Skip to content
Pro IT NW

Recent Work

Anonymized engagement notes.
Volume in lieu of logos.

Most of our customers don't put their IT consultancy on a logo wall. We don't ask them to. Instead — sector, seat count, scope, outcome. Read enough of these and you'll see the same operating model show up over and over.

Most consultancy "case study" pages are built around named logos and quotable customer testimonials. We don't run that play. The customers we work with are buying senior engineering, not marketing rights — and most of them prefer the work to stay private. The trade is fair: you get to see the volume and shape of the work, not the names attached to it.

What you're reading below is a representative sample. Not every engagement appears — some are too recent, some too sensitive, some simply not yet written up. Sector, seat count, pillar, headline, and a paragraph of substantive scope. References available privately during scoping conversations.

Pillars:

Microsoft 365 & Hybrid Exchange VMware Exit & Server Modernization Identity, Security & Compliance Microsoft 365 Copilot Readiness SharePoint & OneDrive Migration Active Directory Audit

Engagement notes

Eight recent engagements.

Each one anonymized. Each one substantive enough to give you a feel for what the work actually is — not just what slogan we'd put on it.

#01 Identity, Security & Compliance

Commercial → GCC High migration with CMMC L2 readiness

Aerospace components supplier (defense) · 220 seats

Tier-2 aerospace components supplier on a 14-week timeline to land in GCC High before a CUI-handling prime contract activated. Scope: tenant provisioning, ITAR-tagged file-share migration, AD-to-Entra hybrid, accounting integration with QuickBooks Enterprise, hardware MFA token rollout for privileged accounts, NIST 800-171 control mapping with a written POAM for residual gaps. Cutover landed on schedule. CMMC L2 readiness package delivered to the customer's compliance program for self-assessment attestation; C3PAO third-party assessment scoped separately.

#02 Microsoft 365 Copilot Readiness

Copilot Readiness assessment + 6-week remediation

Pacific Northwest healthcare network · 1,200 seats

Regional health network preparing for phased clinical Copilot rollout. The 2-week assessment surfaced 18,400 over-permissioned items across SharePoint and OneDrive — a mix of legacy 'Anyone in the company' shares, dormant guest access, and inheritance-broken site collections. 6-week remediation collapsed the exposure to under 200 reviewable items. Sensitivity-label baseline deployed. Purview DLP policies activated for PHI-in-chat and PHI-in-email. Written go-live recommendation: phased rollout to clinical staff in Q3, with administrative staff first as the canary cohort.

#03 VMware Exit & Server Modernization

VMware-to-Hyper-V migration after Broadcom 1,400% renewal hit

Manufacturing firm (mid-market discrete) · 500 VMs

Discrete manufacturer hit a $310K Broadcom renewal — up from $22K the year prior. The customer was already running Windows Server Datacenter, which meant Hyper-V was effectively pre-paid. Discovery (4 weeks) confirmed workload portability, no NSX or vSAN dependencies, and HCL-clean hardware. Wave-based cutover ran 8 weeks. Hypercare 2 weeks. Migration cost: $35K, 4-month payback against the Broadcom renewal. Year-2 run rate dropped to ~$20K (backup tooling and training). VMware decommissioned at week 14.

#04 Active Directory Audit

Three-layer AD audit (PingCastle + Purple Knight + manual)

Tribal nation healthcare + government · 17-DC AD forest

17-DC two-domain forest serving combined healthcare and government operations. Discovery-only engagement. Three audit layers in sequence: PingCastle for tier scoring and compliance baselines, Purple Knight for AD-specific attack-surface findings, manual review for misconfigurations the tools missed. Results: 61 findings total, 11 of them Tier-0. Forest functional level review surfaced a misconception about Server 2019 DFL — Microsoft never released a 2019/2022 functional level; Server 2016 (level 7) is the max for those forests. Hardening engagement scoped separately as Phase 2 implementation; the customer chose to remediate internally on the lower-priority findings.

#05 Microsoft 365 & Hybrid Exchange

Two-tenant merge — 60-day close + 60-day post-close cutover

Holding company M&A integration · $8B parent acquiring 200-seat subsidiary

$8B parent company acquired a 200-employee specialty subsidiary. Legal close was a hard 60-day deadline; tenant cutover scoped for an additional 60 days post-close. Complexity layers: Power Platform apps with environment-scoped data, externally shared apps with partner organizations, Teams chat history that the executive team wanted preserved across cutover, dual-mailbox routing during the transition window. Tenant-to-tenant migration completed inside the 60-day post-close window. No business interruption. Subsidiary's mail flow, file shares, Teams channels, and Power Platform apps all consolidated into the parent tenant with appropriate licensing reassignment.

#06 SharePoint & OneDrive Migration

File-share consolidation to SharePoint + OneDrive (KFM)

Tribal nation file-server consolidation · 737 shares / 15.28 TB

Discovery + dual-track migration design for a 737-share, 15.28 TB legacy file-server estate. 10.2 million files inventoried; 87.6% identified as cold (no access in 12+ months). Dual-track migration: actively used shares mapped to SharePoint sites with permissions remapped department-by-department; user home shares migrated to OneDrive with Known Folder Move (KFM) configured for desktop / documents / pictures redirection. ShareGate Pro tooling licensed for the migration. Batched by department to control blast radius. Cold-archive strategy for the 87.6%: tiered to inexpensive storage with a defined retrieval SLA rather than fully migrated.

#07 Microsoft 365 & Hybrid Exchange

Hybrid Exchange decommission ahead of Oct 2025 ESU window

Professional services firm · 800 seats

Last on-prem Exchange mailbox migrated, hybrid configuration cleanly removed before the Oct 14, 2025 Exchange 2019 mainstream-support cutoff. Customer had been running hybrid for years to support a small set of 'permanent' on-prem mailboxes; the project closed those out, retired the on-prem Exchange organization, and decommissioned the hybrid relationship per Microsoft's documented decommission sequence. ESU costs avoided: estimated $50K+ across what would have been the Year-1 ESU subscription. Hybrid-related complexity removed from the customer's identity and mail-flow architecture. Documentation handed off to internal IT.

#08 Identity, Security & Compliance

AD Tier-0 implementation — mid-market scaled

Financial services firm (mid-market RIA) · 350 seats

Mid-market financial services firm hardening their on-prem AD against ransomware blast-radius. Tier-0 model implemented in 90 days at mid-market scale — deliberately scaled down from the enterprise-grade RedForest / ESAE / JEA architectures into a model the customer's lean IT team could actually operate. PIM-based admin model deployed. Privileged-access workstations defined for Tier-0 administrators. Group policy and naming convention work. Outcome: a credible, sustainable Tier-0 boundary without the operational overhead of the full enterprise architecture. Documented for handoff and quarterly review.

A note on references

Named references during scoping conversations.

On a serious project, the right reference for you is the customer who did the same project we'd be running for you. Same pillar, similar size, same regulatory or industry context. We provide named references at that level of specificity during scoping conversations — not on a public page where the references have to defend their decision to a curious public.

Reference conversations are with the IT directors, CIOs, and engineering managers who actually partnered on the work. They're free to discuss what worked, what didn't, what they'd do differently, and what surprised them. We don't curate the conversations.

Have a project that fits one of these shapes?

Tell us the workload, the seat count, and the deadline. Two-business-day response with scope, timeline, and references that match your environment.