Electrical Wholesale Cloud Management

The Company

A fast-growing electrical and lighting wholesale distributor based in the south-east of Ireland. The company supplies electrical contractors, lighting designers, and construction firms across the region, and had been expanding steadily — adding headcount, broadening its product range, and increasing its supplier network.

Like many Irish SMEs, the company’s relationship with technology had been pragmatic: buy what you need, set it up enough to work, and get back to running the business.

How It Started

Tarbh Tech’s relationship with this client began with a referral from a Microsoft partner that was exiting licence sales. For the first year or so, it was exactly that — straightforward Microsoft 365 licence provisioning, with the occasional support request around mailbox archiving or email delivery issues.

The founder’s original approach to M365 had been simple: purchase licences, and done. No security configuration, no management layer, no monitoring. Security defaults may not even have been enabled. Licences were assigned, but the tenant was essentially out-of-the-box — the digital equivalent of buying a house and never changing the locks.

As the business grew, two things changed. Email threats increased — phishing attempts, credential harvesting, and supplier impersonation became regular occurrences rather than occasional nuisances. And IT issues started to impact profitability. Time spent troubleshooting printing, chasing account problems, and manually processing supplier invoices was time not spent selling.

What We Found

When Tarbh Tech moved beyond licence sales and into the environment properly, the picture was familiar but concerning.

No security baseline. MFA was not enforced. Conditional Access policies did not exist. There was no email protection beyond Microsoft’s default filtering — no anti-phishing rules, no safe links, no safe attachments. The organisation had Microsoft 365, but none of its security capabilities were in use.

Printing was a constant source of frustration. Every printer was configured via direct IP addressing on individual computers, with multiple drivers installed across the fleet. The network ran DHCP, which meant that unless everything was perfectly aligned — IP reservations, driver versions, network stability — printers would intermittently drop off. It was the kind of low-grade, persistent IT pain that consumes disproportionate support time and erodes trust in “the computers.”

Invoice processing was manual and error-prone. A major supplier’s invoices were complex — multi-line, variable formatting — and entering them into the accounting system was time-consuming and prone to mistakes. Every error meant a reconciliation problem downstream.

No user lifecycle management. New starters were set up ad hoc. Leavers’ accounts lingered. There was no consistent onboarding or offboarding process.

What We Did

COSAINT Essentials — the managed cloud baseline

We deployed the COSAINT Essentials service across the organisation, establishing the managed cloud baseline that had been missing since day one:

Identity and access. MFA enforced across all users without exception. Conditional Access policies configured to control how and where corporate data can be accessed. Security defaults replaced with a proper, managed policy framework.

Email protection. Anti-phishing policies, safe links, and safe attachments deployed across all mailboxes. Critically, this gave the organisation its first real defence against the supplier impersonation and business email compromise (BEC) attacks that had been reaching inboxes unchallenged.

User lifecycle. Standardised onboarding and offboarding workflows — new starters provisioned consistently, leavers’ access revoked promptly with appropriate mailbox retention.

Cloud backup. Exchange Online and SharePoint/OneDrive backed up, providing a recovery point independent of Microsoft’s native retention.

Ongoing management and reporting. Monthly reporting gives the owner clear visibility into the security posture, licence utilisation, and any incidents — without needing to become an IT expert.

Printix — cloud print management

We deployed Printix to replace the direct IP printing setup entirely. Printix manages printer discovery, driver deployment, and print routing from the cloud — no print server required.

The impact was immediate: printers are discovered and configured automatically, driver management is centralised, and the DHCP-related connectivity issues that had plagued the business simply stopped. New employees get access to the correct printers as part of their onboarding, and printer changes (additions, relocations, replacements) are handled centrally rather than requiring desk-by-desk driver reinstallation.

Due to the company’s location, they continue to deploy and set up PCs themselves. Printix bridges that gap — even with local hardware setup, print management is cloud-managed and consistent.

Document Intelligence — automating supplier invoice processing

The manual invoice processing bottleneck was addressed with Microsoft’s Document Intelligence (Azure AI). We built a custom model trained on the major supplier’s invoice format to extract line items, quantities, pricing, and reference numbers automatically.

What had been a time-consuming, error-prone manual process — reading complex invoices and keying data into the accounting system — became a largely automated workflow. The extracted data is validated and pushed into the accounting system with minimal human intervention. Processing errors dropped, reconciliation became simpler, and the accounts team got time back for higher-value work.

Ongoing: The Supplier BEC Problem

One aspect of this engagement that deserves particular mention is the recurring threat of business email compromise via compromised suppliers.

This is not a theoretical risk. Supplier accounts in the electrical wholesale sector get compromised with uncomfortable regularity. When a supplier’s email account is taken over, the attacker uses the legitimate relationship — and the legitimate email thread — to redirect payments, request bank detail changes, or send malicious attachments. The emails come from a trusted address, in the context of an existing conversation, making them exceptionally difficult for an untrained user to identify.

COSAINT Essentials provides the frontline defence: email protection catches many of these attempts before they reach an inbox. But when a new supplier compromise occurs — and they do, regularly — Tarbh Tech steps in directly. We investigate, block the compromised sender, notify the client, and where appropriate, notify the supplier that their account has been compromised.

This is the reality of managed security at the SME level. It’s not just about configuration and monitoring — it’s about having someone in your corner who responds when a real threat materialises, even on the entry-level service tier.

The Results

The transformation from “buy licences and done” to fully managed cloud operations has been significant:

Security posture moved from effectively zero to a proper, monitored baseline. MFA is universal, email threats are filtered and responded to, and the recurring supplier BEC attempts are caught and managed rather than landing in inboxes unchallenged.

Printing went from a persistent, productivity-draining headache to something that simply works. The support calls stopped. The frustrated users stopped.

Invoice processing went from a manual, error-prone bottleneck to a largely automated workflow, freeing up the accounts team and reducing reconciliation errors.

User lifecycle is consistent and prompt — starters get what they need quickly, leavers don’t retain access they shouldn’t have.

The owner’s perspective, summarised: peace of mind over security issues, and the capability to identify business improvement opportunities through stability enhancements and automation. IT went from something that generated problems to something that quietly enables growth.