Docker Enterprise Edition Delivers Security And Scale For ADP


ADP is the largest global provider of cloud based human capital management (HCM) solutions. ADP has over 630,000 clients that span more than 35 million users in over 100 countries. More than just payroll services, ADP delivers solutions across the entire spectrum of HCM for their customers in each one of these areas with right sized versions for SMBs, mid market and large enterprises.


There are three key challenges that ADP faced. The first is security. Security is top of mind at ADP because they work with sensitive information. The US government considers ADP “critical infrastructure” because they hold data like over 55 million social security numbers and with all the payroll processing, in the last year they moved about 1.8 trillion dollars through the ADP systems. Roughly 10% of the GNP was moved four times through ADP systems and for the people reading this blog post right now, most of your social security numbers are sitting in an ADP datacenter. Secondly, was the breadth of ADP's portfolio. The broad portfolio of ADP products are delivered from their private datacenters around the world. For the vast majority of their hundreds of thousands of clients, ADP is their cloud. In these clouds there are large systems with many different services running at scale and how they interact could be a risk when looking at change. Lastly, was managing and modernizing their legacy applications. Over their 60 year history ADP has developed many applications, some of which are millions and millions of lines of code and over a decade old. That scenario is not unique to ADP but common across companies of all sizes. The vision and goal is to get to microservices but the reality is that no company will get there overnight. Not all applications will be refactored at the same rate and the platform needs to be flexible to accommodate a variety of application architectures.


To ensure security, ADP trusts in Docker Enterprise Edition. Docker Content Trust enables their IT ops team to sign images and ensure that only signed binary will run in production. They also perform automated container scanning. Using multiple Docker Trusted Registries enables them to build a progressive trust workflow for their applications development process. For scalability the company relies on Universal Control Plane/Swarm. Swarm gives their team the ability to first start small and have each application made up of many small Docker engine swarms instead of one swarm per application. Then the swarms will merge over time, becoming larger and in the end each application will have its own swarm. One day, a swarm could potentially span across public and private infrastructure and across applications. This will enable the business to make the best financial decision for the company. With Docker containers, ADP plans to containerize the most dynamic parts of their applications first making it easier to change and re-deploy them moving forward, while leaving the other areas of the application for a later time. Containerizing with Docker enables ADP to have a hybrid strategy. They will have a mix of big and small containers for any application, which creates an evolutionary path forward to micro services