white CCG.JPG

Canalini Consulting Group (CCG) provides full-service cloud-based solutions for law firms, associations, government agencies and for-profit enterprises. Based in our nation's capital, Canalini's seasoned team of Microsoft Certified experts including Solution Architects, Senior Consultants, Systems Engineers Project Managers, and Corporate Trainers provides customized technology solutions, optimal business process analysis and client-centered strategies.

Canalini works in partnership with clients to implement technological solutions to achieve strategic goals, reduce operational costs, and modernize long-term practices. CCG has its finger on the pulse of potential security risks and works with the growing demands of its partners to deliver best in class, leading edge results.


Our Process

Canalini's methodology is rooted in fundamental IT standards, fueled by a creative entrepreneurial drive and guided by an insatiable hunger to provide stellar customer service time and time again. 

By leveraging its resources in the Discovery Phase, Canalini's seasoned professionals take the time to understand the client's culture and process to increase productivity, efficiency, and security using the most current and effective approach.

Once the Discovery Phase is complete, Canalini focuses its efforts on the Design Phase to ensure a clear path to integration and implementation.

Following the Design Phase, Canalini works with the client during the Implementation Phase to educate, fine-tune and transition the organization to its cloud-based solution.

After implementation and migration, Canalini is available for support and any questions the client may have. Throughout each phase, the client has real time access to the project's status.

Who We Work With

CCG's clients are medium to large law firms, government agencies, and trade associations needing to increase their data security procedures, enhance their communication efficiencies, and reduce their expenses in hardware, outages, and time spent troubleshooting. By leveraging its Gold Partner Status for Cloud Platform with Microsoft, Canalini's team provides cost-effective and need-based solutions to its growing base of clients.

Services Offered

Whether you are looking to strengthen your security posture with Azure Multi-Factor Authentication Server (MFA), or deliver single sign on (SSO) with Active Directory Federation Services (ADFS), or reduce storage costs by implementing Azure StorSimple hybrid cloud storage, we can help. 

While CCG specializes in Azure and Office 365 implementations and migrations, our project portfolio is quite extensive. Here you can find just some of the products and technologies we can help your organization implement.


Professional Services

  • Office 365 end-to-end migrations for large and complex organizations originating from Microsoft Exchange and IBM Lotus Notes
  • Enterprise Mobility + Security (EMS end-to-end implementation)
  • Exchange Online Hybrid deployments and migrations for large organizations
  • Azure Active Directory Connect for hybrid cloud identity
  • Azure Application Proxy for protecting cloud and on premise applications
  • Azure Backup and Recovery Vault workload protection for on premise and cloud resources
  • Azure Infrastructure as a Service (IaaS) workload deployment
  • Azure Multi Factor Authentication (MFA) and MFA Server for security posture strengthening for cloud and on premise applications
  • Azure Information Protection (AIP) and Azure Rights Management (RMS) for data loss prevention
  • Azure StorSimple hybrid cloud storage
  • Advanced Active Directory assessments and hardening, including Microsoft Red Forest deployments
  • PCI and HIPPA Compliant


Canalini is now equipped with expertise of Power BI (Power Business Intelligence) - a suite of business analytics tools that deliver insights throughout your organization. You can connect to hundreds of data sources, simplify the data preparation process, and gather ad hoc analysis in a remore visually appealing and time saving manner. Produce clear reports that can be consumed by your organization on the web and across mobile devices. With a customized dashboard, you'll have a complete view of your organization with your specific governance and security needs built in.

On-Premise Microsoft Applications Training

Change is inevitable and can be extremely disruptive without the proper transition and training. As part of our mission, CCG aims to deliver disruption-free implementation including training for your team. Unlike most IT consulting firms who drop their clients off in the cloud, CCG’s Corporate Trainer guides teams through the new environment by way of three different options:

  • Full Service In-House Training
  • Train-the-Trainer
  • Hybrid Training (In House/Train-the-Trainer)

CCG’s methodology for engineering and training are the same: invest the time and resources in the discovery and design phase to ensure the highest level of service. Each course is customized to your culture and best practices.

Courses are available for Outlook2016, Skype for Business, OneDrive and SharePoint.

