Transitioning to a security-first methodology and managed service
Background
The customer is a UK local council based in the South-West, responsible for delivering essential public services to residents, businesses, and community organisations.
Operating under tight budgets and high public accountability, the council relies on stable, secure, and well‑governed IT systems to support internal staff, frontline services, and digital‑first initiatives.
Due to the sensitive nature of their public sector operations, their name has been
withheld for confidentiality.
The Challenge
Before partnering with D2NA, the council had been working with a long‑standing incumbent IT provider. Over time, several issues emerged:
- Slow and inconsistent Service Desk response times
- Minimal emphasis on security, leaving the council exposed to modern cyber threats
- A lack of proactive improvement or strategic roadmapping
- Poor visibility of IT performance and limited communication
- Rising costs through inefficient licensing and Microsoft 365 usage
These challenges led to declining confidence across council departments and growing
concern around the resilience and security of the council’s IT environment.
These challenges led to declining confidence across council departments and growing concern around the resilience and security of the council’s IT environment.
The Solution
The council selected D2NA after recognising the need for a partner who could deliver not only reliable Managed IT Services, but also a modern, security‑led approach that their incumbent provider had not prioritised. From day one, D2NA applied its Security‑First methodology, underpinned by the CyberAscend Framework, to stabilise operations and introduce a structured roadmap for security maturity.
A Structured Security‑First Transition
- Unlike the previous provider, who had offered minimal strategic guidance and limited security oversight, D2NA approached the takeover with a clear and methodical lens:
- Conducting an evidence‑based review of the council’s Microsoft 365 tenancy, identity policies, endpoint standards and cloud configurations
- Establishing a baseline of inherited risks, misconfigurations and technical debt
- Prioritising remediation activities using CyberAscend’s maturity pillars
- Realigning ticket logging processes to ensure every incident and request flowed through a secure, governed process
Results and Impact
The council saw rapid and meaningful improvements across its IT service landscape:
- Significant uplift in Service Desk performance, with staff reporting faster responses and quicker resolutions
- Security posture strengthened, with several inherited risks remediated through the CyberAscend framework
- Cost savings achieved through smarter Microsoft 365 licensing and increased adoption of built‑in productivity tools
- Improved stability across core systems and devices
- Greater trust and transparency, enabled by clear communication and proactive support
Why D2NA?
The council highlighted several reasons they chose D2NA as their long‑term partner:
- Strong security expertise and the structured CyberAscend methodology
- Transparent communication and dependable service delivery
- Clear strategic guidance aligned with public‑sector governance needs
- Proactive attitude toward problem prevention and continuous improvement
- A partnership-driven approach rather than a transactional service model