Three Dutch cities build an alliance on the Microsoft cloud
By Microsoft on April 21, 2017
Filed under Microsoft CityNext
Duo+ is an alliance of three cities in the Netherlands that have joined forces to collaborate administratively. Their goal is to better deal with the impact of new laws, and with the added workload and costs that were the result of taking over many governmental responsibilities passed down from the national government. Faced with more work and limited budgets to get it done, sharing the load made sense. To make their alliance work, however, the municipalities of Uithoorn, Diemen, and Ouder-Amstel needed to merge their IT infrastructures into a single new architecture. For help with that, they turned to Dutch IT service partner InSpark and Microsoft Azure cloud services.
When three cities in the Netherlands decided to combine forces to become more administratively effective, they realized they would need to merge their three separate IT infrastructures into one single new architecture. To accomplish that, the three cities, together known as Duo+, turned to the cloud.
Duo+ is an acronym that combines the first initials of the three municipalities it includes—Diemen, Uithoorn, and Ouder-Amstel. The three cities have come together to deal with current political and administrative realities in the Netherlands, which have left local governments with more responsibilities, but no extra budget. To make sure municipal staff could work together efficiently, the municipalities needed to merge three separate IT infrastructures into a single new architecture.
It helped that the three cities are geographically and politically compatible. All three cities are relatively small—Diemen has a population of 26,975; Uithoorn, 29,097; and Ouder-Amstel, 13,421. And they share many of the same issues that smaller cities have—small workforces, small budgets, and bigger neighbors.
But the primary reasons had more to do with gaining efficiencies from combining forces to meet ever-greater demands on limited human and financial resources—a goal that depended on IT infrastructure consolidation. Planners had agreed from the start that they would be using the cloud, with the aim being a mobile-first, app-driven solution that would be available anywhere, anytime, and on any device. For that effort, Duo+ turned to InSpark, a Dutch company that had just won the 2015 Microsoft Government Cloud Partner of the Year Award, and which brought advanced expertise in cloud solutions for the public sector.
The biggest challenge that Duo+ faced was figuring out how to build a new hybrid cloud IT environment to accommodate about 800 users spread over three sites while ensuring worker mobility. That led InSpark to think cloud-first, with a focus on mobile platforms.
“Agility was a driver,” says Maarten Goet, Managing Partner, InSpark. “It was important that Duo+ have a secure platform that provided service for all three municipalities. They didn’t want to have a lot of up-front costs, so it made sense to start looking at pay-per-use models, such as Azure, and to embrace the pace of innovation that the cloud brings. They needed to do more with less. Being a government, they get budget cuts every time. So they figured that the cloud could help with their costs too.”
Duo+ opted for an infrastructure made up of existing Microsoft technologies, which meant planners were able to quickly agree on a high-level design. An added benefit to a cloud strategy is that the alliance can take advantage of new technology as soon as it becomes available.
Because security was important, InSpark took advantage of the Microsoft Enterprise Mobility + Security (EMS) suite, specifically of Azure Active Directory and Microsoft Intune. The hybrid cloud solution is based on Azure Active Directory Premium and Microsoft Azure infrastructure as a service (IaaS).
Azure Active Directory offers increased security with single sign-on and self-service identity management capabilities, as well as multi-factor authentication for user sign-ins and transactions to add another security layer. Beyond that, it provides highly secure remote access to on-premises apps without using a virtual private network (VPN); identity protection with machine learning–based threat detection and calculations of risk severity for user and sign-in attempts; risk-based conditional access; and discovery and restriction of privileged identities and their access to resources. Data storage, fallback options, backup, and recovery are all taken care of using Azure Storage, Azure Site Recovery, and Azure Backup. The solution relies on the Microsoft Operations Management Suite (OMS) to manage and secure the hybrid cloud. And it includes Office 365, for business and collaboration tools.
The on-premises portion of the solution, which runs in Uithoorn, is built on Microsoft Hyper-V and Windows Azure Pack. Hyper V offers flexible guest VM support on private hardware with increased security and built in resilience and failover, live VM migration, and import capabilities for a number of other virtualization technologies. Azure Pack offers an easy-to-use web interface with self-service provisioning and control of virtual machines, websites, database as a service, and more.
Workplaces and apps are managed centrally using Microsoft OMS and Microsoft Intune, which enables automated installation of the Windows operating system on all devices. Apps and settings can be installed and configured from one central location. The easy, highly secure access extends to tablets and smartphones, thanks to integration with Intune.
A big project, still in the works
The entire project took a little more than two years. The first big step was moving all IT staff members in the alliance to unify them in a separate project office. That took about six months, after which the building part of the project began, including migrating the three Active Directory domains of the three towns to the central domain. That took another 18 months.
“The project was by no means done, but it was functional enough for the three cities to actually use,” says Andre De Vet, Coordinator of ICT Services for Duo+. “We never had to close, not even for a single day. We’re quite proud of that.”
With the major project work and consolidation done, the solution is mostly up and running. Some of the focus now is on Office 365 Secure Score, a Microsoft service that will help Duo+ gain insight into how security is being managed and offer tips to improve it.
Success has meant big changes
De Vet says the project has brought several positive changes, but the most noticeable difference has been realizing the goal of “any device, anytime, anywhere” access for remote and mobile workers. “To give an example, I’m now using Skype to join and make calls, and when I make a call from home, the system shows me as busy. There is virtually no difference between me working at home and being in one of the offices.”
Duo+ leaders are delighted with the results so far. So are IT workers. “Everyone on the IT team has an easier time of it. We’ve consolidated a lot of our back-end resources to Azure hosts, which makes things simple in the sense we don’t need to think about backup power, because Azure backup has it covered.”
Things have gotten better for the rest of the workforce as well. De Vet says, “Now, if you need to collaborate with one of the other cities on, for instance, a new road works project, you just grab your laptop, go to the meeting, and do the task without having to worry where you are.” He concludes, “We went into this project knowing that we needed to build a new IT baseline infrastructure that integrated our on-premises environment and the cloud. The express purpose was to enable all colleagues to not only work together, but do the same work everywhere. Our Azure hybrid cloud strategy has helped us succeed.”