About Global Micro Solutions
4,500 deployments. 30 years. One focus:
your Microsoft security.
Since 1995, we've operated Microsoft estates to international standards — ISO/IEC 27001, ISO 22301, and ISO/IEC 20000-1 — for 1,200+ organisations, from offices in Atlanta, Dublin, London, Abu Dhabi, Riyadh, and Johannesburg. The same engineers who design your operating model run it.
Built in Johannesburg. Operating across Sub-Saharan Africa.
Global Micro Solutions (Pty) Ltd was founded in 1990 in Johannesburg as Applied Micro Solutions, and reincorporated under its current name in 1995. Three decades later, our South African operation is still the engineering heart of the group — Rosebank-based architects and operators run M365 estates for mining houses, regional banks, and national retailers from 28 Sturdee Avenue, in support of the wider group's worldwide delivery.
POPIA Information Officer support
Every South African organisation must register an Information Officer with the Information Regulator under POPIA Section 55. We support that role with daily evidence: data flow maps, cross-border transfer assessments under Section 72, and audit trails for incident reporting under Section 22. The same evidence pack satisfies SARB Directive 2/2018 for financial institutions relying on cloud outsourcing.
Regional industries we know
South African mining, banking, insurance, and retail each carry distinct compliance overlays — King IV corporate governance, FSCA cyber-resilience guidance, SARB outsourcing notices, and the National Health Act for healthcare data. Our case-load across three decades means we have already worked through your auditor's checklist with peers in your industry.
Sub-Saharan reach from a single tenant
South African groups typically operate subsidiaries across Namibia, Botswana, Zambia, Zimbabwe, and Mozambique. We design Microsoft tenant hierarchies that segregate per-country workloads inside one estate, so each subsidiary can satisfy its national regulator without splitting your identity, security, or commercial agreements.
Customer deployments
Completed across 30 years of Microsoft security operations
Current managed tenants
Active M365 environments under our operational management
Exchange migrations
Completed securely — the operational depth behind every project
Years in business
Founded 1995. Three decades of Microsoft security expertise.
Team certifications
Microsoft proficiency across the entire engineering team
ISO 27001 controls
Automated daily evidence — not annual screenshots
Validated by Microsoft — then independently audited
Solutions Partner designations prove breadth — five of them show we cover the Microsoft ecosystem end to end. The Advanced Specialisation proves depth. A third-party auditor verified our migration delivery across real customer engagements. Re-validated every two years.
Five Solutions Partner designations. One Advanced Specialisation. All earned, all current.
We don't advise. We operate.
Most ISO 27001 programmes fail in the same place: policies are drafted, controls are described, and the binder is presented to the auditor. The auditor asks for evidence that the controls are deployed, configured, and operating as intended inside the technology environment. The evidence does not exist, because no one was responsible for producing it.
We address this by combining the work usually distributed across three parties — the management system consultant, the security implementer, and the GRC platform — into a single engagement. One operating model. One accountability line. One body of evidence that traces from policy through to runtime configuration, measured against the standard every day rather than annually.
We don't just monitor dashboards — we engineer the secure, compliant ecosystems they report on.
Microsoft Secure Score: from ~40 to 75+
The average Microsoft business Secure Score sits between 40-44%. After we deploy all three plans, our customers consistently reach 75+.
That's not a vanity metric. It's a measurable improvement that Microsoft tracks, auditors recognise, and insurance underwriters increasingly ask about.
Average industry: 40-44% · Our customers: 75+
What makes us different
The same team that defines the operating standard configures the systems that meet it. Most of our market is split between consultants who produce policies and leave, and platforms that monitor configuration read-only. We do both ends, under one accountability line.
We handle your Microsoft licensing AND your security operations. One provider, one relationship, one accountable partner. No handoffs between vendors.
Read/write tenant orchestration measures configuration against the standard every day, retained natively in Defender and Log Analytics. 93 ISO 27001 controls, 78 Zero Trust capabilities, and 105 risks — each mapped to specific tenant configurations and specific evidence rules.
Through our subsidiary Flowgear, we secure system-to-system integration. Data flows across your IT ecosystem are protected, monitored, and compliant.
Most firms hand off at go-live, from architects to operators. The handoff is where things break: knowledge gets lost, design intent gets forgotten the first time someone makes a change. We do not have a handoff. The senior engineers who scope your environment deploy it, and they are the ones still running it three years later.
Three decades of operational experience built into our tooling, processes, and automated evidence collection. Depth you can't shortcut.
Trusted across industries
We secure M365 for organisations in regulated, high-stakes sectors — each with unique compliance and operational requirements.
Leadership team
The people who deploy, manage, and secure your Microsoft environment.
JJ Milner Managing Director, Worldwide
Brad Bernstein Operations Director, Worldwide
Mohammed Ebrahim Head of Business Systems, Worldwide
Claudia Correia de Araujo Business Development, Worldwide
Awards & recognition
Consistently recognised for hosting excellence
Microsoft independently validated our managed service quality — three times. You benefit from that same operational standard.
International Association of Microsoft Channel Partners
Recognised for advancing the global Microsoft partner community — meaning we shape best practices, not just follow them.
Multi-vendor security credibility beyond Microsoft
Top-tier Fortinet access means faster threat intelligence, priority escalation, and direct engineering support for your network security.
We hold the same certifications we help you achieve
Our own operations are audited to the standard we deploy for you — same framework, same rigour.
Highest broad-based economic empowerment rating
Across the entire engineering team
Not 167 badges on a wall. 167 individual accreditations covering every M365 workload we manage.
Strong security shouldn't be a luxury. We offer lifetime discounted professional services for qualifying non-profit organisations.
Customer stories
Don't take our word for it. Watch Microsoft and our customers describe the impact.
Ready to see what your M365 licence can do?
Our free assessment maps your current security configuration against the full Microsoft unified platform and identifies the gaps worth closing.
Get Your Free Assessment