George Roberts, Director of Identity Governance and Administration at McDonald's, shares his extensive experience in migrating the company's workforce identity platform from on-premises ADFS to Microsoft Entra.
We also talk about challenges like handling unique frontline worker needs (including a creative paper-based MFA solution) and integrating with various applications.
If you are an Entra admin this episode is a must listen!
Prefer watching? Search for ‘Entra.Chat’ on YouTube
About George
George Roberts is the Director of Identity Governance and Administration at McDonald's, where he leads a global team responsible for building and delivering the enterprise identity and access platform to support over 2 million employees, partners, franchisees, and restaurant staff users worldwide. George has over 25 years of experience delivering secure, scalable, and user-friendly solutions that help McDonald's to accelerate its business. All views expressed are his own.
LinkedIn - https://linkedin.com/in/sirtwist
Bluesky - https://bsky.app/profile/sirtwi.st
🔗 Related Links
Custom claims provider - https://learn.microsoft.com/en-us/entra/identity-platform/custom-claims-provider-overview
Manage an external authentication method in Microsoft Entra ID - https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-external-method-manage
📗 Chapters
00:00 Intro
00:30 Overcoming ADFS Custom Claims Roadblock
01:35 Global Footprint and MFA Challenges for Frontline Workers
03:20 Guest Introduction: George Roberts, McDonald's
04:07 George's Background and Role at McDonald's
06:42 McDonald's Identity Journey: Decentralization to Centralization
08:38 The Entra (Azure AD) Migration Begins
13:04 Operational Benefits and Challenges of Moving to Entra
16:55 Deep Dive: Custom Claims and the Virtual Directory Service
23:56 Shift to API-First Mindset and Standards (SCIM)
32:46 Major Challenge: MFA Solutions for Frontline Workers
37:27 The Paper-Based MFA Solution
40:03 Entra External Authentication Methods
46:02 Ideas for Device-less Frontline Authentication
50:12 Onboarding Speed Challenges in Restaurants
58:06 Advice for Other Organizations: Change Management and Planning
1:05:07 Anticipating Relief from Decommissioning ADFS
Podcast Apps
🎧 Apple Podcast → https://entra.chat/apple
📺 YouTube → https://entra.chat/youtube
📺 Spotify → https://entra.chat/spotify
🎧 Overcast → https://entra.chat/overcast
🎧 Pocketcast → https://entra.chat/pocketcast
🎧 Others → https://entra.chat/rss
Merill's socials
📺 YouTube → youtube.com/@merillx
👔 LinkedIn → linkedin.com/in/merill
🐤 Twitter → twitter.com/merill
🕺 TikTok → tiktok.com/@merillf
🦋 Bluesky → bsky.app/profile/merill.net
🐘 Mastodon → infosec.exchange/@merill
🧵 Threads → threads.net/@merillf
🤖 GitHub → github.com/merill
Share this post