In cyber security, change is constant, but some challenges remain stubbornly familiar. Do you remember the Anna Kournikova virus from over two decades ago? It spread rapidly by tricking users into opening a seemingly harmless email attachment. Fast forward to today, and it’s no surprise that email remains the number one attack vector. The only difference is that the stakes are higher, and as technology evolves, the threats grow more sophisticated. 

So, how prepared is your organisation to keep up with the evolving threat landscape? 

In our latest Security Minutes video series, with Mimecast, Data#3’s National Practice Manager for Security, Richard Dornhart, and Mimecast’s Senior Sales Engineer, Matt Youman, discuss the critical challenges organisations face and how they can stay ahead. From polished phishing attacks to overlooked attack vectors such as collaboration tools, here are the key insights you can’t afford to miss. 

Episode 1: The evolution of email attacks 

Cyber criminals are leveraging artificial intelligence (AI) tools to revolutionise their tactics. In the first episode, Youman highlights the rapid rise of AI-driven phishing attacks: 

“In the most sophisticated cases, we’ve seen the use of large language model agents like ChatGPT. They can automate spear phishing campaigns that would traditionally take weeks or months to execute, in just 30 seconds.”

With tools capable of learning, adapting, and automating attacks at scale, organisations can no longer rely on traditional defences alone.  

Episode 2: Defending against business email compromise 

While cyber criminals use AI to evade detection, it’s imperative to remember that AI is also a powerful ally for defenders. Youman explores how Mimecast uses natural language processing and social graphing to identify behavioural patterns to help you catch threats that static tools miss. 

When Youman reviewed 2,000 emails that bypassed standard security tools, the results were staggering: payroll switch scams and other business email compromise threats had slipped through unnoticed. 

Relying on static rules and limited keyword scans is no longer enough. Utilising AI-driven solutions can help you think like attackers, making it easier for your organisation to fight back

Episode 3: Managing human risk in cyber security

It’s not just email. Collaboration tools, essential to everyday business operations, are also becoming an increasingly popular target for attackers. Yet they’re often overlooked in security strategies. Youman shares how Mimecast addresses this blind spot by integrating collaboration platforms into its centralised security solution, enhancing visibility and simplifying management. 

Are your collaboration tools secure? If not, attackers may already be exploiting the gap. 

Episode 4: Strengthening defence across your organisation’s platforms 

Even with advanced technology, people remain the final safeguard. Roles such as those in C-suite, IT, HR, and finance are prime targets due to their access to sensitive data. Youman emphasises that understanding and addressing human risk is vital to any security strategy. 

Did you know that Mimecast’s 30-day Email Threat Scanner not only uncovers risks but also identifies patterns of human error? Making it a great tool for helping you tailor training to individual roles. 

When was the last time you tested your human defences? 

Episode 5: Securing collaboration in the workplace 

No single tool or strategy can eliminate cyber risk. Reflecting on recent incidents, Youman highlights the critical need to look beyond email when protecting your organisation from cyber criminals.   

That’s why Data#3 and Mimecast advocate for a defence-in-depth approach. By layering advanced detection, automation, and human-centric strategies, organisations can: 

Episode 6: The Mimecast threat scanner 

The final episode showcases Mimecast’s Email Threat Scanner in action. This free tool provides a powerful way to uncover email-borne risks that have bypassed your existing defences. With access to the Mimecast console, you can: 

Act now, know your blind spots 

With everything we’ve learned so far, it’s easy to see that the evolving cyber threat landscape requires more than just traditional security measures. The rise of AI-driven attacks, sophisticated phishing campaigns and overlooked vulnerabilities in collaboration tools reveal critical security blind spots that many organisations still miss. Relying solely on static defences alone is no longer enough to stay ahead of cyber criminals.  

A comprehensive, defence-in-depth approach is necessary to safeguard your organisation against emerging threats.  Don’t delay, each day leaves your organisation open to more attacks. With Data#3 and Mimecast, you’ll take proactive steps to identify and address potential risks that will help protect your organisation.  

Mimecast’s Email Threat Scanner Report will give you actionable insights into your current security posture, helping you stay one step ahead of cyber criminals. Don’t leave your organisation’s security to chance—ensure you’re fully prepared for the threats ahead.  

Contact your Data#3 Security Specialist today to request your Email Threat Scanner Report and uncover hidden threats before they become a problem. 

MercyCare enhances security posture with 24/7 managed soc from Data#3 and SecurityHQ

Download Customer Story

Objective

With an increasingly challenging cyber landscape, MercyCare sought to enhance their risk mitigation and response capabilities by accessing expertise and 24/7 monitoring services.

Approach

Following an audit that recommended upgrades to their cyber security strategy, MercyCare sought to find a partner with the right level of expertise who could help improve their security posture.

IT Outcome

Business Outcome

Data#3 has a team of technicians with a strong focus on new technology trends. By combining Data#3’s expertise with SecurityHQ’s service, we felt confident that we would be able to adopt a more proactive approach towards organisational security.

Armin AdinehManager – Information Technology, Business Services & Systems, MercyCare

The Background

MercyCare supports the Western Australian community, providing services ranging from early childhood settings to aged care. Their 1,400+ staff are dedicated to providing quality care and support to Western Australians through every stage of life’s journey.

The small, busy IT team at MercyCare is acutely aware of the sensitive nature of the organisation’s data, and the need to be proactive in taking steps to ensure it is well protected. An external audit confirmed that it was time to seek additional security expertise.

The Challenge

The security landscape is fast-changing. With the number of Australian organisations affected doubling in the two years to June 2022, the small, busy IT team at MercyCare, led by Armin Adineh, Manager – Information Technology, Business Services and Systems, said it was essential to take a proactive approach.

“We were a new team, and the growing risk of cyber security incidents locally had caught our attention. We were concerned about the impact an incident could have on our ability to provide care for our clients and service users, and we knew we didn’t have sufficient visibility of the network to ensure we were protected. This was compounded by a lack of documentation and understanding of our network. For us, the main thing was knowing what was happening in our systems, identifying vulnerabilities and prioritising them based on risk and impact.”

The IT team was conscious of its responsibility to some of the state’s most vulnerable; MercyCare handles personal and health-related information relating to clients, as well as staff records and financial information. The organisation also have a policy that all data must reside in Australia.

“Security is especially important because we handle a lot of personal information about clients, service users and members of our workforce. We are committed to providing the best care and support to our clients, families and communities. To do this, we need to take all necessary steps to keep information secure and operate in line with corporate compliance standards.

“From a risk point of view, if there were ever a breach, there is potential for financial and reputational damage for our organisation, but it could also have an impact on our clients and families.”

Among the challenges that Armin’s team identified was the need for round-the-clock monitoring and response from a skilled workforce. That simply wasn’t feasible given the resources available in-house. The number of alerts on any day was enormous.

“We were getting over a million security logs in a month. The task of correlating this together, and separating false positives from identified vulnerabilities, was huge, and we could not have maintained that effort at the same time as managing business as usual activities with a limited budget, it would put an unprecedented amount of pressure on our team,” explained Armin.

“Due to budgets and also other aspects of a tough market, we felt we couldn’t have the solution in-house, and we started looking at a security operations centre (SOC). If we went with a solution in-house, we would have to have at least two people to cover leave, and then what are you going to do after hours? Our adversaries won’t stop attacking after hours or because it is Christmas.”

To ensure that appropriate choices were made around possible solutions, and gain a complete picture of the situation, MercyCare invested in an independent security audit. This confirmed that external expertise was needed.

“The audit showed that we needed to have a security team to review and maintain our environment. Based on our assessed requirements and resources, the consultants with the auditors identified that a SOC was the right way to go.”

IT Outcome

Using the audit recommendations as a starting point, MercyCare narrowed down their requirements for a SOC partner. After a careful evaluation, they chose to work with Data#3 and their SOC partner, SecurityHQ, who they felt had the right combination of technical capability and culture to support MercyCare’s aims.

“Our focus was on three pillars: people, policies and risk. We wanted to promote cyber awareness to our people, to our executives, and bring them on a journey,” said Armin.

After careful consideration, MercyCare opted for a service that included 24/7 support from the SecurityHQ SOC, including incident response support when needed. Included in the project were regular reporting, and frequent catch-ups with a dedicated, locally-based Data#3 customer experience manager. More detailed planning commenced to prepare for implementation, via a series of workshops and meetings.

