Verdas Technology

info@verdastechnology.com +353 85 151 7413
VERDAS.
Contact
Dublin Accountancy Setup — Verdas Case Study
← Back to Case Studies
Microsoft 365

Dublin Accountancy Setup

A high-volume Dublin accountancy firm was operating without a properly configured Microsoft 365 tenant — using personal email accounts for client correspondence, storing sensitive financial documents on unmanaged local drives, and with no security policies in place. Verdas designed and deployed a secure, compliant M365 environment from the ground up, built to meet the standards expected by professional accountancy bodies and Revenue Commissioners alike.

Accountancy Office
45 Staff Migrated to Secure M365
100% MFA Adoption on Day One
2 wks Full Deployment Timeline
0 Data Loss Events During Migration
The Challenge

A Firm Handling Sensitive Data Without Adequate Safeguards

The practice had grown steadily to 45 staff but its IT setup had never scaled with it. Partners were using a mix of personal Gmail accounts and a poorly configured legacy email domain to communicate with clients — including sending unencrypted tax returns and financial statements.

A near-miss involving a misdirected email containing a client's personal financial data brought the issue to a head. The practice needed a professional, secure, and properly governed Microsoft 365 environment — fast.

  • Personal email accounts used for client-sensitive correspondence
  • No Data Loss Prevention policies — documents sent without encryption
  • Client files stored on unmanaged local drives with no access controls
  • No MFA — accounts exposed to credential-based attacks
  • No centralised IT administration or audit trail
  • GDPR compliance risk from unstructured personal data handling
Professional Office
The Solution

A Secure M365 Tenant, Built Right From the Start

Verdas approached this engagement as an architecture project first. Before a single licence was activated, a full tenant design was documented — covering naming conventions, security baselines, SharePoint structure, email flow, and DLP rules. This upfront discipline meant a clean, scalable environment from day one.

Phase 1 — Days 1–3
Tenant Architecture & Design

M365 tenant design document produced covering security defaults, admin roles, licensing, and information architecture. Custom domain verified and DNS records configured. Microsoft Secure Score baseline established.

Phase 2 — Days 4–6
Security Baseline & Identity Configuration

Azure AD configured with MFA enforced via Conditional Access for all users. Privileged identity management applied to admin accounts. SSPR enabled. Email authentication records (SPF, DKIM, DMARC) published to prevent spoofing.

Phase 3 — Days 7–9
SharePoint & OneDrive Deployment

SharePoint Online structure designed around the firm's client and department hierarchy. Permissions model applied with role-based access. Legacy local files migrated using SharePoint Migration Tool with integrity verification post-migration.

Phase 4 — Days 10–14
DLP, Compliance & User Onboarding

Microsoft Purview DLP policies configured to detect and block transmission of financial identifiers (PPS numbers, tax reference numbers) outside the organisation. All 45 users onboarded with training on secure file sharing and email best practice.

M365 Apps Deployed

The Full Stack, Configured and Secured

📧
Exchange Online
Secure email with anti-phishing, SPF/DKIM/DMARC
📁
SharePoint Online
Structured document management with granular permissions
☁️
OneDrive for Business
Personal secure cloud storage replacing local drives
💬
Microsoft Teams
Internal comms and client channel collaboration
🔐
Azure AD & MFA
Identity platform with Conditional Access and MFA
🛡️
Microsoft Purview
DLP policies to protect sensitive financial data
📊
Microsoft 365 Apps
Word, Excel, Outlook — fully licensed and managed
📋
Intune MDM
Device compliance policies for all firm laptops
The Results

Professional Infrastructure, GDPR Ready

Two weeks after engagement began, all 45 staff were operating from a clean, secure, and professionally managed Microsoft 365 environment. The practice's Microsoft Secure Score moved from an initial assessment of 24% to 87% at project close. The managing partner subsequently presented the new IT setup to their professional indemnity insurer, resulting in a reduced premium at next renewal.

  • Microsoft Secure Score improved from 24% to 87%
  • 100% of staff onboarded with MFA active on go-live day
  • All client files migrated to SharePoint with zero data loss
  • DLP policies blocking transmission of PPS numbers and tax IDs enforced
  • Professional indemnity insurance premium reduced at next renewal
  • GDPR data processing documentation updated to reflect new controls
Technologies Used
Microsoft 365 Business Premium Exchange Online SharePoint Online Azure Active Directory Conditional Access Microsoft Purview DLP Microsoft Intune Microsoft Defender for Office 365 SPF / DKIM / DMARC SharePoint Migration Tool SSPR

"We knew our IT setup was not where it needed to be but didn't appreciate how exposed we were until Verdas showed us. They turned it around in two weeks and the whole team took to it immediately. Our clients have commented on how professional our correspondence looks now and we sleep much easier knowing sensitive documents are properly protected."

— Managing Partner, Dublin Accountancy Practice

Need a Secure M365 Setup?

We'll audit your current Microsoft 365 environment and close every gap — fast.

Book a Free M365 Audit