How to Restructure Active Directory with ZeroIMPACT
Post on 13-Apr-2017
510 Views
Preview:
Transcript
Healthcare M&A Best PracticesHow to Restructure and Modernize Active DirectoryMarch 1, 2017
Confidential2
Today’s speakers
Ron RobbinsSr. Product Manager, Microsoft Platform ManagementRon.Robbins@quest.com
Joe TobiasPractice Manager, Professional Services Joe.Tobias@quest.com
• Healthcare market trends and challenges
• Quest M&A integration framework
• Quest solutions overview
• Healthcare customer examples
• Q&A
Agenda
Confidential4
Quest Microsoft Platform Management solutions
have been used to migrate, secure and manage
more than 180M users globally.
But first … a word from our sponsor
Cloud | Hybrid | On-Premises
Healthcare market trends and challenges
Confidential6
Factors driving healthcare M&A activity
What market and regulatory changes are fueling IT modernization and innovation in the healthcare market?
Healthcare M&A activity at record pace
$723.7 billion• Global value of 2015
healthcare M&A deals • 66% increase over 2014
HITECH Act• Stimulate adoption of
EHR systems (i.e. Epic)
Affordable Care Act• Shift to outcome-based care• Rising costs / reduced payouts • Increased competition
Confidential7
Active Directory consolidation challenges
Business disruption
Operations are dependent on existing infrastructure
Tight timelines
Pressure to meet M&A commitments
Some TSAs have costly penalties if deadline is not met
Budget, resources & expertise
Many customers lack internal expertise or resources
Planning, inventory & assessment
Continuous M&A activity leads to infrastructure sprawl.
Native tools provide limited visibility
Security & compliance risk
Identify existing risks and eliminate them during consolidation
$
Confidential8
Unique IT challenges in healthcare M&A
• Regulation• Interoperability and/or
rationalization• Clinical staff usage patterns• Impact of disruption
IT integration enables better alignment with the mission
Our mission has “changed” over time
How we deliver care has changed over time
Technology infrastructure has changed over time
Quest healthcare M&A integration framework
Confidential11
Quest healthcare M&A integration framework
Integration planning
• Discovery• Architecture
Integration execution
• Build• Validation• Coexistence• Transition
Ongoing business
• “New normal”
12
Scope (who and what)
Provisioning & administration
Security, auditing & governance
User experiences
Application portfolio
AD users & groups
File servers & application servers
Workstation & virtual desktop environment
Integration planningDiscovery phase
13
Integration strategy
Target design (logical & physical)
Target management (policies, processes, tools, staffing)
Test plans
Readiness requirements
Program scheduling
Program / project dependencies
Integration planningArchitecture phase
Quest planning solutions
• Enterprise Reporter
• Change Auditor (AD / AD Queries / Ex)
• UC Analytics
• Migration Manager for PSTs
• Many more!
“We are able to track who ‘touches’ AD accounts – so no more mysteriously disappearing computer or user accounts. Auditing and accountability has improved uptime.”- Andy Hendrian, IT Director, Eisenhower Medical Center
TVID: 2FC-219-EOD
58%gained visibility into who has access to
what with Enterprise Reporter
TVID: FCD-A3C-470
Pre-
mig
ratio
n
Post
-mig
ratio
nUtilize reports to identify opportunities for clean-up and to better plan the future environment
Understand what should and should not be migrated with a comprehensive assessment of: Current usage including what users
and files you have and when a user last logged in or resources were accessed
Current environment including active vs inactive users and groups across AD, WS and SQL Server
Continually track and report on access, changes and activities
Assess and validate who has access to what resources across the network
Inventory migrated assets to be sure migration is completed as planned
Multi-platform support Windows Server Active Directory Exchange / Office 365 SQL Server
Enterprise ReporterScalable visibility, auditing and reporting across your environment
Confidential16
Build• Deploy infrastructure• Configure sites &
services• Implement admin tools• Install integration tools• Unit testing
Validation• Take & test backups• Synchronization &
coexistence• Administration process &
tools• Migration process• User acceptance testing
Integration execution
Confidential17
Coexistence• Directory
synchronization• Data synchronization• Update governance &
structure• Update administrative
processes• Application updates
Transition• Migrate AD objects• Migrate desktop
environment(s)• Migrate file servers• Migrate applications• Clean up environment
Integration execution
Quest migration solutions
• Migration Manager for AD & File Servers
• Exchange Migration
• Recovery Manager (AD/Exchange)
• And many more!
“Can you find tools cheaper than Quest to do an AD migration? Sure – you’ll work more to make it run and it won’t expose the skeletons in the closet that need to be addressed. Quest tools are the defacto migration tools because they work, every time.”- Paul Caron, Supervisor – Platform Services, Maine Medical Center
TVID: 74A-164-B27
A large enterprise healthcare company
successfully consolidated 16 AD forests / domains and migrated up to 5000 AD users with Migration Manager for Active Directory.TVID: A24-3f1-2DF
Confidential19
Migration Manager for AD & File ServersMigration Manager for AD: Users,
computers, servers, permissions and moreSecure Copy: Files, folders, printers, shares,
NTFS security
Confidential20
Migration Manager for Exchange
Confidential21
Migration Manager for PSTs
Confidential22
Migration Manager for Email Archives
Confidential23
Recovery Manager for AD Forest Edition
Confidential24
Roles & responsibilities
Provisioning & administration
Security & governance
Auditing & reporting
Ongoing business
• On-prem and Hybrid AD Security Solutions
IT Security Search & Recovery Manager FE• Investigate AD security Incidents
• Continuously test AD business continuity plan
• Recover from a security incident
• Improve your RTO following a disaster
• Secure access to AD DC data
Enterprise Reporter• Report on elevated permission in AD
• Visibility of open shares across servers
• Understand which servers have vulnerable security settings
Active Roles & GPOADmin• Enforce permission blacklisting /
whitelisting in AD
• Implement AD least-privilege access model
• Prevent unauthorized access to sensitive resources
• Auto-Remediate unauthorized activities
Change Auditor for AD• Detect suspicious privileged AD
activities
• Alert on potential AD insider threats
• Notify in real time of unauthorized intrusions against AD
• Detect and alert on brute-force attacks
Wrap-up & Summary
Confidential27
Customer storyLarge Healthcare System
Challenge• Consolidate 3 Active Directory Forests to enable
EHR roll-out and consolidate Exchange• Limited availability of in-house resources• Extremely customized desktop environment
Results
• Migrated as many as 600 users / workstations per day; no disruption due to migration work
• Office 365 pilot and EHR testing done in parallel to the migration effort
“This is easily the best option for our hospitals and the system overall.”
-Senior Director of Information Technology
Confidential28
Customer storyRegional Healthcare System
Challenge• Migrate off Novell to save substantial maintenance
fees• Consolidate 9 Active Directory Forests to facilitate
an EHR roll-out
Results• Migrated 17 Novell volumes (10 TB) and directory
services in 5 months• Migrated 20k Users and 2,300 servers in 12
months• No disruption to patient care and EHR roll-out
began as scheduled
“This is how we’ll be handling our acquisitions and affiliates going forward.”
-Director of Information Technology
• Next steps
Visit us onlineQuest.com/solutions/microsoft-platform-management
• Videos, case studies, product specs, etc.
Try our software• Free 30-day trials (complimentary SC and Support assistance)
• POC – choose Quest Services or your preferred Partner
Join our communityQuest.com/community
• Product betas, how-to videos, discussions, blogs, tips, etc.
top related