“We created a roadmap to use as a foundation for a very constructive methodology to capture all assets and prioritise vulnerability based on assessed risks. We had high-level staff on board, with our technical staff working in close collaboration with Data#3 and SecurityHQ. The most important thing was enhancing cyber awareness within our organisation, and establishing robust policies and procedures to maintain security within acceptable risk appetite.in place. Technology was the final touch, much like the icing on the cake.”

“It was a comprehensive workshop that identified what we had, and asking at first how we can capture all alerts. We have many devices in our network including routers, computers, mobiles, etc. and we had to figure out how to send all logs to the SOC and establish secure connectivity for that.”

The preparation phase included troubleshooting and cleansing the MercyCare environment, and adjusting controls to ensure that alerts were triaged and dealt with appropriately according to pre-defined rules. These rules were then fine-tuned when the system went live.

“The first month was hectic with alerts for nearly everything. We communicated to the SOC team that certain alerts, like password changes by our IT team, didn’t require high-priority escalation and should be toned down. The decision to receive alerts for any event and how to handle them internally was ours.”

MercyCare’s need for transparency was met by the SecurityHQ response platform and APP, which gives them complete, real-time visibility of the current situation and any actions by the SOC team. The team can log in from anywhere and see trends, active incidents, and even the SOC engineers’ notes. Incidents are dealt with by the SOC team, and the MercyCare team is only called when more critical events occur.

“It is very collaborative, with meetings every week with the SOC team where we go through everything happening on the network. As an IT manager, I know that at the end of the week, we have monitoring, and all incidents are reviewed by a team of professionals in a way that could never have happened in-house. I know that if someone is on leave, another qualified specialist is doing that job, and when they come into our meetings, I can see that the handover was done perfectly.”

Business Outcome

From the start of MercyCare’s path to introducing a SOC solution, Armin has been clear that cyber security must become a more prominent part of the organisation’s culture. Management support of the independent security audit, and subsequent support from Data#3 and SecurityHQ, have contributed to progress.

“To me, I was struggling to raise awareness, so telling the business how important this was, and bringing them on the journey, really has helped. I had important discussions with management about what we were doing, and we were able to make data-driven decisions. Now, we are more security aware right from the top level, which is a great achievement.”

With the SOC taking on the day-to-day security monitoring and response, Armin’s team no longer has to look through thousands of logs, trying to identify genuine risks among the mass of benign occurrences.

“Feeling that someone was taking care of securing the network properly was the main achievement. We have a defined process in place. Also, our audit outcome went up significantly this year, which gave us reassurance that we were on the right track.”

“The trust is coming back to our IT department which signals that we are doing the right thing, and it is a positive outcome when a third-party auditor comes in and confirms that. That’s when you see the value of our investment.”

The original aim of improving protection of staff and clients has been achieved now that Armin  is satisfied that the  people awareness, processes and risk management are in place. Not only does investment in security reduce risk to the organisation and help maintain its trusted status, he said it has also changed the game for the MercyCare IT team.

“Putting aside risk and reputation, the SOC gives us peace of mind that a successful, professional team is going to manage that big job 24/7, which frees our time to put more effort into business-as-usual support. Having that peace of mind is very important. We went from reactive to proactive.”

A very important element of the outcome was peace of mind, but I wasn’t expecting to be connected with a team of professionals with this level of friendliness and support.

Armin AdinehManager – Information Technology, Business Services & Systems, MercyCare

When researching potential SOC providers early in the project, Armin found that there were “different types” available, and said that the decision came down not only to technology and cost but also the right attitude and approach to working together.

“We had companies that provided similar services, with Data#3 there was competitive pricing, which helped. Also, what connected us with Data#3, and their partnership with SecurityHQ was that they didn’t talk only about what they could provide in terms of technology, they connected with our values and how they could provide services that help us to achieve our goals. Our values connected from both technology and non-technology points of view.”

This approach meant that MercyCare had access to resources and support beyond expectations, with an extended team ready to act on the usual day-to-day issues that arise in a busy IT environment.

“We knew they have a very competent team to help us with other aspects. If, for example, we have an issue with our cloud infrastructure, and I don’t have a resource, I know that the Data#3 team can help me with expert resources to solve the issue,” explained Armin.

“A very important element of the outcome was peace of mind, but I wasn’t expecting to be connected with a team of professionals with this level of friendliness and support.”

Part of the role of the SOC team is to help MercyCare to always improve their security posture, providing a roadmap and prioritising every action. Armin said that knowing there is a dedicated focus means he can sustain momentum.

