Cloud Direct Learning Hub

How we help

What we do

Explore

We all know a castle and moat security approach just doesn’t cut it anymore. That’s why you’re here, right? You’re ready to have a security strategy in place that’s aligned with the modern, hybrid work environment.

Zero Trust is an end-to-end security strategy that’s based on ‘never trust, always verify’, and has been adopted by millions of organisations across the world to protect their technology ecosystem. If you’d like to find out more about what Zero Trust is and why you should look at adopting it within your organisation then check out our Beginner’s Guide to Zero Trust.

In this blog, we’ll be running through the Microsoft technologies available to help you implement a Zero Trust security strategy. We’ll dive into the specific technologies you can use to start defending the six elements of Zero Trust; identities, devices, applications, data, infrastructure, and networks.

 

Identities

Identities representing people, services or IoT devices, are the common dominator across network, endpoint and applications. In a Zero Trust strategy, identities function as a powerful and flexible way to control access to data. Microsoft suggests that before an identity attempts to access a resource, you should:

  • Verify the identity with strong authentication
  • Ensure access is compliant and typical for that identity
  • Follow least privilege access principles

There are a few tools available from Microsoft to help ensure you’re following these guidelines:

Azure Active Directory (AD) enables strong authentication, a point of integration for endpoint security, and the core of your user-centric policies to guarantee least-privileged access.
Multi-Factor Authentication (MFA) is an additional step built into your employee’s sign-in process. It’ll help protect your organisation against breaches due to lost or stolen credentials with strong authentication.
Conditional Access can be used to help evaluate the user trying to log in, the device they’re using, where they’re located and their behaviour.
Finally, there’s Privileged Identity Management (PIM) which can be used to ensure users are using minimal access rights by default and only have privileges for the tasks they need.

 

Devices

With the sharp rise of remote and hybrid working over the past 2 years, devices are now one of the biggest security risks to many organisations with employees using their personal devices. The Zero Trust strategy encourages the same security policies to be applied across all devices, whether they are corporate or personal devices through Bring Your Own Device (BYOD0).

What technologies are available to help you adopt Zero Trust? Microsoft has Endpoint Manager, which will provide you with the tools you need to manage and monitor mobile devices, desktops, virtual machines, embedded devices, and services. Allowing you to keep your data secure across all of these devices, whether they’re in the cloud or on-premises. Endpoint Manager combines popular Microsoft services such as Intune, Configuration Manager, Desktop Analytics and more.

 

Application

As more businesses adopt a Hybrid Working approach, critical business applications are moving into the cloud so employees can access them whether they’re at home or in the office. To get the full benefit of cloud applications and services, you must be able to provide access whilst maintaining control to protect critical data accessed via applications and APIs. Now that your employees can access your resources and apps from outside your corporate network, it’s no longer enough to have rules and policies on your firewalls. You should instead start focusing on identifying app usage patterns, assessing risk levels and business readiness of apps, preventing data leaks to non-compliant apps, and limiting access to regulated data.

Microsoft has suggested enabling Cloud Discovery and integrating Defender for Endpoint so that you can start collecting data from Windows 10 devices on and off your network. You can then create policies that will allow you to detect, and be alerted of, any risky behaviour or suspicious activity in your cloud environment.

But that’s not all you can be doing to protect your applications. Most cloud applications provide an API for consuming tenant information and receiving corresponding governance actions. Microsoft recommends you use these integrations to monitor and alert when threats and anomalies occur in your environment. You can adopt Microsoft Cloud App Security, which works with services to optimize visibility, governance actions, and usage.

 

Data

Data is one of your most valuable assets, and you must protect it at all costs. This is why it’s time you moved from perimeter-based data protection to data-driven protection. To help you implement effective information protection, we recommend you follow the below process, leveraging certain Microsoft technologies:

  • Knowing your data – Understand your data landscape and identify important information across your cloud and on-premises environment.
  • Protecting your data – Protect your sensitive data throughout its lifecycle by applying Microsoft sensitivity labels linked to protection actions like encryption, access restrictions, visual markings, and more. You can use the following tools to help protect your data; Sensitivity labels, Azure Information Protection, Cloud App Security, Double Key Encryption, Office 365 Message Encryption (OME) and SharePoint Information Rights Management (IRM).
  • Prevent Data loss – Apply a consistent set of data loss prevention policies across the cloud, on-premises environments, and endpoints to monitor, prevent, and remediate risky activities with sensitive data. Leverage the following Microsoft technologies to help prevent data loss within your organisation; Data Loss Prevention Policy, Endpoint Data Loss Prevention and Microsoft Compliance Extension.
  • Govern your data – Manage information lifecycle and records intelligently with in-place management, automated policies, defensible disposal, and pre-built data connectors.

 

Infrastructure

Your Infrastructure, whether on-premises servers or cloud-based VMs, can open you up to threats. This is why it’s important you assess for version, configuration and Just-In-Time access to strengthen your defence. Start by detecting any attacks on your infrastructure and automatically block any risky behaviour to prevent any issues.

Microsoft suggested setting the Tenant Baseline, which is a way for you to set a baseline for how your Infrastructure is meant to be running. Leveraging Azure provides you with the ability to manage all your VMs in one place using Azure Arc. Using Azure Arc, you can extend your Security Baselines from Azure Policy, your Azure Security Center (ASC) policies, and Secure Score evaluations, as well as logging and monitoring all your resources in one place.

 

Network

We all know the castle and moat approach isn’t enough anymore. Adopting a Zero Trust strategy means that you assume that nothing behind your corporate firewall is safe.

This has drastically changed. Now there isn’t necessarily a contained/defined network to secure as people are working from home off various devices. Instead, there is a vast portfolio of devices and networks, all linked by the cloud. It’s important that you verify each request as if it originates from an uncontrolled network. There are a few Microsoft tools available to support you in protecting your network, such as; Azure Web Applications Firewall (WAF)Azure Firewall, Azure Front Door, Azure VPN Gateway and Azure Bastian.

