Auxis Achieves Complex IT Carve-Out for a Private Equity Firm

Client Profile

Our New York-based client is a sports and active nutrition company that had been recently sold by a well-known global corporation to a private equity firm specializing in the consumer, services, and industrial sectors. The new, standalone business emerged with market-leading products in the $16 billion functional snacking industry, including popular protein powders and meal replacement and ready-to-eat protein bars.

A critical piece of the divestiture included carving out the client’s IT infrastructure from the selling corporation. That included the migration of all related users and certain business applications to a new infrastructure environment.  

The client also needed to implement technologies that would enable it to operate as a standalone organization. 

A costly IT Temporary Separation Agreement (TSA) with the seller incentivized the client to complete the carve-out quickly. However, the IT separation faced several challenges, including:

• Collaborating with a large, bureaucratic selling corporation often proves challenging during a carve-out, triggering challenges and delays. For instance, the seller-provided incomplete information during the carve-out project’s discovery phase.
• Identifying and separating data that belonged to the new company proved difficult and time-consuming. Since the client previously had operated as a division of the seller, its files, chats, and other data were intertwined in platforms like Microsoft Teams and SharePoint with information the seller considered proprietary. Often, additional review and approval from the seller were required for data release. 
• Security restrictions impacted access to the seller’s environment, preventing the use of automated migration tools for key components of the project. For instance, the seller didn’t grant global admin permissions to the existing environment to the migration team. 
• The client aimed to control expenses by shifting the division’s existing computers to the new organization. But the seller didn’t divulge its BIOS (Basic Input/Output System) password, making it more difficult to reimage the machines. 
• The seller’s environment contained unique features and functionalities – as well as unexpected configurations – that increased complexity because the seller didn’t support automated migration tools, thus additional manual research and setup were required. 

Auxis was hired to coordinate, manage, and complete the client’s IT infrastructure carve-out. Auxis also provided white-glove onsite technical support during the critical computer reimaging process.

Key solution steps included:

1. End-user computing and mobility. Auxis configured Microsoft Intune to roll out a new workstation image for all users and manage end-user mobile devices. The technical expertise of the Auxis team enabled it to navigate significant complexities. Auxis also implemented an Intune application store for deploying standard applications for all end-users. 

2. Microsoft 365 migration. Auxis migrated all users from the seller’s Microsoft 365 tenant to a Microsoft 365 tenant Auxis set up and configured for the new company. That included migrating mailboxes, OneDrive accounts, and SharePoint sites and related libraries. Most of the work was completed during non-business hours to minimize business disruption.

Auxis also set up Teams with Microsoft’s voice calling capabilities, migrating all end-users from Zoom and providing them with new, cloud-based phone numbers in Teams Voice that can be accessed from anywhere on multiple devices.

Auxis crafted solutions for several substantial challenges that occurred during the M365 migration, avoiding potentially significant impacts on end-users and the project timeline.

• The client wanted its SharePoint environment structured exactly like the seller’s environment. However, without global admin access, Auxis needed to manually replicate the unique products, features, and functionalities embedded in the seller’s environment. Auxis also implemented a manual approach for migrating files and permissions to achieve a like-for-like setup.
• The co-mingling of the client’s data with the seller’s proprietary information in SharePoint posed significant challenges. Unable to automatically migrate the entire environment at once, Auxis worked with the new company and built a manual approach to untangle shared documents.

3. Microsoft Azure migration. Auxis set up a new Active Directory infrastructure and configured a new Azure environment for the standalone enterprise. Enabling Multi-factor Authentication (MFA) and Single Sign-on (SSO) services increased security protections. 

4. Security tools implementation. With cybersecurity a top-of-mind concern, Auxis implemented new security applications and controls designed to protect end-users and infrastructure at the new company: 

• Microsoft Defender, Microsoft’s powerful endpoint security solution that protects against cybersecurity threats like malware and ransomware. 
• Spam protection for end-user mailboxes in Microsoft 365.
• Azure Security Center web filtering to track and regulate access to websites based on their content categories.
• Workstation encryption with Microsoft BitLocker to protect data security. 
• KnowBe4 tool is configured for security awareness evaluation and training, enhancing end-user protection against social engineering, spear phishing, ransomware attacks, and more. Auxis also conducted an initial phishing campaign to baseline how users respond. 

While several challenges that cropped up during the carve-out required flexibility and creative solutions, Auxis successfully implemented the IT domain, cloud tenant, structure, and technologies the client needed to operate as an independent entity – on time and within budget.

• Despite significant challenges, all end-users and the client’s Microsoft 365 environment were successfully migrated to the new tenant within the project timeline.
• The complex SharePoint environment was successfully built with all the functionality the client needed for business operations.
• Microsoft Teams Voice telephony services replaced Zoom without incident. Using Teams Voice enables the client to achieve the benefits of cloud-based voice calling while keeping external and internal communication activities in a single place. Teams Voice also seamlessly integrates with other Microsoft 365 products like SharePoint and Outlook, improving efficiency by allowing users to quickly access content without leaving the interface.
• Mobile and workstation endpoints are successfully managed and controlled through Microsoft Intune at the enterprise level. That simplifies onboarding of new users, enables automated software deployments and updates, and provides robust security protection when using BYOD mobile devices.
• Active Directory infrastructure successfully was created from scratch using best practices on the new Azure tenant, enabling the client to monitor and control user access and network permissions from a central place.
• As U.S. executives cite cyber-attacks as the No. 1 risk they confront, the client hit the ground running with the robust security controls required to protect, secure, and manage its new environment. The ongoing employee awareness program featuring monthly challenges and training also ensures employees remain vigilant and up-to-date about ever-evolving cyber-threats.
• Centralizing on-premises and cloud storage solutions into Microsoft Azure with robust security access controls significantly improved data storage for the new company.