Case Studies

 Needs Assessment and Environment Relocation


About the Organization

This Washington, DC-based government agency has a staff of 30 and a five-member, non-partisan Board of Directors. The agency was experiencing the challenges of relying on hosting and IT solutions by another government agency.  Rather than jump into a migration and independent solution, the agency requested a Needs Assessment better understand the areas of focus and steps necessary to upgrade to a new and more secure technological environment.


As a government agency dealing with sensitive data, the agency knew that security and employee-centric procedures were essential to a smooth transition. With IT being housed in by another government agency, this agency could not make the necessary upgrades and didn’t feel the desired service response in order to make their changes. In addition, the agency did not have the resources, expertise or bandwidth to recommend or implement a Microsoft Azure solution.


Using the Needs Assessment Process, Canalini executed three phases (Evaluation, Assessment and Recommendation).  During the Evaluation Phase, Canalini analyzed the current environment, applications, compliance requirements, and best practices. With a focus in these, areas Canalini carefully considered the agency’s security requirements, regulatory compliance, high availability and disaster recovery needs, service level agreements, business criticality of applications, need priority regulatory compliance, and desired envisioned state goals.

During the Assessment Phase, Canalini conducted a Gap Analysis that identified deficits from the current to future environment including applications, network, operations and IT support. Canalini also reviewed the existing infrastructure owned by the agency and the future needs of the organization.

Following the Assessment Phase, Canalini developed and presented the agency with The Asset and Procedures Report, The IT Infrastructure and Operational Needs Assessment, Separation Recommendations and The Pain Point Priority List.


With clear reports and recommendations, the agency is moving forward with a precise plan to migrate to a new environment.

Physical Move with AD FS Deployment


About the Organization

This medical trade association has over 235 employees and a budget of over $50M+. They serve over 33,000 medical professionals throughout the country. As part of their modernization and upgrade, the association decided to move their offices from Arlington, Virginia to a brand-new location in Washington, DC.   


With an aging technological infrastructure, tightening office move deadline and a massive membership base to serve, the association’s employees and volunteers employees needed immediate access throughout the upgrade and migration.

Canalini was requested to assess the current environment, make upgrade recommendations and execute a seamless migration during the organization’s office move.


The Canalini team started with the Discovery Phase by assessing the organization’s current environment including applications and / or cloud services that will leverage new SSO capabilities, on premises design meetings and whiteboard sessions, new Active Directory Federation Services (AD FS) design Visio, and new multi-factor authentication design Visio.

During the Configuration Phase, Canalini executed the Azure Active Directory Federation Services including deploying the Azure virtual networks, configuring network security groups, associating network security groups with Internal subnet and DMZ subnet, creating connections from cloud to on-premises, creating Azure storage accounts, creating availability sets, deploying virtual machines and domain controllers, configuring AD FS, deploying internal load balancer for AD FS servers, configuring DNS for AD FS service and web application proxy servers, deploying internet facing public load balancer, and securing Azure virtual network.

Canalini worked ahead of the scheduled move date to ensure that  employees and members wouldn’t experience any disruptions on or before the schedule move date.


Prior to the transition day, Canalini crafted and orchestrated the communication strategy to provide explanation and instructions for the new interface. Canalini successfully migrated the client to their new environment prior to their expected move date to allow their team to focus on the mountain of boxes and physical files to put in place (unfortunately not everything went to the cloud!). The client

“Thanks for the welcome and for the great help you and your team gave us. Everything works well, indeed!”

Office 365 Migration and Training


About the Organization

This Alexandria, Virginia non-profit organization has been in business for over 70 years. With two lines of business and over 180 employees to serve, this organization has mountains of data and permission-based needs.


The organization requested Canalini for the migration of its servers to OneDrive and to ease the transition to a new platform, requested best practice and efficient training for Outlook2016 Skype for Business, and One Drive.  As a non-profit organization, budget and timeliness was paramount.


Canalini worked with the organization’s internal staff to ensure a thorough discovery of the current environment, and hosted on-site white boarding sessions to ensure a full understanding the new architecture changes as well as the overall migration roadmap. A Canalini Solutions Architect was on-site through this critical phase.

During the configuration and implementation phase, a Canalini team member was on-site to work closely to deploy the various components of the new environment, including making preparations for the training classroom and scheduling. During this phase Canalini worked with the client to produce a comprehensive user acceptance testing plan, and then ensured all tests were validated and the client was comfortable with proceeding to the migrationphase. Canalini engineers worked on-site and remotely through this phase.

