Enabling Secure & Reliable Identity Access
Industry
Public Sector
Services
Azure Active Directory / Entra ID; Remote Desktop Services
Technologies
AAD Sync & Connect, AD ConditionalAccess, Remote Desktop Server, Multi-Factor Authentication
EXECUTIVE SUMMARY
This business needed to implement a modern & secure identity ecosystem to support multiple systems that had disparate identity and security implementations. This would enable dozens of users to consolidate their process for access to internal and external systems and enhance their ability to pass future security audits.
By partnering with Eastwall in an Azure Hybrid Identity Consolidation & Security Remediation engagement, our team was able to accomplish:
- Deployment of a best-practices Azure Active Directory / Entra ID hybrid topology between on-premises and cloud.
- Optimization of conditional access and synchronization for all users, reducing attack surface vectors.
- Created an easily understandable identity environment with robust documentation and standard operating procedure (SOP) documents for onboarding users, offboarding users, and secure control of applications in the new environment.
The Massachusetts Higher Education Consortium (MHEC) is a premier consortium that facilitates multi-vendor contracts, consulting and partnerships across higher education and not-for-profit organizations in New England. MHEC utilizes the Azure cloud for technology services specific to its organization and the software platforms used to support its member network.
Challenges
With years of growth and the incorporation of secondary systems into their hybrid environment, MHEC realized the critical need for centralized identity management. This was crucial in increasing the cybersecurity posture of their purchasing consortium across systems used on-premises, in Azure, and via SaaS authentication.
As the need was immediate, MHEC required a technical partner with a strong focus on Microsoft cloud technologies and a profound understanding of hybrid identity integration.
The Solution: Hybrid Identity
Eastwall partnered with MHEC in two engagements. The first was a detailed technical audit – evaluating and documenting the numerous hybrid systems that existed both on virtual machine infrastructure and Azure-native solutions. This documentation and recommendations exercise provided MHEC with a backlog of technical opportunities and a roadmap, vision and approach to resolve the most immediate needs to secure the environment and consolidate user access.
After a thorough assessment, Eastwall implemented a secure hybrid identity solution. Leveraging a combination of Azure AD, AD Connect, and Cloud Sync, a secure architecture topology for identity was designed and vetted. Identity changes can be very disruptive in production – potentially locking key executives and users out of systems or taking down the ability to run the business. It was a firm requirement that Eastwall test and validate all processes prior to any changes in MHEC’s production environment.
Eastwall then documented the step-by-step configuration requirements to transition users smoothly within MHEC's environment. With their support, MHEC users were quickly able to access all systems across various software and application environments using a single, unified identity, regardless of whether the systems were cloud-native or on-premises.
Recognizing the importance of security and management, Eastwall implemented the latest Azure AD multifactor authentication controls and conditional access policies. These features provided MHEC with immediate confidence that the solution met the latest controls of cybersecurity audit & insurance requirements.
Finally, Eastwall provided comprehensive documentation that explained the solution architecture and configuration. This included several standard operating procedures (SOPs) for day-to-day user management and identity processes. This documentation was provided in a warm handoff meeting with MHEC’s support division to facilitate long-term operational ownership.
Eastwall worked seamlessly, providing clear communications, daily and weekly updates, and precise technical information. They worked as an extension of our team, assisting in driving MHEC's technical systems in a direction t hat paves the way for future modernization.
Judy Thornton, Director of Business Operations
The Result: Confidence & Security
The collaboration between MHEC and Eastwall resulted in significant benefits that extended beyond the successful deployment of Hybrid Identity:
Rapid Implementation: MHEC planned, designed, extended, and implemented their identity topology within weeks. They promptly met their cybersecurity validation obligations and eliminated a longstanding multi-identity issue that affected every employee.
White-glove Support: Eastwall partnered with MHEC to manage user communications and business expectations. Eastwall provided one-on-one support to MHEC priority users, ensuring success across all business segments and instilling confidence in MHEC for long-term solution ownership.
Eastwall's commitment to guiding clients through the intricacies of cloud identity is demonstrated in these results. With Eastwall's support, MHEC is ready to meet cloud security demands and incorporate other cloud-based tools into their operations.
The recent interactions with Eastwall have received fantastic feedback from my team. Their communication, support and value-addition to MHEC are clear. Largely thanks to Eastwall, MHEC is now on a clear path for future modern technical adoption.
Michael Di Yeso, Chief Executive Officer
Why wait to get expert advice?
Eastwall offers free consultative design sessions. Pick our brain & we'll build something great together. We help you secure buy-in from the team too. Don't wait to have a conversation.