If you’re looking to learn more about Microsoft cloud, including how your organization could benefit from it, you’re in the right place. This comprehensive guide covers the basics and beyond, from “What is Microsoft cloud?”, to services and security.
Feel free to skip to the parts you’re most interested in by using the table of contents below. If you have any questions after reading, don’t hesitate to get in touch—I’m happy to provide clarification and answer any of your questions.
Table of Contents
- Chapter 1: Overview
- Chapter 2: Services
- Chapter 3: Partner Network
- Chapter 4: Security
Chapter 1: Overview
What is Microsoft Cloud?
The “cloud” is a global network of remote, connected servers acting as a singular technology ecosystem. It naturally follows that “Microsoft cloud” is Microsoft’s proprietary version of this generic term. The company has its own ecosystem, called Azure, which it makes available to customers for a fee.
Further, Microsoft cloud consists of two main types:
- Public cloud—Your applications and data are hosted in Microsoft’s datacenters. The infrastructure is managed by Microsoft, and your organization rents computing resources as needed (i.e. utility computing). The platform associated with this cloud type is Microsoft Azure.
- Private cloud—Alternatively, utilizing a private cloud means your organization has its own on-premises datacenter, or you have physical servers occupying a co-location facility. You buy all the necessary infrastructure and host applications, and store data in an environment you create.
Inherent in these cloud types are three key benefits, which we’ll explore in the next section:
- Greater Agility
- Increased Reliability
- Lower Cost
Public Cloud Vs. Private Cloud
If you remember the enterprise world before the cloud (or are still living in it) you’ll recall the drawbacks of a primarily physical environment:
- There is an abundance of older hardware, which leads to more hardware failures.
- It requires a large number of human and system resources to deal with the complex ecosystem created within the organization.
- Processes are mostly manual.
- Upgrades are time-consuming, especially when having to take systems down to change out components like RAM.
- There is a lack of agility.
The cloud changed all that. But there are two options available for moving to the cloud—which one should you choose? It depends on your organization’s priorities.
Why Public Cloud
With a public cloud, your organization gains unprecedented agility. So much so, in fact, that it could be considered transformative. Since Microsoft provides the infrastructure, system management, and as-needed computing resources, your organization removes several burdens.
For one, you no longer need to deal with physical hardware. This reduces the costs associated with creating these enterprise ecosystems, including procuring and housing hardware components. Subsequently, there’s no need for additional workers to manage and maintain that hardware.
In addition, service availability becomes Microsoft’s responsibility. When system-related issues and costs rise, it’s Microsoft’s problem, not yours. Thus, your organization can freely operate without the “impending doom” of infrastructure failures.
However, the public cloud does entail giving up a certain level of control. This is probably the biggest drawback for organizations, especially those that require a high level of control over their applications and data.
Why Azure? If you consider that the majority of organizations have multiple Microsoft instances (e.g. Office 365, Windows Server, etc.), there’s an easy path forward into its cloud platform Azure. Other cloud platforms, like Amazon Web Services, may be well known generally, but they are less familiar in an enterprise context.
Still, it’s important to note that despite its lineage, Azure doesn’t cater to Microsoft products and services exclusively. It also supports a number of open-source technologies, such as Linux, Ubuntu, and Java.
Why Private Cloud
Utilizing a private cloud also provides agility to these ecosystems. You could add RAM without shutting down a server, and if one virtualized server fails, the load shifts to other servers.
With a private cloud, your organization also has full control over the hosting of your datacenter. You choose the physical location of your servers, how to customize your setup, etc. This is important for use cases where a critical requirement for doing business is data sovereignty, where datacenters store data only within a territory defined by the host country. Organizations with sensitive requirements are often not allowed to put certain data in the public cloud due to government or industry-specific compliance issues (e.g. HIPPA – Health Insurance Portability and Accountability Act).
However, taking the private approach to the cloud is typically more expensive. There are additional monetary and non-monetary costs, such as paying for infrastructure components and human labor, as well as experiencing and resolving service interruptions.
Common Microsoft Cloud Terms
Here are some common terms you may come across in this guide that are essential to understanding the Microsoft cloud:
- Cloud redundancy—Even in the cloud there are physical components. And, as noted previously, these components invariably fail. This makes having duplicates of data and resources extremely important, so if one version fails, there are copies available, minimizing or eliminating service disruption.
- Hosts—For private cloud, hosts are hosts where the hypervisor runs. They can be physical or virtual and provide CPU memory and storage, depending on your architecture.
- Replication—The process of copying or backing up a virtual machine, application or data between one or more clouds/servers to increase redundancy.
