R3

GCC High Migration: Migrating 3 Separate Tenants into One Environment

Customer:
Federal Contractor
Industry:
Federal Contracting
Size:
500+ Employees

Table of Contents

Summary

To position itself to successfully win a series of federal contracts an R3 client in the federal contracting space (henceforth referred to as The Client) needed to migrate its commercial, cloud-based tenants into a more secure environment to align themselves with NIST 800-171. They turned to trusted partner R3 to migrate their Microsoft Azure Commercial Cloud tenant into an Office 365 GCC-High environment. Although the process was straightforward, due to recent acquisitions the project requirements were more sophisticated than a standard GCC-High migration. To succeed, R3 needed to manage three separate stakeholders in different cloud environments—two in separate commercial Azure tenants and one in Google—and merge all three into one GCC-High environment. With approximately 500 users across the three entities, the project required meticulous planning and coordination.

3 Commercial Environments

R3 migrated three separate commercial environments from different organizations into one GCC High tenant.

500 Users Migrated

Over 500 users were migrated across the three organizations into the new GCC High Cloud environment from a Google Cloud Workspace.

Primary Accomplishments

Seamlessly transitioned all email accounts, ensuring zero downtime and preserving the integrity of all emails and attachments during the migration process. This involved meticulous planning and execution to ensure compliance with stringent security standards.

Transferred all files and documents from Google Drive to SharePoint, maintaining the folder structure and access permissions. This allowed for enhanced collaboration and secure document management within the GCCH framework.

Deployed Microsoft Teams Phone, providing the organization with a robust and integrated communication platform. This included configuring call flows, setting up auto-attendants, and ensuring compatibility with existing hardware.

Enabled reliable and secure audio conferencing capabilities by integrating CallTower’s dial-in features. This enhancement provided users with flexible and secure options for joining meetings, crucial for remote and hybrid work scenarios.

Rolled out advanced threat protection across key devices, providing real-time monitoring and automated responses to security incidents. This proactive approach significantly improved the organization’s cybersecurity posture.

Set up Microsoft Intune and Azure Active Directory profiles to manage and secure devices and user access. This ensured that all devices were compliant with organizational policies and that users had seamless access to necessary resources.

Challenges

The Client needed to transition to a GCC-High environment to meet government required NIST 800-171 compliance standards in order to secure federal contracts.
This project involved migrating three distinct organizations (previously operating in
separate commercial Office 365 and Google environments) into a single GCC-High
Office 365 tenant. The complexity was compounded by the diverse data landscape,
including extensive SharePoint repositories, OneDrive files, and Google Drive data
across the entities.

Additionally, The Client grappled with the need to manage approximately 500
endpoints efficiently while ensuring seamless transition and minimal disruption
to daily operations. With compliance mandates looming, and the imperative to
maintain productivity amidst mergers, the challenge was twofold achieving technical
migration prowess while navigating intricate organizational dynamics and stakeholder expectations.

Despite the overall success of the project, R3 encountered several primary challenges
that required innovative solutions and meticulous attention to detail.

Endpoint Migration Complexity: The migration of endpoints posed a significant
challenge due to their prior association with the commercial EntraID domain. Upon
migrating the domain to a Microsoft domain within the GCC-High environment,
maintaining personalized settings and user profiles became a paramount concern,
which would require a multi-faceted solution.

Solution: To address this challenge, the R3 team devised a sophisticated backend scripting solution to seamlessly transition user profiles into the new environment while preserving customization. Leveraging tools like Profwiz, they ensured the integrity of user settings and configurations throughout the migration process. The complexity of this task demanded dedicated onsite resources and meticulous coordination to mitigate potential disruptions to end-user productivity.

Data Migration from Legacy Systems: The requirement of migrating extensive
legacy data repositories, including SharePoint sites and OneDrive files, from disparate commercial tenants and Google-hosted environments into the GCC-High Office 365 tenant posed a complicated data mapping challenge. Navigating the intricacies of data mapping, access controls, and metadata preservation required meticulous planning and execution.

Solution: R3 leveraged AvePoint migration tools to facilitate seamless data transfer
while adhering to stringent compliance standards, ensuring data integrity and
regulatory compliance throughout the migration process.

Organizational Dynamics and Stakeholder Management: Due to the complex organizational dynamics of the stakeholder roles, interests, and individual constraints, balancing stakeholder expectations presented another formidable challenge.

Solution: R3 had to collaborate closely with C-suite level stakeholders as well as IT
and engineering teams across multiple organizations, each with distinct priorities
and requirements. Effective communication, stakeholder engagement, and change
management were essential to align diverse stakeholders towards common objectives
and ensure buy-in throughout the migration process.

