Last month, a Senior Director called me at 8:30 AM. Their Hybrid AD rollout had disrupted authentication; the users could not sign in consistently through EntraID or AD. Incident tickets were piling up, the service desk was overwhelmed, and productivity across departments was hampered. Meanwhile, the CFO and CIO, who had signed off on a six-figure initiative to “modernize endpoint management” were asking why the organization was still maintaining ConfigMgr, and when will the return on investment be realized by moving to Microsoft Intune.
"We did everything right," he told me. "We followed Microsoft's roadmap. We hired consultants. But now we're in no better shape than before we started. Our progress is slow, and we need to move this forward faster with less disruptions"
This is what the 'messy middle' actually looks like - that gap between a clear plan and getting it done. Not a funding problem or strategy gap, but a Tuesday morning crisis that makes your worst fears real and derails both your transformation project and your daily operations.
Here's what nobody tells you when you're planning your modernization journey: The problem isn't legacy technology, it's that modernization requires running two fundamentally incompatible systems simultaneously during the transition while keeping everything working.
I've watched dozens of organizations attempt this transition, and the pattern is remarkably consistent. The roadmap looks clean: migrate from on-premises AD to Entra ID, shift from SCCM to Intune, consolidate security tools under Microsoft Defender, eliminate VPN dependencies. Six months, maybe nine. Straightforward.
Then reality hits.
You discover that Finance is running applications that require Internet Explorer mode with dependencies on specific legacy setting Group Policy Objects (GPOs) that conflict with modern security baselines. Marketing's creative team needs local admin rights that violate your security best practices and zero-trust architecture. The warehouse uses handheld scanners that can't authenticate against Entra ID without a complete hardware refresh.
And that's just identity and device management. When you factor in overlapping security tools. Legacy antivirus that can't be removed until Defender is fully deployed, but Defender can't be fully deployed until you retire SCCM, which you can't do until all endpoints are in Intune the dependencies become exponential.
Your team knows exactly what needs to happen. The roadmap is crystal clear. But between here and there is eighteen months of dependencies, migration risk, and zero margin for downtime. That's not a technology problem—it's a capacity problem masked as a technical challenge.
After helping organizations work through these transitions, I've identified three factors that separate successful modernization from projects that stall in the messy middle.
Most migrations fail not because of technical complexity but because nobody has the time or mandate to map and manage the dependencies. Every organization I've worked with underestimates this by a factor of three.
➡️Case 1: We recently worked with a client who wanted to accelerate their Intune adoption. When we mapped dependencies, we found 17 applications with dependencies on Group Policy Objects (GPOs) - not legacy applications, but current business tools that Finance, HR, and Operations relied on daily. The breakthrough wasn't implementing newer technology; it was having someone dedicated to methodically untangling those threads while the business kept running.
Let's be honest: your team is already operating at 110% capacity. Between maintaining current systems, handling support escalations, and keeping up with security patches, there's not enough bandwidth in the system. Modernization doesn't happen in spare time.
➡️Case 2: I recently spoke with an IT director whose cloud migration kept slipping. His three senior engineers were spending 60% of their time on support escalations. The remaining 40% was split between routine maintenance and attempting to drive strategic initiatives. The math simply didn't work.
The organizations that succeed do one of two things: they bring in external capacity to either handle the transformation work or absorb the operational load. There's no third option that doesn't involve burnout and failed projects.
There's enormous pressure to move fast—from executives who want ROI, from vendors pushing cloud-first roadmaps, from security frameworks demanding modern controls. But speed without visibility creates chaos.
➡️Case 3: We worked with a company running both SCCM and Intune with no clear picture of which devices were managed by which platform. They wanted to "accelerate cloud adoption" and sunset SCCM within six months. We insisted on six weeks of discovery first to build accurate visibility. That six weeks saved at least six months of cleanup. We identified 230 devices that would have been orphaned during migration and found critical legacy systems still dependent on SCCM.
One of our most impactful engagements was with a power generation company that operates several facilities across Canada. Their IT environment had grown over time into a patchwork of systems — multiple monitoring tools, aging infrastructure, and limited visibility into performance and security. These challenges made it difficult for their internal teams to focus on operational priorities.
