IT Environment Stabilization & Documentation

Engagement Overview

Cybernerds was engaged to assess and stabilize the IT environment of a nonprofit organization experiencing recurring service disruptions, inconsistent configurations, and a complete lack of infrastructure documentation. The IRIS assessment revealed systemic issues across identity, email, endpoint management, and data storage. A focused stabilization sprint resolved critical issues and delivered comprehensive documentation, enabling the organization to make informed decisions about ongoing IT management.

Initial State

The organization had cycled through multiple IT providers over the previous three years, each making changes without documenting their work. Key findings during IRIS included:

• ✓Zero infrastructure documentation — no network diagrams, no configuration records, no asset inventory
• ✓Azure AD Connect misconfigured — duplicate user accounts, sync errors, and orphaned objects
• ✓Exchange Online experiencing intermittent delivery failures due to conflicting DNS records
• ✓SharePoint Online sites with broken permissions — some staff unable to access critical documents
• ✓No endpoint management — devices manually configured with no centralized policy enforcement
• ✓Three different antivirus products deployed across the fleet (remnants from different providers)
• ✓Admin credentials shared across multiple staff with no MFA on any administrative account
• ✓Recurring MFA prompt failures frustrating staff — caused by mismatched Entra ID and M365 settings

Key Challenges

• ✓Discovery: No documentation from any previous provider — required full environment discovery from scratch
• ✓Identity: Azure AD Connect corruption creating duplicate accounts and authentication failures
• ✓Email: DNS record conflicts between current and previous providers causing delivery issues
• ✓Permissions: SharePoint access broken by layered changes from multiple providers without cleanup
• ✓Security: Administrative access distributed without oversight, MFA incomplete and misconfigured
• ✓Trust: Organization leadership frustrated and skeptical after repeated poor experiences with IT providers
• ✓Budget: Nonprofit budget constraints limiting the scope of immediate remediation

IRIS Assessment — Findings Summary

Total: 81 findings across 12 governance domains, with 23 rated Critical and 31 rated High priority.

• ✓Identity & Access: 23 critical findings including shared admin accounts, duplicate objects, and missing MFA
• ✓Email & Communication: 8 findings including DNS conflicts, missing SPF/DKIM/DMARC, and shared mailbox misconfigurations
• ✓Endpoint Management: 15 findings including no MDM enrollment, inconsistent antivirus, and no patching cadence
• ✓Data & Collaboration: 11 findings including broken SharePoint permissions, no backup strategy, and scattered file storage
• ✓Security: 18 findings including no Conditional Access, no compliance policies, and legacy authentication enabled
• ✓Infrastructure: 6 findings including Azure AD Connect health, DNS inconsistencies, and license waste

Stabilization Sprint — Critical Remediation

The stabilization sprint addressed all 23 Critical findings and 12 of 31 High findings within a two-week focused engagement.

• ✓Resolved Azure AD Connect sync errors — removed duplicate objects, repaired attribute mapping, validated sync health
• ✓Fixed Exchange Online DNS records — corrected SPF, added DKIM and DMARC, removed conflicting legacy records
• ✓Secured all administrative accounts with dedicated credentials and enforced MFA
• ✓Eliminated shared admin accounts — created individual admin accounts with proper RBAC assignments
• ✓Repaired SharePoint Online permissions — restructured by department with documented access model
• ✓Standardized antivirus — removed legacy products, deployed Defender for Business across all endpoints
• ✓Fixed MFA enrollment issues — cleared stale registrations and guided staff through re-enrollment
• ✓Resolved recurring email delivery failures — confirmed mail flow working for all users

Documentation Delivered

• ✓Complete implementation record document covering identity, email, endpoints, and storage
• ✓Asset inventory — all devices, licenses, and subscriptions cataloged
• ✓Network and DNS documentation including all public and internal records
• ✓Administrative access register with named accounts and permission levels
• ✓Prioritized remediation roadmap for remaining High and Medium findings
• ✓Recommended next steps with cost estimates for ongoing managed services

Outcome

• ✓Recurring service disruptions resolved — email, authentication, and file access stabilized
• ✓81 findings documented with 35 remediated during the stabilization sprint
• ✓Complete infrastructure documentation delivered for the first time in the organization's history
• ✓Administrative access secured with individual accounts and MFA enforcement
• ✓Unified endpoint protection replacing three inconsistent antivirus deployments
• ✓Prioritized improvement roadmap enabling informed budgeting decisions
• ✓Organization transitioned to Cybernerds managed services for ongoing support