Providing staff with a "modern and secure workplace digital transformation" is the ethos of Nick Harris, CIO at Salvation Army Trading Company Ltd (SATCoL) – and one that has led to exciting changes throughout the organisation.
The challenge
SATCoL is the trading arm of the Salvation Army. Employing over 1,000 staff and supported by 4,000 volunteers, SATCoL exists to raise funds to support the work of the Salvation Army, having donated £76 million to the charity in the last 10 years. SATCoL specialises in the repurposing of textiles through a variety of schemes, including its high street shops.
Upon Nick’s arrival at SATCoL, he had taken steps to understand the current IT landscape, and to build a vision for the future of the organisation. “My job is to make our IT a business enabler, a core part of the new Digital pillar which supports SATCoL’s new five-year business strategy,” he says.
With that in mind, Nick had two priorities: strengthening the organisation’s information security posture, and modernising the systems the organisation used to work. Nick wanted SATCoL to embrace Microsoft 365 to create a secure and collaborative environment that supported hybrid working and provided both users and the IT support team with a better experience. At the same time, the organisation would benefit from the latest security measures, including multi-factor authentication (MFA) and better endpoint protection.
“SATCoL needed to have the benefits of modern working as cost-efficiently as possible,” Nick explains.
Being owned by a charity, it’s imperative that we deliver the organisation value for money. This meant we had to build a solution from the ground up that enabled our teams to work as effectively as possible, and kept us as secure as possible, without breaking the bank.”
CIO at SATCoL
The solution
A chance conversation at an event led Nick to invite Claranet to respond to SATCoL’s RFP. “They managed to respond to our RFP with very little notice,” he adds, “which indicated their dedication to getting things done.”
Nick and Claranet in partnership were able to secure Board funding from the organisation to bring the project to life.
It was a highly collaborative process, and Claranet were open with us about what we could achieve with our budget.”
Claranet’s work with SATCoL fell into three streams:
Stream 1: Microsoft 365 adoption
Claranet helped SATCoL migrate all its existing Microsoft licenses to new Microsoft 365 licenses, including provisioning a new Azure Tenant, configuring Azure Active Directory in Hybrid Mode, and choosing appropriate licenses for every user. This last step was particularly valuable for SATCoL, who had previously been planning to provide all employees with the same license. By carefully analysing the various user profiles, Claranet was able to suggest the use of F3 and E3 licenses for specific users, saving SATCoL 56% compared to its original project plan.
“They took time to analyse the different options,” Nick reflects, “which helped form a trusting relationship between partners.”
Nick and his team also used Claranet’s expertise to establish new data governance policies and procedures. Stuart Rothwell, Modern Workplace Solution Architect at Claranet, says: “It was incredibly satisfying to help SATCoL build their data governance process. Data governance is a continual process, requiring frequent reviews to ensure that data is classified and processed correctly. The SATCoL team embraced this and they now have a robust system in place to minimise data loss and maintain data security across multiple technologies.”
In addition to this, Claranet implemented a variety of solutions to provide a structured and robust environment that will evolve with SATCoL. Those solutions include Barracuda Cloud Backup for SATCoL’s Microsoft 365 environment and Mimecast web filtering for endpoint devices (to go with the organisation’s existing Mimecast email service). “It was vital that any new technologies would be able to grow with us,” says Nick, “and Claranet totally understood and delivered on that brief.”
To ensure that the rollout of Microsoft 365 was a success, Claranet provided training to both the IT admins and all end users on Microsoft Teams, helping SATCoL understand how to make the most of new applications. They created a comprehensive training video and documentation package. “It was a nice touch that Claranet didn’t leave us to sort that out ourselves,” Nick says, “as that training ensured user adoption and an effective rollout across hundreds of Colleagues.”
Stream 2: MFA and endpoint control
To maintain compliance with key security and insurance requirements, Claranet set up MFA on all SATCoL devices and endpoints. Users were required to use the Authenticator app (rather than phone or SMS) to verify their identity when logging on to systems, following best practices for security.
“Because MFA is included with Microsoft 365, this critical functionality was provided at no additional cost to SATCoL,” says Stuart, “but it can reduce the chances of the organisation being compromised by 99.9%. We also introduced MFA and SSL on SATCoL’s VPN access using new firewalls with high availability.”
Claranet also implemented Microsoft Intune to give SATCoL comprehensive endpoint management capabilities. Using Intune, SATCoL’s IT team can control what applications and software are permitted on user devices, using pre-configured user profiles. They can even remotely lock or wipe devices if they are lost or stolen, and can control applications from the Apple iOS app store and Google Play if required.
Stream 3: Security
To deliver comprehensive monitoring and investigation capabilities, Claranet also provided SOC services to SATCoL. The organisation benefits from Claranet’s Managed Detection and Response (MDR) capabilities, providing both automated and analyst-driven threat intelligence and management for all its network devices, cloud environments, and third-party applications like Mimecast.
SATCoL has full access to the SIEM reports, and receives monthly reports of automated alerts. If something more serious happens, SATCoL is contacted directly so the business is in the best position possible to respond.
Claranet also implemented SentinelOne endpoint protection for all SATCoL endpoints, and a specific mobile threat detection platform for SATCoL’s mobile devices, powered by SentinelOne. Notifications from both platforms are passed to the SOC for analysis and escalation if necessary.
The results
With Claranet’s help, Nick has managed to create a modern, secure IT environment for SATCoL, and is excited to start reaping the benefits of the transformation.
“We’re already doing things so differently now,” Nick enthuses. “Our people are using Teams and the enhanced features of M365 to collaborate with each other and on files, making work more fluid and fast-paced. We have also started using Power BI to generate business analytics information. The IT team is able to manage everyone’s devices centrally, making sure everyone has access to the applications they need for their job, and ensuring that unauthorised applications that might pose a security risk are kept off our devices.”
Speaking of security, the work Claranet has helped with has enabled SATCoL to achieve the Cyber Essentials certification – an internal and external source of confidence in the organisation’s cybersecurity posture.
The IT team was also awarded the Team of the Year award at the annual company conference, a symbol of their efforts to modernise the organisation’s capabilities and the impact they have had on the rest of the business.
The future
With the initial launch complete, Nick and Claranet are already looking ahead to the next phase of the project. The organisation also hopes to achieve Cyber Essential Plus, and is planning more security activities such as social engineering awareness training, enhancing its dark web monitoring, and creating a custom vulnerability management programme.
Projects are also underway to ensure that SATCoL maintains PCI-DSS compliance and to address Disaster Recovery and Business Continuity. Even further into the future, Nick plans to begin an Azure modernisation journey to make the best use of the organisation’s cloud assets, and to proactively refresh connectivity and telephony ahead of the PSTN switch-off in 2025.
“I’m proud that together we’ve got SATCoL’s IT estate into a place where it’s supporting the organisation today, but is also able to grow and evolve to meet the organisation’s needs in the future,” Nick concludes.
Claranet helped smooth the process with their proactive attitude, thoughtful approach to problem solving, excellent project management and their trusted partnership approach”