Corporate Insurance brokers with over 50 members of staff across two office sites in the North West.

Vista insurance’s I.T estate consisted of several servers at head office, a site-to-site link to another office and remote workers all accessing files via the office internet connection using software VPNs.

Some of the drawbacks and challenges of this setup were:

• Local domain with limited offsite management and control, not compliant with industry standards eg Cyber+
• File access via server shares with no auditing, limited version control
• Limited compliance and governance over files and remote devices
• Complete reliance on internet connection and servers at head office
• Costly monthly backup solution to backup the server states offsite for DR and Continuity.

Working with Vista’s Head of Operations June Hibbins, we migrated the files ahead of time up to SharePoint, and moved the users’ machines over to Azure Active Directory (AAD)

All the works were completed out of hours to minimise disruption to the users and we copied the old user profiles so the end user experience was as close as it was to the previous system, while getting all the benefits of the changes we had planned.

Once the devices were migrated to AAD, we ran an interim file copy to logically create SharePoint libraries and applied tight security access controls to the folders.

With the files now in SharePoint, the Compliance and Audit reports from 365 will be able to interrogate the companies’ files as well as emails. Using this automated functionality as an example, SARs can be completed in a matter of hours rather than days.

File access with SharePoint is accessed via the OneDrive client, for access anywhere without a VPN, and has the ability to cache files offline for access without internet. OneDrive also handles the users’ profile backup in case of device failure or theft.

With the machines now under the scope of Intune MDM (mobile device management) we are able to manage and push out settings to the laptops regardless of their geo location, including remote device wipe should the device be stolen.

We are also able to roll out enterprise login features such as mutli-factor authentication, fingerprint/biometric login, and ensure these machines are on the latest compliant Windows update rings regardless of whether they are in the office or not.

To summarise some of the key benefits of moving Vista to Azure Active Directory:

• No longer reliant on office-based servers or office internet connection for files
• File access from anywhere, full auditing and version control. Multi-user collaboration and Full Compliance centre integration for enterprise file searching (eg SARs)
• MDM via Intune for device management regardless of geo location
• Bitlocker device drive encryption with keys stored in AAD
• Conditional Access, prescribed device list adding an extra level of multi-factor authentication
• Full governance of devices, updates and security or custom settings roll outs within minutes to all devices wherever they are located.

< click here to go back