Those were just a few of the technologies available to support you in adopting Zero Trust. But as one of Microsoft’s closest partners, we understand that enabling these aren’t always as easy as they seem. Which is why we’re here to help.

 

Talk to the experts

Are you wanting to find out more about the Microsoft security technologies available and how you can adopt them to implement a Zero Trust strategy? We’re one of Microsoft’s closest partners and an Azure Expert MSP. Meaning we have the knowledge and expertise to help you transform your security. We have a Zero Trust Health Check available to help you understand what your next steps should be. Simply get in touch to talk with one of our experts.

“Azure gives us much more flexibility all round, with access in a secure cloud environment.” – Stewart Martin, partner, Edmund Carr 

Join the world’s leading public cloud provider. You’ll be in good company – over 90% of Fortune 500 companies are already using the Microsoft Cloud environment. 

Data centre modernisation will transform the way you work. But choosing the right cloud provider and delivery partner is equally as important as making the decision to transform in the first place. So why is Microsoft so far ahead of its competitors when it comes to public cloud? 

In short its trust. Yes Microsoft has raised its game in the services available but it ultimately comes down to a proven track record of helping businesses truly transform. 

Here are just a few of the reasons businesses are using Azure for their data centre modernisation. 

 

Improve ROI 

Microsoft commissioned Forrester Consulting to analyse the economic impact of Azure on its customers. They developed a representative business model which reported a 466% ROI, achieved through a combination of: 

  • Drastically reduced data centre costs – through consolidation and footprint reduction. 
  • Reduced IT outsourcing costs – efficiency driven services drive down costs 
  • Process re-engineering – save time better spent on strategic planning 
  • Increased sales and profits – achieve new and larger customer sales 

“Without Azure, we would need to build out dozens of data centres to provide the same service and meet client requirements that we can with Azure.” – VP of product development, US services and hosting firm 

 

Achieve truly agile infrastructure 

Increase your data centres agility with on demand, near limitless cloud scalability with Azure. Reach new markets using Microsoft’s global hyper-scale infrastructure of more than 100 data centres across 36 regions worldwide. Twice those of AWS and 6 times Google’s data centre regions. 

“Azure makes it a lot easier for us to deliver on our vision without getting stuck on the individual IT components. We can focus on our end solution and delivering real value to customers rather than on managing the infrastructure.” – Richard Beesley, Rolls-Royce 

 

Future proof your business 

In the future business landscape every company will be a software company. Industry disruptors such as Airbnb, Uber and Netflix have already proved that businesses need to rapidly innovate and remain flexible to compete in the future marketplace. Modernising your data centre with Azure allows you to achieve new levels of agility. Be proactive in the face of disruptive competitors. 

“(With Azure) It’s all about making sure we’re ready for the future.” – Stephen Court, IT supervisor, Crondall Energy 

When migrating to the cloud it can be easy to jump in headfirst. But you must take a step back and review things before you start your cloud journey. Migrating to the cloud provides you with the chance to think ahead and create an environment that allows you to scale and innovate with ease. 

Whilst some workloads can be easily migrated to Azure with little adaption – these are the ones we target in our first phase migration – many will need to be re-configured for performance and cost optimisation. 

To realise the true potential of Azure and build a scalable base, you should start with Azure Landing Zone. They are the fundamental structures that put security and optimal performance at the core of your cloud environment. 

 

What is an Azure Landing Zone? 

A Landing Zone is a key concept of Microsoft’s Cloud Adoption Framework that allows you to build a secure foundation to scale and innovate with ease. Not familiar with the Cloud Adoption Framework? Fear not as we have a beginner’s guide that covers everything you need to know. Microsoft has created the Landing Zone based on best practices and cloud services for you to leverage as part of your migration, mitigating any complexities you may face. 

A Landing Zone can be deployed at any stage – whether you’re in the process of deploying your first production application in Azure or operating a complex portfolio of tech platforms and workloads. Landing Zones have been created to be both scalable and modular – you’ll have repeatable environments with the same configuration and controls allowing you to scale but also have a modular environment thanks to its common set of design areas that can be extended to support specific technologies. 

 

Why you should deploy a Landing Zone 

It should be clear by now that to ensure a safe take-off in Azure you need a Landing Zone in place, enabling you to have a faster, more secure and efficient migration. Which is ultimately what you’re trying to achieve, right? Having a Landing Zone in place before you start migrating your infrastructure provides you with a solid foundation for you to future-proof your IT. Plus you’ll have access to Microsoft cloud services and best practices that set you up for success. But that’s not all. You’ll also be able to benefit from: 

Increased speed: Landing Zones have the tools and capabilities you need to migrate to the cloud and deploy new workloads quickly. 

Increased scalability: You can build repeatable environments with the same configuration and controls, enabling you to scale with ease. 

Best security and performance: Deploying a landing zone enables you to leverage Microsoft’s security and performance tools. 

 

Five principles for deploying a landing zone 

Microsoft has put together five key principles that you should be leveraging when deploying a Landing Zone. 

Utilise Networking Services – Add or remove workloads without disrupting the rest of your environment and leverage connectivity to bring your applications together. 

Identity Management – Within a Landing Zone, you’ll be able to set identity rules so only certain employees will be able to access data – providing you with better user management. You’ll be able to leverage Single Sign-On, Role-Based Access Control and Authentication to enable effective identity management. 

Once you have the first two principles in place, you’ll be able to start migrating low-risk workloads. When you’ve migrated any low-risk workloads, you’ll then be in a place to start looking at the next three principles. 

Governing your environment – Microsoft will enable you to govern your environment with compliance policies to ensure you’re meeting industry regulations. 

Leverage Microsoft security – You’ll be able to leverage Microsoft security controls to protect both data at rest and in transit, allowing you to detect threats before it’s too late. 

