The starting point: Move2Azure

Fost Plus began its cloud journey in 2018 with a strategic exercise. "Our organization is driven by data," says IT Manager Shanna Cloet. "At that time, our data was still scattered across various platforms. The question arose: wouldn’t it be better to centralize this data in the cloud?"

The answer to that question was a resounding yes. At the beginning of 2019, Fost Plus, together with IT partner Inetum, began preparing the migration process, and later that year, they officially transitioned to the Azure cloud. "Since then, we’ve continuously brought new elements into the cloud," explains Shanna Cloet. According to her, the organization has undergone a true tsunami of innovations, ranging from a new BI platform and CRM system to a new solution for identity and access management (IAM). "This extensive digital transformation wouldn’t have been possible if we had to implement all these innovations on-premise," she adds.

Becoming more data-driven and secure

As of 2024, Fost Plus is almost entirely in the cloud. The key driver of this transformation was delivering added value to internal and external stakeholders. Not surprisingly, the many new possibilities offered by the cloud, along with the use of modern cloud services, were two of the main reasons for initiating the Move2Azure project. "Our goal was to work in a more data-driven and secure way. We felt that the cloud could support us in achieving this."

Additionally, there was a practical motivation to move to the cloud. "Several hardware contracts were nearing expiration," explains Shanna Cloet, "and the cloud provided a viable alternative. However, the main reason remained the greater capabilities we gained in the cloud, which weren’t possible with our old on-premise infrastructure."

New challenges

With the numerous benefits of the cloud came a host of new challenges. "Various IT management activities that we had handled on-premise for years, and with which we were very familiar, needed to be approached differently in the cloud." Shanna Cloet uses the example of managing roles and responsibilities. "In Microsoft Active Directory, this is done differently than in Azure Entra ID. You have to familiarize yourself with the new directory structure, define new policies, develop new best practices, and so on."

"Anyone who has ever undergone a cloud migration project knows that, in a way, you’re starting from scratch again," summarizes the IT Manager. Moreover, the cloud landscape in general—and Microsoft’s cloud environment in particular—continues to evolve at a rapid pace. "We’ve been working with Inetum for some time now," says Shanna Cloet. "From that trusted relationship, we chose to develop a long-term vision with Inetum to best prepare Fost Plus for a future in the cloud." Together, Fost Plus and Inetum developed a cloud and security roadmap: starting with an assessment and based on 18 concrete topics divided into three categories: assets, identities, and security.

Data-driven approach

"As a starting point, we had to, for instance, inventory our hardware and software assets," recalls Shanna Cloet. "Of course, it’s important to know what your assets are. Data is a particularly crucial asset for us as a data-driven organization. But for me, it doesn’t stop there. I believe people are equally important assets. And I think they’ll become increasingly significant in the cybersecurity story."

The identities category, in essence, also relates to people. "With around 70 employees, we’re not a particularly large organization. However, our network of stakeholders includes many identities, and we need to provide them with secure access to our service platform."

Defining projects

Within the 18 topics, Fost Plus distinguishes between a standard level and two more advanced levels. "This categorization is based on a framework Inetum developed, inspired in part by European NIS guidelines for cybersecurity," explains Shanna Cloet. "The elements at the standard level are things you must address. If you don’t, you expose yourself to various cyber risks."

Additionally, Fost Plus identified a number of quick wins based on its score in each of the 18 topics. This enabled the organization to define nine concrete, well-defined projects. After delivering the roadmap at the end of 2022, Fost Plus began implementing these projects. By 2023, successful projects had already been completed around user awareness, penetration testing, and monitoring. In 2024, disaster recovery, identity and access management (IAM), and vulnerability management were on the agenda. For 2025, asset management, risk management, and data classification are planned.

The cherry on top: LiveSOC

"You simply can’t do everything at once," concludes Shanna Cloet. "The cloud and security roadmap from Inetum has already helped us set the necessary priorities." As the cherry on top, Inetum now provides round-the-clock security monitoring. "From their LiveSOC in Spain, Inetum monitors our operations 24/7 for potential threats and incidents. Knowing that the company is helping to keep an eye on our IT environment provides me, as IT Manager, with peace of mind."

Want to learn more?

Are you facing similar challenges and want more information about our cloud and cybersecurity solutions? Feel free to contact us via info.belgium@inetum.com.