View Recording: Special Edition: M&A in the Cloud Era

Joe Steiner 0:06 Hello everyone. Welcome to our webinar for today. We’ll be talking about mergers and acquisitions in the cloud era. I am Joe Steiner. I’m a solutions architect here at Concurrency, and we’re going to be talking about how do you use the cloud and the various technologies. They’re in to be able to help organizations both to split off business units as well as then integrate and or merge business units into there and so we’ll walk through. All of that as we go. If you have any questions, please feel free to put them in the chat and we’ll gladly respond. Otherwise we’ll take questions at the end. Thank you all. So we think about M and A and and and you know kind of the the need for. These techniques and kind of the thought process, really there’s there’s about four different situations here. One is you might have a three-party M and A where I’ve got a division one organization that’s going to be splitting out, divesting and then being transferred over to another organization. I call the three parties, as you’ll see in a minute, is because that division itself becomes kind of its own entity there for some time as it’s as it’s coming across two party M and A, where there’s an organization that’s being acquired as a whole by another organization. And we’ll kind of talk about that a little bit divestiture where again, we’re taking a business unit from one organization, splitting it off and then it becomes its own separate organization and then the segmented organization and this is an organization that maybe over time. Due to M and A activity that’s occurred is or because it’s, you know, as like a holding company or those kinds of situations, there are a number of separate companies or business units that operate as if they were their own companies. Underneath one company’s umbrella and OK, how do you, how do we then deal with that? So a lot of different situations, I’m seeing a lot of things, you know, over the past 30 years working in the environment, there’s been, you know, been part of a number of. M and A divestiture activities, you know acquiring other companies and then helping clients with the same. So we’ll just kind of talk through some of the the major thought processes here as we we talk about things just for kind of definition here. When I’m talking about the originating company as a whole, talking about, I’ll refer to that as Exco. That’s the kind of former entity that had originally owned that business unit that’s either being spun off or is being. Spun off and then transferred over to an or other organization. Move Co is that business unit that’s moving from one organization to the next, and then New Co is what that new organization is after the transition. So whether that’s M and A, the organization that is acquiring that that division that’s moving over just for reference, when we look at three-party M and A, you know frequently what you’re dealing with here is in the Xco is. Dealing with OK, how am I going to separate out and then protect the assets being data to hardware, software and as well as then services that you’re offering? To that that that organization and possibly even receiving from that that organization that’s moving on. Move Co would be dealing with OK, how do we just maintain ongoing operations we’re we’re gonna be separated from from how we’re operating today. Making sure that there’s no major disconnects in services and so that it’s able to continue to operate while it’s being acquired by the new entity or moving off on its own. And then Newco is really, you know, how do we plan to? Bring in that move code that that the business unit that’s moving in, how are we going to be integrating that into our environments? Are we going to merge that in so that it’s all we’re all one big happy family or are we going to allow it to continue operate on its own for some time and then have to be able to provide services? For it that the Xco used to provide for it, possibly those are all things will have to be considered during the transition. You know Xco really kind of focus there is on protecting the assets that it has in place. One of the big concerns there frequently are we’ll have people in that move code that have access to data and or systems and they need to still have access to it. They may even have access on a on a temporary basis through a TSA or an arrangement there. How do we protect that X code where that move code is now no longer us? And so we need to ensure that our data state is protected, that they can’t access things that they shouldn’t as an outside entity now. You know, Moveco is going to be dealing with, OK, what are we integrating to next? What are we migrating into? And then Newco in these situations would be working on how do we incorporate that Moveco in either via migration or some kind of integration. Two party M and A is a little easier, but I I I still highlighted it using the three different entities, mainly because the mindset has to shift here where Xco now is becoming moveco, you’re no longer. Responsible only for yourself. You need to be thinking about, OK, what is this, this new code that we’re going to be a part of? What is it that I need to be thinking about that they’re doing or they’re expecting or that that they’re going to be providing and so. It really has that shift of a mindset to what Movco is in the that kind of traditional three-party M and A the transition there again migrating, integrating and then Newco’s, you know focus is still the same there divestiture, you know the existing company. Exco would, you know, work at OK, how do we separate out and just like in the three-party, how do we separate out assets and services? Move Co’s got a plan on, OK, how do we maintain on ongoing operations and we’re gonna have to do this for ourselves, right, as opposed to a new Co which may have. Platforms in place that we’re now going to adopt moving over. Now we’ve got to maybe speed working more at spinning up new services for ourselves and that’s what you’re going to be dealing with in the transition as X Co again is protecting assets, maybe having temporary services provided. While we’re while we’re moving over and until