Multi-country enterprise cloud migration — 220 business-critical workloads moved across three waves, with a production-grade landing zone built as infrastructure-as-code and FinOps discipline established from day one. Zero business-impacting incidents during the migration.
The operator ran a diverse enterprise IT estate across multiple countries — ERP, CRM, industry-specific applications, end-user computing, and development environments — hosted across two aged on-premise data centres. Hardware was approaching end-of-support and a capex refresh cycle would have required €2.1M of capital investment within an 18-month window.
The board's preferred alternative was to move the estate to public cloud before the refresh cycle forced the capital commitment. The CIO had run smaller cloud projects before but nothing of this scale, and the internal team had limited hands-on experience with modern cloud operating models.
The programme faced three substantive risks. First, the workload estate was heterogeneous — ERP (SAP and Dynamics), custom applications built in three different technology stacks, EUC, development environments, and a set of older applications whose ownership was initially unclear. Second, the business had low tolerance for migration-induced disruption — operations ran around a month-end cycle that could not be interrupted. Third, the CFO had explicit concerns about cloud cost control, informed by industry reports of cloud spend running 30–50% above projections after migration.
The engagement was structured in three waves. Wave 1: non-critical workloads (development, test, internal tools, older applications). Wave 2: enterprise applications (ERP, CRM, supporting systems). Wave 3: remaining production workloads including EUC. Each wave was a separate fixed-scope engagement with acceptance criteria.
The landing zone — the production-grade cloud foundation — was built as infrastructure-as-code in the first eight weeks, before any workload was migrated. Identity, networking, policy, logging, cost management, and security baseline were all codified. Every subsequent workload inherited the governance model.
FinOps was established from week one, not retrofitted after migration. Tagging standards were enforced at deployment time. Monthly showback reporting to finance began in month two. Reserved-instance purchases were timed against the migration curve. Cost was a primary design input, not a post-hoc concern.
"The programme delivered what we'd been told was impossible. Most of our peers have cloud bills that are higher than their on-prem TCO was. Ours is meaningfully lower — because FinOps was treated as a delivery discipline, not a future optimisation."
— Chief Financial Officer, operator · [VERIFY]Wave 1 (month 1–4): 92 workloads migrated — development, test, and older applications. Every workload provisioned through the IaC landing zone. First FinOps report to the finance team produced in month 2.
Wave 2 (month 5–8): 68 enterprise workloads migrated — ERP, CRM, HRIS, document management. The most complex wave. SAP and Dynamics required coordination with the respective application support teams. Month-end cycles were preserved — migration cutovers were all scheduled outside month-end windows.
Wave 3 (month 9–11): 60 remaining workloads — EUC, specialised applications, disaster-recovery environments. Azure Arc was deployed to bring a subset of workloads that needed to remain on-premise into the same management plane.
All 220 workloads migrated to Azure with zero business-impacting incidents. Month-end cycles ran uninterrupted throughout the programme. Post-migration cloud run-rate, annualised, was 31% below the pre-migration on-prem TCO — driven by a combination of rightsizing (workloads were over-provisioned on the old infrastructure), reserved-instance commitments, and consolidation of disaster-recovery environments.
Provisioning time for new workloads — a proxy for operational agility — dropped from an average of 11 working days on the legacy infrastructure to under 2 hours on the landing zone. The €2.1M capex refresh was avoided entirely.
Microsoft Azure (all regions within Europe), Azure Arc for hybrid workloads, Terraform for infrastructure-as-code, Azure Policy for governance baseline, Microsoft Defender for Cloud, Azure Monitor and Log Analytics for observability, Veeam for backup, custom FinOps dashboard.
90 minutes, no slides. A senior partner, your relevant executive, and a whiteboard. We frame the opportunity, the risk envelope, and the engagement shape — then agree whether there's a fit before any proposal is drafted.