Despite these challenges, R3’s expertise, innovative problem-solving approach,
and unwavering commitment to client success enabled the successful navigation of
complexities, ultimately delivering a seamless migration experience and positioning
The Client for sustained success in their compliance and growth endeavors.

The Process

R3 orchestrated a comprehensive solution, meticulously tailored to address the
multifaceted challenges posed by The Client’s environment, as outlined above. This process was done in multiple stages:

  • The project commenced with thorough scoping and collaboration with The Client. R3’s experts engaged closely with client stakeholders to delineate project scope, produce estimates and timelines, and craft a detailed project roadmap.
  • The technical project execution employed a suite of cutting-edge tools and
    methodologies. R3 initiated the migration process by consolidating the disparate entities into a unified GCC-High Office 365 tenant. Utilizing AvePoint migration tools, the R3 team seamlessly transferred extensive SharePoint repositories, OneDrive files, and Google Drive data, ensuring data integrity and compliance throughout the migration process.
  • R3 then implemented a robust Mobile Device Management (MDM) program
    utilizing Microsoft Intune, enabling centralized management of approximately
    500 endpoints. This involved transitioning devices from local Active Directory
    management to Intune-managed devices and identities, ensuring enhanced
    security and compliance in the GCC-High environment.
  • To augment communication and collaboration capabilities, R3 deployed a Teams phone solution and facilitated direct routing for audio conferencing through Call Tower, enhancing The Client’s operational efficiency and connectivity.
  • In tandem with migration efforts, R3 prioritized cybersecurity measures, implementing GCC-High licensing and fortifying The Client’s security posture
    with Microsoft Defender for Endpoint. This comprehensive approach ensured that The Client’s data remained safeguarded against evolving cyber threats, thereby bolstering their compliance readiness.
  • R3’s commitment extended beyond technical implementation, encompassing
    extensive support services and ongoing compliance consulting. Collaborating
    closely with C-suite stakeholders and external vendors, R3 continues to navigate intricate organizational dynamics with finesse, fostering a collaborative partnership that transcended the confines of a typical client-vendor relationship.

Enhanced Compliance

R3’s commitment to robust data governance and regulatory compliance is exemplified through the strategic adoption of Microsoft Purview, a cloud-based data governance service.

Through R3, The Client now leverages Microsoft Purview to gain comprehensive insights into data across Microsoft SharePoint, Teams, Exchange, and OneDrive, facilitating effective management of data assets in alignment with regulatory standards.

Microsoft Purview empowers The Client to have:

  • Comprehensive Data Visibility: The Client gains a holistic view of data assets,
    encompassing their location, lineage, quality, and usage, enabling informed
    decision-making and risk mitigation strategies.
  • Policy Enforcement and Governance: The Client applies consistent and granular policies to govern data access, security, and privacy, ensuring compliance with regulatory standards such as NIST 800-171. Microsoft Purview facilitates the enforcement of encryption, conditional access control, and auditing policies based on sensitivity labels and user roles.
  • Risk Identification and Mitigation: The Client identifies and mitigates data risks, including sensitive records exposure, data duplication, exfiltration, or breaches, leveraging Microsoft Purview’s capabilities to scan and tag data assets with appropriate sensitivity labels.
  • Monitoring and Reporting: Microsoft Purview enables The Client to monitor
    and report on data governance and compliance performance through intuitive
    dashboards and metrics, providing evidence of adherence to regulatory standards and facilitating continuous improvement efforts.

By leveraging Microsoft Purview, The Client strengthens its data governance program, enhances regulatory compliance, and effectively safeguards data integrity and confidentiality. This strategic utilization of advanced data governance technology underscores R3’s commitment to excellence in cybersecurity and regulatory compliance, ensuring the protection of sensitive data assets and fostering trust among clients and stakeholders alike.

R3SULTS

The project successfully achieved its objectives, resulting in:

  • Successful merger of all three commercial environments into one GCC-High
    tenant.
  • Compliance with NIST 800-171 standards to help achieve overall compliance
    goals.
  • Seamless migration of data from commercial tenants to GCC-High.
  • Enhanced security with Microsoft Defender for Endpoint and GCC-High licensing.
  • Ongoing support and compliance consulting, fostering a lasting client relationship.
  • Strengthened data governance and compliance capabilities through Microsoft
    Purview.
  • Most importantly, new doors opened for The Client as their portfolio of federal
    contracts won has increased since the completion of this project.

Despite challenges such as migrating endpoints and personalized settings, the
project was completed smoothly, showcasing R3’s expertise in IT project management and cybersecurity. The collaboration involved C-suite stakeholders and required coordination with external vendors, demonstrating R3’s ability to manage complex projects effectively. Overall, the project’s success positioned The Client for future growth and compliance in the federal contracting landscape.

Recent Case studies

GCC High Migration: Migrating 3 Separate Tenants into One Environment