Skip to Main Content
Skip to main content
Mills Oakley

Mills Oakley streamlines secure access and saves a motza

In Melbourne, more than 150 years ago, the seeds were sown that would eventually grow into leading national law firm Mills Oakley.

With more than 100 partners and 700-plus staff, the firm today provides legal services to an array of organisations across Australia.

Maintaining the confidentiality of client information is a critical consideration – unauthorised access to data risks an enterprise facing significant fines and can seriously damage reputations.

Ensuring system access is properly controlled is therefore a critical requirement – particularly in the current environment where many people are working from home.

Mills Oakley recently switched on Azure AD Multifactor Authentication in order to manage systems access – and saved itself more than $100,000 into the bargain.

Any opportunity to save money is welcomed by IT leaders – especially this year. According to technology analyst Gartner[1], worldwide IT spending is tipped to plunge 7.3 per cent this year as firms pull in their horns post pandemic. A saving reaped from the IT budget in one area can be used to invest in other forward-facing initiatives.

Luke Kendall joined Mills Oakley as the firm’s chief information officer in 2019, charged with developing and executing a strategic plan for the firm’s approach to digital technology. His priorities were;


To enhance the end user experience, improve the information security posture, create operating efficiency, and also keep an eye on developing technology so we could build for tomorrow, for our staff and clients.

The move to Azure AD Multifactor Authentication (MFA) represented a win-win solution.

The genesis of the switch came from Kendall’s engagement of Olikka, a partner with deep expertise in the Microsoft stack, to provide additional support. During the scoping exercise Olikka realised that Mills Oakley was paying to use a third-party single sign on solution – but its licensing agreement with Microsoft meant that it could use the Azure AD Multifactor Authentication (MFA) system for no extra charge.

It meant, says Kendall; “We could leverage a technology we were already licensed for to deliver the same service and experience we were getting without having to pay an additional fee to a third party.”

Mills Oakley was able to end the agreement with the third party, Okta, and start using Azure AD Multifactor Authentication with no interruption for end users.

“In terms of MFA, it was very much around putting in best practice information security…and realising operating efficiency. The savings were sizeable. It’s a six-figure sum that we saved in enabling the Azure AD single sign on capability as opposed to leveraging Okta,” says Kendall.

“It’s incumbent on any CIO to extract maximum value from the investments you already have. So in that instance, it’s looking at, what are we pre-licensed for in the Microsoft stack? If we’ve got other technologies in place that compete with that, then you’ve got to do a like-for-like assessment. Does it have greater capability than we’re already pre-licensed for? If it does then perhaps you retain it but if it doesn’t, why wouldn’t we take it from the Office 365 and Microsoft piece?

“It’s maximizing those investments you’ve already made and fully leveraging them so that you’re getting the most out of your spend,” says Kendall.

Previously, user access to three applications – Ivanti, Lexis, NetDocuments – had been managed using Okta.

Olikka assessed and reviewed each application to check how they were integrated with Okta, and how users were assigned access to these applications. It also created some end-user communications on the changes to expect after the cutover, and documented change management and implementation plans to ensure all parties were informed on the exact changes that were going to be made, the tests that were to be performed following each change, and back-out steps – should they be required.

Olikka’s managed process, along with the three applications being available in the Azure AD Enterprise Application gallery (which contains more than 3,600 applications) allowed for simple setup and configuration of single sign on for those applications.

“There was no material end user impact. It was kind of one day you’re on platform A and the next day you’re on platform B and it all went quite seamlessly,” says Kendall.

The cost saving was the overwhelming motivation Kendall acknowledges, but the move also streamlined the IT infrastructure. It also simplified the user experience – the single sign on application that staff now use will provide the same familiar experience as accessing Office 365 services.  Not just a win for the IT budget, but a win for user functionality too.