The Florida Department of Corrections (FDC) is the third largest state prison system in the country with a budget of $2.4 billion, approximately 98,000 inmates incarcerated and nearly 140,000 offenders on active community supervision.
FDC has 149 facilities statewide, including 49 major institutions, 17 annexes, seven private facilities (contracts for the private facilities are overseen by the Florida Department of Management Services), 33 work camps, four road prisons, two forestry camps, one boot camp, 13 FDC operated work release centers along with 20 more work release centers operated by various private vendors (FDC oversees these contracts).
The FDC O365 migration project presented unique challenges related to aged systems and software, mission-critical availability requirements, a large number of users, and a very large email archive. FDC has a large distributed service offering for its Exchange Email system operating critical job functions 24 x 365. FDC’s law enforcement divisions for state troopers are critical to the function of the agency. Interruptions to these mission critical jobs and processes were to be avoided at all costs, which made the already important communications and scheduling logistics critical to the success of the migration.
FDC’s environment prior to migration was on outdated legacy hardware and unsupported versions of Microsoft’s Exchange Messaging system. Cloud Navigator migrated and transitioned the FDC Microsoft 2008 active directory forest(s)/domain(s) containing Exchange 2003 active mailboxes to a single O365 tenant. FDC’s management and administration of their active directory domains remain on-premise. Our strategy followed Microsoft best practice for an Exchange 2003 migration with Exchange 2010 Hybrid to Exchange Online (O365). Because there is not a method for migrating directly from Exchange 2003 to Exchange Online, we implemented an Exchange 2010 mail server with hybrid configuration into the FDC existing Exchange 2003 organization. The term hybrid configuration or hybrid environment describes a scenario in which two separate Exchange organizations that belong to different Active Directory forests are working as a “one unit”. Hybrid describes the relationship between the Exchange on-premise infrastructure and the cloud (Exchange Online) infrastructure. The first migration step was a migration of the mailbox from Exchange 2003 to the Exchange 2010 hybrid. The second migration step was migration from the Exchange 2010 Hybrid to the O365 cloud Exchange online. The steps occurred invisibly to users, and email remained available at all times.
Cloud Navigator’s recommended and implemented strategy was used to successfully move FDC’s 5000+ mailboxes. All mailboxes were placed on “Litigation Hold” to prevent deletion of any email from the mailboxes. We implemented Microsoft DirSync technology for identity and group synchronization from FDC’s on-premise Microsoft Active Directory (AD) to the cloud based O365 directory (Windows Azure Active Directory), with Microsoft ADFS federation service used for secure credential authentication redirection to FDC’s branded on-premise AD environment. This configuration allows for similar on-premise administration of user access as FDC’s previous management processes.
We also provided documentation, testing, pilot, and production deployment support for iOS and Active Sync mobile devices, including assistance with transitioning FDC Mobile Device Management (MDM) AirWatch systems and processes. This provided FDC a smooth transition of mobile device mailbox access from the on-premise to O365 via autodiscover configuration of the mailbox, based on user credentials. We also migrated a small amount of public folder data to O365.
In conjunction with the email migration, we transitioned FDC from utilizing IronPort Security Appliance for message hygiene and filtering to the Exchange Online Protection (EOP) and Data Loss Prevention (DLP) technology within O365 (Exchange Online). Knowledge transfer to FDC occurred consistently throughout the project as we worked closely with the senior IT support staff during all project phases of Discovery, Remediation, Planning, Testing, and Migration. We provided formal classroom instruction on O365 Administration for FDC IT staff that included Office 365 and Exchange Online portal, DirSync Management, ADFS Federation, and Basic PowerShell administration.
Cloud Navigator’s approach to the desktop was to perform Exchange Messaging system migration first. We worked closely with the FDC IT patch and deployment management staff to identify, test, and deploy the necessary software and patch level for the desktops. These patches allow the clients to operate properly upon the day of mailbox migration without interruption to access for functionality. The client switch or discovery process was performed through the best practice universal principle name resolution via autodiscover functionality within Office/Exchange and Outlook clients.
Lastly we assisted FDC with migrating their 10+ TB Mimosa NearPoint archive, implementing a methodology for PST and Mimosa NearPoint archive migration utilizing integration with third party migration tools. We created and documented the process and migrated 20% of the archive (approximately 2.37TB) from PSTs and Mimosa NearPoint to Office 365. Cloud Navigator trained FDC staff on the process, who assumed responsibility for migrating the remainder of the archive.
The Cloud Navigator and FDC approach and processes for the migration, integrated with carefully managed schedules, ensured there was no end-user business interruption. FDC staff were fully trained for ongoing administration of their new O365 environment.