ktsdesign - Fotolia

Cloud-based ID management is key to PostNL’s public cloud strategy

Mail company uses Azure, AWS, Salesforce, SuccessFactors, Office 365 and Microsoft Dynamics as it shifts from on-premise IT

PostNL has begun a multi-year plan to migrate its IT to the cloud. Cloud-based identity management has become a key to this strategy, giving the Netherlands postal service a way to authenticate internal users and consumers centrally for multiple cloud-based applications.

Speaking at the Gartner identity and access management conference in London, Richard Kramer, lead architect at PostNL, said the decision had been driven by the changing nature of the mail business. “The world is changing,” he said. “For the last 20 years, email has been substituting the traditional mail business.”

For this reason, the company has focused on adapting to shifting trends. “We have a lot of digital and direct mail solutions,” he said. “And we are the seeing immense growth of online mail.”

According to Kramer, PostNL is now the Netherlands’ biggest parcel delivery service. Its stated figures show that its volume of addressed mail is worth about €2.4bn and is declining by 11-13% a year, while its parcel delivery business is increasing thanks to the growth of e-commerce.

But parcel delivery requires more resources, both in terms of people delivering boxes as well as extra IT for track and trace, and the ability to verify the identity of the parcel’s recipient.

Kramer said the company had chosen a cloud-only strategy rather than a hybrid approach to avoid the “doubling of cost” arising from running both cloud and on-premise datacentre IT.

“We had to think of IT value proposition,” he said. “We said we wouldn’t host applications.” Instead, PostNL planned to adopt cloud principles and take a software-as-a-service (SaaS)-first approach to IT. Cloud services were selected based on their data requirements.

For example, it chose Salesforce for sales, SAP for logistics and SuccessFactors for human resources. It also uses Microsoft Dynamics and Office 365 and both Amazon Web Services (AWS) and Azure for platform as a service (PaaS).

Read more about identity and access management

  • Cloud identity management can offer a lot of security benefits, but enterprises need to answer some questions before deployment. Expert Ed Moyle offers advice on what to ask.
  • Identity access management (IAM) systems work to help keep security high by initiating, capturing, recording and managing user identities and access permissions.

Kramer said PostNL had moved 50% of its applications to SaaS. It has deployed 20% of its applications on infrastructure as a service (IaaS) and 3% on PaaS, and its existing SAP R/3 enterprise resource planning (ERP) has been moved to a third-party provider.

But Kramer believes shifting workloads to IaaS is not an efficient use of the cloud. “IaaS is hassle because you still have to do backups, just like in a datacentre,” he said.

Instead, he is keen to move onto serverless computing platforms on AWS and Azure. “We have to move to Functions on Azure and AWS Lambda,” he said.

Identity management is a key requirement to any cloud migration, said Kramer. PostNL is using cloud-based identity management to manage user authentication across the business’ various public cloud services.

“In 2016, we migrated to one PostNL ID for consumers,” he said. The problem is that consumers need to allow data sharing across the different accounts they have at PostNL. These need to be merged, and so customers’ consent is required.

Within the business-to-business part of PostNL, the company wants to hold customer identities on Salesforce, said Kramer. “This year we will migrate all mail customers to Salesforce,” he added.

Read more on Software-as-a-Service (SaaS)