Client: Paul Edgar P/L is a small Melbourne-based Accountancy and Financial Planning firm with a team of five staff. 

The Problem: Paul Edgar P/L were using an ageing Microsoft Small Business Server to manage their operations. However, the server’s hardware has been showing signs of reaching the end of its life, necessitating a crucial upgrade. On top of that, frequent compatibility issues between their MS SBS 2003 email exchange and the 2013 version of MS Outlook running on their desktop and laptop computers were causing downtime and frustration and affecting the teams’ productivity.

New computers needed to be downgraded to MS Office 2010 to integrate with the email exchange, which solved the immediate issue but was counterintuitive long-term. It also meant that staff could not access new features of MS Office 2013.

The team’s impending loss of mobile email access further exacerbated the situation. With the server’s lifespan close to over, there was also ongoing stress that hardware failure could result in two full business days of email data blackout. Responsive client communication was key for the firm, which motivated them to seek a solution.

This is where Proactive Technology Partners steps in.

The Solution: While the obvious solution was to invest in a new server and update to the latest MS Server version, the cost implications were significant. The firm consulted with Proactive Technology Partners for a less expensive yet equally effective alternative to address the issues they were experiencing. 

Proactive Technology proposed a cost-effective staged approach that resolved the company’s IT  problems and mitigated risks associated with the ageing server. The first step was to migrate the company’s email exchange from an on-site server to the modern MS Office 365 cloud platform. This ensured that Paul Edgar Pty Ltd could enjoy uninterrupted access to email correspondence without fear of data corruption or business downtime, and it enabled them to delay the costly exercise of replacing their server.

Positive Impacts: This transition brought numerous advantages for the team while removing the high upfront costs of a new server and the ongoing stress of downtime.

The new setup came with many benefits, including:

• Enhanced security, with advanced features such as remote data wipes for lost or stolen devices.
• Increased storage capacity of up to 50Gb per user (the previous email exchange was limited 72Gb in data for the whole company)
• Shared calendars
• Access to Outlook Web App for remote email access, which has superior functionality and a much better user interface
• Increased productivity and collaboration

Conclusion: By providing a staged solution, Proactive Technology Partners ensured that Paul Edgar P/L met their objective and increased their technology functionalities without significant investments in new technology, optimising their IT budget.

The new platform created a future-ready infrastructure, with the cloud migration ensuring a scalable and adaptable option to meet the company’s evolving business needs. 

The migration ensured a seamless data transition, safeguarding historic data during the switchover. Heightened security ensured the company increased their ability to protect client and internal data. Overall, it removed the ongoing downtime and risks, while increasing the teams’ ability to do their work effectively.

Our Client: A large Asset Management Company based in Melbourne and operating since the early 2000s, working with wealthy individuals and companies to deliver superior investment returns.

With approximately 40 employees – across multiple locations, including overseas – they deal with property-specific investments secured by a single asset and pooled funds with varying risk and return options to match investor preferences.

Naturally, dealing as they do with large sums of money, they are a ripe target for nefarious actors seeking to misdirect funds or access Personal Identifiable Information (PII). The company had already been the subject of several unsuccessful cyber attacks. They were very much aware, and rightly concerned, that it may only be a matter of time before a successful attack exposes them to, at best, embarrassment; or, at worst, financial ruin.

This is where Proactive Technology Partners steps in.

The client already uses multi-factor authentication (MFA) to secure their Microsoft 365 tenancy, with emails in Exchange Online and files stored in SharePoint. MFA also secures their VPN. Further safeguards include Sophos Endpoint Protection and Sophos Firewall with advanced threat protection and website filtering.

The primary threat to this company is two-fold. The large sums of money they manage could be misdirected via invoice fraud. Additionally, investor data stored in their SharePoint contains private and confidential PII that could be used for identity fraud.

While MFA is enforced as a security measure for all users, it could be circumvented if a nefarious actor includes an MFA credential input in a phishing form. This could potentially allow unfettered access to the company’s entire data suite.

Clearly, Proactive needed to find ways to enhance security beyond MFA.

We focused on the risk profile of the M365 tenancy and researched options to enhance security there. We decided the best way to reduce incursion risks into M365 was via Conditional Access, which allows us to set certain conditions that must be met before M365 access is granted to any user.

We enacted two Conditional Access policies:

• User access to the M365 tenancy is now restricted to devices registered with Azure AD. If a device isn’t registered with Azure, it can only access M365 while physically located within the client’s office.
• For users who need access outside of the office from non-registered devices, a pre-existing VPN must be used.

Implementing extra security measures through these Conditional Access policies means that M365 is now much more secure. Happily, the net reduction in risk has also reduced the company’s Cyber Insurance premiums!

The project outcome is doubly sweet because an investment in information security gave the company peace of mind, and positively impacted the business bottom line.