Manage your environment – Once you have your Landing Zone in place you’ll not only have a secure space for your environment but also the tools in place to effectively monitor performance. 

When you’ve got all of these three principles in place, you’ll be able to accelerate your migration and now have a secure foundation to move any business-critical workloads into Azure. 

 

Ready to deploy a Landing Zone?

As an accredited Microsoft Azure Expert MSP and Cloud Adoption Framework ready partner, we’re able to help you deploy a landing zone. Simply get in touch with our experts. Or why not sign up for our Infrastructure Migration in-a-morning?

The Cloud Adoption Framework (CAF Framework) is a collection of documentation, implementation guidance, best practices, and tools that are proven guidance from Microsoft designed to accelerate your cloud adoption journey. There are six stages to the CAF framework, and each stage has been crafted to help you accelerate your cloud adoption journey. Think of the CAF framework as your guide to making the most of your Azure investment. 

It’s important to note that the CAF framework isn’t just for businesses that are new to the cloud, it can be used by businesses at any stage of their cloud journey. And we’re here to help you understand how you can start using it. 

 

What are the six stages of the Cloud Adoption Framework? 

Strategy
Start by understanding your business objectives to identify how Azure can support them. Microsoft has created a Cloud Journey Tracker to help identify the adoption path suited for your business. 

Plan
Start aligning your people, processes, and technology to map out your cloud adoption plan. This is where you rationalize your current estate using the 5 R’s of application modernisation. 

Ready
This is where you prepare your environment using the Azure Setup Guide created by Microsoft. Once you’re all prepared it’s time to deploy your landing zone – a basic building block of any migration. 

Adopt
The adopt stage is split out into two parts – migrate and innovate. You can simply migrate your on-premises environment to the cloud. This is used when your workloads don’t warrant investment. Or you can innovate where you take advantage of cloud-native technologies to modernise your digital state using DevOps. 

Govern
Create benchmarks and implement a governance minimum variable product to stay on track. Working with an Azure Expert MSP can help you govern your environment, helping you maintain your progress. 

Manage
Monitor your environment through data collection and alerts. Manage it to ensure your following best practices to track your performance. And make sure you’ve created a resilient platform that can recover from any issues.

 

Want to find out how you can start leveraging the Cloud Adoption Framework?

Our Azure Experts are here to help. As a Microsoft Cloud Adoption Framework certified partner, we can help you ensure you follow best practices to help kickstart your migration, no matter where you’re at. Simply get in touch to find out more. Or why not sign up for our Infrastructure Migration in-a-morning?

Microsoft Azure, is a cloud computing platform that runs your applications at scale on the internet. Azure lets you store your data securely and gives you the business intelligence tools to explore it. It helps you build applications, test them in a safe environment and launch them, knowing that performance won’t be an issue even if they are being accessed from the other side of the world. It will also help you build on your existing IT infrastructure, creating hybrid solutions that simplify your IT and reduce costs. 

Microsoft Azure is essentially a growing collection of integrated services – analytics, computing, database, mobile, networking, storage and web – that are flexible enough for you to use as and how your business needs them. With Microsoft Azure, you’ll move faster, achieve more and save money. 

 

A place to build, test and deploy applications 

Any developer or IT professional can be productive with Azure. Azure’s integrated tools, pre-built templates and managed services make it easier to build and manage enterprise, mobile, web and Internet of Things (IoT) apps faster. 

 

An open platform 

Microsoft Azure is a flexible and open platform that supports a broad range of operating systems, programming languages, frameworks, tools, databases and devices. You can run Linux and Docker containers; build apps with JavaScript, Python, .NET, PHP, Java and Node.js; build back-ends for iOS, Android and Windows devices. Azure supports the same technologies that millions of developers and IT professionals already rely on and trust. 

 

An extension of your existing IT 

Azure easily integrates with your existing IT environment through the largest network of secure private connections, hybrid database and storage solutions, and data residency and encryption features – so your assets stay right where you need them. You can even run Azure in your own data centre with Azure Stack. Azure’s hybrid cloud solutions give you the best of both worlds: more IT options, less complexity and cost. 

 

A safe place for your data 

Microsoft has made an industry-leading commitment to the protection and privacy of your data. It is the first cloud provider recognised by the European Union’s data protection authorities for its commitment to rigorous EU privacy laws. Microsoft was also the first major cloud provider to adopt the new international cloud privacy standard, ISO 27018. 

 

A global network 

Azure runs on a worldwide network of Microsoft-managed data centres across 19 regions. This fast-growing global footprint gives you more options for running applications and ensuring great customer performance. 

 

An economical and scalable solution 

Azure’s ‘pay as you go’ services can quickly scale up or down to match demand, so you only pay for what you use in one simple monthly bill. Per-minute billing and a commitment to match competitor prices for popular infrastructure services such as compute, storage and bandwidth means you’re always getting an unbeatable price for performance. 

 

A source of insight 

Azure’s predictive analytics services such as Machine Learning, Power BI and Stream Analytics are redefining business intelligence. Make smarter decisions, improve customer service and uncover new business possibilities from your structured, unstructured and streaming Internet of Things data. 

Migrating your application to Azure will unlock new markets and revenue opportunities for your business. By having a SaaS application, you will have the capabilities to help your business achieve fearless growth. Having your application in Azure allows you to build, market and sell your solutions efficiently. And we’re here to show you exactly how. 

Having the ability to build things quicker enables you to streamline operations and therefore, sell more. Here’s what this could look like for your application. 

 

Sell more than ever 

That’s right. Migrating your application into Azure will enable you to reach millions of new customers. Your application being in the cloud will become more accessible and appealing to new markets across the world. 

Microsoft has resources and programs available to help accelerate your time to market, demand generation and business growth, – such as the Azure Marketplace. By uploading your application to the Azure Marketplace you’re allowing customers in over 140 countries to start using your app. Enabling you to transform your businesses go-to-market strategy. 

