How a state government institution secured its ‘impossible to modernize’ HR application

  • Modernized a highly sensitive, problematic application in four working sessions.
  • Retired a legacy IDP and gained autonomy over cloud identity providers.
  • Saved millions via consumption-based (per app and IDP) pricing.
State government
Use case:
App / identity modernization


A critical HR app proved impossible to modernize

The State identity team had a problem: one of the mission-critical apps their HR team relied on was non-standards based. It used a legacy IDP that was no longer supported by the provider. 

To keep using the app, the team had to transition it to a cloud-based IDP and secure it with multi-factor authentication (MFA).  If they didn’t, the personally identifiable information (PII) in the app would pose a major security risk. They tried to modernize the traditional way by refactoring with a well-known identity and access management solution. This marked the start of an eight-month-long project.

But there was a problem. User information wasn’t being carried all the way through; it was getting lost post-authentication. So after a grueling attempted modernization process filled with daily calls (and costing millions of dollars), the app was still stuck.


Secure the impossible app with Identity Orchestration

The State team had to find a different option. That’s when they found Strata and learned about Identity Orchestration. The Strata team immediately understood the modernization challenge facing the State team and used Maverics to solve the unmanageable app problem in just four working sessions. 

Here’s how they did it: the Maverics Orchestrator acted as a proxy, sitting in front of the legacy HR app. This allowed the team to add MFA to a vulnerable app without refactoring. Identity Orchestration with Strata didn’t just solve this HR app’s identity issue — it allowed the State team to use Identity Orchestration to secure other mission-critical apps, eliminating future modernization challenges. 

“Strata can modernize as much or as little as [the State] want[s] us to. If you want us to fit into some very rigid, predefined pattern because that’s what you have to do, we can do that — or we can turn that whole thing upside down if you’ll allow us.”

 — Jenny Farbstein, Manager of Professional Services at Strata


Retire the legacy IDP and effortlessly secure multiple apps

Using Strata’s solution allowed the State to flatten the hierarchy of authorization and authentication and gave the identity and access management (IAM) team control over app modernization. Thanks to Identity Orchestration, app owners and users didn’t even need to be involved. 

Securing the mission-critical HR app was the first hurdle on the path to modernization — the State had multiple apps that needed a modern identity provider. So Strata moved on to help the State use Identity Orchestration to further modernize. Strata’s offerings fit well within the distributed state government departments, as each disparate department can be independent to budget for, purchase, and implement the appropriate solution for its needs. With Strata, the State team has gained IDP autonomy, identity security, and the confidence to in their ability to be in control of their modernization. 


Read more stories like this one