Design and deployment of multiple M365 Tenants for the separation and segregation of various parts of a large MSP Group allowing various functions to maintain their own environment but collaborate or access and deliver services in a controlled manner.

Examples include a UAE based Tenancy offering full Microsoft 365 Services and Windows 365 Virtual Desktops functioning as it's own business system with customised Labelling, Retention and Backup; at the same time utilising Cross Tenant Access and Syncronisation to allow collaboration and federation with other Group Companies or business units in various regions.

Standing up an isolated Tenancy with full Microsoft 365 Services for use by 3rd Party Staff and Contractors, including Windows 365 Virtual Desktops - with integration through Okta for access to tooling, systems and data in a primary Tenant. Partner Tenant integration with security tools such as Mimecast, Darktrace, Zscaler and CyberArk to extend protection as expected within the Group.

Utilising native Microsoft security tooling such as Defender for Endpoint to minimise licensing cost and time to deploy. Utilising Conditional Access features to ensure controlled access to sensitive or secure is via an approved, secured route (e.g. M365 Services accessible from within Windows 365 Cloud PCs only); using Entra Governance features such as Access Packages and Catalogs to facilitate Cross Tenant access to appropriate resources with relevant approvals, auditing and time-based access periods.

Designed and implemented a Service Delivery Tenant consisting of various Azure resources responsible for service delivery to customers, such as Tenable Nessus Scanners, AppViewX Certificate Management Agents and custom reporting toolsets - tenant integration with Zscaler to allow management of customer facing systems day to day whilst maintaining segregation from production Tenant.

Later added Intune and Microsoft 365 Services to allow for the delivery of professional and consultancy services whilst maintaining separation of devices and customer environments from production Tenant - including configuration of Purview functionality such as labelling and retention.

Designed and deployed Windows 365 with full Citrix Cloud integration into an existing primary Tenant to facilitate M&A programme of access to secure and sensitive data. Utilising Okta and Entra Conditional Access Policies to control access to virtual desktops and data day to day.

Designed and oversaw migration of SharePoint data and legacy fileshare data into new SharePoint Structures, utilising Okta for automated permissions-based access control and account provisioning in target tenant.