Cloud Migration: A Guide to Microsoft Azure and Microsoft 365
Organisations belonging to all verticals and sizes are beginning to reap the rewards of Digital Transformation programmes to challenge the status quo and deliver new ways of doing business. At the core of our practice, we help clients realise these benefits by adopting cloud-based technologies. This guide aims to look at how to leverage the benefits of the Microsoft 365 and Azure platforms.
We will share our experience of migrating on-premise technologies to their cloud-based counterparts. Along the way, we will review the most common approaches to extend and migrate critical components of your IT infrastructure, such as Active Directory, shared files, line-of-business servers, desktops, and applications.
We aim to help you develop a more comprehensive plan and deliver successful cloud migration projects that produce meaningful long-term business outcomes. Use the index below to skip to your preferred section or download our PDF guide to lead your decisions.
What are you Planning to Migrate to the Cloud?
Let us start with the most fundamental of questions. What components of your current or planned IT infrastructure are you planning to migrate to the cloud? It is more and more common for us to work with companies that are 100% living in the cloud. Most of them use the Microsoft 365 Platform for productivity applications, among other solutions for project management, accounting, and collaboration.
Still confused about the Cloud? Learn all the important details with this article.
In the rush to get teams operational during the first wave of Covid 19 lockdowns, many companies grabbed the first and best-known technology available. We are now assisting companies in reengineering this approach to ensure better security by consolidating as many of these functions in as few platforms as possible.
Common Business Technologies
Email and Collaboration – We recommend reviewing and consolidating as many functions under one provider as possible. The Microsoft 365 Business or Enterprise packages are a great place to start and provide Email, Collaboration, Enterprise File Share, Chat, Telephony and more. The goal is to maximise each part of your investment and ask if there are better ways of achieving what you are currently doing today. For more information on the right Microsoft 365 package for your business, see our related blog on MS Business and MS Enterprise.
Files (i.e., company shares) – The main shared files belong in the cloud and can be accommodated through your Microsoft 365 SharePoint functionality. This works fine unless you have specific high-performance file server requirements that may be required to house shared accounting solutions (i.e., QuickBooks, Sage) or required by 3D modelling tools such as Revit. For that, you may need to consider a dedicated file server or Azure Files, which will better suit the purpose.
Active Directory – AD should be in the cloud. Managing user identity and access rights is critical as you migrate your technologies to the cloud. We also recommend that Microsoft 365 End users also explore the benefits of a cloud-based AD. It provides more granular policy management that is useful in terms of broader security policy management. AD may exist totally in the cloud or live in a Hybrid model where AD information is synchronised between internal and cloud-based servers.
Databases (i.e., SQL Server) – The cloud is the ideal platform for databases too. Not only are licensing costs typically lower, but the ability to scale out to increase performance and protect critical data (with backups and replication) are imperative considerations. This flexibility is particularly useful when testing Proof of Concept deployments or when your company may need to scale up services for a short time.
Business Specific Applications (i.e., ERP, MRP, CRM) – Business applications tend to come in two flavours. First, we have web-based applications. These move very quickly to a cloud infrastructure as they are essentially cloud-ready by design. The supporting technologies supporting database, web interface and file management as relatively simple to migrate.
For traditional applications that require a client-side installer (an application installed on a desktop), the migration can be more complex. It comes down to how efficient the application works between the client and the server (i.e., if they are in separate locations). By design, these applications are meant to be on the same network, reducing latency and providing better performance. If there is a significant end-user performance hit by moving these business applications to the cloud, you may need to rethink the migration process. Possibly move your users to a Windows Virtual Desktop solution or Application publishing solution that is also cloud-based.
Desktops – For organisations that rely solely on cloud-based applications, i.e., Microsoft 365, Xero, Parolla and such, having a virtual Windows desktop in the cloud may not provide much value. However, organisations with:
- Client/server applications,
- BYOD programmes,
- Compliance requirements,
- Requirement to scale users rapidly,
A Windows Virtual desktop ticks all the boxes and provides better performance associated with traditional LAN based speeds and controls.
Site-Specific Hardware (i.e., printers, scanners, warehousing and manufacturing controllers, POS systems) – These elements are attached physically to a location and cannot be migrated.