- Hyperconvergence—A framework that integrates computing, storage, and networking into a singular infrastructure. This helps reduce bottlenecks, simplifies system complexity, creates a self-healing environment and enables you to build out large clusters that are resilient, flexible and scalable.
- Abstraction—The action or process of transforming physical hardware into shared resources, resulting in virtualization.
- Provision—The process of building resources, virtual machines, and workloads.
Chapter 2: Services
Microsoft Cloud Products
There are several Microsoft products related to the cloud:
- Microsoft Azure and Azure Marketplace
- Microsoft Dynamics
- Microsoft Office 365
- Microsoft OneDrive
Microsoft Azure and Azure Marketplace
This is Microsoft’s public cloud platform that is supported by Microsoft’s datacenters and staff. Azure offers a set of cloud services that enable you to build, manage and deploy applications without having your own infrastructure in place. It is also technologically agnostic, supporting open-source applications and tools.
Microsoft Dynamics 365
A cloud-based business apps platform, Dynamics 365 is a combination of Microsoft’s Dynamics AX (ERP application) and Dynamics CRM. Thus, Dynamics 365 exhibits capabilities of enterprise resource planning and customer relationship management, as well as productivity and artificial intelligence tools.
As befits a Microsoft product, it is easily integrated with other Microsoft applications and its cloud platform, Azure.
Microsoft Office 365
Most business professionals are familiar with the Office suite of products offered by Microsoft, built to enable task completion and productivity. The suite comes with eight apps: Word, Excel, PowerPoint, Outlook, OneNote, and OneDrive, as well as Publisher and Access (only available for desktop).
The “365” designation indicates both the built-in cloud aspect of the product and the fact that it follows a subscription model (vs. a standard, one-time purchase).
Formerly named SkyDrive (and sometimes mistakenly referred to as “One Cloud”), this product is Microsoft’s cloud storage offering. It’s also a part of Microsoft Office 365. Whether for personal or business use, OneDrive enables you to access and modify your files on multiple devices, with changes being synced across devices.
You can also collaborate with other users in real-time on apps such as Word. Of course, the business version of OneDrive has enterprise-specific features, such as user-level permissions and auditing tools.
Microsoft Azure Cloud Services
Most technology professionals are referring to Azure when they use the term “Microsoft Cloud”.
To this end, let’s explore several of the numerous service categories Azure offers across a variety of organizational use cases, along with noteworthy services within each category.
AI & Machine Learning
This is an API category for image classification, object detection, image similarity, financial and demand forecasting and text analytics. As a practical example, many credit card companies use this service for anomaly detection in identifying potential fraud.
Microsoft Azure analytics enables you to aggregate metadata (e.g. data streams, log files, etc.) across applications, workloads, and users. You can then analyze and display that data in an easy-to-understand manner to uncover efficiencies, improve compliance, detect security vulnerabilities, identify trends, optimize business processes and more.
Compute focuses on adding more cycles, such as when needing to process more transactions. Other use cases include provisioning Windows and Linux virtual machines, from cloud-scale job scheduling to compute management.
Containers are the next stage of evolution in virtualization. They are stateless, sandboxed applications that don’t affect data when updated. Azure has a simple and familiar UI for containers versus other container services like Kubernetes—though you are capable of deploying, managing and operating Kubernetes within the platform. You can also develop microservices on Windows or Linux, as well as deploy and run containerized web apps.
This category enables you to run a database on an on-premises virtual machine, on Azure SQL or as an IaaS (infrastructure as a service). The latter provides easy integration, resilience and optimal performance. You can elastically expand your database compute on the fly, then shrink it after the additional load is no longer needed. You can also easily transpose an on-premises SQL database to Azure SQL—plus, Azure offers support for differing major database platforms.
While Visual Studio resides on your on-premises machines, it is still highly integrated with Azure, ensuring that code can be easily pushed to the cloud. Visual Studio Team Services is a related tool, which enables development teams to share, co-write and collaborate on code. There’s also support for blockchain coding and connecting it to the cloud.
The process of managing, securing and maintaining applications built by developers. One important service in this category is Application Insights, which helps detect and diagnose issues in web apps and services. There’s also support for open-source and third-party tools such as Ansible, Chef, Puppet and Terraform, which you can deploy natively to Azure services.
Services in this category control how users log in to applications. Of note here is Azure Active Directory, which acts as a control/authentication function and enables single sign-on. It holds the organizational hierarchy of every user, along with their identifying data and data access privileges. Also, the Multi-Factor Authentication service provides additional security measures through verification options such as a phone call, text or mobile app notification.