“In every meeting, we assess the priorities. A good thing about the security team is that they follow you to make sure you are managing the risks. I find that they don’t ever forget, and that’s a good characteristic to have in a security team,” concluded Armin.

Download Customer Story Learn more about security managed services

Royal Flying Doctor Service digital initiative helps lift service efficiency using Microsoft Azure Functions

Download Customer Story

Objective

The Royal Flying Doctor Service (RFDS) (Queensland Section) was dependent on disparate data sources and wanted to integrate aircraft, patient, and crew data to give a clear picture of availability.  

Approach

Having worked together previously, the RFDS (Queensland Section) identified that Data#3 had the capability to tackle a highly complex data integration project, working through rigorous proof of concept stages to completion.

IT Outcome

Business Outcome

When we could say we had the systems and processes in place that were trustworthy and reliable enough to get our operations centre up and running, it was a huge milestone.

Nick WarwickData Integration and Analytics Manager, Royal Flying Doctor Service (Queensland Section)

The Background

The Royal Flying Doctor Service (RFDS) is a charitable organisation that delivers primary healthcare and 24-hour emergency services to rural and remote Australians. Supported by a vast number of volunteers and supporters for more than 90 years, the RFDS holds a special place in the heart of the nation.

As one of the largest aeromedical organisations in the world, the RFDS faces unique operational hurdles. The crews and aircraft at the frontline work beyond the reaches of consistent data connectivity, so providing service involved considerable manual effort.

The Challenge

Before the RFDS was founded in Cloncurry in 1928, Australians living in remote locations had to travel by horseback, cart, or even camel to reach medical help in an emergency. Since then, the fleet has grown to 79 aircraft that operate from 23 bases across Australia.

The RFDS has expanded its services to include primary health care clinics, patient transfers, research, and a host of other essential care. Data Integration and Analytics Manager (Queensland Section), Nick Warwick, said that modernising the mainly manual RFDS systems was essential to ensure the Service could continue to provide the finest care to the furthest corner.

“One of the biggest challenges is that we operate off-grid, where there is no phone data or internet. If we can get data at all, it is usually slow, with very high latency, low bandwidth, and poor connectivity.”

“In the sky, there is limited connectivity – we have satellite phones and tracking, but we’re not about to be streaming Netflix, and the cost of streaming data is prohibitive. As a result, we operated with a lot of paper-based processes, with many standalone apps operating offline,” explained Warwick.

As well as receiving much-appreciated donations from the public, the RFDS also accepts funding from both state and federal governments. Both levels of government supported the RFDS quest to modernise and innovate, and Warwick said moving away from paper-based systems represented an opportunity to improve care.

“It is all about how we can look after the patient better. Queensland Health has been moving all hospitals to electronic records, and we looked at how we provide information to the receiving hospital, and how the information we add works into that process.”

In addition to integrating patient data from multiple sources, the RFDS (Queensland Section) wanted an Operations Control Centre for the fleet that would have accurate, near-real time data about its fleet and crews. The potential for increased efficiency and faster response times was an important driving force.

“If, for example, a hospital needed a patient transferred, they would ring Retrieval Services Queensland, a service attached to the 000 centre, who would then ring around to find pilots and nurses who were available and had the right skills for the specific job,” explained Warwick.

“We wanted better situational awareness of available flight crews and availability so we could respond to calls faster. In Queensland we have 22 aircraft and 11 crews, and we’re operating 24/7 ready to do medical retrievals. Different aircraft have different capabilities; all nurses are intensive care specialists, most are midwives, and all aeromedical doctors are anaesthetists or intensive care experts. We always need to make sure we send the right combination of specialists when responding to calls.”

There are many considerations for dispatchers. Some aircraft have cargo doors, necessary for certain situations, or have capacity of multiple stretchers, while others may be better suited to landing on outback dirt strips. The dispatcher must rapidly assess and make decisions based on patient needs, location, pilot, and crew skills and even the aircraft itself.

“We had a duty tasking officer whose job it was to advise Queensland Health from the moment of the request, organising everything that was needed for the best patient outcome from assigning the right aircraft and crew, through to making sure that the receiving hospital was ready for them and had a bed reserved.”

