Azure Datacenter transformation and Office 365 security and compliance

Activity

The client is an independently owned company with headquarters in Geneva, helping companies and associations drive business results through
association management, congress management, meeting and event
management.

Environment

Security is a top challenge for organization in their digital transformation with the cloud. The client is focusing on transforming current Virtual datacenter workloads to Azure Services as well as the securisation of cloud
services, comply with GDPR regulatory law, protect and classify data in Office 365, SharePoint, OneDrive and Azure.

Business goals

  • Transform the actual Virtual Datacenters hosted in Geneva; Hong Kong and New York to new multi-regions Microsoft Azure architecture.
  • Centralize the branch offices infrastructures workloads by migrating to Microsoft Azure workloads (IaaS, PaaS, SaaS and Hybrid).
  • Implements a secure hybrid network that extends the on-premises network to Azure with Riverbed solutions.
  • Extend the Active Directory Domain Services (AD DS) environment to Azure to provide distributed authentication and start moving workload to Azure.
  • Use Active Directory Federation Services (AD FS), upgrade the actual farm 2012 R2 to 2016, to perform federated authentication and authorization for components running in Azure.
  • Secure access of cloud services with additional second step authentication and conditional access, MFA
  • Migrate the actual Active Directory Certification Authority to Offline Root CA with a Subordinate CA.
  • Implement Office 365 Data Protection and documents classification to ensure that important data and sensitive content stays secure.
  • Help users seamlessly exchange encrypted and protected email and prevent inappropriate sharing of sensitive data in documents and emails.
  • Help the organization to protect data, comply with legal and regulatory standard GDPR.

Technology stack

  • Windows Server 2016, Active Directory, Active Directory Federation Services (AD FS), Active Directory Certificate Services (AD CS), Kemp LoadMaster Load Balancing, Azure AD Connect, Exchange Server 2016, Office 365, Office 2016, SharePoint Online, Skype for Business Server.
  • Azure, Azure Networking, Azure Traffic Manager, Office 365 Advanced Threat Protection, Office 365 Data Loss Prevention, Azure Information Protection, Compliance Manager, Multi-Factor Authentication (MFA)