University of Wisconsin–Madison

Microsoft licensing: What we learned & what’s next

Following a successful discovery project and strong collaboration across the university, we’ve made the strategic decision to defer additional investment in Microsoft A5 licensing (an upgrade to our current licensing) at this time. This decision reflects more than just technical or financial factors—it’s about aligning with the right timing, ensuring foundational efforts are mature, and staying focused on delivering impact through Smart Access. Smart Access and our Zero Trust strategy remain priorities. We’ll continue making progress using existing tools and revisit Microsoft licensing opportunities in fiscal year 2028.

Why Microsoft was considered

Microsoft’s platform offers strong capabilities that align well with Zero Trust goals, including:
  • A comprehensive, integrated security and identity toolset
  • Advanced conditional access and risk-based authentication
  • Potential to unify and enhance our infrastructure
The evaluation process surfaced real potential and helped strengthen our partnership with Microsoft. It also illuminated technical limitations and areas that require further vendor collaboration. We will continue working with Microsoft to address challenges such as delegated administration and performance issues.

Why we are deferring Microsoft licensing expansion

After careful consideration, we’re choosing to pause A5 expansion for now due to:
  • Implementation Complexity: Estimated 12–18 months of preparation and planning
  • Technical Gaps: Current limitations around delegated administration and platform performance
  • Strategic Sequencing: Foundational efforts like Active Directory migrations must progress first
  • Financial Stewardship: Given the broader financial environment, we believe the decision is a fiscally responsible choice
We’ll revisit this opportunity in Fiscal Year 2028, informed by continued progress and evolving needs.

What’s next for Smart Access

The Smart Access program remains a top priority. We will continue driving our Zero Trust efforts with a focus on:
  • Identity & Access Management: Completing Active Directory migrations to unify identity platforms
  • Threat Detection & Response: Expanding visibility, analytics, automation, and orchestration capabilities to accelerate response
  • Endpoint & Data Protection: Securing devices and enforcing policy compliance
  • Data Loss Prevention: Classifying and preventing exfiltration of restricted data
  • Device Health Validation: Expanding compliance checks for device access
Continued collaboration with DoIT service teams, distributed IT partners and university stakeholders will be essential. Our strategy is to build on existing tools while staying open to future integrations, including with Microsoft.

A collaborative effort

This decision was shaped by input from IT professionals across the university. Their engagement made a difference:
  • 80+ testers dedicated time to hands-on evaluation
  • 100+ IT professionals contributed through workshops and focus groups
  • 11 schools, colleges, and divisions participated in this effort
Insights as a result of this collaboration illuminated key challenges and helped us move forward with clarity and confidence. Thank you.

Stay connected

Have questions or ideas? Reach out to the Smart Access Program team. Visit the Smart Access website or subscribe to updates to stay informed.