SMC was established in 2014 to plan, finance, build, operate, and maintain designated road projects on behalf of the NSW government - the largest being WestConnex, which is scheduled for completion in 2023.
As a relatively new organisation, SMC had no legacy information systems and has been able to leverage cloud and utility computing from day one. As a result, its IT department is lean and able to focus entirely on meeting the needs of the business rather than managing IT infrastructure.
"We are a complete as-a-service model. We do not own any IT assets, we are true utility-based IT. We consume all applications from the network to PCs to Office 365 through a digital model to give us flexibility going up, going down, allowing us to scale rapidly," Shaune Rosser, SMC chief information officer, explained.
This has allowed the team to focus on operational outcomes rather than the IT itself, and also ensures information services are delivered economically.
Having started with a cloud-first greenfields site, Rosser has also never been shackled by legacy, allowing him flexibility in terms of making continuous improvements to the IT environment.
While SMC employs under 300 people, the contractors hired to build different stages of the massive multi-year infrastructure project will engage a further 10,000 workers. Rosser has deployed a number of solutions to allow compliant collaboration and communication with contractors, including SharePoint, which is used to allow documents to be reviewed online.
Ensuring flexible secure access to information is a top priority, and SMC has completed a production pilot developed in association with Cubesys which leverages Microsoft Enterprise Mobility + Security and Office 365 to provide controlled, trusted access to data and documents.
Instead of requiring users with their own devices to load up mobile device management software before being able to access information, this more centralised approach delivers control without compromise.
Microsoft Enterprise Mobility + Security controls access and identity in the cloud; promotes identity driven security; securely manages mobile apps and devices; safeguards corporate data and allows secure collaboration; and manages desktop virtualisation.
"We were looking for a trusted partner that had depth and breadth when it came to understanding the Microsoft product suite and also worked with us on how we could best leverage that to optimise the business and seek efficiencies," Rosser said.
"One of our mantras is ‘big enough to deliver, small enough to care'. Partnering with Cubesys delivered personalised service, good staff, quick turnaround at the right price."
The Microsoft solution also supports Rosser's ambition to continually advance the technology strategy to align with the business, delivering the best solutions in order to allow one step change at a time.
"It was a case of how do we better optimise and stay on the forefront of technology to enable the business to have more productive and flexible working opportunities in a secure and robust manner," he added.
The production pilot was designed and completed rapidly, and deployed within a month.
Rosser said his focus with the project has been on preserving the organisation's mature security capability without having to sacrifice end user flexibility. Centrally managing access and security has also ensured the IT department is freed from tackling end user device issues.
The opportunity to use Azure Active Directory for single sign on and multi factor authentication has ensured information integrity with controlled access to the appropriate people.
In terms of the business outcomes Rosser said it's about "how to maintain your security posture and user flexibility - that's the bottom line."