Coreio partnered with them to modernize and consolidate their managed services framework. We introduced a unified monitoring platform, strengthened their cybersecurity posture with managed detection and response, and established clear service governance processes across their sites. Our teams also worked closely with their operations leaders to align IT performance metrics with business and regulatory goals.
The result was a more stable and predictable technology environment that supported 24/7 plant operations with fewer disruptions. Their internal teams gained clearer insight into system health and could plan maintenance and upgrades proactively rather than reactively. More importantly, IT began to be seen as an enabler of reliability and safety — critical measures in the power generation industry — rather than simply a support function.
➡️Lessons Learned: It’s a great example of how managed services can directly contribute to operational resilience and business confidence, even in highly regulated and mission-critical sectors.
Whether you're working with a managed services provider already or evaluating options, here are the questions that separate vendors who manage infrastructure from partners who drive business outcomes:
Look for a partner who speaks the language of business, not just technology. They should be able to articulate how their managed services directly support what you're actually trying to achieve—whether that's reducing operational cost, improving agility for new market opportunities, or enabling revenue streams you can't support today. If they lead with technical features instead of business outcomes, that's a red flag.
2. "How do you integrate security with operations—not as separate workstreams, but as one coherent model?"
Security can't be bolted on anymore. The right partner operates with a security-first managed model that treats protection and operations as inseparable. Ask them to walk through how they handle a typical endpoint deployment or application rollout—if security is an afterthought or a separate team handoff, you'll end up with gaps.
3. "What reporting and KPIs do you provide that actually demonstrate business value?"
Strong reporting isn't about ticket metrics or uptime percentages—it's about connecting IT performance to business impact. Ask to see examples of the dashboards and KPIs they deliver. Can they show you how improved patch compliance reduced risk exposure? How automation freed up internal capacity for strategic work? If they can't demonstrate business value, they're just managing infrastructure.
4. "What does your strategic advisory approach look like—beyond daily delivery?"
You need more than operational execution. Look for providers who offer real world strategic advisory services: roadmap development that aligns with your business trajectory, technology planning for where you need to be in 18-24 months, and regular business reviews that go beyond status updates. Ask how often they meet with clients at a strategic level and who leads those conversations.
Transparent, predictable pricing matters, but so does flexibility. Your needs will change. New security requirements emerge. Business priorities shift. Ask how their pricing model accommodates growth and change without requiring complete contract renegotiations or surprise invoices.
➡️The bottom line: The right partner acts as an extension of your team—someone who challenges assumptions, anticipates needs before you have to articulate them, and helps you turn technology decisions into competitive advantages.
After twenty years in IT infrastructure and service delivery, here's what I've learned: the technology is the easy part. The hard part is maintaining operational continuity while fundamentally changing how that operation works.
If you're reading this and thinking "this is exactly where we're stuck," here are three concrete next steps:
Get honest about capacity. Calculate how many hours per week your team actually has available for transformation work—not aspirational hours, real hours after operational demands. If it's less than 20% of their time, your timeline is fiction.
Map your dependencies before you commit to a timeline. The organizations that succeed spend 4-6 weeks on thorough discovery. The ones that struggle skip this step and pay for it later with delays and scope creep.
Find a partner who's navigated your specific complexity. If you're in a regulated industry, work with someone who understands compliance constraints. If you're running hybrid infrastructure, find a partner who can manage the transition, not just the destination.
The organizations that successfully navigate modernization aren't the ones with the biggest budgets. They're the ones who found partners willing to live in the complexity with them.
If your modernization roadmap is clear but execution feels impossible, let's talk about what's actually blocking your progress.
About the Author:
Tim Barnes is the Director of Managed Services at Coreio, bringing over 20 years of experience in IT infrastructure, service delivery, and business strategy. He leads high-performing teams to deliver scalable, client-centric IT solutions that drive innovation and operational excellence. Before joining Coreio, Tim held leadership roles at CIBC, where he advanced enterprise initiatives in end-user technology and IT service management. Known for his strategic mindset and customer-first approach, Tim is passionate about turning complex challenges into measurable business outcomes.