Finally, all that money you’ve saved by moving to the Azure and increasing efficiency no longer needs to be passed onto your customer – making your services more affordable for them. It’s a win-win situation. 

 

Build things quicker 

Azure provides you with the building blocks you need to create a powerful application. You’ll be able to reap all the benefits of tools available in Azure, such as Azure Kubernetes Service, Azure DevOps and Azure App Service. Plus, Microsoft are investing a huge amount of time and money to developing their application services. Over the past year they’ve added 1000+ capabilities to support your application, including more pre-built and custom AI features. By having access to the latest Azure tools available, you’ll be able to bring functionality to your application that competitors haven’t even thought of yet. 

Microsoft and Keystone published a whitepaper on some research they’ve done into ISVs, The Shift to SaaS: A high-value opportunity for ISVs. During this research they discover: “All of the ISVs interviewed explained that the combination of continuous product development methodologies and greater visibility into customer usage through app data collection have led to improved product development cycles, saving up to one-third of the time required for a typical product release.” The Shift to SaaS: A high-value opportunity for ISVs, Keystone, June 2017 

With a cloud-based application there will be no hardware maintenance, allowing your IT team to concentrate on the development of your app. Meaning you’ll be able to keep up with changing markets, trends and competitors – all whilst saving costs. 

 

Streamline your operations 

Moving to a cloud-based application will enable your ISV to streamline your operations, which will open your business up to plenty of opportunities. 

“ISVs (who switch to SaaS) reported a range of efficiency gains depending on the complexity of the application and the ongoing maintenance responsibilities, with an average of a 26% improvement in engineering efficiency.” The Shift to SaaS: A high-value opportunity for ISVs, Keystone, June 2017 

A SaaS-based model application reduces the time it takes to maintain the infrastructure as Microsoft will do this for you. Passing any infrastructure maintenance onto your provider, enables your IT team to focus on what really matters – improving and updating your application. And what’s best is you will automatically have access to any security and functionality updates – allowing your IT team to have access to the lastest tools available. Your customers will be able to benefit from this too through better functionality and app capabilities. 

Microsoft invests over $1 billion every year in cybersecurity to ensure your cloud-based application is secure, so you don’t have to. They provide your ISV with compliance framework that aligns vendors to country specific data management regulations – meaning you don’t have to worry about complex and changing regulations. Microsoft has the resources to help you keep innovating without using up your whole team. Allowing you to excel your application without burning your team out. 

 

Ready to harness the power of Azure? 

These are just a few of the benefits your application could see from migrating to Azure. If you want to talk to one of our Azure Experts to find out how you can leverage your application in the cloud, then simply get in touch. 

Matt Leach, one of our expert Azure Consultants, has penned this blog all about the growing IT trend for Azure Kubernetes Service (AKS) and how your cloud environment could benefit from this open-source container-orchestration system. 

But before we skip to the good the bit we need to jump back and explain a bit more about where Kubernetes came from and how it works. 

 

First off, what is containerisation? 

Containerisation in brief terms is a method of splitting up a machine into multiple layers which are all isolated. Containers allow for a portable approach for application development and offer increased flexibility. Whether it’s important for your business to be able to take your application to any cloud hosting provider, or maybe you would like to use different services such as Kubernetes, Docker, Azure Web App for Containers – containers offer this flexibility and portability. Lastly, containerisation provides a method of moving away from monolithic application architectures and allows you to move to a microservice-based application architecture, which in return, allows you to modernise your web applications.

 

Why should you use containerisation? 

If you imagine your application as it currently stands, it is likely that you are hosting it on virtual machines. If you have 3 applications, you may be running it on 3 virtual machines. The same applies if you have a large application environment that may be running tens if not hundreds of applications. You will need a lot of virtual machines to host these applications. The downfall of hosting all these virtual machines is the fact that someone needs to patch and maintain all of these machines. If you are using Windows virtual machines, you will also need to license all these virtual machines. 

This is where containers thrive. Whether you’re running Docker, Kubernetes, AKS as your container orchestration tool, you can run multiple containers on a cluster containing as little as one virtual machine. Of course, we recommend you think about high availability and performance when planning how many virtual machines you need, however, if you’re running hundreds of applications, you will definitely see the benefit of running them (if compatible) on containers as opposed to individual virtual machines. 

 

Where does Kubernetes come into this? 

Kubernetes is an open-source system to allow containerised applications to be deployed into a controlled environment – as all of us tech enthusiasts call a cluster. Kubernetes was originally developed and designed by Google, however, in 2015 it was released as an open-source project for the wider community to contribute towards. If you’ve heard of Docker before, it’s a very similar concept to that. 

 

Welcome, Azure Kubernetes Service! 

In 2018 Microsoft released AKS as a managed Kubernetes offering. As a Microsoft Gold Partner, Cloud Direct welcomed AKS with open arms. AKS brought more simplicity to the product for customers. Allowing them to spend more time developing their applications – for greater business benefit – instead of having to manage various aspects of Kubernetes that could break at any time. At a high level the following components are required for a Kubernetes cluster: 

  • Kube-controller manager 
  • Cloud-controller manager 
  • Kube API server
  • Etcd
  • Kube-scheduler
  • Kubernetes nodes (including kube-proxy and kubelet) 

  

With AKS, Microsoft have assumed the day-to-day responsibilities of Kubernetes, removing a lot of the previous management pain, allowing customers to just look after the most important parts of their business. This leaves customers only needing to managing the following: 

Virtual nodes – These are virtual machines that run within your Kubernetes cluster to host the containers/pods. 

Containers/Pods – These run on the nodes within your cluster. These are running your applications that are containerised. 

Container Images – These are your applications that have been containerised to work within containers. 

The burning question – How much does AKS cost? 