Security – this is a vast topic, and to make it simpler, you need to consider where your users, data, applications, etc., live. You need to identify how each of these components integrates and communicates with other components and implements security controls and technologies to address risks. This generally involves multiple layers such as Email protection, end-user training, Malware and Ransomware solutions, Identity management solutions and firewalls.
Backups and Disaster Recovery – Cloud is perfect for backup and DR. The cloud provides an ideal target for your backup data/images as storage space is inexpensive, it is physically remote from the original copy, and there is plenty of redundancy built-in. It can also provide a full recovery location for disaster recovery or failover in the case of a disaster.
We find that a detailed asset and risk register help focus the mind in planning your cloud migration. It allows you to look at your IT assets today, how they are protected and serve the end-user base. It also allows you to paint the future and what benefits a cloud migration will bring, addressing security considerations as you go.
Learn more about how to build your risk register with our detailed article and find the best ways to manage technology risk.
What is clear from our list above is that most IT assets can be migrated to the cloud. That answers the “What can we migrate?” question. In terms of a wider strategy, the next question is one of timing and phasing your migration.
Pure Cloud vs Hybrid Cloud
This question has already been answered for the smaller businesses with no on-premises IT services and infrastructure – you are already 100% cloud-based. For more complex companies with a mix of on-site servers and cloud services such as email and DR, you will need to consider how migration will be performed.
A Question of Timing – Cutover or Phased migration
Should you perform a cutover migration (where users are accessing an on-premises environment one day and are accessing the cloud the next) or migrate your users into groups or phases?
There is no single right answer that accommodates all client requirements. It boils down to their IT components and applications, staff and IT providers’ capabilities and risk. Let us consider an outcome where we will move all components that can be moved to the cloud.
The “When” question deals with the process of moving the selected IT components to the cloud.
There are two primary ways to perform the migration:
Cutover Migration
A Cutover migration is a one-time event with lots of planning and preparation in advance and then a burst of activity immediately after the go-live. After some time, the activity level subsides as users get used to their new cloud environment and start appreciating the benefits. Cutover migrations are typically best for simple, small settings where it makes sense to do everything at once. It is challenging to do a cutover migration of a large and complex IT environment due to the risk of missing critical components, which means that the risk of user disruption is also high. On the other hand, cutover migrations can be very quick and completed within weeks or even days.
Cutover Scenario
In a cutover scenario, the cloud environment is set up independently as a proof-of-concept replica of the existing on-premises environment. All servers are installed in the cloud and data migrated. All user virtual desktops are prepared with their required profiles, settings and applications.
A Proof-of-Concept test user group is then selected to log into this newly created environment to confirm that all applications and services are working as expected. Once fully tested and signed off a “go-live” date is scheduled.
Users are then steered to the new cloud setup as their new working environment. It is wise also to leave the original infrastructure in place for a short time in case any specific settings, files or certs have been missed. Assuming all goes well, the old environment is decommissioned in the coming weeks. This results in the customer having switched from an on-premises system to a cloud-based one in a cutover fashion.
Phased migration
A phased migration is a journey. It breaks the migration process down into small, manageable steps that are executed in sequence with the opportunity to have users validate the environment in production every step of the way. Phase-in migrations can take a long time to complete. It is not unusual to see these last for months or even years. However, this is a safer approach to migrating large and complex environments. For small, simple environments, phased migrations are typically more work-intensive and disruptive than necessary.
Phased Scenario
In this scenario, the cloud environment is preconfigured with select IT components and one or more workstream are moved to Azure. Users continue using both the existing on-premises systems and the new cloud-based one simultaneously for an extended period.
The on-premises environment is likely extended to the cloud using a VPN and Hybrid AD. This extends both the network and the user access controls to the cloud-based applications or servers that are being migrated. Over time, additional workloads like file shares, databases, and virtual desktops can be moved one at a time from on-premises to Azure until all the desired IT components have been migrated.
Before an Azure migration, make a list of which IT components will be migrated to the cloud and which will stay local. Consider the migration approach that fits best – Cutover or Phase-In – and discuss it with your IT team and Managed Service Provider. Will you opt to get it done quickly, or will you want to take your time and test everything thoroughly? Be careful not to overcomplicate matters. We have seen simple file share migrations drag on for months! Equally, make sure that your testing is complete and reinsure you are testing accordingly. Planning is critical here.
