What We Did | SiFr
top of page

PROJECTS & CLIENT SUCCESS

We've done a few things. Read about our client success stories and our past projects to see if we'd be a good fit for your needs. We think you'll like what you see.

Relationship:

Client Industry:

Managed IT Security

Relationship:

Client Industry:

Risk Management

Wealth Management

The client, a wealth management advisory firm wanted to transition away from their existing IT managed service provider (MSP) as they felt the monthly subscription model was no longer a fit for their business. We were engaged to evaluate the client's IT needs, provide industry standard strategy, and mitigate ongoing risks. We did it all, without a monthly subscription, and no new hardware or software subscriptions to buy. We continue to deliver IT Risk Management Service to this client.

Managed Services

Risk Management

SiFr

Active Directory (AD) Assessment

Relationship:

Client Industry:

Consultation

Retail

The client, a national retail chain, had a legacy Active Directory Domain to manage all their corporate devices and users. Due to the age of the systems, and the inconsistent processes, the AD environment was quickly getting out of hand. 


The client experienced service delays and out of sync configurations as part of the symptom of a domain environment that has sprawled in its decades of operation. 


As a supplement to their in-house IT team, we were engaged to perform a thorough assessment of the client's AD environment and provide industry best-practice advice and guidelines surrounding OU Design, Group Policy Management and AD Schema. 


The client had competent technical staff familiar with automation and scripting but could not utilize automation in many aspects due to the lack of standards. We developed (and trained their IT staff) on automation methodologies and process standardization which are key to efficiently managing the environment.

Active Directory

Assessment

Frank

Office 365 Enhanced Security

Relationship:

Client Industry:

Implementation

Education

The client had recently migrated their email server to Exchange Online and was concerned about an access breach after noticing anomalies in the users' login patterns. We were engaged to implement O365 security features that would grant or block access based on access location. This implementation utilizes features already present in the client's O365 licensing but was not actively being used. By implementing the feature, the client acquired more security to their environment without additional cost.

Office 365

Security

Sijia

SCCM - OSD & Updates Management

Relationship:

Client Industry:

Implementation

Government

The client had implemented an SCCM environment with their onsite staff with the guide of Microsoft Docs. However, they encountered numerous issues after implementation, not the least of which was that they were unable to deploy their Operating System (OS) image as they had intended. We were engaged to troubleshoot what was not working and to provide best practices on SCCM. After investigating their SCCM deployment, as well as a complimentary environment scan (we do this with every environment we step into), we discovered that their SCCM environment was deployed against Microsoft recommendations. This not only caused performance issues, but would eventually result in the server seizing up. We redeployed the SCCM environment, provided reasoning for the best practices, and implemented the various features the client requested, in managed phases. Each phase was tested and validated before progressing to the next. This iterative approach allowed the client to utilize each new feature as it became available, and gave the client a predicable implementation schedule. By the way, remember that environment scan we did? We found the client's domain DNS was configured erroneously. As it happens, this was causing many of their internal application server to mysteriously "fail". Needless to say, the client was happy to receive not only a functioning SCCM server, but also stable application servers. Yippy!

SCCM

Operation

Sijia

AD Domain Migration

Relationship:

Client Industry:

Implementation

Transportation and Logistics

When the client acquired a subsidiary, they wanted to consolidate the two Active Directory environments to a single domain to reduce IT administration overhead. 


We were engaged to provide complete oversight for this large scale domain migration. As we do in any of our projects involving domain infrastructure, we started with a health check. We discovered their AD replication service was still on deprecated FRS which meant there was a limitation on the server version they could utilize. In order to allow the client to use the latest version of server OS, we upgraded the client's replication service from FRS to DFS-R. As well, we raised their domain and forest functional levels. Then, we proceeded with a phased approach to migrate their users, computers, and finally application servers.


