Building the IT Foundation for a Multi-Country Practice

The company

A specialist cyber risk consultancy headquartered in France, with a growing team across Germany, the UK, the United States, and Switzerland. The company employs approximately 25 people across delivery, sales, marketing, training, development, and administration. Its clients include large enterprises and regulated organisations across Europe and North America, and its consultants regularly handle sensitive client risk data.

The workforce is predominantly Mac-based, with Windows 365 Cloud PCs used to rapidly onboard contractors and provide flexible desktop environments for specific roles. The company also designs and operates its own Azure-based web applications as part of its service delivery platform.

We protect our clients’ privacy by default. The details in this case study are anonymised, because we secure our clients’ identities the same way we secure their data.

The challenge

This company engaged Tarbh Tech early, not because something had gone wrong, but because the co-founders recognised they were building a practice that would quickly outgrow ad hoc IT. They had the right instinct: get the foundations right before scale makes it painful.

The business was growing quickly. New consultants were being hired across multiple European countries and the US. Contractors were being brought in for specific client engagements. The co-founders were handling IT themselves — purchasing devices, configuring accounts, managing licences — on top of running the business and delivering to clients. A new starter in France would end up with a different device configuration to someone in Germany or the US, because there was no standard process.

The macOS-dominant environment narrowed the field of potential partners. Many managed service providers in the European market are built around Windows and Active Directory. The consultancy needed a partner that could manage Apple devices natively — enrolling, patching, and enforcing compliance across macOS — without trying to reshape the environment around Windows tooling.

Geography added complexity. With staff in five countries and two languages in daily use, the company needed support that worked across time zones and language barriers. They also needed a telephony solution that would give them a professional, local presence in each market.

The co-founders also needed to move quickly when onboarding contractors. Shipping a physical laptop to a contractor for a three-month engagement in another country was impractical. They needed a way to provision a secure, managed desktop environment in hours rather than weeks.

What we did

The engagement began with a full environment audit covering the Microsoft 365 tenancy, device inventory across all five countries, licensing analysis, security posture assessment, and user workflow mapping. The Azure application estate was reviewed for integration points with Microsoft 365, and application permissions and consent grants were documented.

The security baseline was deployed within eight weeks. Microsoft 365 Business Premium was optimised with a tiered licensing model. Entra ID P2 was deployed with Conditional Access and MFA enforced without exception across all five countries. Microsoft Intune enrolled all endpoints with compliance policies across the full macOS and Windows 365 Cloud PC fleet.

A centralised device provisioning model was established: all new laptops are built, configured, enrolled in Intune, and shipped from a single location in Ireland — regardless of which country the end user is based in. Windows 365 Cloud PCs were deployed for contractor onboarding, providing a secure managed desktop environment provisioned in hours with no hardware shipment required.

The Defender XDR suite, Blackpoint Cyber MDR, advanced email threat protection, and Microsoft Sentinel with custom detection rules were deployed across the entire estate. Teams Phone was deployed with language-specific local numbers across multiple countries.

The results

The security baseline was in place within eight weeks. But the more significant outcome is what this foundation has enabled: the company can now scale its headcount, enter new markets, and onboard contractors without IT becoming a bottleneck.

When a new consultant joins in Germany or the US, they receive a centrally built MacBook shipped from Ireland — compliant, encrypted, monitored, and enrolled from the moment they open the box. When a contractor is engaged for a specific client project, they receive a Windows 365 Cloud PC within hours.

The Teams Phone deployment gave the company a local presence in each market. Language-specific numbers mean clients reach a local number in their own language. For a practice actively expanding into new geographies, this was a practical accelerator.

In the most recent month, 24 security incidents were detected and triaged. The email protection platform mitigated over 4,500 threats including 45 phishing attempts and 24 VIP impersonation emails. Microsoft Secure Score sits at 75%, compared to the 51% industry average.

The co-founders no longer carry the IT burden. Support cases are logged, tracked, and resolved through a dedicated helpdesk in English and French. When enterprise clients ask about security posture during supplier due diligence, the answer comes with evidence.

Where things stand today

The company is on COSAINT Managed. The monthly service includes full Microsoft 365 and Intune management across macOS and Windows 365 Cloud PCs, Defender XDR monitoring, 24/7 SOC triage, advanced email threat protection, Microsoft Sentinel with custom detection rules, Teams Phone administration, automated monthly reporting, and bilingual support.

Current priorities include further expansion of Teams Phone as the company enters new markets, refinement of Sentinel detection rules, ongoing support for the Azure-based application platform, and alignment of IT controls with evolving enterprise client audit requirements.