+40 256 706 057 [email protected]
Cloud Strategy for Your Organization: Peace of Mind (as a Service)

Cloud Strategy for Your Organization: Peace of Mind (as a Service)

Mihai Tataran
General Manager & Partner, Avalego
Microsoft Regional Director & Azure MVP

Before we begin

This article comes as a continuation of the previous ones in the series called
Cloud Strategy for Your Organization

and focuses on the last of the steps we usually take with our customers who migrate to the Cloud.

Click on the image to enlarge

Now we will focus more on getting the peace of mind while the workloads are running on Azure.

We will discuss what Managed Services on Azure and Microsoft 365 technically mean, what are the things a managed services provider or an internal IT operations (DevOps, IT) team should do proactively, focusing on aspects like:

  • Azure governance,
  • cost control,
  • security,
  • efficiency.

Why Peace of Mind?

The real question is:

While your solutions are running in Azure, is there anything you should be doing for your peace of mind?

One could think – “Isn’t the Cloud supposed to (maybe magically) take care of my software solution out of the box?”

The simple answer is while the Cloud offers us a lot of technology which makes IT operations much easier, especially under the Platform as a Service (PaaS) and Serverless offerings, it doesn’t mean that we don’t have to do anything anymore.

During our interactions with large organizations that we’ve helped in the past years to migrate to the Microsoft Cloud (Azure and Microsoft 365), we have discovered the best practices needed for good maintenance.

We have built those best practices in a set of services that we call “Peace of Mind (as a Service)” that include proactive and reactive measures. And in this article, I will discuss the proactive actions we usually take. The reactive actions I am referring to are the usual SLA-based support activities any managed services provider, or IT team already knows about.

Those proactive best practices and actions are grouped into 5 different categories:

  • Access and Users Experience
  • Analytics and Monitoring
  • Governance and Security
  • Performance and Cost Optimizations
  • Feature Usage and Roadmap

Further on, we will explore a few of them.

Access and Users Experience

There isn’t much to say here since the title is quite self-explanatory. What is worth mentioning is that there are specific techniques and tools related to authentication and authorization in Azure and Microsoft 365, which should be used properly to get the maximum benefits in a lot of areas, not only security but also cost control and monitoring for example.

This category of actions deals with:

  • Role Based Access Control
    This is how authorization on Azure resources, Resource Groups and Subscriptions should be done. One should make sure the right people or groups (from Azure Active Directory) have the right access to the right grouping of resources. This can have a tremendous impact not only on security, but also on resources’ organization (avoiding chaos, like a person without the right access being able to delete a resource), and cost control (restricting people which should not be able to create resources in a certain Subscription).
  • Multi-Factor Authentication
  • Policies
    Enforce some conditional access policies, e.g. enforce MFA for some users.
  • etc.

And this list is not an exhaustive one, but more like just a glimpse.

Governance and Cost optimizations

In general, governance can mean a lot of things, but we are thinking mainly of:

  • Resources organization
  • Resources security
  • Auditing
  • Cost control and optimization

For resources organization, we have to start from understanding the relationships between Tenants, Subscriptions and Resources:

A customer with an Office 365 tenant (domain) will have an associated Azure Active Directory, and an associated Azure tenant. The directory in Azure is the same as the directory in Office 365: Azure AD. All the other Office 365 services (Exchange Online, SharePoint Online, etc.) are using Azure AD for authentication and authorization.

An Azure Subscription is usually a cost center or part of a cost center (in a larger grouping of Subscriptions). There is also a way to group more Subscriptions in a Management Group, for even better organization.

Why is this grouping of resources relevant? Because you can apply your governance conditions, for example using Azure Policies, at the scope that you choose: at a Management Group, or Subscription, or Resource Group. An example would be to limit the types of VMs that can be created in a Management Group (a collection of Subscriptions). Or to limit the VMs in a Subscription to a specific Azure region.

Another advantage of sound grouping of resources is managing cost. First, you will be able to know your costs grouped by:

  • Cost centers (e.g. Subscriptions or Management Groups)
  • Usually, a Resource Group contains the resources with together make up a solution (with the exception of course when a solution uses resources that might be shared with other resources).
  • Type of resources, for example, resources used for testing, or by a certain user.

So cost control is crucial, especially in a pay-as-you-go type of Azure consumption. And it starts with proper allocation and grouping of resources.

Another thing is cost optimization. It can be done through a combination of, at least:

  • Policies
  • Alerts
  • Specific features like Azure Automation, DevTest Labs
  • Autoscaling

Policies

Setting up Policies like allowed VM types or resource types in general. They can be applied per Resource Group, Subscription, or Management Group.

Alerts

You can configure Azure alerts (from the Azure portal) like:

  • When a costly (you define what costly means for you) resource is created.
  • Showing orphaned resources – in combination with some custom code done with Azure Functions or Azure Automation. This is a very typical cost drain: expensive resources which are not being used anymore.
  • etc.

