[et_pb_section bb_built="1" _builder_version="3.17.6" custom_padding="0px||0px"][et_pb_row _builder_version="3.17.6"][et_pb_column type="4_4"][et_pb_text _builder_version="3.17.6"]

We have provided cloud solutions to asset managers for the past three years and in this time completed various types of email migrations to Office 365. These migrations include a mix of moving clients from an on-premise Exchange or a third-party legacy private cloud provider entirely to Office 365 to working with hybrid solutions that span both own on-premise and Office 365. 

During these migrations we noticed a range of issues with clients who opted to set up their Office 365 accounts via a more economical re-seller or through bundled packages with other services. 

Here are a few things to be wary of when setting up your Office 365 accounts with the wrong partner:

  1. Some of these providers offer what is called a “Syndication Tenant”. Microsoft retired this type of subscription but it is still offered by many existing re-sellers. With a Syndication Tenant agreement, the Office 365 account, Azure AD tenant and data is held by the re-seller and can’t be easily migrated away. In this setup, a multiple step process is required to hand over the account to another partner. The data needs to be backed up, the account deleted, and the data re-imported into a new account. All of this means extra complexity, user upheaval and extended downtime. 
  2. Some re-sellers, especially the syndicated tenant providers, do not offer the account holder true admin rights which means only a subset of the Office 365 functionality and management is available. 
  3. You could end up locked into a strict contract when negotiating your agreement. Sometimes your contract could last up to two or three years with no variations possible on the user services and license counts. 
  4. Security options are limited when compared to native Office 365 solutions or conditional access policies.
  5. Interface solutions from these re-sellers often lack basic functionality such as single sign on tools. 

With issues like these it is important to do your due diligence when exploring your options before committing. More likely than not you will find that your safest and most efficient option is to partner with a trusted and experienced service provider or go to Microsoft directly.

How Hentsū does it differently

We are a Tier 1 Microsoft Cloud Service Provider (CSP) and work directly with Microsoft. We are also a Silver partner and specialists in the asset management industry. All of this allows us to provide a range of flexible solutions tailored to the world of fund management. 

A good time to reach out to us is when your fund is about to be registered (SEC, FCA, etc). We know the industry requirements and can provide guidance on best practices and compliance. We also have the ability to work earlier with startups to ensure that they have all the tools in place from day one and can scale as they grow. 

Generally, we advise to take the following steps when setting up cloud services: 

  • Create a native Office 365 account through Microsoft directly, or use one of the Hentsū starter packages. We create client accounts directly with Microsoft so you hold the keys to the Azure AD tenant.  Your data is always your data so you can migrate to another provider at any time.  
  • Validate that you hold ownership over your Office 365 account and email domain. 
  • Purchase license subscriptions and set up users and groups.
  • Don’t go for 12 month commitments until you are sure of which services you actually need. We offer all of our clients the same 12 month discounts but on a monthly rolling basis. 
  • Set up data loss prevention and data retention policies and be aware of two factor authentication and mobile device security. We enable all these features by default as you on-board to our setup.

So be sure to carefully consider all the possibilities before signing on with Office 365 re-sellers or bundled solutions, as there are a range of options for your Office 365 needsIf you are unsure of where to go next for your Office 365 solutions, reach out today to learn how we can best support you. 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version="3.17.6"][et_pb_column type="4_4"][et_pb_cta title="Talk to us about your Office 365 needs" button_url="https://hentsuprod.wpengine.com/contact" button_text="Contact Us Today" _builder_version="3.17.6"]

[/et_pb_cta][/et_pb_column][/et_pb_row][/et_pb_section]

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY
  • Quick and reliable public cloud deployments using Terraform
  • Enables users to describe public cloud environments in code
OK, the secret is out (our CTO Alex gave a talk about it, you can watch it below). One of the reasons Hentsū can deploy environments so quickly and reliably is because of the tools we’ve selected.  We’ve been using HashiCorp Terraform to describe, deploy and maintain public cloud environments since the company was founded. So we were glad to see Microsoft recently announced a multi-year partnership with HashiCorp to enhance the Terraform Provider for Azure. This is great news for Terraform users, like Hentsū, who have already benefited from using the Infrastructure as Code method of provisioning.