Infrastructure as a Service (IaaS)
Inherent in Azure as a cloud platform is its ability to offer infrastructure as a service (IaaS). This enables you to build a “real” server virtually, complete with the necessary operating system, drivers, etc. However, there are no requirements for you to have your own hardware—you just manage and maintain the virtual assets you create.
Platform as a Service (PaaS)
In this cloud computing setup, enterprises use the hardware and software provided to them by a third party. This alleviates the need to maintain the hardware and software infrastructure in-house, and gives users the freedom to develop applications without the added worry of extra cost and maintenance.
While there is some overlap with the identity category, security includes services such as Key Vault, which helps safeguard and maintain control of encryption keys and passwords. Microsoft never sees or extracts your keys since you can import or generate keys stored in hardware security modules (HSMs).
No computing technology is complete without storage. Azure’s storage category focuses on scalability and security of storage for your data, apps and workloads. Associated with this category are services for the backup, migration, transfer and archive of your data.
Chapter 3: Partner Network
What Is The Microsoft Partner Network?
The Microsoft Partner Network (MPN) is a program consisting of over half a million vendors and service providers that develop or sell solutions based on or around Microsoft cloud products. Think of it as a joint go-to-market approach, with each party being referred to as a Microsoft cloud partner.
But not every partner is the same. There are four types of partners:
- Independent software vendors (ISV)—ISVs develop software solutions that integrate with Microsoft’s cloud products (e.g., Azure) to simplify some aspect of managing your applications, for example, or make the computing environment more secure—like 5nine’s Microsoft Cloud Management platform.
- Resellers—Businesses that act as resellers sell Microsoft products on behalf of Microsoft, similar to a broker. There’s a revenue split between the reseller and Microsoft; however, given the more hands-off nature of this type of partnership, you can expect a much lower split compared to the other types.
- Service providers—Companies of this type focus on managing customers’ cloud infrastructure. Microsoft provides the infrastructure, while the provider manages it. Again, there’s a revenue split between the provider and Microsoft.
- Systems integrators—Typically, a systems integrator is a consulting entity that provides integration or configuration services to bring two or more systems together, with at least one of those systems being a Microsoft cloud product. For example, the CIO of a manufacturing company might reach out to a firm to integrate in-house systems with Azure. To note, consulting firms like Accenture, Deloitte and PwC offer systems integration services.
There are some clear similarities and distinct differences between these partner types. For example, while they all have some form of a revenue split, the exact nature of the split differs for each partner type.
Competencies of the Microsoft Partner Network
In recognizing that partners bring different knowledge and skills to the network, the MPN consists of numerous competencies. Each competency covers a different area of business, including app development, cloud platforms, data management and analytics, mobility and productivity.
Which competencies are right for your organization? It depends on your business model and the technology service mix you offer, among other aspects.
We explore a few of these competencies below, along with their general requirements. Note that Microsoft offers multiple performance options, each having its own set of requirements; we will cover only the most frequently used option.
As the name suggests, this competency is all about the cloud (i.e. Azure). You’ll be interested in gaining this competency if your organization is helping customers migrate applications and data to the cloud, building solutions on data platforms in the cloud, or delivering services and building products using SaaS and PaaS solutions from Azure Marketplace.
Alternatively, if your organization is a hosting or managed services provider, this is also a relevant competency to strive for.
Requirements for the Azure consumption option include meeting certain performance requirements with regard to Azure customer consumption, passing a technical assessment on one of several topics (e.g. remote desktop services on Azure), providing several customer references, completing a company profile and paying the associated competency fee.
Cloud productivity revolves around Office 365, which boasts over 100 million monthly active commercial users. Successfully attaining this competency would showcase your technical capability in delivering Office 365 solutions across single or multiple productivity practice areas.
Requirements for the managed service partner option include meeting certain performance standards with regard to active users, passing an exam on one of several topics (e.g. enabling Office 365 services), providing several customer references, completing a company profile and paying the associated competency fee.
If you specialize in business intelligence or big data management, the data analytics competency will be a suitable pick. Having this competency will communicate to your customers and prospects that you are able to build descriptive, diagnostic, predictive and prescriptive analytics solutions, as well as provide actionable insights and reporting.
Associated with this competency are Microsoft’s Office, SharePoint Server and SQL Server products.
Requirements for the data analytics specialist option include passing an exam on one of several topics (e.g. implementing a SQL data warehouse), providing several customer references, completing a company profile and paying the associated competency fee.
If your organization provides services for the private cloud, including management and virtualization deployment services, you’ll be interested in the datacenter competency. These capabilities directly align with Microsoft’s portfolio of infrastructure, application and security products.
Associated with this competency are Microsoft’s System Center, Server and Azure products.