Moveco as it’s becoming Newco is able to establish those new services for themselves. So just kind of setting the the framework there, the reason we go through all that is there’s really 5 core activities. In terms of IT that need to be taken care of, one is the separate shared decisions that need to need to happen, dividing up people, making lists of who’s going to be in what company, what systems and services are going to be in what company. As well as the data assets on hardware and software, but what’s going to move over, what’s not? And so what’s and then perhaps what might still be shared in this new world for some time, either through a temporary service agreement or even long term depending on the nature of the. Of the organizational change protection. Protection is very important here as we’re separating and sharing things. How do we protect those shared systems, services and assets so that we’re ensuring that this is now a separate outside entity? That we’re agreeing that they can access these things, but they can’t still access all the things that they could before. And So what are the things that we’re doing to put in place to protect ourselves from things that they used to be able to access that now they shouldn’t. And and there’s some, there’s some kind of key capabilities there that you should be aware of to to help with that. Extending services. So now you know and frequently this is the new Co that might be doing this, but it also could be the X Co that that’s having to do this in in a different way is how do we expand services and systems to provide. For new users or users in different situations than they were before. If I’m going to continue to offer services as the existing company, how am I doing that now that this is now a separate entity in its own separate infrastructure that is different than it was before? And so how do you, how do you adapt to that? Also then you know if I’ve got this influx of users in the environment, how am I going to deal with with that as I’m as I’m bringing them in introducing new services. So this is you know something that it’s an organization you’re doing all the time. This forces that issue frequently when you’re obviously when you’re going through these kind of activities. Because there are services that the separating or that Moveco no longer has access to, it’s gonna have to establish those for itself now where it had those capabilities before if it was in an M365 tenant before along with the. The existing company, now it’s got to establish its own and going through that process. And then finally we’ll kind of talk about integrating versus migrating. And we have seen over time a lot of organizations say, hey, the ideal is to get them all folded into one tenant, but we’re undergoing a lot. There’s a lot more than just. What’s happening with IT when you’re going through merger and acquisition technologies, there’s cultural changes, there’s operational things that are going on, there’s marketing activities that everyone’s very busy in these. There’s a lot of work to be done with these things. Organization over kind of as is, let them continue to operate at some levels and then we’ll kind of integrate them overtime, if not merge them in at that point. And so there’s kind of some decision criteria there for how to go about that. So we’re talking about all this, there’s there’s certain fundamental tech that needs to be considered. Obviously you know the the whole tech landscape is, is is important. But you know really when you’re you’re talking about this, some key areas are within the core infrastructure space. What are you doing with your domains, right? You’re spinning off a new company. You’ve got to create a new domain for it. Where is its DNS coming from? How are you handling certificates? Frequently there are centralized certificate authorities and organizations. How are we handling that so that all of a sudden these systems? We don’t go offline where the certificates expire and we don’t have the new authority set up and planned for that. How are we handling simple things like file and app servers and the applications they’re in and networking? So that needs to be addressed. There’s also, and this is gonna be a really key focus here as we talk about, is the identity management and system access. So as I’m moving these people out, how am I still managing their? Access and what they can, what they can do in their identity within the organization to allow for maybe access to Shared services as well as then any new services that they’re going to be combined into. And what are the different ways that we’ve seen organizations do that over time and manage that and that really is kind of core. To so many things, especially if you’re leveraging cloud in this environment, it’s key to to how cloud is secured and and managed ultimately and it’s a very, very important area there. M365 service, a lot of customers are using Microsoft 365, but. How we handle e-mail, calendar, team, SharePoint, online file shares, OneDrive, communication systems, all all that. I want to talk a little bit about how we handle Microsoft 365 and some of the options available that maybe. People weren’t aware of before, but that might be relevant in these kind of situations. Cloud and app infrastructure, so things you might have hosted in Azure or you know other cloud services and then what do, how am I transitioning that over to? To other areas and or you know it could be on premise app infrastructure that I’m moving to the cloud because of the merger and acquisition move that’s happening here. I no longer have access to that the on premise infrastructure. I now still need to have that service, but I need to have it on my own. Clouds are sometimes an easy way to spin that up, even if it’s in a just a transitionary period until they can move on to that new cos infrastructure. And data platform, how are we handling data, whether it’s stored on premise, in cloud and in system. And the in system part can be a big one as we’ve had some work with companies that had you know acquired different firms, each have their own ERP systems. And that’s fine, that company can operate off of that. But now that I’m part of a large organization, that large organization wants to be able to see some of that data too. What are some of the things you can do to to address that? So just some of those things that at a at a high level will be will be addressing today. You know starting with you know identity and and access and and device management, you know Entra and Intune are are kind of key to this. If you’re leveraging the Microsoft estate for this, they work together provide that security and management enable help enable the beginnings of of zero trust there. Which you want to maintain security through all of this and provides that, you know, kind of control, access control plane for users, devices, applications, cloud services, management, security groups, all of which become very important when we’re dealing with with anything else that we’re talking about here today. A lot of this is going to what you’re able to do will depend on where you’re are in the entering into an architecture progression. This is you know kind of the five stages of this as laid out by Microsoft. I would argue if you’re if you are cloud first, it’s going to offer some other. Benefits to you, particularly talk about cross tenant synchronization and some of those things. So if you’re a cloud first AD minimized or 100% cloud, you’re in a better position and the ability to be a little more agile with what you can do going forward. If you are not and are still heavily reliant on AD on premise, that’s going to be kind of a key differentiator there in terms of do I have is can the Active Directory servers move with me? Are those is the forest scope just to me or am I part of another forest there? Do I need to build? That should I go straight to more of 100% cloud because I have to build it now. Those are different situations that they’re going to have to be managed through the course of the and thought about early on because everything else is going to build off of these things, so. You know, one of the first activities that we’re working at is, you know, how are we separating sharing. So first step there is designating the people, systems and data they’ll be moving with Moveco. Any of these situations, Movecos, that entity that’s transitioning here, whether that’s being divested, whether that’s being. It’s part of a M and A activity. So you know who all if it’s it’s a two party M and A, the answer is everything. If it’s three party M and A, well that’s a little more complex or a divestiture again a little more complex because only part of the organization is moving. So I need to be able to designate those things that are going to be moving over. I need to look at how am I going to determine any dependencies or integrations of the systems that are moving and how do I separate that off or compensate in other ways by maybe replicating. Infrastructure that that would need to exist on both sides then once you have a a a separation in there that that no longer allows me to for those things to exist and how do you determine that being able to designate systems and data that will need to be accessed? By move code for a defined transition period. So here’s the stuff that’s moving, here’s the stuff that’s not. How do we provide for move code to still function and be able to access those systems and services that it needs? In the interim, this frequently is where the TSA agreements would would come into play and how we’re handling, you know that that kind of temporary access across between different organizations. And finally, what are the systems and data that need to be accessed by the existing company? So I’ve got in a divestiture or a three-party M and A, I’ve got Moveco moving out, but maybe there’s things in Moveco that I’m reliant on. Still, what do I need to do? Even though I’m I’m still staying as is at some levels, there is change here. What do I still need to be able to access going forward? Maybe it may. Even be just for a short period of time, I I’ve migrated this these the system out, but I still need to be able to access some information from there for my financial reporting. Possibly there’s there’s a host of situations there that that come into play. So it goes both ways in terms of how we maintaining some kind of. Access and or connectivity in the interim as we provide for the separation. So in general, I think the the general guidance is again, there’s plenty of change happening when you’re coming across any of these situations. So if anything in Moveco. Infrastructure service elements, you know that’s a AD server that’s scoped just to the force, just just handles that division that’s moving out, whether that’s they’ve got their own file and app servers there that are moving. You want to move all that as is. You don’t need to introduce more change. There’s going to be plenty of it and nobody needs. Any anything extra and frequent in these situations, the organizations and any of you that have gone through this know this that you’re not looking to add anything extra to it. We’re looking to minimize the the change that’s happening. So move anything you can but then. For anything that’s that’s going to have to remain Shared and or you’re going to have to provide for new, how are we dealing with that? So in the core infrastructure space we’re talking about you know how you how are you going to migrate Shared services where if I’ve got a Shared DNS. DNS and certificate authority file shares. How am I handling that right? Am I setting up DNS and certificate authority services in the move Co or is new Co going to provide for that? That’s something that has to be decided. Would it make sense to move them into New Co’s cloud or establish cloud for themselves just to be able to separate them and then New Co can decide what they want to do with them long term? Those are decisions that’ll need to be made with identity and access. How am I moving that into the new Co or new enturing into an environment? It’s a divestiture. They’re going to have to have their own. If it’s if it’s a merger activity, how does new Co and and us want that to the move Co want to have that? Am I gonna move into theirs? Am I gonna have to have my own? Here’s where, and we’ll talk about this in just a moment. You might consider using the cross tenant synchronization capabilities if the Moveco has. Its own and can move over, but you want to have some integration with Newco. Cross tenant synchronization can be very beneficial there where you can start collaborating across different systems, particularly within the Microsoft 365 and Azure realm. And be able to sync up my Active Directory so that I’m able to use those control some of that together with that, while they’re still separate. The other thing we’ll see here is a lot of use of virtual desktops in in this space, so. Using things like Azure Virtual Desktop or Windows 365 and being able to spin that up to be able to help organizations help the users still access things. Why? I don’t want them to access everything else in the environment. They’re now separated. How do I give them temporary access? It’s a really good way to. To do that along with other benefits for it in other areas. But in these use cases we’ll see a lot of that used for Microsoft 365, do they have their own tenant now? Are they moving into new Cos tenant? Do we need to create their own tenant and again that cross tenant sync and. Business to business collaboration capabilities built into M365 become very relevant here in terms of how am I helping Moveco collaborate with Newco if if they’re merging together and or back to Xco if they still need to be able to access some things and and how am I like constructing that? And then finally we get into, you know, cloud and app infrastructure in the data platform. How am I separating existing cloud infrastructure? And frequently, if it’s all in the same tenant, at least start scoping that wherever you can by subscriptions. Because there you can then take those and and work at replicating that into a separate cloud tenant environment once that time comes and allows you to start scoping those down so that we’re able to see, OK, what are they still going to be able to access in a shared fashion versus what could be separated pretty cleanly? You might consider if they’re shared on premise applications here, you can consider maybe doing a replication of that into the cloud for Moveco before you’re maybe even moving that for the existing company allows them to still have that app or service available. To them as they’re transitioning, but they’re no longer on your on premise infrastructure where possible. One of the biggest things to look out for here is that as I’m moving things and or transitioning to the cloud, look at what the dependencies and integrations are there. This is. Frequently the same as you do if you’re moving an app to the cloud anyways, and you can use the same tooling for that and same methods to be able to do that, which we’ll talk about in a moment. And then considering if access to the to the existing shared data environment either way by Xco, Moveco, Newco. Who needs to be able to access what that they may no longer have access to going forward and what are some things you might do to help facilitate that in a secure and and efficient manner cross-tenant synchronization here. You know one of the things we talked about is. The ability to automatically scope certain users that are then replicated into another tenant. So I’ve got my source tenant, let’s say this could be the move cotenant, and then I’ve got the target tenant which is Newco. Without migrating everybody, I can start linking those. Those tenants together, replicating the users from the existing tenant into the new tenant so that they have an identity object there which then allows them to access different services within that new tenant environment. Without actually doing a migration, something that can be very useful again even for those in organizations that maybe have a number of separate tenants within them. This is a key piece of creating a multi tenant organization which is a structure that’s available now with with Microsoft. Be able to allow for some collaboration across there, even if you’re not in the same tenant. Again, allows for e-mail teams, SharePoint to be able to operate as if I’m in the same tenant in a lot of ways. Not all, but in a lot of ways. Be able to share files across there. You’re trusting the, you know, security in in in both sides. It also allows you to start using Azure and and being able to access Azure applications and that if anything that’s driven through Entre to be able to do do some things there. You know, in terms of being able to determine, OK, how do I get my hands around what all they do of are accessing and or if I know that this application is something that both in the existing code and move code needs to access. How do I determine the dependencies there in terms of as there are other groups that access this? Could this move with Moveco? What’s the going to be the impact to the existing company? If I do that, the Azure Migrate tool can be used to help with that in terms of. Inventorying it, determining OK is this maybe you know good Kenny to move to the cloud that relatively quickly to handle the transition. And then you also alongside that can monitor network and application performance. You can see the connections inside of there for different applications. Applications or workloads in terms of what else is it touching that, you know, it’s not just moving the app frequently, it’s also what’s the back end data, right? And is that something that can be moved with it or is that going to have to be separated and how am I going to go about that? But being able to identify that before you can solve for it’s key. So that you’re able to then be smart about what’s moving and you don’t have surprises as you’re getting further into the transition process and being able to, you know, again check data pipelines, check for third-party services that are linked in there, different API calls that are happening off of. Of the applications, it’s important to map all that out for anything that might be transitioning to ensure that everything’s going to still be operational as it moves for all parties involved. So if I’m going to have things that are still in a Shared space, one of the other things I need to make sure of is that I’m protecting any of the systems and data. I can’t just leave everything open as it was. I’m now scoping that