Migrated to Citrix Cloud Under Contract
Reason to Migrate
Current On-Prem was EOL
Upgrade for Merger
Allowed for more Redundancy
Swap from Cap Ex to Op Ex
3rd Quarter of 2023 - 2nd Quarter of 2024
Finished Result
Secure Citrix Portal integrated MFA
Allowed more users to be logged in concurrently
Gave additional redundancy
Allowed Easier Management
Configured MCS Imaging allowing seamless VDI creation
Migrated to Citrix Cloud
Reason to Migrate
Current On-Prem was EOL
Increase Productivity
Save Money
More Secure
4th Quarter of 2022 - 1st Quarter of 2023
Finished Result
Secure Citrix Portal integrated SSO
Allowed more users to be logged in concurrently
Gave additional redundancy
Allowed Easier Management
Reconfigured Backup
Previous Backup Configuration
Veeam backup was out of date
Veeam backed up to 3 different NAS
Backups were not scheduled correctly
2nd Quarter of 2022
New Backup Configuration
Built Veeam 11 server, Veeam One server and two proxy servers this helped prevent bottlenecks and monitored all servers
Setup notifications
Worked with department heads and/or server owners to find ideal backup time and number of restore points
Configured replication to azure
Setup automated reports to make sure servers were backing up consistently
Began Improving NTFS Permissions
Reason to Start Improving Permissions
Permissions were not consistent
Permissions were provided per user instead of group
When adding users, caused users to miss files or have access they didn't need
Users were in groups providing rights including admin rights
1st Quarter of 2022
Beginning Process
Audited folder and group permissions via scripts
Reached out to Department Heads to determine folder necessity
Started project and added multiple users to the project
Provided documentation and scripts to project members
Upgraded Backup
Problems with Original network
VPN: Less than 20 users could connect, the VPN was slow
Security: Lacked security & couldn't upgrade certificates
MPLS Tunnel: Slow connection for satellite offices and expensive
Firewalls: out of date, couldn't be updated
Physical: Upgraded HQ from Copper to Fiber
3rd & 4th Quarter of 2019
Process to Rebuild Network
Lead a team rebuilding the network.
Replaced VPN, Firewall, Security, and ran Fiber cable in HQ.
Connected VPN to SSO requiring MFA to connect to network, the security was upgraded to TLS 1.2
Sent recurring emails to company employees, created articles showing how to connect to VPN
Became PCI Compliant
Why we weren't PCI Compliant
The Hardware was EOL
Lack of security
Specialized software running on Legacy servers
2018 - 2020
Processes to PCI Compliancy
Worked with Finance to increase IT budget, purchased newer servers that could be up-to-date
Setup GPO security policies, configured SSO with MFA, upgraded Antivirus, ran pentests and internal scans to fill security gaps
Lead a development team to build new software that would run on Azure servers
Migrated servers to AWS & Azure respective of the configuration
Rebuilt network
Secured every endpoint
Continually ran internal scans and pentests after becoming PCI compliancy to monitor any security risks
Upgraded office phones
2nd & 3rd Quarter of 2019
Why we upgraded phones
The phones and service were expensive
The service lacked portability
The service was unreliable
Processes to upgrade phones
Found all current phone numbers being used, transferred them to new service
Sent articles to explain how to use the phone and softphones
Lead a team to add new phones to every desk and pushed software to pcs for soft phones.
Upgraded phone service
Added security to phone service integrating SSO which uses MFA
Migrated Email to O365
Why we Migrated to O365
The company was on Lotus Notes
Lotus Notes is an inferior product to either GSuite or O365
Part of becoming PCI compliancy
3rd & 4th Quarter of 2017
Process Migrating to O365
Worked with Finance and vendor to get licenses
Worked with team to send articles and teach employees how to use their email
Setup AD Directory Sync to O365
Configured Outlook on all employees pcs and phones
Integrated MDM
Why We Used a MDM
To become PCI compliant we needed to replace the legacy servers running a specialized software
2019
Process of setting up a MDM
In order to replace the legacy servers, we worked with an app developer to create a replacement app
Tested multiple MDMs including JAMF, Intune, Addigy, etc.
We decided on Hexnode
Connected Iphones to Hexnode via DEP and pushed apps via VPP
Tested the app with multiple users, once confirmed it was working deployed all iphones
Created separate policies depending on the employee's department
Decommissioned legacy servers become PCI compliant
Increased Cyber Security
1st Quarter 2018
Why We Increased Security
Before I started with the company:
They had lost over $300,000 to phishing attacks
There were multiple virus scares including WANNACRY
Company lacked a password policy
The company was trying to become PCI compliant
Process to Increase Security
Created a strict password policy
Purchased and configured OKTA
Purchased and configured KnowBe4
Purchased a better Anti-virus
Setup monitoring on all servers and services
Integrated all possible services to SSO
Started process to rebuild networks
Educated employees how to be more physically secure (avoid tailgating, etc.), use OKTA, and make stronger passwords
Ran monthly scans, quarterly phishing tests, quarterly password complexity tests
Upgraded & Migrated Servers
Why we Upgraded Servers
All servers were on premise
The VMWare software was EOL and couldn't be updated on the hardware
3rd Quarter of 2017 - 2nd Quarter 2020
Process to Upgrade Servers
The servers that had to be on premise were upgraded to newer, faster, servers that had more storage capacity
Migrated some servers to Azure and some to AWS
Upgraded Endpoints
Why We Upgraded Endpoints
The replacement policy was non-existent
The endpoints could not run the necessary software successfully
The computers were desktops which meant there was no option to work from home
3rd Quarter of 2019
Process to Upgrade Endpoints
Created a revolving door policy to replace endpoints every 4 years
Worked with Finance to create a lease with vendor
Replaced all desktops with higher performing laptops with docking stations
This was perfect timing for Covid-19