Or you can define cost/budget related alerts, such as when you’ve reached a spending limit, per resource group or per resource type.

Autoscaling

You can easily define autoscaling rules, so the infrastructure needed by your solution scales up or down, exactly as needed. Autoscaling can be applied easily (from the Portal or through scripting) for many compute resources (VM Scale Sets, Web Apps, etc.), or with some custom work, you can do it for other resource types like SQL Database or CosmosDB.

Conclusion

Managing workloads in Microsoft Cloud is done differently than on-premises.

There are proven ways and best practices for Managed Services on top of the Microsoft Cloud, and while developing our Peace-of-Mind service offerings we made sure we incorporate pretty much all of them. For more information about our services around these technologies, browse our website.

For more in-person, in-depth information about this particular topic, you can register for free at for the next edition of our annual Cloud Conference.

If you are interested to explore more on this topic, Mihai talks about how should companies approach Cloud and the best way to migrate the workloads to PaaS in a video series available here.

Mihai_Tataran

Mihai TATARAN is the General Manager of Avaelgo and CEO of InterKnowlogy. He is also Microsoft Regional Director, Microsoft MVP on Microsoft Azure, Microsoft Azure Insider, and Microsoft Certified Professional. Mihai has been teaching Microsoft technologies courses to software companies in Romania and abroad, being invited by Microsoft Romania to deliver many such trainings for their customers. Mihai has very good experience with large audiences at international conferences: DevReach in Bulgaria, Codecamp Macedonia; TechEd North America 2011, 2012 and 2013 – speaker and Technical Learning Center (Ask the Experts), Windows AzureConf. He is also the co-organizer for the ITCamp conference in Romania.

Free Workshop: Easily migrate to Microsoft 365

Free Workshop: Easily migrate to Microsoft 365

27 March 2019, 10:00 -12:00

Microsoft Romania, Piața Presei Libere 3-5, City Gate – South Tower, Sala Downtown 1, Bucharest

This workshop is designed for technical decision makers and senior IT professionals.

About the workshop

Whether you’re new to Microsoft 365 and/or Office 365 or just want to learn how to take better advantage of them, this workshop is for you.Microsoft 365, Office 365… If you’re thinking Wait – aren’t those the same thing?, you’re not alone. Confusing as it is, Microsoft has created 2 different product lines with extremely similar names. Each software is good for its own scenarios, but figuring out which is best for your business can be a real challenge.During the workshop, we’ll break down the differences between Microsoft 365 and Office 365 and explain what does each offer specifically. You’ll learn about the different plans so you can discover which plan works best for you.

Agenda

  • 09.45 – 10.00 – Workshop registration
  • 10.00 – 10.30 – Office 365 Overview
  • 10.30 – 11.15 – Microsoft 365: Windows 10 and EMS (Enterprise Mobility + Security)
  • 11.15 – 11.30 – Break
  • 11.30 – 12.00 – Office 365 or Microsoft 365? Which one works best for my organization?

Your Consultant

Daniel POPESCU is the Head of Avaelgo Managed Services department. He is responsible for leading, managing and developing the operations teams in our Managed Services Division including, technology implementations and pre-sales, 1st and 2nd line Services desk and Service Management.
Webinar: Why Should You Care About Enterprise Mobility + Security in Office 365

Webinar: Why Should You Care About Enterprise Mobility + Security in Office 365

 18 December 2018, 15:00 – 15:30 This workshop is designed for all IT professionals and managers, who would like to find more about the benefits of extending your Office 365 capabilities with Enterprise Mobility + Security.

About the webinar

Office 365 is a critical step in your organization’s digital transformation. As you deploy Office 365, you can extend its robust management and security capabilities to your broader digital ecosystem for a comprehensive and holistic security strategy.Join this webinar to understand the landscape and get the facts. Learn how Enterprise Mobility + Security builds upon Office 365 to deliver more cloud applications to a wide variety of devices while safeguarding your critical assets and protecting you against security threats.Agenda
  • Identity and Access Management
  • Managed Mobile Productivity
  • Information Protection
  • Identity-Driven Security

Your consultant

Tudor_Damian_portret_square

Tudor DAMIAN, is the Executive Manager of Avaelgo, an IT consultant and tech support specialist. With more than 10 years of experience in managing complex IT infrastructures, he is a Certified Ethical Hacker, a Microsoft Cloud and Datacenter Management MVP and a technical speaker at local and regional community events. Tudor often talks about the latest technologies and trends with themes including general networking & security, virtualization technologies, OS deployment and maintenance, social engineering and information security awareness, web application security, white-hat hacking and penetration testing techniques. He is also an organizer for the ITCamp conference in Romania. His day to day activities cover designing and implementing IT solutions, performing tech support and maintenance work, and delivering training sessions for experts and beginners alike.