down to you can access these things but nothing else and maybe putting some time. Time limits on that as well. And then you’ve got to continue to manage devices and compute access there. This is where virtual desktops will frequently come into play. As I’m going to protect this, I want to make sure that I’ve reviewed access between the existing. Listing company and the moving entity and that I’ve resolved any of the issues there. Again, identity access is very important here. Make sure that I’ve got strong conditional access and Intune. Policy set up, maybe a virtual desktops involved here, but also this is where cross-tenant sync can help with this so that I don’t have to open things up so much. I can actually limit that it’s specifically the M365 space. There are some key capabilities there that that you should consider using. One is purview and purview for data classification protection so that I can allow people to access data, but I might put a time limit on how long that’s going to be useful for them and then have that automatically. You know, die after a certain amount of time if they’re no longer part of the organization. The other thing I can put up in there, if I’m going to be in a Shared state for a longer period of time, as we will see sometimes, I can put in information barriers where. I maybe am not ready to move them out of my Microsoft 365 tenant, but our divestiture date is upon us. Information barriers is something I can do where they effectively are still inside of my tenant, but I’ve scoped what they can access down to just those things that are relevant. To them and that they are like in a separate organization within my tenant, within within certain areas that could be, you know, within teams, within file sharing and OneDrive, could be within SharePoint. A host of different different areas there within the the cloud app infrastructure space. Again, purviews relevant here too in structured data and being able to scope down what people as they’re now separated, what they can and can’t access. Onshore crossing sync. Again, tenant sync also helps with this and then the virtual desktops as well. So allows for access in a scoped way even when I’m separated from from another organization. All of this zero trust, very important in to to maintain throughout and we talk about protection in terms of where we’re gonna be exposing certain things for at what is now an outside part. They used to be part of the family, but now they’re not anymore. And so how am I by approaching that where I’m you know in never trust always verifies the general theme of of of trust zero trust and how am I verifying everything explicitly ensuring that I’ve only allowing access that’s needed and and and required? And being able to continue to monitor. So all the tools that are available for you want to have a strong zero trust framework approach towards this, particularly an M and A activity as there are if you have anything shared between them, if they’re not just moving cleanly, which is not always the case. How am I? How am I ensuring that that my existing environment is still secure as I would expect information barriers? Again, one of those tools that can help where here we see just within an an organization, but this could be. Different companies where you know I have you know these divisions that are that are moving off now they can access it. Some of them can access each other, some can’t and we’ll see this frequently in. M and A activity where this division’s going, this one isn’t. So I’m going to allow for this one to talk to these, but they can no longer talk to each other because they’re now they’re now separated. And so I can use information barriers to start carving out the organization. Putting people into different groupings and segments within the organization that then say, OK, you can talk to these people, but you can’t talk to these. It keeps them out of teams channels that otherwise they might be readily have access to, keeps them out of SharePoint sites and all the rest. Purview likewise is useful for for protecting your data specifically at the data level. So this allows us to tag information that I can then utilize to protect either from long term access or maybe. Allowing that for a certain amount of time. I can put tagging on there to only allow access for a certain amount of time and then it will encrypt the data and it just becomes an encrypted BLOB. It could be that I’m using this. They can get into our environment still and I’ve done what I can. With with scoping that, but there’s still certain information that they shouldn’t be seeing anymore. I can now scope that so that they have to be a live employee in order to open these files. This is something I certainly would start early because. If you’re going to be tagging everything, that does take a little bit of time. So you want to get ahead of this, but very useful tool for for protecting the data state, particularly in these kinds of of situations. Again, as we talked a little bit of a process here where you know frequently when I’m instituting purview. I’m going to start with putting on labels onto the the data and then I’ll start addressing those highly sensitive files and being able to put on auto labeling there. And then I start using DLP controls inside of there to prevent things from from moving out. And then I start expanding that across the estate because that takes a little time. This is something if you know you have M and A activity coming up, you want to get started with this early so that you’re ready when the the event’s going to occur. I have that in place. Finally, you know, one of the other things we’ll be doing is, you know, extending and introducing new services. And really, you know, after I’ve gone through, OK, here’s what’s moving with Moveco, here’s what’s staying behind, here are the gaps. All right, what are the new services that are going to? Be required by Move Co going forward and then review that against what New Co is going to extend. If there is a separate organization that this entity is being acquired by, that would have to be provided. If there isn’t a New Co, if it’s just the divestiture, well then what is that organization going to have to provide