Entra @ McDonald's: Managing 2.2 million workforce identities in the cloud

George Roberts, Director of Identity Governance and Administration at McDonald's, shares his extensive experience in migrating the company's workforce identity platform from on-premises ADFS to Microsoft Entra.

We also talk about challenges like handling unique frontline worker needs (including a creative paper-based MFA solution) and integrating with various applications.

About George

George Roberts is the Director of Identity Governance and Administration at McDonald's, where he leads a global team responsible for building and delivering the enterprise identity and access platform to support over 2 million employees, partners, franchisees, and restaurant staff users worldwide. George has over 25 years of experience delivering secure, scalable, and user-friendly solutions that help McDonald's to accelerate its business. All views expressed are his own.

* LinkedIn - https://linkedin.com/in/sirtwist

* Bluesky - https://bsky.app/profile/sirtwi.st

🔗 Related Links

* Custom claims provider - https://learn.microsoft.com/en-us/entra/identity-platform/custom-claims-provider-overview

* Manage an external authentication method in Microsoft Entra ID - https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-external-method-manage

📗 Chapters

00:00 Intro

00:30 Overcoming ADFS Custom Claims Roadblock

01:35 Global Footprint and MFA Challenges for Frontline Workers

03:20 Guest Introduction: George Roberts, McDonald's

04:07 George's Background and Role at McDonald's

06:42 McDonald's Identity Journey: Decentralization to Centralization

08:38 The Entra (Azure AD) Migration Begins

13:04 Operational Benefits and Challenges of Moving to Entra

16:55 Deep Dive: Custom Claims and the Virtual Directory Service

23:56 Shift to API-First Mindset and Standards (SCIM)

32:46 Major Challenge: MFA Solutions for Frontline Workers

37:27 The Paper-Based MFA Solution

40:03 Entra External Authentication Methods

46:02 Ideas for Device-less Frontline Authentication

50:12 Onboarding Speed Challenges in Restaurants

58:06 Advice for Other Organizations: Change Management and Planning

1:05:07 Anticipating Relief from Decommissioning ADFS

Podcast Apps

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe