Kroger Customer Story
Grocery retail giant Kroger needed to quickly and seamlessly migrate 400 apps with millions of authentication events daily from SiteMinder to AzureAD.
- Migrated 400 apps in months vs. years of manual effort
- Avoid refactoring pain and quickly reap the benefits of Azure AD
- Saved millions in coding + validation costs
- Broke legacy vendor lock-in
- Provided an uninterrupted end-user experience
- Krogers IT team focused on building business value
Established in 1883, The Kroger Company is one of the world’s largest food retailers with close to 2,800 stores in 35 states, nearly 500,000 employees, and sales of $137B in 2022.
Kroger needed to modernize the authentication and authorization of their mission-critical applications — both consumer-facing apps and internal apps that every person at the company relies on every day in order to perform their job functions. With SiteMinder, their existing single sign-on (SSO) identity solution at its end-of-life, Kroger had to fully migrate to Microsoft’s Azure Active Directory to avoid legacy vendor lock-in.
With 400 applications spanning from in-house built applications that use a variety of technologies and programming languages, to commercial off-the-shelf applications, Kroger estimated that migration could take years and cost millions of dollars.
With the possibility of manually rewriting all their apps, Rob Lenhof, manager of the cloud information security team at Kroger, feared they might not be able to meet their goals.
Kroger had an identity problem — they needed to:
- Modernize their authentication and authorization solution
- Migrate 400 apps from Siteminder to Microsoft AzureAD
- Find a custom solution and a partner to guide them through the process
There was no time for app rewrites and no room for compromises. Kroger needed to:
Kroger needed to digitally transform from its on-premises identity system (IDP) to the cloud with a flexible, customizable process that could handle their immense scale. Enter: Strata.
A referral from Microsoft, Strata had a solution that would solve Kroger’s distributed identity challenge in a smooth, timely manner — Maverics Identity Orchestration Platform. After one meeting with Strata, Lenhof finally felt hopeful.
“We were looking for a solution or a process that would help us to migrate and be flexible enough to handle the scale we have here at Kroger,” said Lenhoff. “We also needed a real partner who could help us understand what we needed to do to reach our goal. We got both of those things with Strata.”
After an initial proof-of-concept (POC), a rapid “migration factory” was deployed. Strata’s lift-and-shift approach as opposed to a “big bang” migration made for a seamless migration process that was faster than the Kroger team had anticipated. Migrating apps off SiteMinder suddenly became simple — what would have taken months for a single app was completed in hours.
“It was great from our initial meeting,” said Lenhoff. “The conversation and the responses we were getting back were exactly what we were looking for.”
Maverics immediately saved Kroger millions of dollars in custom coding, manual testing, and validation work — plus, years-worth of migration projects. They also slashed legacy infrastructure expenses by retiring legacy identity software and related infrastructure.
“I don’t like to think about what could have been without Strata,” said Lenhof. “It could have been hundreds of thousands of hours redeveloping applications and reconfiguring those things.”
Another added bonus — there has been zero disruption to the end-user experience. The team loves that their stakeholders are none-the-wiser that they’re now using modernized authentication.
Using Maverics, Kroger has been able to completely move to AzureAD and shut down their SiteMinder infrastructure. Kroger and Strata also worked together to build out both non-production and productionalized instances of the solution. They scaled Maverics horizontally, making it highly available, resilient, and seamlessly integrated into the CI/CD pipeline.
With Strata’s help, Kroger accelerated the completion date of migration by several years, allowing them to focus valuable time and resources on future business innovation.
“I would highly recommend other enterprises that are interested in modernizing their applications and increasing their security posture to talk with Strata,” said Lenhof. “The industry standards and protocols like Strata does keeps things simpler and moves us toward the future.”
With Strata, Lenhof and his team feel confident about the future and leveraging the power of the cloud — with the possibility of additional advanced identity services still to come.
After their successful app migration and modernization, Kroger is looking at ways to work with Strata to solve additional use cases through advanced identity orchestration capabilities.