for itself? It’s becoming new Co and what is it going to have to do and how is it? How is it going to handle that? When you’re doing this, you really want to plan to deploy. As you’re planning what services deploy, you want to be looking at frequently a cloud first approach because sometimes these. Things you’ll need for temporary basis where I’m not ready to migrate into new Co’s environment yet as Moovco, but I still need to be able to operate in the interim. So maybe I’ll use a cloud on a temporary basis before I can be. Adapted and integrated into or migrated into what Newco has in terms of that allows you to buy some time frankly in in some cases there, but also it’s it’s sometimes just faster to spin up that way rather than investing in on premise things. This is where if I’ve got existing on premise. Infrastructure. I might be looking at moving this to the cloud during the M and A situation so that I’m able to more rapidly and actually move into, you know, what’s coming next finally. There is the decision and this really is kind of feeding off, OK, what service I’m going to have. Newco and Moveco are need to come to an agreement. OK, am I going to migrate Moveco into Newco or is it going to remain as is and then I’m just going to integrate it maybe using things like cross tenant sync by. You know, tying certain systems in, but not all. You know, if it’s come over with a lot of its own infrastructure, am I just going to let that operate for a little bit, deal with some of the other business challenges again that are occurring when you’re dealing with M and A and let this sit for a bit. We’ll deal with that later. You know, those are decisions that need to be made ahead of time so that you can make plans for again the continue operation of Moveco. So it’s continuing to generate value during the transition period. You know, for migrating then you know I need to prepare. Newco for the influx of new users and prepare moveco for the migration. If we’re just integrating, then I’d have to decide, OK, what’s the functionality that’s going to be shared across those two companies? If I’m doing an M and a migration, and here’s kind of a the base template by Microsoft for M365 and Entre at some levels between the two where I, you know, kind of prepare the the target environment to be able to to move things over. Note you know one of the big things when you’re doing Microsoft 365 moves is domains. So like your e-mail domains would be frequently where you’d see this can only exist in one tenant at a time, so I can’t have. In this case Contoso exist in both the Contoso tenant and the Fabrikam tenant. It will only exist that that top level domain or the the next level domain can only exist in one or the other. I can have third level domains exist in both so. I might have you know the contoso.com’s there, but maybe Fabrikam.contoso.com could be it exist in in the other one, but that’s the that’s something you’ve got to deal with there and so that that becomes a key consideration when I’m working at. At migrating things around there, the so the domains needs to be considered and so I’m going to move that at a certain point in time as I’ve synced things up, gotten everything ready, gotten the user set up, getting cross-tenant synchronization can help populate the user. User objects over there so that I can be integrated while until I’m ready to migrate. So it maybe buys me a little time before I have to do this, but I’d sync up the entre environments, make sure that all those user objects are where I want them to be. And then be able to move the data over and there is tools now that allow you to do cross-tenant cloud migrations. So if I’m in Exchange Online right now and SharePoint Online and Teams, I can move a lot of the data over using some of the the cross-tenant tools. Some of them are in previous. Some of them are widely available and then there are other third party tools in the marketplace too to help assist with that. If you’re moving from on premise to the cloud, that’s just what’s been in the market for over 10 years now in terms of doing that. But kind of the newer thing is being able to move from one cloud. Cloud to the other as they’ve had so many organizations in the cloud, they’ve had to adapt to the constant change that occurs within the organizational landscape. And so that is there are tools available that can help make that happen and that’ll just happen then within the cloud itself. You you set the jobs to run and then that’ll take some time and some orchestration there but but that can that can happen in the cloud. If I’m doing a divestiture similar but I I don’t I now I’m I’m you know creating my my new environment off of a portion of the existing and so slightly different. Here where I set up my new Azure AD, this would be Entre now. Generally we would recommend you try and go to unless you’re moving your own infrastructure with you again default to go into cloud first cloud only as much as you can. So it’s more in the cloud and then again moving things over as the data migration would be very similar once you’ve got those objects moved over. Biggest thing here again is just you wanna set the domains ahead of time. And if you can map the users to a domain and then move the domain as you go, that’s that sometimes can again help buy some time that things are going to change, but they need to be operating with the new domains, e-mail addresses, so on. You can build that into the the current existing tenants for Excal and then move that that whole thing later. So again it just allows you time here that as you go through M and A activity time is is as valuable as anything when these things have to happen by certain dates. So that brings us to segmented organizations. If I haven’t migrated them in and I’ve had an organization that has this entity that’s been part of an M and a a merger or acquisition, but I haven’t fully migrated. We’ve had a number of customers that are, you know it were designed that way maybe as holding companies, but some that weren’t, some that just have have grown through acquisition over time and now they might have 8/10/2030 different smaller business units that were separate companies. At some time, each of which have