CUSTOMER STORIES

How a global manufacturer constructed uninterrupted access to applications

  • Application migration streamlined:
    Seamless transition from ForgeRock to Okta, maintaining critical functionalities without extensive app rewrites.
  • Continuous operations ensured:
    Established a versatile identity fabric to ensure access to critical applications.
  • Retired a legacy IDP:
    Migrated to a modern IDP, enhanced security, and ensured business continuity with Microsoft Entra ID.
Use case:
Identity Continuity
Employees:
50,000
Apps migrated:
12 complex apps

“Strata gave us the confidence to transition our critical applications to Okta. Their expertise and ability to resolve problems quickly has been key to maintaining our operational integrity and security during the migration.”

— Manufacturing CIO

THE CHALLENGE

Always-on access to mission-critical applications

A Fortune 100 manufacturing enterprise faced an immense challenge: migrating authentication services from ForgeRock to Okta while ensuring continuous access to critical applications. Any disruption could affect business stability and operational integrity. The stakes were high; just five minutes of downtime would cost the company an average of a million dollars. In addition, malfunctioning machinery could be dangerous to workers using it, and no risk to their safety was acceptable.

The company’s IT environment involved a complex web of interdependent systems. The applications were highly customized and deeply integrated with ForgeRock’s API patterns, which had been installed over many years. The IT team was resigned to having to undergo a difficult, multi-year process of untangling everything from ForgeRock. The apps were very important because they supported critical operational functions, which required flawless delegated admin capabilities for employees to access user accounts swiftly — something their new IDP Okta didn’t natively do.

They also needed a robust failover system for these applications. The company couldn’t afford any interruption in application access, not even a few minutes a year. They required a secondary IDP and chose Microsoft Entra ID to take over if Okta experienced issues.

Security and compliance were top concerns, so changes to their identity management systems had to comply with strict standards. Ensuring data protection and meeting regulatory requirements was essential, even during a failover state.

The transition would involve several stakeholder groups, including IT, security teams, and compliance. Coordinating these groups toward a common goal added complexity. To ease friction across various teams, they needed a technically sound solution that could be deployed quickly.

“Ensuring continuous access to our critical operational applications is non-negotiable. [Maverics] addressed our immediate challenges of maintaining delegated admin capabilities during the migration from ForgeRock to Okta and set us up for long-term success in identity management.”

– Identity Architect, Manufacturing Enterprise

A man with gray hair and glasses works on a computer in an office, ensuring continuous app access. A person is blurred in the background.

THE SOLUTION

A seamless migration with Strata’s Identity Orchestration

Strata worked diligently with the manufacturing company’s identity team to address the challenges during their migration from ForgeRock to Okta. They were able to quickly focus on achieving always-on access to mission-critical apps. Strata’s Identity Orchestration platform enabled the replication of ForgeRock’s impersonation capabilities within Okta, ensuring that staff could continue to log in as users to resolve issues promptly.

Rather than the years-long process the company had assumed it would be to extract their apps and data from ForgeRock, the migration was done in a few months for a fraction of the cost they had initially budgeted.

In addition, Strata ensures identity continuity for the manufacturer by implementing a seamless cloud-to-cloud IDP failover to Microsoft Entra ID, maintaining uninterrupted access to critical applications. This approach future-proofs the company’s identity management infrastructure, allowing for greater flexibility and security as they scale.

They chose Strata for:

  • Assurance of identity continuity: Implementing a failover system to Microsoft Entra ID, ensuring that critical applications remain accessible and secure even if Okta experiences issues.
  • Custom solutions: Strata’s ability to replicate ForgeRock’s delegated admin capabilities within Okta.
  • Proven expertise and experience: Tailored demos and on-site implementations showcasing the integration process.

“Strata’s ability to seamlessly integrate with our systems during the migration from ForgeRock to Okta has greatly improved our operational efficiency. With continuous IDP access, we can be confident that the data we need is always available. And we can prove it for regulatory compliance reasons.”

– Identity Architect, Manufacturing Enterprise

THE OUTCOME

Beyond migration: flexibility, security, continuity and the human element

The company’s ultimate goal was Identity Continuity. Using Strata’s Maverics platform, it laid the foundation of modernization with orchestration by transitioning its apps from an older on-prem software-based IDP to a more modern cloud identity vendor. Maverics provided business and identity continuity, ensured uptime, and maintained access to critical applications, putting them in a better position for more adaptable and secure identity management practices. Implementation of the Maverics platform was quick and painless. Strata’s Identity Orchestration also enabled the company to avoid vendor lock-in, ensure the safety of its employees, and adapt to future regulatory mandates.

Two scientists in lab coats examine electronic components in a high-tech laboratory. A 3D printer and computer monitors with data ensure continuous app access is maintained seamlessly in the background.

The implementation project was straightforward. Deploying Maverics was fast, and their team was with us every step of the way. After that, the rapid application onboarding for SAML and OIDC apps enabled batch loading and updates for all our applications.

 — Manager of Cloud Information Security

RECOMMENDED FOR YOU

Read more stories like this one