The user migration aspect was particularly interesting. A previous vendor had performed a "user migration" in order to consolidate the users' O365 (Azure AD) credentials. However, the vendor didn't enable bi-directional trust relationship. This left the company's users with two separate logins into two separate domains in order to do their daily work tasks. 


Not only was this time-consuming for the staffs, it was causing administrative issues for internal IT having to manage two separate sets of user credentials. Increasing complexity in the client's onboarding and off-boarding processes. We enabled this bi-directional domain trust, and updated internal processes as a first step to the domain migration. This ensured the users could start using their new company credentials, making the rest of the backend domain migration seamless to the end users.

Active Directory

Migration

Sijia

Relationship:

Client Industry:

Social Media Strategy & Process Documentation

Relationship:

Client Industry:

Consultation / Implementation

Professional Services Firm

The client, a professional services firm, had recently undergone some staffing changes and wanted to review their existing social media processes and strategies before they proceeded to hire a new social media manager. 


We were engaged to evaluate their existing processes, make recommendations where appropriate, and document existing processes that worked well. This meant the client had a well-documented process and proper training documentation for any new hire stepping into the role.

Social Media

Content Creation

Sijia

Exchange Migration

Relationship:

Client Industry:

Implementation

Public Sector

The client was looking for solutions to modernize their IT environment. Initially Exchange On-Premise was proposed by a different vendor. We advised the client to move to Exchange Online given the scale of their operation, and their limited internal IT resources. By migrating to Exchange Online, the client gained significant Disaster Recovery capabilities in addition to industry-leading security and regulatory compliance compared to their on-premise environment, which was a single Exchange server with no fault tolerance.

Exchange

Office 365

Cloud

Sijia

SCCM - Custom Training

Relationship:

Client Industry:

Training

Solution Provider

Our client, an IT Solutions Provider and Managed Services (MSP) firm, had recently taken on a new client for managed services, but the client needed some IT expertise that the MSP didn't have, namely working with SCCM to manage patches and updates. We find this not uncommon since most MSPs work with small to medium sized businesses that don't usually have the resources to invest in a high-cost system such as System Center Configuration Manager (SCCM). However, we come from enterprise environments and have implemented many SCCM environments from the ground up. We were engaged by the MSP to provide training, documentation, process definition, and a hands-on workshop around workstation and server patching to the MSP's IT staff. At the end of the engagement, not only was the MSP staff trained on managing their client environment, the MSP client also received an automated patching schedule that will ensure their endpoints are protected going forward.

Training

SCCM

Sijia

Domain Controller Upgrade

Relationship:

Client Industry:

Implementation

Entertainment

We were engaged to upgrade the client's three on-premise domain controllers. As part of the engagement, we performed a DC health review complete with DHCP, DNS, and AD replication health check, which we do with any engagement involving domain infrastructure. During the health check, it was discovered that the client environment was still running on FRS as the domain replication method. This method has been deprecated for quite some time. As well, we discovered that the client's DCs were not set to use proper time server hierarchy. This simple oversight would cause major problems with the entire infrastructure's authentication and logon process if the VMs internal clocks were to drift. We corrected these misconfigurations and proceeded to upgrade their DCs to the latest OS, as well as upgraded their Domain and Forest functional levels to support the latest ADDS features.

Infrastructure

Domain Controller

Sijia

Microsoft BitLocker

Relationship:

Client Industry:

Consultation

Pharmaceutical

In this project, the client requested an environmental readiness review for the implementation of disk encryption via Bitlocker. As well, the client requested that implementation best practices be provided. We provided a detailed environment assessment report which included deployment recommendations and rationale, as well as any "gotchas" surrounding Bitlocker, such as, managing their AD Recycle Bin (ADRB) objects that have Bitlocker keys attached. Most internet articles tell you to delegate Full Access to the msFVE-RecoveryInformation object in order to manage Bitlocker keys in AD. Nope. Just like you don't need Domain Admin rights to be a service account, it's not necessary to provide Full Access rights to the Bitlocker recovery object. While some admins can think we're just splitting hairs here, we believe proper access delegation is an integral part of the Least-Privilege model of security defence. Much like daily oral hygiene will save you from expensive dental work were you to solely rely on 6 or 12 month checkups, we believe good security hygiene can go a long way save you from painful and expensive cyber breaches.