Much of the needed information that documented aircraft capabilities and crew skills was held offline, so the tasking officer would have to manually look through hard copy information in multiple locations before an aircraft and crew could be sourced. A task that required manual checking of every piece of information, often with several phone calls.

“We were depending on paper-based processes and stand-alone systems, with someone figuring out what aircraft had what capabilities, and remembering it all in their head. We asked ourselves, how do we get our records all available electronically, and get our systems talking? The goal was to get the right information to the right person at the right time,” outlined Warwick.

“We couldn’t find anything commercial off-the-shelf that would do the job of emergency and flight planning for an airline where we have no advance knowledge of where we’ll being flying to on any given day.”

IT Outcome

The RFDS (Queensland Section) began to automate some processes, extract simpler data, and load it into their data warehouse. They gained the ability to run some reports however they were not in real time. They still needed to integrate patient and aircraft data, and to find a way to display the information. All this needed to be managed within a strict budget, as the RFDS team was very conscious of their responsibility to get the most from every dollar of funding.

“We had to find all the bits of information and get them into a spot we could use. Prior to coming on board, Data#3 had done some work with the RFDS around data processing strategy to produce reports. We were initially looking at Azure Data Factory and had done discovery work, and we chose to work with Data#3 and their partner Lynkz for a proof of concept to show if it would work and prove beneficial,” explained Warwick.

“As we evaluated the cost, we realised that Azure Data Factory would not be the right tool, and the team identified that Azure Functions applications would be better suited. We rebuilt the prototype, and it exceeded performance and costing expectations.”

Azure Functions is a serverless solution that allows you to write less code, cut infrastructure requirements, and reduce costs. With the needed resources residing in the cloud, and streamlined development, the affordability factor soared.

Part of the limited proof of concept, for a single view of aircraft information, was the build of a simple dashboard displaying real time details. Even then, Warwick said that getting the go-ahead was “by no means a given”, and the project was put through a strict approval process to ensure that it offered significant value to patients and staff.

“Azure Functions was a much better cost of operations model for us, and we continued to build out the model and started hooking up new systems and looking at the quality of data. It was a real collaborative effort between RFDS, Data#3 and Lynkz,” said Warwick.

As more systems were integrated, some were determined to be no longer fit for purpose, and alternatives were considered for functions such as flight manifests and tracking.

“Data#3 helped us to design and build a new manifest system, and we chose a new partner for a flight tracking system that sends API calls. The capability of our system is now far more advanced than we had previously.”

Business Outcome

A key moment was the launch of the RFDS (Queensland Section) Operations Control Centre. This was made possible when key systems were integrated successfully and marked a milestone on RFDS’ commitment to growth in innovation.

“We can now see exactly where we are, whether any of the crew has limitations we need to be aware of, we can see their location, and no longer have to make calls to know where people are, the information is just there. When we look at the board, we can see information about aircraft maintenance needs, and understand the current situation.

“At a glance, we know which aircraft is loaded with NICU (neonatal intensive care unit) equipment, or which staff are available with the right specialist skills. If we’re asked a question, we can just look up and see it on a big display board that shows real time information,” Warwick said.

Display boards are also installed in each of the RFDS locations around Queensland, so that wherever they are, crews, support staff and engineers can access accurate information at a glance.

“The work we’re doing ensures that pilots, nurses, and doctors have the right information. Rather than a 000-dispatcher calling multiple places to find the right aircraft, we can tell them straight away. For example, we had a critically ill patient who needed to travel to Brisbane, and we could see that the closest crew was not the best match for the patient’s needs and could immediately locate the best option.

“At the Operations Control Centre, we have integrated flight systems, manifests, and tasking systems plus the first of our clinical systems, so instructions can be preloaded onto the clinician’s iPad, used offline during flight and the data uploaded at the other end. We can be saving five to ten minutes per patient by passing data over, and the process can remove up to half an hour in tasking communications.”

It’s not only in the Operations Control Centre that efficiencies have been realised. Warwick noted a reduction in effort when aircraft come in for servicing. Engineers can quickly notice when an aircraft will be waiting for a few hours for a patient’s return journey or a hospital handover, thanks to the screens in each location.

“We can now show clearly which aircraft are on call, and which aircraft our engineers can work on. When an aircraft is on the tarmac, engineers can know whether they have time for routine maintenance. Now we have visibility of information, we can improve our operations and work more efficiently.”

