Case Study - An Office of the State Treasurer

The Problem

Like any government organization, the Georgia OST was looking at several challenges that were only amplified by the COVID-19 situation. At a high level, the business challenges were:

  • Employees going remote and operating from outside their on-premises network
  • Rising budget cuts
  • A need for heightened security posture owing to the nature of sensitivity and confidentiality of business operations

The Solution

The principal objective of the engagement for FyrSoft was to:

  • Assess and analyze the security posture of customer’s current Azure environment
  • Configure features that enable better management and enhanced security of the customer’s remote work environment

As part of the scope, FyrSoft leveraged:

  • Microsoft Surface devices – as modern endpoint devices to facilitate better device management & monitoring
  • Azure AD – for identity management
  • Multifactor Authentication (MFA) with conditional access – to enable user login contingent on predefined conditions
  • Windows Hello for Business – for strong, two-factor authentication
  • Microsoft Intune – for device compliance policies and secure access to data
  • Device configuration profiles – to enable automatic device configurations through Microsoft Autopilot feature
  • Azure Sentinel – for reporting that in turn contributes to better decision-making

Architecture Overview of the Solution

FyrSoft’s solution involved:

  • Commissioning Microsoft Surface devices as endpoint devices for remote employees for better modern device management practices
  • Assessing customer’s existing security policies, configurations, and settings on Azure such as Multifactor Authentication, Microsoft Intune Device Compliance, etc.
  • Designing a solution by juxtaposing customer’s existing policies with Microsoft recommended practices and settings
  • Implementing the designed solution by closely working with the customer
  • Testing the implemented solution by creating test groups to verify the new policies for Microsoft Intune, Multifactor Authentication, while enabling FIDO2 security key login access with Windows Hello for Business
  • Configuring Autopilot for newly procured Microsoft Surface devices to ensure that users need little to zero assistance in enrolling their devices on Microsoft Intune
Contact Us Now!