MapOne Part 2 – The Roadmap
If you have read my MapOne Blog and are back here to understand more about the deliverable roadmap provided at the end of an #MapOne engagement, welcome to part 2.
Quick recap – What is #MapOne ? – In its most basic form, #MapOne is a fixed price engagement engaging senior stakeholders in the business (often executives CIO, CTO, CISO), and delivered through a series of workshops, meetings, interviews, and interactive sessions. The intent of the engagement is to discuss the top questions, risks, and concerns to a client, and to remove as much fear uncertainty and doubt (FUD) as possible.
The Output – Strategic Roadmap – The deliverable from the #MapOne sessions is a prioritised strategic roadmap showing tasks which can be completed rapidly for the quickest possible return, through to consulting and consumption activities which will drive the fastest possible time to value. The intent of the roadmap is to allow the executive sponsors and business leaders to work in a collaborative manner with their partners and vendors to clearly understand business risks and mitigation strategies. We’ll also arrive at a timeline which will allow continuous improvement through project delivery, whilst ensuring efficient consumption of existing entitlements that will drive successful business outcomes.
So, what does this look like?
We recently completed an #MapOne engagement with a private oil company. The clients' concerns and brief was given to us was as follows:
“After a number of months working through schedules and projects trying to get a consensus on direction, we are no further forward and still somewhat in a state of flux. We cannot be sure that we are realising the value of our investment in Azure and O365, we do not fully understand our cloud application usage, and we have a number of concerns around cybersecurity. Maturity around information management is weak, and we have a mix of identity sources which makes credential and password management almost impossible. It would be fantastic if we could leverage your architect as a service to help us better understand the landscape and derive a mitigation and remediation plan”
Upon completion of the onsite workshops and collation of findings, we were able to provide a priority focused roadmap presentation to address the brief, which is summarised below:
1. Priority 1 Security Critical – Identity. We strongly recommend that a central source of identity is established in Azure (AAD Premium) with the enforcement of multifactor authentication and conditional access for AD and all O365 Services. Privileged accounts should be given just in time access to allow effective execution of tasks and no more. This would be a professional services engagement and a statement of work will be provided to deliver this outcome.
2. Priority 2 Security Critical, quick win, and strategic – Security. The ShadowIT audit used in the workshops has shown that information is leaving the organisation and being stored in unsanctioned cloud services. The sensitivity of this information could expose the organisation to reputational or fiduciary risk. It is recommended that a program of work focused on Data Loss Prevention is undertaken. DLP typically starts with a Risk assessment, through to a Pilot, and then over time into production with policy enforcement. Each stage of the process will be scoped accordingly.
3. Priority 3 – Visibility – Quick win, understanding workloads in Azure and how they have been provisioned against the actual requirements of the service can lead to overallocation and subsequent costs. Having Azure advisor run across the tenancy and provide insights into optimisation and right-sizing will likely drive cost savings. This is a task that a secured global admin in the organisation can complete.
4. Priority 4 – Migrate – Strategic. Audit the on-premises infrastructure and application estate to assess the viability of migration to Azure public cloud. Based on the priorities determined in consultation with the customer, Azure Site Recovery (ASR), can be implemented in order to migrate identified resources from on-premises to Azure, reducing capital expenditure moving forward, whilst further increasing the security posture of the organisation.
5. Priority 5 – Optimise – Strategic – Review the solution design of applications migrated to Azure to understand the process to move from traditional infrastructure-based design to Software-As-A-Service (SAAS) or Platform-As-A-Service (PAAS) models. Following on from the migrate phase, review Azure Advisor recommendations regarding Reserved Instance Pricing to further reduce operational cost by pre-purchasing virtual machine infrastructure for 1 or 3 years at a substantially reduced cost.
This information was collated into an easy to consume 2-page summary presentation. The presentation to the executive team provided a clear mapping to the provided brief on what needed to be done, why, and in which order to ensure the quickest possible time to value whilst continually improving the risk posture of the business. Subsequently, we were asked to engage with the customer to begin the work required through a fixed price outcome-based set of projects.
Making the decision to take a small step back and take a look at the bigger picture through engagement with a trusted, and independent voice of reason allowed the business to rebalance projects and achieve tangible business outcomes that were more in line with where the business needed to focus.
Look out for part 3 this series – Customer Case Study
Join the Insentra Community with the Insentragram Newsletter
Hungry for more?
Exchange 2016 Free/Busy Not Working? Maybe TLS 1.0 & 1.1 are the Culprit
By [Robert Buktenica]
This isn’t an article about free/busy as it relates to a hybrid, which has been covered in great detail and Microsoft has a troubleshooting wizard published online which helps walk you through a resolution.