Bitlocker

Encryption

Security

Frank

AWS Optimization

Relationship:

Client Industry:

Consultation

Heavy Equipment

The client had recently undertaken a project to branch into Industrial Internet of Things (IIoT). They had engaged a software developing company in India in order to produce the end product. However, the developers were not well-versed in IT Infrastructure. As software developers frequently do, they provisioned as much resources as possible, instead of right-sizing their environment. As a result, the cost in AWS (Amazon Web Services) quickly got out of hand, costing the client hundreds of dollars in a single day before the app was anywhere near production. We were engaged to bring the AWS cost under control by right-sizing the development servers. As a bonus, to address the fact that the developers were updating code in production (and as such, things were in constant flux with no version that was release-ready), we provided industry best practices regarding dev environments and release management.

AWS

Optimization

Sijia

Windows Virtual Desktop (WVD) Implementation

Relationship:

Client Industry:

Implementation

Wealth Management

The client, a wealth management firm, sought us out to quickly implement a robust and secure remote working platform when the COVID-19 pandemic forced their entire workforce to work remotely. We settled on Windows Virtual Desktop (WVD) for its ease of use, management, as well as scalability. The environment was completed within 2 weeks and delivered to the client, along with proper file management, backup and retention, all completely in the cloud. The client's resulting environment is entirely Azure based. This not only enabled the client's workforce to work remotely, but entirely eliminated their on-premise domain environment, saving them thousands of dollars a year in licensing and hardware management costs.

Windows Virtual Desktop

Azure

Sijia

Server and Workstation Refresh

Relationship:

Client Industry:

Implementation

Veterinary Health

The client, a large veterinary clinic (complete with their own diagnostic laboratory and imaging equipment onsite) needed their entire IT infrastructure setup and refreshed for their brand new clinic. During the discovery process, we discovered that the veterinary software required a SQL instance and that their SQL server was previously co-located on their DC. This is not best practice as it creates undue complexity in future DC upgrades; as well, it undermines the performance of the SQL instance and created a slowdown for their clinic operations. We deployed a brand new Dell server host to support separate Hyper-V VMs to be stood up as a new DC and to support their clinic software. As part of the deployment, we also set up the infrastructure with naming conventions, AD delegation groups, and folder permission groups to ensure their practices were easily scalable.

Server

Workstations

Domain Controller

Sijia

SCCM - Updates Management

Relationship:

Client Industry:

Implementation

Public Sector

The client had inherited an SCCM environment without any documentation from the previous IT manager. We were engaged to address this shortfall and to make sense of the previous configurations. We provided documentation on the existing configurations. As well, we created step-by-step processes for their internal IT staff to follow for their ongoing patch management process. As part of the training, we also guided the client through best practices such as testing and pilot groups to ensure patches did not have unintentional consequences impacting business operations.

SCCM

Patching

Sijia

Exchange Decommission

Relationship:

Client Industry:

Implementation

Professional Organization

The client had recently moved their exchange environment to Office 365 through another vendor. The vendor did not complete the migration fully and left the client's on-premise Exchange environment intact for them to deal with. We were engaged to decommission the legacy on-premise Exchange environment, since, leaving the legacy Exchange environment somewhat defeats the purpose of migrating to the Cloud. Care had to be taken in decommissioning an on-premise Exchange environment since it is closely tied to the on-premise AD environment. Simply removing the legacy Exchange server would leave many of the user attributes locked and unmanageable. We successfully removed the server from the client environment and provided advice on how to manage the environment going forward.

Exchange

Office 365

Sijia

bottom of page