Requirements for the datacenter solutions option include passing an exam or certification on one of several topics (e.g. networking with Windows Server 2016), providing several customer references, completing a company profile and paying the associated competency fee.
This competency is aimed at organizations with specialized knowledge and experience in SQL databases, big data for on-premises and hybrid environments or architecting, and developing and administering data platforms.
Microsoft SQL Server is associated with this competency and includes operational database management and data warehousing.
Requirements for the SQL database specialist option include passing an exam on one of several topics (e.g. provisioning SQL databases), providing several customer references, completing a company profile and paying the associated competency fee.
Small and Midmarket Cloud Solutions
This is another competency that revolves around Office 365; however, this one focuses exclusively on delivering solutions to small and midsize business customers. If your organization goes after this competency, you’ll be demonstrating your technical capability with Office 365 in enabling your customers to conduct business anywhere, securely.
Requirements for the Office 365 services option include meeting certain performance requirements with regard to increasing your customer base, passing an exam on one of several topics (e.g. enabling Office 365 services), providing several customer references, completing a company profile and paying the associated competency fee.
It’s important to note that all competencies must be renewed yearly on your renewal date.
Benefits of the Microsoft Partner Network
Being that this is a “partner” network, naturally there is a mutual benefit to both Microsoft and the partner company.
How does Microsoft benefit? Regardless of how large a corporation it is, Microsoft does not have the necessary resources and manpower to develop applications or provide professional services for every use case. Thus, relying on thousands of partners enables its solutions to gain greater adoption and its business to scale up.
On the other side, the partner receives several general benefits:
- Help going to market faster and more effectively
- Exposure to new customers through referrals and the Azure marketplace
- Co-marketing and credibility from the Microsoft brand
Additionally, as a partner, there are two tiers you can reach: silver and gold. The exact requirements for achieving these tiers vary by competency, but they are typically based on your organization’s performance and contributions to the partnership.
For example, a common requirement is a monetary value of Microsoft product consumption by customers within a given timeframe (e.g. $15,000 Azure customer consumption within the previous 12 months).
When reaching the silver or gold tier, you unlock certain benefits, including:
- Additional licenses for selected cloud services and on-premises software
- Unlimited technical pre-sales assistance and more partner advisory hours
- Greater and higher-level product support
- Access to enterprise customers
- Shared marketing dollars
- Co-press releases
- Prioritized listing in Microsoft referrals
- Priority selection at tradeshows
- Silver/gold Microsoft competency logos
- A host of other items as part of the Microsoft incentives portfolio
Chapter 4: Security
Microsoft Cloud Security
Like any other cloud solution or an on-premises environment, Azure is subject to external threats like viruses, hack attempts, and DDOS attacks, as well as internal threats such as misconfigurations and mistaken role assignments.
Microsoft has instituted a significant amount of security oversight when it comes to Azure, along with a combination of manual and automated security processes. Even in developing Azure, Microsoft used the security development lifecycle, addressing security at every development phase. It continues to ensure the platform is updated to remain secure.
In addition, Azure comes equipped with a number of security services that help keep users protected. We explore the most relevant of these below.
Azure Active Directory (AD)
We touched briefly on this service earlier, but its importance warrants more discussion. The purpose of Azure AD is to ensure only authorized users can access your data and applications.
Its multi-factor authentication provides an additional layer of validation at sign-in, and it uses industry-standard protocols like SAML 2.0, WS-Federation and OpenID Connect to perform authentication, authorization, and access control. Additionally, Azure AD’s single sign-on capability helps minimize IT and user burden while maintaining centralized security control.
Azure Advanced Threat Protection (ATP)
Azure ATP helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber attacks and insider threats by reviewing incoming traffic and providing detailed analytics on suspicious activities.
Azure Key Vault (KV)
Azure KV addresses the need to encrypt communications and operation processes. It enables users to safeguard and control cryptographic keys and certificates used by cloud apps and services.
For example, instead of exposing keys, Azure KV refers to a variable called a hardware security module (HSM) that is certified to FIPS 140-2 level 2 standard. Azure KV imports these HSMs instead of the actual keys or passwords.
Azure Security Center (SC)
Azure SC enables you to apply security policies across your workloads, limit your exposure to threats and detect and respond to attacks. Included with this service are centralized policy management, continuous security assessments like resource health and vulnerability monitoring, advanced cloud defenses like adaptive application controls and more.
One particularly useful feature of Azure SC is the recommendation portal. This portal includes a dashboard displaying your security assessment and recommendations for your specific resources (e.g. firewalls, patching, upgrading, permissions, etc.).
Until next time, Rob
Originally published at https://www.5nine.com/microsoft-cloud/