The good news – AKS service itself is free! You are only required to pay for the virtual machines that your applications run on. With the flexibility AKS provides, you can take advantage of autoscaling. Maybe you only have applications that run for several months out of the year as opposed to all year round. Then you can scale your cluster down to zero virtual machines if required which means you don’t pay a penny. Alternatively, maybe you have an application that runs at high demand towards the end of the month, but then it’s quiet for the first 3 weeks of the month. Autoscaling will scale out your cluster to as many virtual machines as you need it too. You can of course configure this to ensure there is a limit, so you don’t get a nasty surprise when your bill comes through. 

Let Microsoft handle demand for your application, so you can concentrate on the business benefits your application offers.

 

Why choose AKS rather than migrating as virtual machines? 

You may be wondering why you would use AKS and containers rather than migrating virtual machines. There are cases where virtual machines would be a better fit, this of course depends on the application you’re looking to migrate or modernise. However, most of the time, web applications are a great start to look at containerising. The following benefits come with using containers as opposed to using virtual machines: 

  • Cost – Only pay for what you require. Maybe you have certain parts of the month where the demand for your application is higher – let Microsoft autoscaling do the work to ensure you are only using the resources that your application needs. 
  • Isolation – Applications running containers in AKS can be completely isolated from each other, unless of course you need them to communicate with each other. 
  • Flexibility – You can run your applications on Linux, Windows, or both! 
  • Less patching – With less virtual machines, comes less maintenance. Allow your engineers to be creative in other areas that will increase the benefits to your business. 
  • Zero downtime upgrades – Rolling upgrades to your applications happen seamlessly with no down time. When you upgrade your application image and push to a container registry, AKS will deploy your application next to your current application. When AKS decides your containers are healthy, it will softly shut down your old version of the container and users will use the newly patched application. No more rebooting virtual machines after upgrades! 
  • Support for Microservices – Microservices are a great candidate for containers and AKS. Run each one of your services in a different pod. This will allow you to patch each service at a time as opposed to taking down the whole application. If you need to connect to a database such as SQL, you can integrate AKS with Azure SQL PaaS services, or choose to run your database in your AKS cluster – the choice is yours. 

 

Conclusion 

I hope this article has helped you to understand Kubernetes and containerisation a little more. Kubernetes is gaining traction rapidly and the customers we have helped to move, are already reaping the benefits that AKS offers. 

Azure holds plenty of opportunities for ISV’s but these don’t come easily – it takes expertise and hard work to make them a reality. This is where an Azure Expert MSP comes in. To help ISVs migrate and innovate applications in Azure, accelerating growth, with solutions that are designed to provide you with the tools, knowledge and experience you need to approach Azure with confidence. 

 

Get closer to Microsoft 

Exploit an Azure Expert MSP’s close relationship with Microsoft to gain access to the latest Azure resources and tooling, particularly the Azure Marketplace. 

 

Match your expertise with proven credentials  

You’re the expert of your application, so work with infrastructure experts for the perfect match. Provide reassurance to end-users and your business stakeholders by having your infrastructure verified by a Microsoft accredited Azure Expert MSP. 

 

Grow your customer base 

Keep ahead of customer demand by shortening development cycles and take advantage of an MSPs expert Azure Dev Ops. Attract more customers by developing new products and entering new markets. 

 

End-to-end process 

Take advantage of services built for ISV’s around the 5 R’s of application modernisation with a proven process of workshop, assessment, application modernisation and migration. 

 

Optimal performance 

Optimise security, performance and cost by working with an expert partner who understands both infrastructure and applications. 

 

Ongoing support 

Managed support so you can concentrate on innovating your application and not worry about the infrastructure. 

 

Ready to work with an Azure Expert? 

So you like what you see. Get in contact with our experts to find out how we can support your ISV with Azure. 

As an Independent Software Vendor (ISV), your application is at the heart of your business and you’ll understand the importance of leveraging cloud-native technologies for application growth in 2021. Commvault has recently spoken about cloud-native applications and is predicting “IT organisations to make the rearchitecting of their applications and workloads into cloud-native formats one of their top digital transformation priorities for 2021”.

The benefits of moving your application to Azure are endless. In fact, it can completely transform the way your business operates. Reach new by accessing intelligent tools such as Azure Kubernetes Service, Azure DevOps and Azure App Service. The benefits are endless.

Moving your application to Azure can completely transform the way your business operates. You’ll have the ability to reach new markets by accessing intelligent tools such as Azure Kubernetes Service, Azure DevOps and Azure App Service. The benefits are endless.

During this blog post, we’ll be exploring the three infrastructure options for your application in the cloud.

 

Your options at a glance

When migrating your application or software to Azure you need to decide on whether your application will be delivered as Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) or App Service. Here’s an infographic we’ve created that highlights the key differences between these approaches.

Ready to dive into each of these options and what that approach will mean for your business?

Infrastructure-as-a-Service (IaaS)

Infrastructure-as-a-Service is the first step in building new technology that’s delivered over the cloud. This option is usually the quickest for you to get your application up and running in the cloud. IaaS enables you to build and manage data as you grow by only billing you for the storage and server space needed to build hardware or software. Allowing you to scale up and down with ease.

IaaS provides your business with the greatest level of control and power over your software and hardware. However, you’ll still be responsible for making sure everything is secure and up and running to prevent any outages that could impact your business operations.

 

Platform-as-a-Service (PaaS)

Platform-as-a-Service enables you to provide an online platform that is accessible to developers to start creating software that can be delivered over the internet. PaaS leverages cloud-native technologies but is still very cost-effective. Plus, you’ll only have to manage your application and data, whilst your cloud provider looks after the rest for you.

You’ll be able to free up a lot of your IT team’s time as you’ll be able to create custom applications online without having to deal with any of the data serving, storage or management of the platform – allowing them to focus on building new features into your app. You’ll also gain full control over any software or applications that are being built within the platform.

You’ll be able to create custom applications online without having to deal with any of the data serving, storage or management of the platform. The result? More time for your IT team to focus on building new features into your app. You’ll also gain full control over any software or applications that are being built within the platform.

