March 7, 2026

Case Study: Estate-Wide Device and Identity Migration During Corporate Divestiture

Featured image for “Case Study: Estate-Wide Device and Identity Migration During Corporate Divestiture”

Summary

A global enterprise undergoing a complex divestiture needed to separate a multinational business unit from the seller’s infrastructure and move it into a new standalone environment spanning the UK and Asia. The programme required the controlled transition of more than 1,500 users, devices, identities, mailboxes, and over one million permissions.

The central requirement was continuity. Identity, device, and data transitions all had to be sequenced carefully so the newly separated organisation could keep operating while the technical estate was rebuilt around it.

Challenge

The core challenge was to execute a full technical separation and migration on a complex international scale without disrupting business operations. The acquired entity was deeply integrated into the seller’s systems. This necessitated a seamless transition of all user accounts, devices, data, mailboxes, and over one million individual and group permissions. The project had to be completed within a defined timeframe while managing dependencies with multiple stakeholders and technology partners.

Objectives

  • Migrate over 1,500 user accounts and their associated endpoint devices into a new, secure Active Directory and Entra-connected environment.
  • Ensure the accurate transfer of more than one million file and folder permissions to maintain data access integrity.
  • Perform a full tenant-to-tenant migration of user mailboxes and OneDrive data into a new Microsoft 365 environment.
  • Upgrade the migrated device estate to a compliant and supported Windows baseline.
  • Coordinate adjacent security and support workstreams without disrupting the core migration.
  • Achieve the migration with minimal downtime or disruption to day-to-day business activities across all regions.
  • Establish a robust governance framework, including clear progress reporting for senior management and the board.

Approach and Delivery

A dual role of Lead Engineer and Project Manager was established to oversee the end-to-end technical transition. The strategy centred on developing efficient, repeatable migration workflows to minimise disruption. This involved a combination of remote and on-site processes to accommodate the geographically dispersed user base.

Close collaboration with key technology partners was essential for a smooth delivery. To ensure executive visibility and maintain stakeholder confidence, interactive Power BI dashboards were developed. These dashboards provided real-time, data-driven progress reports to senior management, enabling informed decision-making throughout the project lifecycle.

Technical Implementation

The project used a suite of established migration and identity technologies to keep the transition controlled and auditable:

  • Identity and Access: A new Active Directory forest was built, with Azure AD and AAD Connect implemented to establish a unified hybrid identity for all users. This formed the foundation for the new environment.
  • Data and Mailbox Migration: Tenant-to-tenant OneDrive migrations were executed using ShareGate, while BitTitan was used for the migration of user mailboxes.
  • Endpoint Management and Compliance: Microsoft System Center Configuration Manager (SCCM) managed the Windows compliance recovery programme and helped standardise the migrated estate.
  • Security and Resilience Coordination: The wider programme included adjacent endpoint security and resilience workstreams, but the public case study stays focused on the identity, device, and data migration lane rather than asserting a specific vendor-to-vendor security migration path.
  • Support Transition: A cloud-based service desk capability was established on SharePoint to support the transition period and prepare for onward operational handover.

Outcome

The project achieved the core divestiture objectives while preserving business continuity.

  • All 1,500+ users, devices, and associated accounts were migrated successfully into the new environment.
  • The transfer of more than one million permissions was completed with validated accuracy, ensuring users retained appropriate access to business data.
  • Business operations continued without significant interruption throughout the transition.
  • The migrated estate was left on a more supportable, compliant, and centrally managed footing.
  • A temporary cloud-based service desk capability provided operational stability during the programme and supported a structured handover into the longer-term support model.

Risks, Controls and Governance

To mitigate the inherent risks of such a large-scale transformation, a strong governance framework was essential. The risk of data loss or incorrect permissions was controlled through meticulous planning and a multi-stage quality assurance process, which validated the accurate transfer of all files and access rights.

For the security migration, comprehensive disaster recovery plans were put in place to protect all endpoints during the transition. Progress was governed through transparent Power BI reporting, providing clear metrics to the board. Finally, professional documentation and a formal handover process were completed to ensure the new operational teams could effectively manage the environment post-project.

Key Lessons

The project highlighted several key factors for success in complex divestiture scenarios. Firstly, the development of efficient and repeatable migration workflows is critical to minimising manual error and reducing disruption. Secondly, providing clear, data-driven, and interactive reporting is fundamental to maintaining stakeholder trust and facilitating effective governance. Lastly, the project reinforced the importance of comprehensive knowledge transfer to empower internal teams and ensure the long-term stability and security of the newly established IT environment.

Related Services

Written by

Liam Wytcherley

Share This Article: