Our New York-based client is a sports and active nutrition company that had been recently sold by a well-known global corporation to a private equity firm specializing in the consumer, services, and industrial sectors. The new, standalone business emerged with market-leading products in the $16 billion functional snacking industry, including popular protein powders and meal replacement and ready-to-eat protein bars.
A critical piece of the divestiture included carving out the client’s IT infrastructure from the selling corporation. That included the migration of all related users and certain business applications to a new infrastructure environment.
The client also needed to implement technologies that would enable it to operate as a standalone organization.
A costly IT Temporary Separation Agreement (TSA) with the seller incentivized the client to complete the carve-out quickly. However, the IT separation faced several challenges, including:
- Collaborating with a large, bureaucratic selling corporation often proves challenging during a carve-out, triggering challenges and delays. For instance, the seller-provided incomplete information during the carve-out project’s discovery phase.
- Identifying and separating data that belonged to the new company proved difficult and time-consuming. Since the client previously had operated as a division of the seller, its files, chats, and other data were intertwined in platforms like Microsoft Teams and SharePoint with information the seller considered proprietary. Often, additional review and approval from the seller were required for data release.
- Security restrictions impacted access to the seller’s environment, preventing the use of automated migration tools for key components of the project. For instance, the seller didn’t grant global admin permissions to the existing environment to the migration team.
- The client aimed to control expenses by shifting the division’s existing computers to the new organization. But the seller didn’t divulge its BIOS (Basic Input/Output System) password, making it more difficult to reimage the machines.
- The seller’s environment contained unique features and functionalities – as well as unexpected configurations – that increased complexity because the seller didn’t support automated migration tools, thus additional manual research and setup were required.
Solution & Approach
Auxis was hired to coordinate, manage, and complete the client’s IT infrastructure carve-out. Auxis also provided white-glove onsite technical support during the critical computer reimaging process.
Key solution steps included:
1. End-user computing and mobility. Auxis configured Microsoft Intune to roll out a new workstation image for all users and manage end-user mobile devices. The technical expertise of the Auxis team enabled it to navigate significant complexities. Auxis also implemented an Intune application store for deploying standard applications for all end-users.
2. Microsoft 365 migration. Auxis migrated all users from the seller’s Microsoft 365 tenant to a Microsoft 365 tenant Auxis set up and configured for the new company. That included migrating mailboxes, OneDrive accounts, and SharePoint sites and related libraries. Most of the work was completed during non-business hours to minimize business disruption.
Auxis also set up Teams with Microsoft’s voice calling capabilities, migrating all end-users from Zoom and providing them with new, cloud-based phone numbers in Teams Voice that can be accessed from anywhere on multiple devices.
Auxis crafted solutions for several substantial challenges that occurred during the M365 migration, avoiding potentially significant impacts on end-users and the project timeline.
- The client wanted its SharePoint environment structured exactly like the seller’s environment. However, without global admin access, Auxis needed to manually replicate the unique products, features, and functionalities embedded in the seller’s environment. Auxis also implemented a manual approach for migrating files and permissions to achieve a like-for-like setup.
- The co-mingling of the client’s data with the seller’s proprietary information in SharePoint posed significant challenges. Unable to automatically migrate the entire environment at once, Auxis worked with the new company and built a manual approach to untangle shared documents.
3. Microsoft Azure migration. Auxis set up a new Active Directory infrastructure and configured a new Azure environment for the standalone enterprise. Enabling Multi-factor Authentication (MFA) and Single Sign-on (SSO) services increased security protections.
4. Security tools implementation. With cybersecurity a top-of-mind concern, Auxis implemented new security applications and controls designed to protect end-users and infrastructure at the new company:
- Microsoft Defender, Microsoft’s powerful endpoint security solution that protects against cybersecurity threats like malware and ransomware.
- Spam protection for end-user mailboxes in Microsoft 365.
- Azure Security Center web filtering to track and regulate access to websites based on their content categories.
- Workstation encryption with Microsoft BitLocker to protect data security.
- KnowBe4 tool is configured for security awareness evaluation and training, enhancing end-user protection against social engineering, spear phishing, ransomware attacks, and more. Auxis also conducted an initial phishing campaign to baseline how users respond.