One of the downfalls of PaaS is that you’ll only be able to control what is built on the platform. Therefore, if there is ever an outage or any issues with the hardware or operating system that the platform is built on, this will affect the software that is being delivered.

 

Azure App service

Azure App Service is a fully managed platform for building, deploying and scaling your web applications. The platform has built-in infrastructure maintenance, security patching and scaling – allowing you to really focus on transforming your app whilst Microsoft does the heavy lifting. You’ll be able to build, deploy and scale apps quicker than ever. Thanks to the comprehensive security and compliance features in Azure, you’ll be able to do all of this within a trusted managed platform.

Making your application fit for the Azure App Service is often the option that takes the most work, but the long-term cloud-native benefits are incomparable. With your cloud provider managing everything for you, you’ll have the time to continuously optimise your app by leveraging some of the available tools, such as; Azure Monitor, Azure DevOps and Azure Active Directory.

But that’s not all. Microsoft has created a range of pricing and performance options to fit your every need, which offers savings up to 55% when compared to pay as you go.

 

Want to talk to an expert?

We’re a Microsoft ISV partner and can help seamlessly guide you through your cloud journey. Simply get in touch.

When trying to grow your Independent Software Vendor (ISV), it can be difficult to find the resources and support you need. Over the past few months, Microsoft has been really focusing on supporting ISVs grow their business. For starters, they’ve now got a dedicated ISV team in place who are focused on helping you grow your application through exclusive programmes to obtain Microsoft Azure funding and additional resources. 

Accessing the relevant resources is key to helping your business unlock new opportunities with your application. Backed with extra capabilities, you’ll be able to achieve more – allowing you to try out new and exciting tools that will excel your application. Best of all, Microsoft has all the resources you need. 

Recently, we’ve been helping businesses with applications across the UK leverage Microsoft resources by migrating to Azure. Having an Azure-based application will allow you to develop your app quicker, streamline your operations with ease and sell more than ever. 

  

Expert-led guidance to developing your application 

Microsoft have years of experience helping ISVs fast-track their business growth through the public cloud. They’ve consolidated this information and created the Solution Workspace – to help you turn those ideas into a fully-fledged solution. The Solution Workspace is a streamlined tool created to help you track an idea from its inception through to customer availability. It offers personalised steps and resources to help you identify how to improve your application. Plus Azure comes packed with the tools and resources you need to develop a successful application – meaning your staff don’t need to worry about creating overly complicated code. 

  

Helping you reach new customers 

When you migrate or build your application in Azure, Microsoft will support you in transforming your go-to-market strategy. They’ll provide you with a personalised consultation and access to customisable marketing assets they have available. 

Building your application in Azure also carries significant benefits for your customers. Some of these benefits include, increased accessibility and better overall user experience through continuous updates and quicker development fixes. But it doesn’t stop there, Microsoft will also support you with executing the necessary sales and marketing activities, 

  

Joint sales and marketing efforts with Microsoft 

Finally, Microsoft will work with you on successfully taking your application to market through joint marketing activities. Microsoft has built the Azure Market Place, a platform where customers can find, try and buy applications to use. Publishing your app in the Azure Market Place will open your ISV up to exclusive joint marketing activities in over 140 countries. This will be a vital marketing channel for your ISV to leverage your application. You can find out more about the benefits of using Azure Market Place on Microsoft’s website. 

Microsoft will personally identify any relevant applications for their sellers to engage with as part of their IP co-selling programme. 

  

Ready excel your ISV with Microsoft? 

Thanks to our ISV Specialist and Azure Expert MSP status, we have an exclusive relationship with Microsoft to help ISVs access exclusive funding and assessments. If you’re looking for any support with your application, get in touch with our experts. 

DevOps has evolved over several years to become the go-to methodology for developers. It’s been adopted by some of the worlds most successful companies – Netflix, NASA, Etsy and Hertz. The rise in DevOps has been thanks to more companies adopting an agile development process. And technology is evolving to keep up with this trend too – look at Microsoft for example, they’ve created Azure DevOps which comes packed with industry-leading features such as Azure Pipelines, Azure Boards, Azure Repos and much more. If you’re looking to find out exactly what DevOps is, how it compares to traditional methods and how you can adopt it to benefit from some of these new technologies then you’ve come to the right blog. 

  

What is DevOps?

Microsoft defines DevOps as; A compound of development (Dev) and operations (Ops), DevOps is the union of people, processes and technology to continually provide value to customers. 

Adopting a DevOps culture alongside practices and tools, your team will be able to efficiently respond to customer needs and build applications quicker than ever. DevOps brings together siloed jobs such as IT operations, development teams, quality assurance and security to create a more fluid way of working that encourages collaboration. Which allows you to produce better applications or software by having all of those roles working towards a common goal. As all of those roles are working towards the same goal, right? 

  

How do traditional development methods compare to DevOps? 

We have answered some of the most popular questions we get asked on how traditional development methods, such as waterfall, compare to DevOps. 

 

How efficient are the development cycles? 

  • Traditional methods often focus on planning big releases, which are much riskier due to the amount of work involved. When working in longer cycles with infrequent releases things can often become complex quite quickly. You’ll be up against hard deadlines compiled with a list of added features. Whilst the big releases look impressive, they are often an inefficient way of working. 
  • DevOps on the other hand takes a different approach. They run with smaller releases that are often much easier to understand and test – making the release a lot less risky. It’s also easier to manage if things don’t go to plan as there isn’t so much to fix. By running more frequent smaller releases, DevOps enables your business to quickly respond to any new customer needs or requirements. 

 

How do they manage scheduling? 

