Screen-Shot-2022-10-18-at-12.02.47-pm
Industry Government
Date November 2025
Photos (3)

Enabling Secure Continuity for a Legacy Application

 

Keeping Critical Services Secure 

When a key legacy application reached its end of life, a state government department needed to maintain uninterrupted access to highly sensitive data for agency staff while isolating the application from corporate and internet-facing systems. Ensuring continuity and security without disrupting operations was the top priority. 

 Discover why Uniting NSW ACT chose AVD

Guided by Purpose and Governance 

The department had clear objectives: 

  • Reduce cyber exposure by separating the legacy application from broader infrastructure. 
  • Maintain statutory operational access for agencies. 
  • Deliver changes with minimal disruption and in line with governance. 

With these priorities in mind, the department partnered with cubesys to expand their Azure Virtual Desktop (AVD) environment securely, adding a dedicated host pool while retaining oversight and ownership of critical components. 

 

From Plan to Delivery 

The project followed a co-delivery model: 

  • The government department managed foundational networking, subscription and resource group setup, and database server build/configuration 
  • cubesys handled AVD host pool design, Windows 11 multi-session image creation, FSLogix profile integration on Azure Premium Files, monitoring, autoscaling, and onboarding into the existing managed AVD service. 

Key technical highlights included: 

  • New subscription and resource groups for logical separation 
  • RBAC (Role Based Access Control) configuration for controlled access 
  • Network security: NSGs, routing via Azure Firewall and ExpressRoute, and service/FQDN allowlists 
  • Application delivery as a RemoteApp rather than full desktop 
  • Integration with Microsoft Entra ID, conditional access (CA), and Multi-Factor Authentication (MFA). 

Learn about building secure work environments with AVD smart desktops

Securing Access, Reducing Risk 

The solution strengthened both operational and security outcomes: 

  • Segregated the legacy application, reducing risk exposure 
  • Enabled seamless access for agency staff without requiring complex workflows 
  • Established monitoring, autoscaling, and backup processes for better manageability 
  • Reduced logon times through optimised Windows 11 multi-session images with FSLogix profiles. 

Setting a Foundation for Modernisation 

The department now operates a secure, isolated environment that preserves statutory access to critical application data while reducing operational risk. cubesys’ role ensured the expansion was smooth, governed, and aligned with existing systems, allowing the department to confidently continue serving agencies requiring access to the sensitive data. 

Trusted Technology and Expert Delivery 

cubesys is a Microsoft Solutions Partner, trusted by government and public sector organisations across Australia. For this engagement, our solution included: 

  • Microsoft Azure network segregation for secure cloud infrastructure and environment separation 
  • Azure Virtual Desktop (AVD) for controlled and flexible access to critical applications 
  • Nerdio Manager for Enterprise for host pool management, monitoring, and autoscaling 
  • Role Based Access Control (RBAC) and application of Multifactor Authentication (MFA).  

This combination of trusted technology and expert delivery helped the department maintain uninterrupted access to a critical legacy application, reduce operational risk, and strengthen governance and security across their AVD environment. 

Get started with our Virtual Desktop - a road to adoption ebook