Cloud Technology & IT Security Specialists Ask a question 01223 921 000 Client Area

Case Study 5

The Challenge

The client approached Cambridge Support requiring assistance to recover access following the sudden departure of their in-house IT custodian. Without the opportunity to perform a formal handover and knowledge transfer, the client found themselves in a scenario whereby they were not able to administer critical elements of their IT infrastructure.

Without control of the environment, the client weas unable to administer the Windows domain environment, Microsoft 365 tenant, firewall configurations, and many other elements.

Not only was there limited access and few administrative credentials, but there also wasn’t any known documentation of the IT infrastructure. This presented a further challenge as the client didn’t have a full picture of all of the systems in their environment.

At this stage, the client needed assistance with discovering all the entities which made up their IT infrastructure, regain administrative access to those entities, and then building new documentation to record the findings.

The client made it known that they were concerned that if they were to restart key servers or other networking infrastructure, that they would not have the necessary information to bring it back up again in the event that they experienced issues.

This left the client in a state of uneasy balance whereby the infrastructure was working as is, but unable to perform routine maintenance without the ability to install patches, the knowledge of what needed patching, and the ability to log into said systems.

The Solution

Cambridge Support got to work to recover access. We performed a full IT infrastructure and services audit to discover all the systems that were configured within the environment and determine the roles that they performed. We were able to use this discovery process to identify physical servers, virtual machines, firewall and networking components, Microsoft 365, cloud platform services, amongst many others.

The client provided Cambridge Support with the former custodian’s device on which we were able to identify many credentials which correlated with some of the services that we identified during discovery, but we lacked some critical pieces of information.

We performed a deep dive into the client’s file structure and identified key documents containing credentials to some of the critical systems. All these credentials were then tested and verified against the discovered services and recorded in an encrypted documentation system. This validation process ensured that the recorded credentials were correct and confirmed to the client that they had regained access.

This audit process also enabled Cambridge Support to identify areas that were well thought out and configured with good design principles, as well as to highlight areas that required some improvement or additional care.

At the end of the discovery and documentation process, we provided the client with an overview of our findings, identified what was done well, and presented recommended actions and considerations to support a long-term strategy for the organisation’s IT infrastructure moving forward.

We took the client from limited knowledge of the environment to full discovery and access to the Active Directory Domain Service environment, Microsoft 365 tenant, VMWare hypervisors and virtual machines, Amazon Web Services, Cisco Meraki firewall, a full understanding of the internal networking and IP schema, endpoint security and encryption, to name a few.

The Outcome

Following the discovery and documentation phase, we are now working with the client in the first phase of implementation of our recommended actions to recover access.

We were able to highlight that the on-premises infrastructure that they have been working is approaching end-of-life and after some consideration, that they were a good candidate for a cloud-first approach. We are now planning the migration of their on-premises file structure into SharePoint Online, followed closely by the enrolment of endpoint devices into Microsoft Intune. Once complete, the on-premises Windows infrastructure will then be decommissioned, resulting in a lower power demand and by proxy, a reduced carbon footprint.

We were also able to identify that the backup configuration had historically worked and stored data on a secondary on-premises server but was no longer taking backups of the server infrastructure. This was a major challenge and one which the client was unaware of before our audit. We have since implemented a cloud backup solution to ensure that their data is recoverable from an offsite location with the option of having a locally cached copy.

The above are just a couple of examples of items that we discovered that needed further guidance and attention which we are now helping the client with.

Overall, we were extremely satisfied that we were able to find the keys to the castle, so to speak, and provide the client with the ability and knowledge to regain access to their infrastructure.