  • Traditional methods often use planning and scheduling systems, to help manage any development. Within traditional methods there are typically a lot of moving parts to a development cycle, making scheduling quite a challenging task. 
  • DevOps is built on continuous smaller releases and automation from a dedicated team, making it much easier to schedule. You’ll be planning for the coming weeks as opposed to a few months, giving you better visibility of your team’s time. Plus, by having a dedicated team working on this, you’ll be able to coordinate everything effectively rather than having to schedule different people in different roles. 

 

What’s the big deal? 

  • Traditional methods often make an event of their upcoming release or update. A lot more work would have gone into a single release when a company uses traditional methods – meaning there’s a lot more at stake and much higher risk. Have you ever seen developers locked in a room for hours on end before a big launch? That’s because they’ve been working weeks, if not months for this release and are spending the final push fire-fighting any last-minute issues to hit their hard launch date. 
  • DevOps works in much smaller, more frequent cycles, meaning they don’t go popping the confetti every time they launch a release or update. There’s a lot less risk involved as not as much work would have been required since the last cycle. Plus, with automated testing in place, they can rest assured knowing that their environments are in sync. DevOps only promote from one stage to another if they are confident it will work. Thereby, eliminating the release window so they can move new functionality into productions at a faster rate. 

 

How easy is it to turn data into actionable improvements? 

  • Traditional methods will typically have to get numerous different parties involved when trying to collate information and data, which often ends up in a wordy report that’s shared with management. Lengthy reports can typically become a bottleneck as it’s not clear on what data is relevant and can result in unactioned tasks. 
  • DevOps enables you to quickly react to data thanks to the automated processes within the team. Meaning, you won’t have to sit and scroll through pages of information. By having a dedicated team gathering data from the application, you’re able to ensure that everyone within that team has a better understanding of the relevant information and data. This not only eliminates the time taken to gather the data but also to get sign-off from management. 

 

What type of culture do they encourage? 

  • Traditional methods are often risk-averse. The culture is built around trying their absolute best to not harm the business, which results in them having a lot of pressure to get things perfect. When in reality, is anything ever perfect? 
  • DevOps creates a culture very different from this. They adopt a ‘fail early’ culture, understanding that failure is inevitable. That’s why they’ve created a strong structure and process around controlled failure through continuous testing, smaller deployments and automation. The team adopts the mindset of the sooner you fail, the smaller the impact and the quicker you recover. 

 

What metrics do they use to measure success? 

  • Traditional methods use a cost and capacity model which looks at how much they get done for the least amount of money. The key challenge with this model is that it can be difficult to cut costs but still maintain the same capacity – which is why a lot of companies using traditional methods have to regularly outsource tasks. 
  • DevOps has taken this model one step further by adding in ‘flow’ since new applications should be measured by the time involved. This encourages them to review the end cycles time to identify any areas of waste by calculating true productivity so they can focus on the activities that add the most valuable. 

 

What do they define as a completed task? 

  • Traditional methods often complete a task by doing their part and passing it onto the next person. They’ll be so focused on completing a task by meeting the deadline rather than making sure what is done is deployable. Using this method can often lead to a loss in quality and a lack of accountability. 
  • DevOps on the other hand focuses on creating a cross-functional team where everyone’s accountable for the task being completed. All team members will be working towards the same goal and will therefore have the same definition of a completed task, which is creating high-quality software. They are driven by the bigger picture rather than focusing on the specific tasks they need to carry out. 

 

Looking to modernise your DevOps practices? 

Are you keen to start using DevOps practices to adopt new technologies? We can help. Microsoft has created Azure DevOps, which provides you with the tools you need to adopt a DevOps culture effectively. As an Azure Expert MSP, we can support you in transforming the way you work. Get in touch to talk to our experts about improving the way you create applications. 

Over the past five years, the way businesses use the cloud for their applications has changed dramatically – making it safe to say technology has transformed the way applications are made. With customers relying on SaaS solutions and cloud-based start-ups popping up left right and centre, it makes now a perfect time to migrate your application to the cloud. But where do you start? 

Application Rationalization is the first step in your migration. Microsoft defines it as; the process of evaluating assets to determine the best way to migration or modernise each asset in the cloud. The best way to analyse your applications environment is by using what Gartner articulately coined as the five R’s of application modernisation – this will help you choose the best path for your migration. 

So, when you’re looking to modernise application make sure you use the rationalization approach that fits your long-term strategy, motivations, and current state environment. Ready to explore the five R’s? Let’s jump in. 

 

Rehost 

Rehosting an application, more commonly known as a ‘lift and shift’, makes the least change to the architecture of the application. It is the simplest migration there is as it involves you moving your application from one environment to another. Rehosting your application is suitable for a legacy migration or if you have an IT team with limited cloud knowledge. 

It’s best to rehost when you’re looking to move fast or on-prem is costing your business too much. 

 

Refactor 

Refactoring an application is when you refactor the code to open your ISV up to new business opportunities. This doesn’t mean making any major overhauls to the code, just updating a few bits here and there to optimise your application. 

Once your application has been refactored, your ISV will have greater cloud efficiency, giving you access to better resources, speed, optimised costs and the ability to better manage your operations. Once your ISV has refactored your application you will be able to leverage Microsoft tools such as Azure SQL Database Managed Instances, Azure Container Services, Azure’ App Services, Azure Functions and Logic Apps. It’s best to refactor when creating a custom application or you don’t want to create or maintain infrastructure. 

 

Rearchitect 

Before you can even start thinking about moving to the cloud, you need to make sure your application is cloud compatible. Rearchitecting an application is when you completely re-write your application to better fit in the cloud. This is usually the case for a legacy or ageing applications that aren’t compatible with the latest cloud providers. 

The four key reasons why you may want to rearchitect your application are: 

  • Your application is cloud-compatible, but not cloud-native 
  • Improve your applications scale and agility 
  • Making it easier to adopt new cloud capabilities
  • If you use a mix of technology stacks 

 

Rebuild 

Sometimes, applications aren’t worth further investment as they don’t meet the businesses current needs and are now unsupported or misalign with the current business process. If this is the case, then it’s best if your ISV rebuilt their application with a new code base that will align with a cloud-native approach. This typically involves your ISV leaving the old application and rebuilding it from new using the Azure Platform as a Services (PaaS) such as, Azure Functions, Logic Apps and Azure SQL Database. 

