An IT manager wanted to use Office 365 to offer to all users to all applications they required wherever they were and 24 hours a day. The IT manager was preoccupied as many of his colleagues who completed migration to Office 365 had many unanticipated problems. Among them were major issues updating passwords and issues with transfers of email accounts. Moreover, whole repertories didn’t synchronize well once transferred on the Cloud.
The company could not afford to have its applications non-operating or operating on and off while migrating to Office 365. Files and data had to be updated on an ongoing basis. Secure access had to be maintained.
MyCloud provided assistance to the IT manager to plan the migration to Office 365 in steps that simple to complete and test for adequate operation. The MyCloud team took over the responsibility i) to spot all custom adaptations made to applications, ii)map how data was processed and share between Office 365 applications and other applications, iii) provide a better more efficient method to manage access rights. The team then presented to the IT manager how applications would be migrated from MS Office to Office 365. Savings coming from lower operating costs with applications hosted in the Cloud compared to local servers were estimated. Budgets were presented to implement different hosting schemes considering what parameters were a priority. Some parameters were fast access to archived data, accommodating seasonal fluctuations in the number of users and remote sites and extra support implementing and testing applications or O/S updates prior to deployment.
Migration to Office 365 was completed within the budget and time allocated. The IT manager built a strong relation with our support team as they proved to be available and knowledgeable.
A company was informed by its insurance company that it had to improve and upgrade the security of its IT environment to industry standards. What was to be done was unclear to the company’s officials. They decided to contact MyCloud to know more about standards to meet and what had to be done to meet them.
Our team completed a survey of work and activities taking place in the IT environment. Points regarding the management of areas such as access to data, confidentiality, security tools used, … were listed and evaluated. Once the survey was completed, we discussed with company representatives and presented areas to work on in order that its IT environment met GRC standards (Governance, Risk, Compliance). Tools to monitor the IT environment and to generate and monitor alerts as per criteria set in security standards such as PCI-DSS and HIPAA were listed. A preliminary implementation cost estimate was submitted.
The analysis went further. Security configurations meeting standards and industry Best Practices were defined for each hosting environment used (local, cloud,…). Means to achieve Real time anomaly detection and Alert transmission were described as well as measures to take to decrease the risk of intrusion and to eliminate vulnerabilities. A survey of application updates was made. The aim was to identify vulnerabilities and risks associated not having specific updates implemented. When risks were high according to CVE standards (Common Vulnerabilities and Exposures), it was recommended to update applications as soon as possible.
Taking into account security standards, our team implemented a monitoring system that will detect any change made to a server’s system file. File Integrity Management or FIM is further done by documenting all changes to the files and making sure they have been approved.
The user’s access management system was also reviewed by our team. Weaknesses were identified and explained to the client’s management team. Following this presentation, a management system compliant with security standards was implemented. Among other things, this system records who logged in, when, how long, through which type of connexion,…
Following our intervention, the client met the insurance company who considered its IT system was now compliant with the latest industry standards. The client is now in a position to better track and document events that may affect the IT environment security. It has information who can help identify the origin of the attacks and the vulnerabilities.
The company contacted MyCLoud because the owner found server maintenance had become a full time job. Moreover since virtualization was implemented, maintenance appeared to be more complex. The technician in charge went for training numerous time. The company being in a rural area, it experienced more problems hiring qualified people. The owner felt he may be facing a major crisis if his only IT technician was to leave the company. The owner asked MyCloud to provide advice on the pros and cons of migrating his IT environment to the Cloud.
Our team went on premises on a fact finding mission: which applications were used, what maintenance was done, what were failures experienced, what was the degree of technical support required by users, what investment would likely be required to update the equipment and renew licences. Many other parameters were considered but are too long to list.
The team identified that employees working on quotations and approving projects were making frequent updates to quotations and that quotations being prepared were going back and forth many people to get the latest changes approved. It was difficult to track updates and approvals. It became clear a SaaS application would facilitate coordination between people and contribute to simplify the workflow. A separate mandate was completed to demonstrate to the company applications facilitating document sharing and editing as well as sharing comments.
The equipment locally hosting the applications was used at capacity. It required costly updates in O/S and applications. Our team demonstrated to the owner how migrating to the Cloud would be economical considering savings in operating and acquisition costs. Updates now being under the responsibility of the hosting center or the SaaS supplier, the expertise required by the technician was not as high and would be closer to the one supporting local users than the one of a system manager. Devoting more time to users was an important point as the owner regularly heard users complaining about the lack of support both at the main location and at the three branches.
Last, the MyCloud team noticed there was no disaster recovery plan. Data and applications were not saved regularly and following a protocol where the system could be put back online within a day. With respect to security, updates for firewalls, O/S, software as well as antivirus were not done on a regular basis. The local IT environment had many vulnerabilities a hacker could use to break into the system. Migration to the Cloud would eliminate the need to update security measures as these would too fall under the host and SaaS supplier responsibility.
Following our recommendations, the owner decided to move the technical applications, the mail server and Office to the Cloud. Accounting software and data were kept on the local server whose maintenance and monitoring were allocated to MyCLoud. The IT environment is remotely monitored in real time by MyCloud Monitoring Center. When incidents are detected, alerts are generated and sent to the Center. In most cases, we can fix incidents remotely. To secure the connection between the main office and branches and to offer an alternate Internet connection if the main one failed, we installed new generation firewalls called DCI (Distributed Cloud Infrastructure).
The client is processing a very high number of insurance claims on its local servers. An application was developed in .NET. SQL servers store data streaming from this application as well as corporate info. Documentation linked to each claim is stored on dedicated servers. Web and SQL servers were virtualized while servers storing data are still physical. The client contacted MyCLoud as he was wondering what would be the pros and cons of storing its data on Azure rather than on its servers.
Our team analyzed the environment and proposed the following. It was proposed to use Azure SQL databases to replace the Virtual SQL server. That would eliminate managing the SQL server and would provide redundancy using a function in Azure who allows to apply transactions on up to 4 secondary databases. Data replication could be done as if the whole organization was a single territory or be carried on a per territory basis.
To store photos, forms and other documents related to a claim, it was possible to keep the same server’s structure in Azure as the actual one through virtualization of machines and hard disks. However as Blob Azure greatly simplify replication, we proposed to use Blob Azure and to modify the Web application so data it generates are streamed to Azure.
Although it was possible to transfer the Web server on Azure by migrating Hyper V virtual machines, our team recommended to redeploy web applications as Azure Web Apps. Considering major updates were planned to the online application and that these would need to be tested prior and during deployment, Azure Web Apps was an even more interesting solution because of the advanced deployment functions available. Azure Web Apps also integrate advanced functions to automatically manage the processing capacity according to the number of users and data to process.
The project is underway. It has been updated to take advantage of advanced security functions offered by Azure 9 (e.g. penetration testing and threat management). Work is underway to federate identities and to implement a Single Sign On authentication system plus a Hybrid Identity Management application that will work for all applications disregarding what device is used to access the application.