For Warwick’s IT team at RFDS (Queensland Section), one of the key success factors was knowledge transfer, with Data#3 specialists providing documentation and helping internal resources to gain confidence in working with Azure Functions.

“We knew at the end of phase one there would be a disengagement process, and if we were successful, we would have produced what was needed and have the skills to maintain it, and this was absolutely achieved.”

We have connectivity options at every site we operate. We’re looking for ways we can improve telehealth, and how we can put equipment like cardiac monitors and diagnostic equipment where they’re of most use.

Nick WarwickData Integration and Analytics Manager, Royal Flying Doctor Service (Queensland Section)

Conclusion

With real time information available on screens at each of the RFDS (Queensland Section) locations, the project has been highly visible within the organisation. This has led to demand for additional data to be integrated as the possibilities are considered. Warwick said that the project has highlighted the core RFDS spirit.

“As an organisation, innovation is at the core of what we do. In 1928, nobody had used planes to transport sick people. We’re always looking for the best ideas. Our aircraft now have stretcher loading systems to go straight from the aircraft to ambulance. We have connectivity options at every site we operate. We’re looking for ways we can improve telehealth, and how we can put equipment like cardiac monitors and diagnostic equipment where they’re of most use.”

As an organisation, the RFDS is ever conscious of spending funding wisely, and this impacts the way that technology projects are approached. This makes proof of concepts especially important, and Warwick said that “we’ll give it a go but stop if it doesn’t work”, something that requires a supportive technology partner.

“Data#3’s biggest strength was their attitude. The account manager saw us as a relationship, and had a professional, constructive approach based on mutual respect. They could see what we were trying to do, and their attitude was that we will find a way together to make it work,” praised Warwick.

“If we had more work, there was always give and take, and they were able to find another person.”

Looking to the future, the RFDS has plans to roll out additional services that are much needed by the remote and rural Australians they serve. Warwick said that as well as increasing demand for primary care and dental clinics, the health practice now offers youth mental health care, maternity health, and operates a system of medicinal chests that he hopes will be integrated, so that status can display for the operations centre staff.

“We’re considering projects around geospatial technology, so that when someone calls needing help, we can get lifesaving medications to them from the medicinal chests faster than an aircraft can arrive.”

Given the RFDS spirit of innovation, it is unsurprising that Warwick sees modernisation efforts less as a project with a start and finish and more as an ongoing progression where there will always be opportunities to improve services as new technologies emerge. There’s “no endpoint” when striving for the best patient outcomes. Still, he said it’s also important to reflect on the advances already made.

“When we could say we had the systems and processes in place that were trustworthy and reliable enough to get our Operations Control Centre up and running, it was a huge milestone.”

Download Customer Story Realise true cloud value with Azure

Community safety organisation achieves licensing savings with Data#3’s Microsoft 365 Optimiser Service

Download Customer Story

Objective

An organisation in the rehabilitation industry with a focus on community safety wanted to reduce its overall licensing spend and demonstrate sound cost management. However, to do this would require a greater level of visibility.

Approach

This organisation needed to demonstrate cost efficiency. As the largest Australian Microsoft licensing provider, it was logical for this organisation to seek Data#3’s assistance to ensure licensing was managed efficiently. Data#3 performed a high-level review to demonstrate that the Microsoft 365 Optimiser Service could optimise savings.

Business Outcome

It was a very cost-driven exercise. An upcoming Microsoft renewal was the main driver – other aspects, such as security and automation, were side benefits.

Spokesperson for the organisation.

The Background

The organisation was committed to allocating Microsoft 365 E5 licences to all active users. However, it lacked the tools needed to closely manage licences without considerable manual effort, something that would be costly in itself.

The Challenge

Microsoft software, in particular Microsoft 365, is an essential business tool for the organisation’s staff who work across multiple  sites with varying security levels, offices, and reporting locations. The Microsoft licensing is among the most important IT investments each year, so it’s imperative that they’re managed efficiently. Staff in the busy IT team are conscious of their responsibility to the local community to manage their budget carefully and avoid unnecessary expenses. The spokesperson stated that value for money is prioritised.

“We are audited on cost efficiency and report our measures to a committee annually.”

“Every year we can expect a multi-million-dollar renewal of Microsoft licensing. The Microsoft 365 Optimiser Service was presented to us by Data#3, who are our Microsoft licensing partner. They told us about the product and presented the cost savings that could be achieved.”