So, if you’re planning to scale your application and futureproofing it using the latest cloud technologies then a rebuilding approach is right for you. 

 

Replace 

When building your application, you would have used the best technology and approach available at the time. But you know better than anyone that technology can get outdated quickly, particularly if it isn’t being maintained and keeping up with industry best practices. 

It’s best to replace when you don’t want to invest in a development team to revive your application. 

  

So, what approach will you take? 

Before modernising your application, you should apply the 5 R’s to help you make the right decision about your application. If you want help figuring out the best migration for your application or are looking for a partner to migrate with, simply get in touch with our application experts. 

Migrating to the cloud is a big investment, so it’s important you choose the right provider for your business. And really, it comes down to options – Microsoft Azure and Amazon Web Services. Let’s explore these two big players so you can decide which cloud provider best suits your business needs.  

 

What is Azure?

Microsoft Azure is a set of cloud services that can help your business achieve fearless growth. No matter how big or small your company, Azure can provide you with the freedom to build, manage and deploy apps using your favourite tools and frameworks. Azure offers a range of functionalities including, analytics, storage, computing, networking and more – all of which integrates with your cloud environment to help you achieve fearless growth.

Benefits of Azure:

  • Create a hybrid cloud environment with ease
  • It has a comprehensive set of compliance offerings
  • Covers more global regions than any other cloud provider

 

What is AWS?

Amazon Web Services (AWS) has over one million customers and has been around for over 13 years. You’ll have the ability to scale your business through their services, including compute, storage and delivery.

Benefits of AWS:

  • It’s one of the longest standing cloud solutions
  • Easy to use application hosting
  • Can use Amazon’s identity and security services

 

Azure VS AWS: Features

Azure and AWS have very similar features. However, Azure has some remarkable features that AWS simply doesn’t. These include; Azure Visual Studio Online, Azure Site Recovery, Azure Event Hubs and Azure Scheduler. Microsoft Azure offers a more advanced Hybrid Cloud with its integrated cloud service with multiple deployment options, allowing you to better manage your private and public cloud as one.

AWS offers a wide range of IaaS solutions, including; Compute, Storage and CDN, Database and Networking. But AWS doesn’t offer as comprehensive a hybrid cloud option as Microsoft does.

Depending on what you’re looking to do in your cloud environment will help determine whether your company would benefit from Azure or AWS. If you decide Azure is the way for you or just want to find out a bit more, then our experts know a thing or two about Azure and will help you identify whether it will provide your business with the cloud environment you’re looking for.

 

Azure VS AWS: Global coverage 

Having a cloud provider with a global infrastructure will allow you sustainably scale your business across the world. Now, who doesn’t want that? Azure and AWS both have a global footprint and operates in different regions across the world. But who has the most coverage?

AWS has 66 availability zones within 21 graphic regions and has plans to open in four more regions, including Bahrain, Cape Town, Jakarta and Milan.

Microsoft Azure infrastructure is in 54 regions and is available in 140 countries, with six more announced. That’s more than any other cloud provider. Azure provides you with the infrastructure you need to take your application to a global scale.

 

Azure VS AWS: Deploying Apps 

Cloud computing can make deploying an application a walk in the park. But what cloud provider offers the best tools for deploying your applications?

Microsoft Azure provides you with the tools you need to not only deploy your app but scale it to your business’s needs. Azure has multiple application deployment options to ensure you have a smooth deployment process, including; cloud services, container service, batch and application services.

AWS has similar solutions with Lambda, Elastic Beanstalk and container services. However, Amazon does not offer as many application hosting features as Azure.

 

Azure VS AWS: Security

Security is a big concern to many businesses, especially in the cloud. Azure and AWS are two of the biggest cloud providers, and both have the capabilities of making sure your cloud environment is secure.

Microsoft has created their own version of role-based access control (RBAC) called Azure Directory. RBAC will help you enhance and simplify security as you control users’ permissions. Thanks to Microsoft background on networking, they’ve been able to develop a complex and strong security feature that will allow you to manage users access successfully.

AWS has also developed its own RBAC, called Identity and Access Management (IAM). It doesn’t have as complex security services as Azure, but it does offer additional services such as GuardDuty and DDoS.

 

Azure VS AWS: Pricing  

AWS is five times more expensive than Azure for Windows Server and SQL Server. You could save up to 71% on your Windows Virtual Machines with Azure compared to AWS EC2.

Here at Cloud Direct, we’ve created our own portal to allow you to monitor your Azure spend and usage called PROVIDE. This will help you get a better understanding of your current and future costs in Azure.

Both AWS and Azure follow a pay as you go model allowing you to only pay for what you use. With Azure you pay by the hour, whereas with AWS you pay by the minute which is a more precise pricing model.

The good news is, Azure and AWS both offer a free trial of their services – meaning you can try before you buy.

Depending on what you’re using the cloud for will determine which provider will be more cost-effective for your business. Our experts are happy to help you understand how much you could save in Azure.

 

Azure vs AWS: Partners

Working with a partner when migrating to the cloud can make a huge difference. A partner can provide added value to your cloud environment. And if you’re looking to make the most of your cloud, then it’s important you’re choosing the provider that has partners to help you have a seamless migration.

AWS has over 100,000 partners that can help add value to your business. They have partners that specialise by industry, including; government, education, non-profit and more.

Azure has slightly fewer partners, with a total of 68,000 MSP partners. But it’s all about quality, not quantity – right? Azure has recently launched the Azure Expert MSP programme to ensure you’re getting the best partners for your cloud migration. This is made up of around 35 Azure Expert MSPs around the world. And we’re proud to be one of them.