Microsoft 365 deployment for Otbasy Bank — unified communications and security

Otbasy Bank engaged Awara IT to prepare and configure a Microsoft 365 tenant and deploy a secure, integrated communications platform for 1,500 employees. The engagement included a hybrid Exchange topology to preserve on-prem calendars while migrating mailboxes, deployment of Entra ID (Plan 1) for identity and access management, and rollout of Microsoft Intune and M365 Security E3 controls to standardize endpoint and mailbox security.

The outcome delivered a unified user experience across Exchange and Teams, consistent identity and device policies, and measurable improvements in security posture and operational efficiency. Awara IT handled tenant configuration, staged mailbox migration, calendar synchronization, and policy enforcement while working with the bank's IT and compliance teams to meet local controls and minimize user disruption.

Client / Industry / Country

Otbasy Bank is a universal banking and financial services provider headquartered in Kazakhstan, serving a national customer base with retail, corporate and treasury services. The project addressed the needs of approximately 1,500 internal users across branch and central operations.

Business challenge

Otbasy Bank operated a mixed legacy environment with on-prem Exchange and disparate endpoint security controls. The bank needed to modernize core collaboration and identity services to support hybrid work, improve security and reduce operational overhead without disrupting critical calendar and messaging workflows used across branches.

Key triggers for the project were calendar synchronization failures between Exchange and Teams, inconsistent application of device and mailbox security policies, and a desire to centralize identity management to support conditional access and MFA. Regulatory and internal compliance requirements demanded careful planning for data handling, retention and auditability during migration.

Why Dynamics 365 was selected

The bank selected the Microsoft cloud platform because it aligned with existing investments in Microsoft 365, Entra ID and Teams, and provided a coherent roadmap for future integrations with line-of-business systems. Choosing Microsoft technologies ensured a single-vendor security and identity model and reduced integration risk when expanding to other Microsoft services.

Although this engagement focused on Microsoft 365 components rather than Dynamics 365 applications, the chosen architecture preserves straightforward integration paths for Dynamics 365 Finance or Customer Engagement should the bank decide to migrate ERP or CRM workloads to Microsoft cloud services in future phases.

Modules implemented

• Microsoft 365 tenant provisioning and configuration
• Exchange Hybrid configuration and staged mailbox migration
• Teams configuration and calendar federation with Exchange
• Entra ID (Plan 1) deployment and user provisioning
• Microsoft Intune deployment and device compliance policies
• M365 Security E3 baseline configuration (conditional access, MFA)
• Retention and compliance policies for mail and Teams
• User empowerment and change management (training and documentation)

Integrations

• Hybrid Exchange integration between on-prem Exchange and Exchange Online
• Entra ID synchronization with on-prem AD (Azure AD Connect)
• Teams calendar federation and presence integration
• Intune integration with endpoint management and Windows Autopilot
• Single Sign-On to internal HR and banking applications
• SMTP relay and secure mail flow with existing on-prem gateways

Localization & compliance

Awara IT worked with the bank's compliance team to ensure policies and configurations meet Kazakhstan regulatory expectations and internal audit requirements. Data handling and retention policies were defined to support Russian and Kazakh language records, correct time zone settings for regional offices, and export controls relevant to financial data.

Where full local data residency in Kazakhstan was not available for specific Microsoft services, the team applied compensating controls—enhanced encryption, strict access policies and logging—to satisfy the bank's legal and internal risk standards while relying on Microsoft's compliance certifications for cloud services.

Business value

The Microsoft 365 deployment created a stable, auditable communications and identity foundation for Otbasy Bank. Calendar and mailbox reliability improved, reducing operational risk and helpdesk burden. Entra ID and Intune delivered consistent access controls and device compliance, allowing security and compliance teams to adopt conditional access and enforce MFA across the organization.

Operational gains included faster user provisioning and a standardized endpoint configuration that reduces time spent on incident remediation. The architecture also positions the bank to integrate future Microsoft cloud services, such as Dynamics 365 or Azure services, with minimal rework.