Salesforce migration case study: 500 users, 4 months, code they own

A Salesforce migration is the project teams put off for years. The data model is deep, the workflows are load-bearing, and the switching cost is exactly what keeps the renewal invoice coming. This is the story of a 500-user enterprise that decided the lock-in had become the bigger risk — and moved off Salesforce onto Dual7 in four months, onto code they now own outright.

Why they decided to leave

The pattern will be familiar to anyone who has run a CRM at scale: costs that rose every renewal with no leverage to push back, a roadmap they didn't influence, and a system that increasingly fit the vendor's business better than their own. Customization meant more proprietary configuration — which meant deeper lock-in, not more ownership.

What they wanted on the other side wasn't simply a cheaper CRM. It was software they controlled: their data model, their workflows, in a standard codebase they could read, extend, and host themselves.

How the migration worked

Rather than a single high-risk cutover, the rebuild went feature by feature — the unit Dual7 is designed around. Each core object and workflow was vibe-coded fast to match the existing behavior, then certified through the seven agents before it went live.

• Core objects (accounts, contacts, opportunities, activities) were modeled in multi-tenant Postgres with row-level security from the start.
• Role-based access mirrored the org's existing permission structure, enforced at the data layer.
• Workflows and approvals were rebuilt as certified features, each with an audit trail.
• Integrations to the surrounding stack were re-established with typed clients and proper secret handling.
• Every certified feature shipped into a repository the team owns and can export.

Why governance mattered here

For a system of record holding customer data, the controls weren't optional. Because tenant isolation, RBAC, audit logging, and human sign-off are defaults of Governed Mode rather than features to bolt on, the security and compliance requirements were satisfied as a by-product of how the app was built — not as a separate workstream.

Where they landed

Live in production today, serving 500+ users, on a codebase they hold in full. The numbers that mattered to them were simple: four months end to end, and 100% of the code owned and exportable. No runtime they rent, no backend they can't touch — and no vendor who can dictate next year's price.

Build fast with AI. Own forever with architecture you control.

The lesson isn't that migrations are easy — it's that the thing making them hard, lock-in, is also the strongest reason to do them. Rebuilding on owned code turns a recurring liability into an asset you control.