its own tenants, its own infrastructure, but are all part of a larger organization at this time. So there are kind of three different ways that that these might might be designated and kind of what you want to have going forward. You might have a business unit where like, hey, we’re just going to keep that separate. We’re going to let it out. Operate on its own. Sometimes you may not be looking to integrate or migrate too much because some cases we’ve had large organizations say, yeah, we’re keeping that one separate because we’re actually looking at divesting that in the near future and so. We’re going to allow that to stand alone. It’ll be easier to divest when that happens. Other ones, they’ll say, yeah, I know this is part of it and we want to get there, but we’re not ready to migrate all them in yet. That’s where that integration approach can can take place, whether that’s with the Microsoft 365. Within Azure, within the data state, there’s a few different things that I certainly look at there. Or do I want to consolidate, which is yes, I want to finally migrate these entities in segmented organizations frequently grow out of, you know, M and A activity in the past, but it can come about for a wide variety of different reasons. This may be what you’re dealing with at the tail end of M and A. If we did just move things as is and now I’ve got to deal with this next, it could have been from that from 10 years ago or 20 even in some cases. So there is a lot of these out there and so. So similar activities that I’m I’m dealing with in these cases, but you know they they may be all under one roof now and so I don’t have as much change and so now I can undertake the extra change to migrate and further integrate those those organizations in. There are ways to work across organization boundaries. So without migrating everybody into one tenant, there may be reasons I don’t want to do that. I can allow for integration across there. Again, this is through that cross tenant capabilities. A lot of use cases for this. You can even do this with, you know, certain very tight partners you’re working with, things like that. If you want to, I’d be hesitant if they’re not really part of the organization to do some of these, and we’ll talk about that in a second. But you know, if I’ve got any M and A activity, divestitures, holding companies, certainly I’d be looking at at. How do I integrate across or at least have some collaboration across the organization where it makes sense? And then you know what are some of the things I can do with in some of the other instances, some core concepts here. So when I’m dealing with this, particularly in the Microsoft Entre and M365 space. That designates between internal users or those are users that authenticate with Entre ID in that tenant. So if I’ve got new Co tenant and then move Co tenant, this is the internal for new Co would be. Any new Co users, right? And we’ll default them as a member, which we’ll talk about the differences there in a second. Any external users would would be people that authenticate outside of the tenants in some fashion, whether that’s a B to B authentication, whether that’s authenticating through their own. And then linking in. There’s a couple different ways to do that. Frequently in the past, they’ve been defaulted as a guest user. Guest users have more limited permissions in the environment in Microsoft 365. As well as within Entra and things you can do with them as opposed to members who have stand permissions that that you normally would have. I differentiate between those because now with cross-tenant synchronization I can have a trusted user that’s part of another tenant be. What’s known as an external member, so that they have most of the permissions that anybody internal would typically have, but they are external and are authenticating against their own tenant somewhere else and this is what allows us to have. That next layer of collaboration and integration in these in these cases again you know your standard license user would be an internal member, external historically would be external guests. So they say well you know we’ve we’ve done some integration in the past perhaps. And they can’t get to certain things and you know teams, you might have to switch tenants, things like that. If you go in with an external member, a lot of that changes where it really becomes more seamless and they’re able to to access things and as if they’re part of the tenant. Other methods for for going across here at the base level, there’s external sharing where you know I within Concurrency could share a document with you outside and then outside of our organization you’d be able to access that and. And and go from there. Next layer would be, you know, federating teams or starting to share presence and being able to chat across the organization. Again, I’ll have to do a lot to do that. There’s some just kind of core things I can set up. You’re not permitting them into everything within there, and anybody coming through there would be treated as a guest. Business to business collaboration is kind of that next layer where but I’ve got partners there that I I want to be operating with a little more seamlessly that I trust. I can I can bring those in and start sharing information across there without licensing them separately. I can bring them in and be able to provide them either external guest or member rights. And this is where we start getting into situations where I’d have in these M and a type of activities or divestitures where I might be able to still be able to access certain things even though we’re in separate. Tenants and separate organizations. I’m still able to to access certain files and sites and and things like that across the relatively simply cross-tenant synchronization and systemizes. This provides for automated management. I can scope groups of users that are now synchronized with. And outside another tenant and it’ll automatically make them as external members in there and then they can access anything. And you control permissions just like you do with your own internal people, but they would have the ability to access things I I designate access to them for. Again, doesn’t require any