A Typical Spector Azure Deployment
Each of our Azure Migrations starts with a proof-of-concept stage. One that has no impact on your current environment but can be connected to the live environment for final migration once the POC is complete.
Connecting your POC Into an Existing IT Environment
There are three top-level steps involved in plugging a new Azure deployment into an existing IT environment.
Extend the network
– this is typically accomplished by setting up a site-to-site VPN between your Core office location(s) and the Azure environment.
Extend Active Directory
– Making the same Active Directory Domain Services available in Azure allows you to manage user objects and assign virtual desktops without any changes to the existing environment. Once the AD is extended from the current environment to Azure, it spans both locations and allows seamless movement of servers from one to the other.
Move Server and Desktop workloads
– Once network connectivity is established and Active Directory is extended into Azure, servers and data can be moved from the existing environment to Azure. We tend to use Azure Site Recovery (ASR), another VM replication technology, or the Azure Resource Move process.
The result of the three steps above is a Spector managed Azure environment with connectivity to an existing IT environment, AD visibility, and the ability to move VMs from one environment to the other without the need to re-join the domain or reconfigure the operating system.
Once the migration has been performed, you may also consider a reengineering of your cloud solution to better tailor it to its new home or seek alternatives that better suit your digital transformation goals.
Sample Scenarios – Outcomes and Key Steps for Successful Cloud Migrations
In this section, we will look at two cloud migration scenarios of varying complexity and examine the steps in that migration and the outcomes, skill sets, and time scales to achieve them.
Sample Scenarios – Outcomes and Key Steps for Successful Cloud Migrations
In this section, we will look at two cloud migration scenarios of varying complexity and examine the steps in that migration and the outcomes, skill sets, and time scales to achieve them.
Scenario 1
25 user Accountancy Practice using traditional desktop-based applications such as TAS books, Sage Line 50 Accounts, Various Payroll applications.
Current Situation
The company is based in two geographic locations with staff performing a range of financial services including accounts production, tax planning, pension planning and payroll services. Staff work between the office, home and audit locations using laptops. Each site has a centralised server. There are two separate domains, as the second site was a result of M&A.
Current Issues
- All applications are traditional desktop or client/server applications that require constant and disruptive updating.
- Adding new staff is laborious and time-consuming.
- Client files are transferred to laptops for offline working.
- With restricted travel, it takes time and effort to gather all the data required.
- Staff find remote working challenging with VPN and password reset issues.
- Operations are only 80% as productive as their pre-Covid 19 levels.
- Staff cannot easily share and work from both locations as their business data is located on different systems.
- Communications are challenging, with most staff reverting to mobile phone usage. Clients complain that they cannot get through to their main point of contact.
Goals
- The ability to communicate and collaborate in real time with both clients and other staff members across both offices.
- Easily gain access to files – both online and offline – from any location on any device.
- Migrate accounting clients to a new centralised cloud-based platform that cuts out all the file transfers.
- Deliver a consistent desktop experience for all users that is quickly scalable and accessible from any location.
- Improve efficiency and focus on consultative rather than transactional relationship with clients. – Drive centralised reporting and KPIs.
- Reduce IT headaches and management costs.
- Improve security and compliance and enter a long term improvement programme.
Cloud Migration Plan
- Upgrade all users to Microsoft 365 Business Premium
- Set up a new Azure AD environment – the old AD was an inherited mess.
- Extend the network from both locations to Azure using site to site VPN.
- Migrate file server to SharePoint Online, allowing users to collaborate and share data with each other and clients.
- Set up Windows Virtual Desktops for users of Client-Server apps.
- Perform a fresh install of Accounts Production Virtual Server.
- Migrate data sets from client-server applications to new Azure-based Virtual servers.
- Set up backup and Site recovery for DR.
- End-user testing and go live.
- Setup Microsoft Teams for Chat, Collaboration and Telephony – replacing several legacy systems.
- Rollout security policies via Intune and Advanced Threat Protection.
- Set up data retention and compliance policies.
- Traditional desktop-based accounts (Sage, Tas, etc.) migrated to Xero & AccountsIQ. Parolla for payroll, depending on client requirement. All with detailed KPI plugins allowing for more consultative practice management.
