Contact Jobs
Language
English
Make an appointment
Make an appointment
Menu
Sluiten
Menu
Sluiten
Menu
Sluiten
Language
English
Floriday-FreshPortal-WB-Gerbera-04-1
Home
Success Story Royal FloraHolland
Home
Success Story Royal FloraHolland

How to set up excellent Digital Identity Management

We talked with Bas Wevers, CISO at Royal FloraHolland to find out how a sound design of all Digital Identity domains (IGA, PAM and CIAM) contributes to their digital transformation.

Royal_FloraHolland_Logo

From physical auction to digital platform

Having an annual turnover of € 5.6 billion in 2021, Royal FloraHolland is the center of global trade in flowers and plants. By connecting growers, customers and third parties, Royal FloraHolland creates a solid collaborative foundation for all players in this industry, in order to achieve sustainable success in the global floricultural market. In the past few years, the physical auction has been transformed into a digital B2B platform (Floriday) for all participants in the industry. To make further digitization a success, it is vital that the basic processes are in good order and ready for the future. Properly designing a Digital Identity system contributes to this objective.

Features Royal FloraHolland
  • Target group: We connect growers and buyers, and cooperate with all parties in the floriculture trade, to keep the industry growing.
  • Staff: >2000 FTE
  • Type of organization: Cooperative
  • Objectives: Business enablement, compliance, security & risk, Business efficiency, user experience
  • Technologies: CyberArk, Okta en SailPoint
Bas Wevers

"We have achieved “business enablement”. Royal FloraHolland’s employees and customers are no longer engaged in peripheral issues but can focus on their core business. "

Bas Wevers
CISO - Royal FloraHolland
The challenge

Bas, what prompted the digital transformation?

As Royal FloraHolland, we have a unique position within the market. We are a cooperative and aim to achieve sustainable success for our members. The passion that characterizes our growers can also be found among our employees. The increasing digitization required a different approach and introduced new cyber and other risks. By a different approach, I don’t just mean a different way of working within the organization, but also a different approach of our growers, customers and third parties.

I choose to see cybersecurity primarily as a “business enabler” instead of a ‘’barrier”. Our goal is to facilitate business processes for the different target groups in a safe way. That’s why we continuously ask ourselves the following questions:

  • How do our employees, partners and suppliers do their jobs?
  • How can we make and keep the threshold for every target group as low as possible?
  • How does a technological solution fit within the organization?

We involved all our stakeholders in the implementation of CyberArk, Okta and SailPoint IdentityNow, and listened carefully to them. In this way, we created an integrated solution that is well aligned with our target groups. Collaborating with stakeholders who have knowledge and experience is a prerequisite for success. The human transformation is a key condition for the digital transformation.

The solution

What was your approach?

We were and are looking for solutions that can be incorporated into the organization. It was and still is important to us that the entire field of digital identity is treated in a holistic and understandable way. Pragmatism takes precedence over a project-oriented approach. For that reason, we divided the various domains, Identity Governance & Administration, Privileged Access Management and the future Customer Identity & Access Management into different projects.

Together with our partner Grabowsky, we are developing an integrated method to improve and stay in control of our Digital Identity environment in a concrete and pragmatic way. We try to present the topic of Digital Identity in a breezy way. For example, we made the "PAMification” journey, in which we focused on the 12 steps to PAM happiness. As a result, our employees who are working with CyberArk see security less as an “obligation” but more as something necessary and something they truly believe in. In a way that matches the current way of working as much as possible.

The result

What did it bring Royal FloraHolland?

We have achieved “business enablement”. Royal FloraHolland’s employees and customers are no longer engaged in peripheral issues but can focus on their core business. Some figures:

  • The joiner, mover, leaver process has been automated for 5,000 internal identities in the organization
  • More than 20,000 (external) identities are able to manage their access requests and authorizations themselves (self-service). This puts our members, customers and suppliers in control.
The most important lesson

What advice do you have for organizations wishing to create a successful Digital Identity environment?

  • Make the digital transformation fun and don’t take it too seriously. Integrate digitization into the organization by facilitating work in a safe way. Align it with existing business processes as much as possible. Single Sign On (SSO) does not only make life easier for employees, growers, buyers and other parties, it also makes it much safer. As a bonus, it is a relief for the CISO too. 
  • Take the stakeholders along on your journey and be prepared to see the added value for them. Don’t be too stubborn and listen to your key stakeholders. For us, they are the end users, security specialists and software suppliers. In this way, you create an integrated solution that is well suited to the various target groups.
  • Communicate in a clear and understandable way. Explain in simple language to all target groups what is to be achieved, why and how. Take out the ‘must’ and try to avoid ‘security jargon’.
  • Don’t do it for yourself, but for the greater good! 
Grabowsky Consultant

Are you also facing a Digital Identity challenge?

Our team will gladly guide you through your Digital Identity journey. It starts with clarifying your question, drawing up a smart plan, mapping out processes, and choosing and implementing the right technical IAM solution. So that you too can successfully achieve your goal.