Planning for a Successful 'Carve Out' Acquisition
Carve outs require extensive planning and forethought to navigate complex, competing requirements.
You've just been notified that your company is purchasing a large business unit from another company, and you've been placed in charge of moving the IT components to your organization without disrupting business and keeping all aspects of your organization secure. This type of arrangement is commonly referred to as a "carve out," and it requires extensive planning and forethought to navigate the complex, competing requirements.
Complicating and Uncomplicating a Carve Out
A carve out is the process of transitioning all aspects of IT from the sold business unit to the purchasing company during a defined period of time, with specific guidelines that are defined in a Transition Services Agreement (TSA) document that's agreed upon by all relevant parties. The TSA is a legal document that allows the selling company to provide IT, financial, HR, and other corporate services for a period of time with conditions on what's allowed and restructured by both parties.
If the business unit being sold owns the IT assets and the assets are not shared by other business units, the transition is significantly less complex. If the selling company has deployed shared solutions such as enterprise-wide telephony, SD-WAN, or virtualized data centers, the transition becomes infinitely more complex. In these instances, new services will be required for the business unit. In addition to enterprise services, the business unit being sold may occupy space in a building where other business units reside, further complicating the transition.
Another key aspect of a carve out is the ability for both companies to maintain their security posture during the separation process. It's common for companies to restrict direct open connectivity between the purchasing parent company and the selling parent company, which limits the ability to move shared services and applications directly to your organization.
It's also difficult to move users directly to your organization unless you enlist a big bang approach, which is virtually impossible and increases the potential for security vulnerabilities for the following reasons:
- Applications require a coordinated transition to ensure minimal down time to the business and that sufficient validation has been performed to bring the applications into production.
- Most companies utilize Active Directory (AD) to improve the user experience. In fact, enterprise-wide telephony environments typically rely heavily on AD. Therefore, it's important to perform an AD migration away from the selling company's AD structure.
- To maintain a strong security posture, it's important to ensure server, application, and workstation vulnerabilities have been remediated, which is difficult to do when the devices exist in the selling parent company's network. This brings us to the need for a transition environment...
The transition environment is often considered an island where all applications, servers, network, and infrastructure services reside. This transition environment is typically setup to limit access to the selling company's network and block access to the buying company's network.
An AD trust is built between the transition environment and the parent company's IT environment. Access restrictions are created by the parent company to allow users to only access what's required and limit access to other business unit environments. The goal is to move all services to the transition environment before the end of the TSA. This includes separating shared applications, creating a separate network that's split virtually between the transition environment and the selling company's network, either moving people out of shared facilities or creating a completely separate network if multiple business units existing in the same building, and providing a support structure that will take over during the transition and at the end of the TSA.
Considerations must include the ability to support the transition environment while your firewalls are blocking access of your support resources to the transition environment.
The next article in this series will focus on key ways to prepare for a carve out acquisition, so stay tuned.
Dana Shorter, principal and consultant at Novom Group, also contributed to the writing of this post.
"SCTC Perspectives" is written by members of the Society of Communications Technology Consultants, an international organization of independent information and communications technology professionals serving clients in all business sectors and government worldwide.
- You've Acquired a Company... Now What?
- How to Finesse Post-M&A Collaboration
- When Cutovers Cause Chaos