During the migration and training phase, the Canalini Corporate trainer worked with the client’s administrative staff first to ensure they were able to support end-users. The corporate trainer then delivered the three methods of training for end-users on-site for 1 week. As users attend the courses the client determined when the users would be cut over (at the completion of training or a later date). Canalini cut over the batch of users at night and was on-site the following day to augment the helpdesk for support calls.


Canalini successfully trained and transitioned the client’s 180 employees. Employees were able to first learn in the classroom and then go back to their desk and start applying their knowledge in Outlook2016. By provided training content that was tailored to their culture and best practices, employees learned exactly what they needed. The corporate trainer was also available on site for follow up questions and additional training following the initial offerings.

Back Up System Assessment and Modernization (Microsoft Azure)


About the Organization

This law firm has over 350 attorneys and 145 support staff across their four domestic offices including Colorado, New York, Los Angeles and Washington, DC.


With a backup system in disarray, the law firm was paying over $30,000 a month for 300 terabytes of storage. The system was clunky and managed by a system that made it impossible to see what they were paying for.  It was taking days to back up files for their internal IT department. The CIO knew there had to be a better cost-effective and time-efficient way.


The CCG team worked behind the scenes to uncover the redundancies and bugs that were creating overcharging. Working in partnership with Microsoft, Canalini negotiated a freeze on billing until the issues were resolved. Canalini streamlined the backup process using Microsoft Azure to host the files in the cloud and increased security by modernizing the environment.


The back up process that used to take days now only takes a few hours. The $30,000 spent each month for the 300 terabytes of data was reduced to $8,000-10,000 a month for 90 terabytes. Canalini was able to reduce 70% of the file redundancy.

The law firm was thrilled with the savings and the uptick in efficiency.

Active Directory Security Risk Assessment and Remediation


About the Organization

This law firm is recognized as one of the largest law firms in Washington, DC with over 250 lawyers and a robust support team. With the approaching deadline of the ISO 27001 compliance requirements, the firm sought out Canalini to assess their current security risk within their environment and ensure its systems comply with the firm’s security policies and controls involving Active Directory Security Modernization.


As a highly respected law firm servicing high-profile clientele on sensitive issues in litigation, security and continuation of service was at the top of the law firm’s priority list. ISO 27001 compliance required heightened data security and safeguard protocols along with mandatory reporting if a data breach occurred. The firm was under a tight deadline and needed seamless execution for its clients and employees.


Using The CCG Process, the team started in the Discovery Phase by fully assessing the current environment. identifying potential threats, understanding key applications and building an implementation plan that successfully remedies the noted issues. Canalini also prioritized integral tasks ensure 27001 compliance.

Following the Discovery Phase Debrief Meeting with key points of contact, Canalini incorporated mutually agreed upon recommendations and remedies to develop an Implementation Plan with specific tasks and target completion dates.

The Implementation Plan consisted of four phases: Housekeeping, Modernization, Hardening and Close Out. Housekeeping involved assessment and clean-up of GPOs, permissions, stale users and computers; baseline security deployment with GPO; assessment and remediation of non-standard permissions on Domain partitions; enforce complex password policies with GPO and FGPP; and best practice implementation of domain time settings.

Modernization tasks included upgrading the ADFS Environment to 2016[ implementing protected user groups, SMB Signing, FGPP, Credential Guard; assessing on-premise applications for SaaS or PaaS options; deploying infrastructure components with respect to supporting a hybrid could environment; and assessing and federating non-AD integrated applications.

Hardening activities included assessing and converting service accounts to GMSA, disabling unsecure protocols (SMB v1, NTLM v1), implementing tier environment and authentication policy silos, implement Azure Privileged Identity Management, and implementing Microsoft SCM Templates for Domain Hardening.

During Project Close Out Canalini, presented findings and recommendations from the project and potential next steps.



The law firm was thrilled with their clear road map to compliance and requested Canalini to complete the Active Directory Security Modernization project.

Contact Canalini

Open and transparent communication is the key to our success and welcome your questions, comments, and feedback. Please let us know how we can help your organization achieve its goals!

Name *