Webinar: Microsoft 365 Versus Office 365 – Which of These Does My Company Need?

Webinar: Microsoft 365 Versus Office 365 – Which of These Does My Company Need?

Date: 4 December 2018, 15:00 – 15:30
This webinar is designed for anyone who wants to learn more about the difference between Microsoft 365 and Office 365.

About the webinar Microsoft 365 vs Office 365

Whether you’re new to Microsoft 365 and/or Office 365 or just want to learn how to take better advantage of them, this is a webinar for you.

Microsoft 365, Office 365… If you’re thinking Wait – aren’t those the same thing?, you’re not alone. Confusing as it is, Microsoft has created 2 different product lines with extremely similar names. Each software is good for its own scenarios, but figuring out which is best for your business can be a real challenge.

During the webinar, we’ll break down the differences between Microsoft 365 and Office 365 and explain what does each offer specifically. You’ll learn about the different plans so you can discover which plan works best for you.

Agenda

  • Office 365: Overview & Plans
  • Microsoft 365: Windows 10 and EMS (Enterprise Mobility + Security) – Overview & Plans
  • O365 vs M365 – Deciding what’s right for your business

Don’t miss the webinar! Register now to figure Microsoft 365 and Office 365 out.

About the trainer

Tudor_Damian_portret_square

Tudor DAMIAN, is the Executive Manager of Avaelgo, an IT consultant and tech support specialist. With more than 10 years of experience in managing complex IT infrastructures, he is a Certified Ethical Hacker, a Microsoft Cloud and Datacenter Management MVP and a technical speaker at local and regional community events. Tudor often talks about the latest technologies and trends with themes including general networking & security, virtualization technologies, OS deployment and maintenance, social engineering and information security awareness, web application security, white-hat hacking and penetration testing techniques. He is also an organizer for the ITCamp conference in Romania. His day to day activities cover designing and implementing IT solutions, performing tech support and maintenance work, and delivering training sessions for experts and beginners alike.

Workshop gratuit: Migrarea eficientă a organizațiilor în Cloud. Prezentare de studii de caz Avaelgo

Workshop gratuit: Migrarea eficientă a organizațiilor în Cloud. Prezentare de studii de caz Avaelgo

23 Noiembrie 2018, 9:30-12:30

City Hub, Bulevardul Expoziției Nr. 2, București

Workshop-ul se adresează persoanelor tehnice de decizie.

Despre workshop

Vă invităm la un workshop gratuit pentru a afla mai multe detalii despre modul în care companii din diverse industrii și de diferite dimensiuni au migrat cu succes în Cloud și cum beneficiază acestea în urma migrării.

Modul în care migrarea în Cloud poate transforma operațiunile de zi cu zi, diferă mult de la o organizație la alta, fiind infulențate de prioritățile și nevoile fiecărei companii.

Scopul acestui eveniment este să vedeți câteva studii de caz, problemele inițiale de la care s-a plecat, suma de beneficii rezultate în urma migrării și cum au reușit alte companii să își atingă obiectivele de business.

Agenda

  • 09.30 – 10.00 – Cafea & Înregistrarea la workshop
  • 10.00 – 10.30 – Migrarea eficientă în Cloud – direcții, abordări
  • 10.30 – 11.00 – Studii de caz – Companii care au migrat în Microsoft Azure
  • 11.00 – 11.15 – Pauză
  • 11.15 – 11.45 – Studii de caz – Companii care au migrat la Microsoft Office 365
  • 11.45 – 12.15 – Migrarea eficientă în Cloud cu serviciile Avaelgo
  • 12.15 – 12.30 – Q&A

Consultantul Dvs.

Daniel POPESCU, Delivery Manager și Senior Cloud Architect la Avaelgo, este responsabil de construirea strategiei de IT a clienților, acționând ca un Trusted Advisor în relația cu CIOs, CTOs, IT Manageri și Enteprise Architects.

New Free Workshop in Cluj-Napoca: Microsoft Tools & Services for GDPR Compliance

New Free Workshop in Cluj-Napoca: Microsoft Tools & Services for GDPR Compliance

14 November 2018, 16:00-19:00

The Guild Hall

This workshop is designed for technical decision makers from EPG & SMC companies, such as CTO, CIO, IT managers, IT directors, DPOs or any other technical decision makers.

Why attend this workshop

If your company is using Microsoft Azure, Office 365 or Microsoft 365, most probably you know that you are in charge of securing data from those environments. Microsoft already provides some tools that help you to secure data access. Dedicate time to understand what you need to do in order to become compliant and use the practical recommendations, services and tips shared in this workshop to help you get started. Then, create a plan of action for your journey to GDPR so you can ensure you and your business are complaint sooner, rather than later.

Join us on November 14th and let’s have a look at some of the key tools and services to consider!

Pin It on Pinterest