To comply with US Department of Defense (DoD) cybersecurity mandates, many businesses in the US Defense Industrial Base (DIB) need to move some number of users from their commercial Microsoft 365 environment to one of Microsoft’s two “government cloud” platforms.
How long is the process likely to take and what are some of the top factors that can slow a migration project down?
People are the gating factor
According to Conrad Agramont, CEO at Agile IT, addressing employees’ needs around adjusting to the change can extend migration timelines significantly, from days to potentially weeks.
“Ideally, most projects could take one day to five days to complete,” Conrad observes. “Why doesn’t that happen? People. You need to communicate with them. You need to check them…”
In Conrad’s experience, another major way that humans can slow down a Microsoft 365 migration is reluctance to make decisions or a slow decision-making process with too many people involved: “The willingness to make decisions—that’s number one that slows things down.”
Data volumes are also critical
Besides “the human factor,” data volume and diversity are another major factor in how long migrations take.
Conrad explains: “When you do migrations, it’s normally around the quantity of data. We’ve seen customers that are 15 employees in size but have 20 terabytes of data. They’re in the data business, right?”
Moving a complex variety of “stuff” from your commercial Microsoft 365 environment to GCC or GCC High takes significant time as well as extra checks and validations. Conversely, some firms have more people but less data. These migrations tend to go faster.
The platform factor
A further factor in GCC High migration timeframes is the platform you’re moving from. For example, GoDaddy can’t run automation and can require “domain juggling,” both of which are stumbling blocks. Google can’t provide a static IP address, which results in whitelisting problems.
Even migrating a Microsoft 365 commercial tenant to Microsoft 365 GCC High can be time-consuming due to platform-specific issues, such as not being able to migrate some data types (e.g., forms) and/or some custom applications.
For more guidance on this topic, listen to Episode 113 of The Virtual CISO Podcast with guest Conrad Agramont from Agile IT.
A Simple Guide to Comply with the DoD's Cybersecurity Maturity Model Certification (CMMC) This NEW CMMC V2 Certification Guide will give you a quick and easily digestible introduction to the CMMC and the process we use to help our clients become CMMC compliant.