Dynamics 365 Partner Case Study: Microsoft 365 E3 Rollout for BCC Bank

BCC Bank engaged Awara IT to run a pilot and then scale a Microsoft 365 E3 deployment across its Kazakhstan operations to improve operational efficiency and strengthen security for its corporate environment. The project began as a 1,000-user pilot and extended to a full-production rollout, culminating in a 6,000-user environment with centralized identity, device management and a hybrid Exchange upgrade.

Awara IT implemented the tenant, hybrid Exchange 2019, Teams and OneDrive integration, Entra ID (Premium P1) with SSPR, Conditional Access and MFA, and Intune Plan 1 for device management. The delivery reduced identity-related support demand, closed key security gaps and provided a repeatable model for future Microsoft ecosystem projects (including Dynamics 365 and Power Platform) across the bank.

Müşteri / Sektör / Ülke

BCC Bank is a Kazakhstan-based bank operating in the Banking & Insurance sector with a multi-thousand employee footprint in the country. The engagement covered corporate IT/ITSM and compliance & security functions across the organization and targeted a production user base that grew from a 1,000-user pilot to 6,000 users in full roll-out.

İş zorluğu

The bank operated a mixed cloud and on-prem environment with Google Cloud-hosted mail and legacy on-prem infrastructure for critical workloads. IT faced rising operational overhead from fragmented identity management, a lack of consistent device management, and limited modern authentication controls. For a regulated bank, these gaps increased operational risk and complicated compliance with local data protection requirements.

Specific triggers for the engagement included the need to: run a low-risk pilot to validate Microsoft 365 E3 capabilities; upgrade and standardize Exchange to a supported hybrid model (Exchange 2019); migrate corporate mail and files from Google Cloud; and deploy enterprise-grade identity and endpoint controls (MFA, Conditional Access, SSPR, Intune) to reduce account compromise risk and streamline onboarding/offboarding.

Neden Dynamics 365 seçildi

The bank selected Microsoft 365 E3 for its integrated identity, security and collaboration features—Entra ID capabilities, Conditional Access and Intune were decisive because they provided a unified control plane for user access, device compliance and data protection without requiring immediate wholesale changes to on-prem systems. The pilot approach reduced operational risk while validating the vendor stack in a regulated banking context.

Awara IT was chosen as the implementation partner because of demonstrated experience across the Microsoft stack. While this engagement focused on Microsoft 365 E3, Awara IT’s broader Microsoft practice (including Dynamics 365 and Power Platform) positioned the bank to extend workflows and core banking integrations in future phases using the same partner and platform governance.

Uygulanan modüller

• Microsoft 365 E3 (tenant configuration and governance)
• Entra ID (Azure AD) Premium P1 – SSPR, Conditional Access, MFA
• Exchange hybrid deployment and upgrade to Exchange 2019
• Teams and OneDrive integration and governance
• Intune (Plan 1) for device enrollment and compliance
• Data migration tooling and mailbox migration from Google Cloud
• Identity and access policies, role-based access controls

Entegrasyonlar

• AAD Connect for hybrid identity and on-prem AD synchronization
• Hybrid Exchange 2019 co-existence with on-prem mail flow
• Google Cloud Workspace mailbox and data migration
• Teams integrated with Exchange and OneDrive for collaboration
• Integration with the bank's existing monitoring/backup systems and IAM processes

Yerelleştirme ve uyumluluk

All design and operational controls were implemented in accordance with Kazakhstan banking regulations and the bank’s internal information security policies. The project ensured that sensitive customer data remained in approved locations or under approved controls, applied encryption at rest and in transit, and enabled detailed audit logging for regulator requests.

User-facing configurations respected local language and user experience needs while retention, e-discovery and data protection settings were aligned to the bank’s compliance requirements. The solution architecture allowed a mix of cloud and on-prem data residency to meet regulatory obligations while leveraging Microsoft 365 security features.

İş değeri

The engagement delivered a repeatable, bank-grade Microsoft 365 operating model: centralized identity and access reduced exposure to account compromise, Intune standardized device posture and reduced onboarding time, and the hybrid Exchange architecture ensured mail continuity while meeting data residency requirements. The migration from Google Cloud removed fragmentation and consolidated management into a single Microsoft tenant.

Beyond immediate operational gains, the completed project established a governance baseline and support contracts for infrastructure and information security. That foundation reduces time-to-value for future initiatives (including Dynamics 365 and Power Platform) because identity, device and data controls are already in place.