additional licensing. You need to have the Entre ADP one which comes with E3 licensing for this really kind of a core feature now of Microsoft 365. Again, I can leverage this in Azure as well as providing anything. I’m using Azure to broker access to. Also I can provide license for non employees. It used to be that we’d have to do a lot of things, but now again with cross and synchronization, some of those things I may not. Have to do as much of that, but there are still situations, contractors, things like that, that I’ll have to license within the environment even though they’re outside. And here I just need to be careful about how I’m controlling access, running multi-factor prompts against them, ensuring they are who they they say they are when I I provide that kind of access out there. You know, as I again, you know the single tenant experience is the best. Generally there are situations where it doesn’t. It could be for certain geographic reasons you know their latency does affect. Cloud systems, it could be there was other organizational considerations, why I want to have something in a separate tenant. So if you have separate tenants, if they are part of the same organization, ultimately again as we see in these M and A cases, cross tenant synchronization is a pretty powerful capability. There and it’s certainly something we can help you at get set up and then you while you’re deciding whether to consolidate tenants into into one for other situations you know again I can I need to collaborate but I’m not part of the shared so that might be between Xco and Moovco where they still need to. Be able to access information back and forth for a little bit, but they’re never going to be part of the same organization again, at least as far as anybody can tell. That’s where I might use more external sharing or business. Business collaboration allows me to provide some amount of access there, but I’m not fully entrusting them into my environment like I’m. Used to if they removed go coming off of me and again virtual desktop can be very useful in these situations where I can allow for temporary compute access in the environment through only the virtual desktop environment and I can control that and then. I can allow access to those things I scope within there on a limited basis and maybe just for a temporary amount of time. So all that takes us to OK, that kind of handles Microsoft 365 Entre. How are we dealing with data sharing and why is this maybe important? Well, frequently we’re coming across situations with customers where again, they might have eight different divisions. Each one has its own ERP system as an example, might have its own accounting system. Could have its own, you know, operational platforms and they all that data gets isolated within the walls of that organization. Well, the holding company or owning company. May need to access that, might need for financial reporting, it might need be for operational analysis that they’re trying to do across the organization. But you know with those ERP systems and having the data locked into to some of their and maybe only available locally. How do I how do I broken that out? This is where data lake environments where anything that I can extract from there and bring into more of a centralized consolidated location and maybe it’s just taking certain elements of data into that so that the central organization can. View it without disrupting the operational data in the ERP system itself. So I can replicate that data, ingest it into a data lake, then be able to provide run analysis on that. The central organization gets what it needs. And the the other organization continue to operate as it does without being heavily impacted by this allows for, you know, everyone to kind of get what they want, get the view they need out of this. And you can set up for automatic ingestion there into Fabric using Data Factory and a variety of other tools to allows those different business units, even if they are disparate systems, into a consolidated fashion. Makes it easier for those that might need a more centralized view of a consolidated view across the enterprise. To be able to view that and analyze that data. So we’re seeing a number of projects in in this area to help organizations. These could be segmented organizations, this could be part of M and A activity, but how are we surfacing that data so that I can see that? Even if I’m in disparate organizations in a centralized place, so Fabric can be very, very helpful in that world. So with that, we hope this has been a beneficial kind of a quick high level tour where we can dive much deeper into any one of these, but. It’s kind of high level expectations or areas that you should be considering considerations for when you’re looking at either M and A activity divestitures or if you’re part of a segmented organization, maybe how can we start to integrate further? The same a lot of the same tools and and techniques apply to all of these. So as next steps, if you’re interested, we’d be gladly, you know, work with you to perform a M and A assessment if you have M and A or divest your activity coming up. We can help you assess the current state and be able to compare that to what you are doing currently with what you’re going to need in the future and develop a plan for how to transition there. We’ve we’ve done a number of these for different organizations, regardless of which organization you are, if you’re the existing Co, you’re the moving Co or you’re. The new Co, the other thing we can help with is particularly in those organizations where maybe I’m segmented enterprise today. How do we provide a map for how do we start integrating these things together? How do I bring the Microsoft through separate Microsoft 365 tenants together? How do I? Create that data lake that allows me to have greater visibility across the enterprise. All these things are are things that we can help you with. So thank you for the time and if anybody has any questions, we’ll gladly address those now. Amy Cousland 55:36 Hi, Joe. I’m not seeing any questions, so um we’ll go ahead and end this webinar. Thank you so much. Joe Steiner 55:43 Great. Thank you, everyone. Have a good rest of your day.