TL, DR: Another focused week on our Office 365 Programme, Taking stock of where we have got to on our Cloud Journey and what next.
Who did you talk to outside your organisation?
- Phoenix/Microsoft — Mainly cloud standups and a fortnightly Microsoft AMP progress meeting. Timelines were re-baselined based on Microsoft AMP deliverable milestones a few weeks back and now waiting on Firewall delivery. Agreed that we would plan for 2 migration waves (2 weeks each) starting from mid-November.
- Attended NHSmail Shared Tenant IG Webinar & Weekly NHSmail Webinar — These sessions run regularly and are widely attended by NHS organisations up and down the country. Its usual to see 100+ Trusts with representation. NHSD feedback on progress, issues, new functionality and progress on their roadmap. Also an opportunity to raise questions/issues, usually these resonate with across the attendee base. Ive found these very useful and learnt from these sessions whilst other times felt assured that we are on the right track, not alone and some of our pains and challenges are widely shared, which means the driver for solutions to them also has collective weight. Kudos to NHSD staff who front these sessions, they face a wide remit of questions and challenges which they are mostly always well equipped to answer or take away.
- DELL/Gyrocom — Caught up with the account and tech lead to get a few answers on questions i had raised last week. More on this below.
What would you have liked to do more of?
We made a little progress on One Drive migration approach this week. Still waiting on delegate permissions via the NHSmail Service Desk the Team have been chasing regularly. The desktop user experience session was shorter than I would have liked this week, although we did have a different perspective thrown into the mix around control of the desktop workspace for users once we move users to O365. Really keen to get the O365 user experience mapped out so we can then layer up the associated training and comms which is really critical to the success of this migration.
What do you wish you could have changed?
Due to a culmination of circumstances this week the monthly Cyber Security Group meeting had to be pushed back this week. Slide deck was prepared in advance and ready, Suraj (Cyber Security Officer) continues to improve the content and how the information is presented. Was particularly looking forward to the outputs from our annual independent pentest report and an overview summary of recent and ongoing Cyber Security Toolset POC’s.
As we progress further on our cyber security journey I am hoping that we can do more collectively to raise the profile across the Group and engage more at an ICS level where we can share more and develop more in this space as other ICS have done elsewhere in the country.
What challenged me?
- Azure Express Routes — Received feedback from our Data Warehouse workstream (Simpsons/Phoenix) on the Cloud Programme that our bandwidth requirements for Azure and not likely to exceed the current VPN capability between now and November. Which is good news that its not impacted. However, it also indirectly nailed the coffin shut on alternate options. We will be waiting on Cisco Firewall delivery and implementation for early November. Part of me really wanted to maintain the pace we had been working on with our cloud migration journey. Just could not get past the hurdles.
On a positive note it gives the teams a bit of breathing space for other stuff on the backlog. Where does this leave us? So we are aiming to complete 2 cloud migration waves prior to the Christmas break which will leave us with a further 4 to complete in the new year before the end of our financial year in March. Still need to progress detailed planning for this, so we have ample time to get this done right.
- Sprint planning/prioritisation of the operational IT work plan — Have been discussing this with colleagues on how we could improve the process. Fundamentally we need a mechanism to make sure we continue to output the important stuff whilst being realistic with what we can do given the resources and time we have available in an agile manner. We need to develop a mechanism to gather metrics for our actual split of operational BAU to project work and gain visibility of everything that is having an impact on resource availability. And a funnel for new work coming into that work plan and the ability to say no not now when we need to or yes we can if we drop something else, eg. more informed decisions through visibility. Definetly going to be a topic we continue discussing with a view to improve and make us more agile in how we operate.
- Starters and leavers on NHSmail/O365 — Since Covid hit the NHS, most Trusts across the country have been making use of Teams and the SharePoint Online back end on the national NHSmail Azure tenant. I personally think this has been a huge success. Sometimes along the way you discover bits that are an after thought. Prior to N365, NHSmail starters and leavers was pretty straight forward, as you marked a user as a leaver and the recruiting NHS organisation would pick them up as a starter. Simples — your email address follows you through your career in the NHS. But now layer permissions to Teams Channels and SharePoint Collections…. Euston we have a problem as we can’t see these centrally in one place. Again not alone, and the clever chaps at NHSD are aware and all over it with hopefully a solution in sight soon. The interim workaround is a blunt tool.
What did you learn?
On my backlog for a few weeks now has been the SD WAN high level design for our new satellite office — Woodsend. This is new tech so lots of questions come up when pulling something like this together for the first time. Fortunately working with some good chaps from Gyrocom/DELL around a DELL/VMware Velocloud SDWAN solution. Learnt more about utilising Velocloud cloud Gateways for secure encrypted local internet breakouts and increasing the efficiency of network traffic between the satellite office and our Main Hospital Site. This works really well for trusted Microsoft O365 traffic. Also learnt more about the different firewall topology configurations as well as their pro’s and cons. Hoping this will allow us to make a more informed decision for our High Level Design. Below is the work in progress topology so far.
What did you enjoy?
- O365 Milestone Dependency — Not sure enjoy is the right word, but more a sigh of relief as Michelle our Patient Systems Manager informed us of the good news that UAT testing on new O365 compatible clients for our Patient Administration System have passed! Hooorahhh! This was by far our largest dependency for the O365 Programme and it means we will be able to start to deploy O365 into front facing/clinical areas (that approximately 2/3rds of the organisation). Everyone at CAB was briefed that there will be a new client rollout incoming in the coming weeks. This news made me smile and grateful for the teams involved in making this happen.
- Phoenix released our customer success story /case study this week. I must admit I was secretly dreading this, and had been wondering if they got anything useful from my interview a couple of months back and we have had many a jest over them since. If you follow my weeknotes, you’ll know this was way out of my comfort zone. I was pleasantly surprised and felt proud that collectively we had presented the vision for cloud at KGH really well. Also humbled that I had that opportunity to take part.
What did you achieve?
- Started the week with an Azure Sentinel Workshop session. Reviewed the technical outputs of the small POC we have had running for a few weeks and in particular cyber threat exploration based on the data captured. Phoenix will be outputting a report based on findings and some recommendations which will be presented back to a wider audience next month. Received the SOW for the next steps with Sentinel which will be a wider live deployment, which comes with further Microsoft AMP funding if our bid is successful for Sentinel.
- Reviewed data analysis work for AfE licence allocation with Emily, Ashley and Bhavesh. Some good work done, however it still has some gaps and is still being worked on for hopefully a final output next week. The objective here is to get to a master list of users who meet the criteria for AfE and those that will be left with an E3/R licence. This is essentially building on the work done earlier in the year where we mapped out our O365 dependencies.
- Fileshare migrations continued this week and the Team got another 11 over the line this week into SharePoint Online.
- Pulled together first draft of the Woodsend IT Delivery Plan — felt like a project manager again. Due to share draft next week. I used Project 2010 for scheduling, felt weird using the dated user interface after exposure to the O365 look and feel. Still a great app, and want to get my hands on Project 365, it really really beats spreadsheet project plans.
What are you looking forward to next week?
- Face to face building cultural bridges training — 2 half day workshop sessions, one of which is face to face and will be my first proper day back on site since shielding from Covid.
- NHSD are due to release an updated NHSmail roadmap, which will hopefully have more detail on additional functionality we are eagerly awaiting.
- Starting work on some update papers for Group Digital Hospital Committee due at the end of this month for an update on our Cyber Security Position and Progress on our Cloud Journey against our Cloud First Strategy set out in September 2020.