars. That's well that's because everything is sand, I'm leaving Amsterdam. So you have to stabilize these towers. So otherwise it's gonna fall over. And what we have seen is that what is really hard to have a successful MFA project.
And, you know, we had five before we started the current one is to try to get onboarding that you have to give your users something positive. If it's just something that is being pushed down from security, that no one understands why you're gonna have products or uptake either form of uptake on the actual end users or uptake in the application landscape.
So what we did was that we hatch hitched the ride on one of the major rollouts of a new business product in this case, the new HR system, and what that meant was that for end users, this was great.
They could now fill out a time report to all of the other HR stuff, not having to do it in the office, or, you know, in the small room that's behind the store where you have all of the administration done, they could do it in other places because of the fact about MFA in place, we still had this kind of security we wanted. So the end users felt I positive. It was a bit of a hassle of course, to install MFA clients on their phones, et cetera, but, you know, overall it made their life better.
And I think this is something we've seen also when I speak to other colleagues in other companies, that this is how we have a successful MFA project. Well, one important part is to focus on the rollout and try to make it positive.
The other things that often can help with your rollout, that is looking at the, the demands that you put on the user for enrolling. So normally you like that during a rollout, when you enroll into the MFA, you need to be present on site in the corporate network to have that as one factor. Otherwise you have not really increased amount of factors.
If all you need to do to enroll is the username password. But of course, that becomes complex in a pandemic. You don't really want, for example, we rolled out the HR, we out for about 122,000 people. You do not want 120,000 people showing up at your offices during the pandemic. So we did a relaxation during a specific amount of time.
Likewise, when new users come in, they get a relaxation in the beginning where they can enroll to MFA at the beginning of their time. And obviously this is a trade off between security and actually getting someone to use your MFA. But this is often a big point.
So the last thing I would like to talk about is a little bit about the future of onboarding. So today we do onboarding you either go to the headquarters, to the, the help desk, and then you get your, your initial login and password, or you give it to you. We give the login and password to your manager and they give it to you.
Or in certain geographies, we use some form of a shared secret between you and, and the system. Neither of these three solutions are really ideal because they all have security or practical consideration. So one thing we started to explore now is to see, well, why should it be harder to become, to work for than it is to get the bank account? Can we use the same ideas that you have in how you enrollment for bank accounts online or how you can become a member of a car share system?
So using a E IDs using decentralized identity, we really believe that this is something that's gonna be a part of the user experience going forward. So with that, I would like to see if there's any questions.
Thank you very much, Martin. So of course.