It was important to this organisation to navigate a time of rising prices without compromising high standards to deliver an essential service to the community.

“We have a fixed budget each year, and we must always keep within the boundaries of that,” explained the spokesperson.

While maximising the value of their investment in licensing was very much the driver, it could only be achieved with greater visibility of overall usage. The organisation was eager to reduce what the spokesperson described as a “completely manual task” of identifying licensing waste and reallocation. There was no easy way to identify when staff were not using licences for an extended period, or only needed temporary cover. The manual effort of seeking out idle licences also carried a staff time cost, so the potential to automate the process was welcomed.

The Outcome

While the potential of Microsoft CoreView was clear, the organisation wanted evidence that savings would be realised. A proof of concept gave them the answers they needed.

“They showed us as part of the process how much we could save and did a trial to confirm that those were real savings on the table through identification of idle licensing. The tool did the monitoring for us and showed us the extent of savings we could achieve,” outlined the spokesperson.

“We had real world examples of what we could save. We constantly are asked to avoid costs and save money, and Data#3 made it real with the proof of concept.”

Conducting the Microsoft 365 Optimiser Service was largely a hands-off process for the organisation. Once access was granted to Data#3 into the IT department’s Microsoft environment, the tool was installed remotely, and it began to monitor licence usage. Still facing COVID-19 restrictions and operating in a highly secured environment meant that the organisation appreciated this approach, noting that:

“We have strict controls over who comes on-site. On-site visits involve working through a full checking process. Over the last year, we have had our regular account manager visits, but the modern workplace team handled everything remotely. We authorised access to our externally hosted Microsoft portal, and they came up with the result. It was a completely hands-off process for us.”

Guided by the specialist Data#3 team, Microsoft 365 Optimiser identified idle licences that were invisible by using manual processes, achieving a cost reduction just beyond the predicted numbers.

“We’ve got several examples. We found staff members on extended leave of six months or longer, such as maternity leave, where it was expensive to assign a licence if the staff member was not working. There are other scenarios where staff members work part-time or are only with us for occasional visits. When state health workers visit, that might only be once every six months, so we don’t want a licence sitting idle,” continued the spokesperson.

“We could automatically detect when a licence had been unused for, say, 60 days, and Data#3 was then able to suggest and provide lower cost licences, or a lower quantity of licences, with the benefit of avoiding that cost.”

The organisation opted to leverage Data#3’s Microsoft 365 Optimiser service, which is designed to discover, analyse, and produce actionable remediation reports for Microsoft 365 licensing, security, and governance. As well as identifying licence waste, the service makes recommendations on security posture in the Microsoft environment and enables automation of manual Microsoft 365 tasks, such as licence management.

“We have regular meetings where we are presented with a monthly report showing opportunities to reduce our spend and reporting the amount avoided to date.”

“We recently underwent our Microsoft 365 renewal for 2023, for example, and saved a cost of $278,986 that we would have paid without the Microsoft 365 Optimiser service.”

While the initial automation used by the organisation focused on the identification and management of idle licences, plans are underway to harness further capabilities.

“The service does offer onboarding and offboarding integration into our software management tool, so we are looking to realise that benefit of automated onboarding and offboarding,” said the spokesperson.

“I absolutely recommend this product to provide visualisation of cost saving opportunities for Microsoft licensing.”

Conclusion

While Data#3’s position as the Microsoft licensing provider for this organisation made them a logical choice for this cost avoidance exercise, the team involved in providing the Optimiser service lived up to expectations.

“The highlight was that we got an excellent resource. Those we worked with were available, responsive, had a professional manner, and strong communication – they were excellent to work with. They made it very easy for us,” recalled the spokesperson.

The greatly improved visibility of the organisation’s licensing reduced risk of wasted investment. The resulting tightened management also enhanced security, and automation took away time-consuming manual processes from their busy IT team. Still, their spokesperson concluded, the objective of value for money has been the driving force behind the project and was the most pleasing outcome. While the business case to support implementation of the Microsoft 365 Optimiser service predicted savings of $583,000, as of early 2023, the cost avoidance in the overall organisational Microsoft environment had reached $623,000.

“It was a very cost-driven exercise. An upcoming Microsoft renewal was the main driver – other aspects, such as security and automation, were side benefits.”

Download Customer Story Optimise your organisation with Microsoft 365