What Exactly is Terraform?

Terraform enables us to describe public cloud environments in code (HashiCorp Language). Terraform can then compare a public cloud account to the code and create a plan of changes to bring the environment up to date. If the plan is acceptable it can then be applied by Terraform to create, update or delete infrastructure resources such as networks, routing tables, firewall rules and virtual machines. It does this rapidly with as much parallelisation as possible leading to a slick, reliable and iterative way of deploying and maintaining public cloud environments. Deploying additional environments (test, staging, production) becomes a copy & paste exercise, or we create reusable modules. Using a code versioning system, like Git, we can version control a public cloud environment and even rollback to a previous version if, for example, a firewall rule change didn’t have the desired result. Changes can be codified on a separate code branch, and a pull request and approval required to promote changes to the master branch. This makes for a robust change management workflow for business-critical production environments. The code commit history provides an audit trail of who changed what, and the commit notes describe why. Terraform requires administrative credentials to make changes to public cloud environments. Storing these securely is a challenge so we prefer to generate short lived credentials that are usable for maximum 1 hour. Also, as part of a release pipeline, a scheduler like Teamcity or Jenkins can apply approved changes on behalf of IT and development teams.

Hentsū and Terraform

Microsoft backing HashiCorp only confirms that using Terraform to provision resources on cloud platforms is becoming the standard way of deploying infrastructure. Hentsū has first-hand experience using the software to deploy infrastructure successfully for its clients.

How Hentsū can Help

Want to discuss using Terraform software to deploy onto the cloud? Contact us at: hello@hentsu.com

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY
  • Cloud connectivity: connecting transatlantic offices through the public cloud
  • Forgoes expensive purchasing of capacity on monthly basis
  • Offers flexibility in scale and highly cost-efficient
  • Hentsu used Azure backbone network to connect offices across the Atlantic, saving thousands a month for our client
It’s no secret that running a business across continents has its challenges. Now imagine having to connect two office networks, only with an ocean in between. Traditionally, purchasing capacity on submarine cables would have been the only way to connect the two, but thanks to the cloud connectivity with Azure, Hentsū has come up with a more cost-effective and flexible way of conquering the ocean in between.

Cloud Connectivity across an Ocean

As part of some of the public cloud infrastructure work Hentsū provided for one of our clients recently, we connected their London and New York offices without the use of leased transatlantic links. These services, which are usually used to connect networks in different locations, are expensive and often leased on a one or three-year basis. Depending on factors such as bandwidth, a transatlantic link can cost roughly £8000 a month. A big financial commitment for most firms. Instead, Hentsū’s experienced consultants were able to come up with a more cost-efficient solution to spending thousands of pounds a month on connecting offices through cloud connectivity.

How it Works

By exploiting the fact that public cloud providers already have high capacity and highly resilient connections between regional datacentres, Hentsū connected the two offices through the public cloud provider’s own international backbone network. Essentially, Hentsū could reuse the link between the customer’s UK and US public cloud data centres, in order to create a wider area network (WAN) between the New York office and London offices. Once an office is connected to a local public cloud network point of presence, or site-to-site VPNs over internet, clients can reuse the public cloud provider’s backbone network to connect offices. While it’s possible to build a route between offices via the public internet, Hentsū connected the client’s offices through Microsoft Azure’s backbone network, as demonstrated in the below diagram. Azure’s VPN gateway service supports transit routing, and Border Gateway Protocol (BGP) enabled gateways will automatically learn routes to other sites via Azure. Although Microsoft ExpressRoute doesn’t natively support transit routing and will drop packets not destined for a vNet on Azure, it’s possible to build “transit VPNs” to a network appliance on Azure and tunnel traffic across ExpressRoute, known as an overlay network. As demonstrated in the diagram below.   The benefits of an ExpressRoute Premium are that it can be metered (pay for what you use) or unmetered (fixed cost of unlimited usage). Not only is this cheaper than buying capacity on a transatlantic link, but it also offers flexibility as to when and where the link is no longer needed. Overall, this is another great example of yet another service the public cloud is able to offer to users.

How Hentsu can help

Want to know more about cloud connectivity and Azure? Come talk to us… You can contact us at: hello@hentsu.com    

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY