Featured Case Study

Real-World Success Story

Discrete case narratives visual

Case Study: Montshield Revive , Turning Old Systems into a Safe Cloud Home

Executive Summary

Montshield Revive moved a trust-and-advisory group’s old, undocumented IT stuff onto Microsoft Azure in only 90 days. We swapped a clunky desktop document system for SharePoint Online and Azure Files. The old Windows-Server-2010 email-archive was lifted to Azure SQL Managed Instance and Exchange Online Archiving. A secret decoding tool was reverse-engineered and packaged for containers. We built an OCR line to turn 15+ years of PDFs into searchable files. Old reports that ran on static VMs now live in Azure Synapse and show up in Power BI Premium dashboards, giving instant insight to trustees and finance staff. Backups are immutable, geo-replicated and we even ran a ransomware test to prove we can keep working. Microsoft Purview now watches data, classifies it and forces policies. The biggest win wasn’t only tech – we used clear change-management to turn nervous staff into supporters, giving senior leaders confidence in a secure, future-ready platform.

The Challenge: Legacy as a Risk Multiplier

The client’s old set-up had five pieces that all added risk:

  • Desktop Document-Management System – a locally-installed app, scripts everywhere, no version history, no audit trail.
  • Email-Archive – running on Windows Server 2010, no support from Microsoft, wide open to attacks.
  • Proprietary Decoder – a binary only one senior engineer understood, no source code, a single-point knowledge risk.
  • Scanned PDF pile – 15+ years of PDFs on old file servers, no full-text search, media aging.
  • Analytics on VMs – reports built on static VMs, slow, manual refresh, can't scale.

These caused growing threats: an unsupported OS gave hackers a door; undocumented tricks made the shop fragile; missing governance broke privacy rules; and slow analytics slowed decisions. Leaders knew each day of delay made a breach more likely, hurting trust and their duty to funders.

The Montshield Revive Approach

Montshield Revive used five simple ideas to get legacy into the cloud while keeping security and compliance:

  • Check and Upgrade – list everything, see the risk, plan a cloud-native target.
  • Move Securely – shift bits in stages, encrypt in-flight, keep data inside chosen regions, no downtime.
  • Boost Efficiency – rewrite apps for containers, use serverless bits, use managed data services to cut ops work.
  • Test Toughness – try backup restores and ransomware scenarios, turn theory into proof.
  • Build Trust – show clear governance, cost forecasts, hands-on workshops to turn doubt into ownership.

This step-by-step plan gave a repeatable map that matched the risk-averse culture with the need for fast change.

Phase 1: Assessment and Early Resistance

In the first 30 days the Revive crew catalogued every system and found almost no docs and a big knowledge hole for the decoder tool. Four groups voiced worries:

  • Ops – scared of service stops.
  • Legal & Compliance – feared breaking data-residency laws.
  • Finance – doubted cost predictability.
  • IT – saw skill gaps and resource strain.

We answered each with:

  • Roadmap – a visual timeline with steps and rollback points.
  • Cost Model – Azure “what-if” budgets showing spend vs the old outlay.
  • Encryption & Region Rules – TLS for travel, Azure Disk Encryption for storage, region pick to meet laws.
  • Immutable Backups – Azure Backup set with lock so nothing can be deleted early.
  • Workshops – live demos moving non-critical data, letting folks see safety in action.

These moves changed talk from “risk of change” to “chance to cut risk”, winning executive backing and a cross-team task force.

Phase 2: Document & Archive Modernization

Next we tackled the document system, email archive and PDF stash.

  • SharePoint Online – moved the desktop DMS here, added role-based access, version history, linked big files to Azure Files.
  • Email Archive – retired Windows Server 2010, stored mail in Azure SQL Managed Instance, attached to Exchange Online Archiving for auto-retention.
  • OCR Pipeline – used containerised Tesseract (open-source) with Azure Functions; key contracts also run through Azure Form Recognizer for better accuracy.
  • Blob Storage & Cognitive Search – dumped 15+ years of PDFs into Azure Blob, indexed each with Azure Cognitive Search, so full-text find works instantly.

Result: a single cloud hub where old contracts can be fetched in seconds, meta-data added automatically, and audit logs seen in one place.

Phase 3: Analytics Re-platformed

Old reporting VMs were moved to Azure’s analytics stack:

  • Azure Synapse – set as a serverless warehouse, pulling from the new SQL store and the blob source.
  • Power BI Premium – built dashboards that refresh real-time, have row-level security, let trustees and finance see scenarios on the fly.

We ran side-by-side checks, matching old VM numbers to the new visuals, proving the new pipeline was correct and gaining user trust.

Phase 4: Resilience Proven , Ransomware Test & Immutable Backups

To really show continuity we ran a ransomware drill:

  • Attack Emulation – a script tried to encrypt a slice of Azure Files, triggering Backup alerts.
  • Service Halt & DR – scripts stopped the affected services, started the disaster-recovery run-book.
  • Restore – using Azure Backup with immutability and geo-replication, data came back from a second region in hours, not days.

The drill proved immutable backups blocked malicious changes and let us recover quickly. Leaders saw real evidence, not just paperwork.

Phase 5: Governance with Microsoft Purview

Final step added a whole-company governance layer via Microsoft Purview:

  • Data Classification – auto-tags for PII and finance data using built-in and custom scans.
  • Policy Enforcement – forced encryption-at-rest, set retention dates, locked down access across Azure resources.
  • Live Audit Dashboards – show who looks at data, any policy breaks, giving execs instant insight.

Switching from reactive audit prep to proactive monitoring cuts regulator risk and builds a compliance culture that lives in daily work.

Results and Impact

In the promised 90 days we delivered measurable gains:

  • Windows Server 2010 retired – biggest attack surface gone.
  • MSSQL to Azure SQL – licensing cost cut about 35 %.
  • DMS up on SharePoint – instant access, version control.
  • Email Archiving modern – smooth tie-in with Exchange, proper retention.
  • OCR Search – 15+ years of PDFs searchable, retrieval time dropped from hours to seconds.
  • Analytics live – real-time dashboards with over 80 % user uptake in four weeks.
  • Resilience shown – ransomware test restored data in hours; immutable backups proved untamperable.
  • Purview applied – policy coverage across 100 % of data, dashboards show continuous compliance.

Beyond numbers, staff who first objected now champion the new platform. Executives feel safer about cyber risk. The IT crew has space to try new projects, no longer stuck maintaining old gear.

Lessons for C-Level Leaders

The Montshield Revive story teaches five key points for senior leaders:

  • Old tech hides silent risk – unsupported gear and undocumented tricks quietly erode security.
  • Clear talk turns doubt to buy-in – roadmaps, cost sketches, and live demos turn fear into shared ownership.
  • Proof of toughness is real-world testing – ransomware drills and backup restores show continuity beyond theory.
  • Ongoing governance stops drift – tools like Purview keep policies alive as data grows, lowering audit danger.
  • Modernization is a board-level must – moving to cloud isn’t a tech project, it’s a strategic lever for agility, risk control and fiscal health.

Conclusion

Montshield Revive shows that a group weighed down by fragile, undocumented legacy systems can, in a disciplined 90-day sprint, move to a safe, compliant, cloud-native base without stopping work. By blending solid tech steps with clear change-management, the effort removed the risk-multiplier of old assets, built immutable protection, proved resilience with a fake attack, and locked in continuous governance via Microsoft Purview. The final set-up gives real-time analytics, searchable archives and a governance frame that lets the organization meet its duties, follow the law and chase future plans with confidence. The blueprint can be re-used by any firm that wants a quick, risk-aware digital shift at the crossroads of tech and culture.