Outcomes
The primary outcomes come from consistency and efficiency. The consistent end-user experience and modern look and feel make it simpler to train and onboard staff. The client also reports better communications and access to the team with better reporting outcomes.
There has been a 20% increase in pre-Covid efficiency as there are less blockers and time wasted in communications and technical difficulties.
Scenario 2
Manufacturing and Distribution Company both producing and distributing goods to several European markets. Offices in 3 countries. 130 staff. Manufacturing and storage warehouse. AD, File & Print, ERP, Web Orders, CRM, TMS, Exchange Server, ERP – all Server-based. Ageing SAN and infrastructure. Traditional PRI based PBX. Forty reps on the road. Fifteen expert engineers, balance office-based.
Current Situation
The investment in technology has been slow over the past several years. There has been a strong emphasis on security – so much so that all technology is located on-site. There is now a desire to migrate technologies to a cloud-first strategy where possible. There is a strong desire to allow for greater working agility and flexibility as offices are downsized in favour of smaller hot desk sites with flexible meeting rooms.
Current Issues
- There is no defined IT and cloud-based migration strategy.
- Technology management – support and applications are costly, with multiple 3rd party relationships that are difficult to manage and coordinate together.
- Traditional applications have slowed down the adoption of new agile technologies.
- There is a widespread use of shadow IT and security concerns as staff try to work around the technology limitations.
- A traditional UC solution is expensive and needs complete and costly replacement.
- There is a need for a rethink and rewiring of all security technologies.
Goals
- The first goal is to develop a strategy and simplify the IT supporting all business functions.
- Move obvious workloads to the cloud – File, AD, Email, Comms and Collaboration.
- Review core ERP and CRM solutions to see if the cloud migration path is open or seek alternatives.
- Upgrade existing hardware – where necessary.
- Complete cyber security review using the NIST Cyber Security Framework and Enterprise Grade security solutions to protect all company, people, and data assets during the migration process.
- Review and enhance Disaster Recovery solution.
Migration Plan
- Develop Strategic IT Review and Roadmap for:
- Applications – End-User
- Comms & Collaboration
- Applications – Enterprise
- Infrastructure
- Cyber Security
- Business Continuity
- Establish Microsoft 365 Tenancy with E5 Licence – this delivered a consistent application experience for all. In the process, we migrated all telephony, IM, conferencing, and communications through Microsoft Teams saving 20k in annual charges per annum.
- Full email migration to the cloud with full security capabilities such as MFA, Legal Hold, Data Retention and Mobile management capabilities.
- New core infrastructure hardware to include core networking, security, and firewalling (Sophos solution with Synchronised security and 24/7 managed threat response).
- Sales, Finance and Admin all working through SharePoint for file sharing and management.
- Engineers and higher end-users using Windows Virtual Desktops with Azure High-Performance File Shares to support Revit and “chatty application” workloads.
- Migration of core servers for ERP, CRM, AD Devops to Azure-based Virtual Machines.
- Extension of local networks to Azure using IPSEC VPNs.
- Longer term partner strategy with ERP solution to private cloud infrastructure.
- Azure backup and Site Recovery solutions Veeam & Zerto based backup and Site Recovery solution with full tested failover for business applications.
- Set up backup and Site recovery for DR. Fully monitored and tested.
Outcomes
This 14-month project has reduced management costs by nearly 80k per annum. Traditional longwinded processes have been replaced with newer, more agile methods allowing staff to focus more on developing new products and go-to-market strategies. Technology is now seen as a real business enabler. Cyber Security protection is now a topic at the board table with a mature and tested platform in place – with clear lines of reporting and responsibility.
Conclusion – Assisting with the move
As you must have noticed, a proper cloud migration process tends to be very complex and has many instances where it could go wrong. To ensure your files and operations are secured in the cloud, you should find a trustworthy provider to advise and guide you over each step and who essentially watches all details for you.
If you already found that provider, use this guide to ensure nothing less than perfect is delivered. If you are still looking, be reassured we will be happy to assist you in this transition. We’ve helped businesses of many verticals and sizes in migrating to the cloud and will be able to take this heavy load from you and deliver a seamless experience to your employees and customers – light as a cloud.
Book a discovery call with one of our experts today and learn how we can transform your business with the power of technology.