- Blog
#Azure #Technology
Securing Azure Virtual Machines: Using Azure Bastion and Just-In-Time (JIT) Access
- 18/11/2024
Reading time 5 minutes
The adoption of public cloud technology is not only increasing but also growing at an accelerated pace. Microsoft Azure, for example, is seeing a consistent growth in usage quarter-by-quarter(1). To give you an idea, Microsoft Azure’s revenue growth increased by 35% in the first quarter of the fiscal year 2023.
Leading public cloud technology providers clearly emphasize the development of new public cloud services over conventional on-premises or private cloud solutions. Should your digital organization follow this trend and prioritize public cloud infrastructure over on-premises and private cloud infrastructure? The answer is definitely yes! Why? Check out our article ‘Not embracing the public cloud will put you out of business sooner rather than later’ where we answer that question in more detail.
However, within organizations, there may be varying levels of enthusiasm for this shift towards public cloud adoption. Those in technical roles such as developers, solution architects, and data engineers, tend to be more open to new technology and its potential benefits. On the other hand, if there are not enough advocates for public cloud adoption within a decision-making role, the process of transitioning can be slow and met with resistance. The objections to public cloud migration often stem from concerns of losing control, rather than a dislike of change. To address these concerns and pave the way for successful public cloud adoption, it is essential to understand the root of the reluctance and show how the transition can benefit all stakeholders.
Via this article, we aim to provide you with the necessary information to effectively address and overcome common concerns related to public cloud adoption. As a result, you should be more confident to successfully initiate and execute your organization’s public cloud adoption project.
This concern is often raised by operations and infrastructure teams responsible for maintaining a company’s current hardware infrastructure. On the surface, it appears true that owning an asset is cheaper than renting it, and renting public cloud services from providers may come at a markup. However, it is important to consider the total cost of owning a server, including the cost of downtime, power and cooling, labor costs, and the time required to keep the server updated.
It is crucial to ensure you are utilizing the appropriate and cost-effective public cloud services during a migration. It is easy to assume that a “lift-and-shift” approach of moving the current server architecture to cloud-hosted VMs is the only option. However, other options such as utilizing serverless architecture for certain workloads, such as lightweight, low latency batch jobs on Azure Functions can save a significant amount of money and resources compared to maintaining dedicated servers that may often be idle. By making incremental adjustments to the deployment target, it is possible to bring the total cost of ownership (TCO) in a public cloud environment below the cost of on-premises or private cloud operations.
Additionally, Microsoft, as a public cloud provider, is working hard on developing new and innovative Platform-as-a-Service (PaaS) offerings on top of its core infrastructure. Most of those offerings aren’t even available in an on-premises or private cloud model. Azure CosmosDB, for example, is a global-scale, schema-less document database-as-a-service which you can’t install and run on your own production servers. Another great example is Azure Cognitive Services for image detection and natural language processing. Likewise, the most cutting-edge AI models in the world are now accessible to businesses thanks to Azure OpenAI Service. There’s no way but the public cloud to take advantage of these innovative offerings in your custom applications!
If you approach a public cloud migration as a one-time, “big bang” switchover, it may seem impossible to execute. However, breaking the process down into smaller, manageable steps and viewing it as a gradual development effort, similar to “greenfield development”, can make the process more achievable. This approach involves making small and safe incremental changes that can be independently deployed to production. This applies not only to application development but also to a public cloud migration project. It is important to acknowledge that the transition to a completely cloud-native system will take time and most companies should plan to spend several years in a hybrid environment with some workloads running on-premises and some in the public cloud.
Azure offers solutions for seamless integration between the two, providing hybrid solutions for identity, security, networking, and data access. To successfully plan a migration, it is important to identify which applications or systems would benefit the most from running in the public cloud instead of self-hosting, and then identify the smallest possible unit within that system that could be migrated first. This approach allows for a gradual transition and demonstrates the viability of public cloud migration by showing that small parts of the system can work seamlessly with the rest of the on-premises infrastructure.
As more companies adopt Software-as-a-Service (SaaS) solutions for various parts of their businesses, concerns about data loss become less prevalent. However, the main area where this concern persists is in core, self-owned systems of record such as financial systems, customer relationship systems, and on-premises databases that support internal line of business applications. These systems are typically considered business-critical and organizations often invest significant effort in establishing regular backup and archiving processes, including off-site storage of hard drives to ensure geographic separation of backups from production systems.
Modern cloud-based solutions, particularly in the data tier, often have built-in backup and restore capabilities. For example, Azure SQL Database uses SQL Server engine technology to automatically do a full backup of your database every week. It also offers a fully configurable backup and restore infrastructure that includes real-time geo-replication and auto-failover. This guarantees a high level of data availability of at least 99.99%. Implementing such a level of data protection in-house is often cost-prohibitive in terms of time, people, and infrastructure for small, medium, or even enterprise-size companies, whereas Azure can offer economies of scale to provide a higher level of infrastructure and network management maturity.
Frequent reports of major data breaches have made companies increasingly aware of the risk to their reputation in the event of a security incident. Industries such as finance, e-commerce, and healthcare are particularly sensitive to security and privacy concerns. Not to mention government services. This can make it appealing to keep data on-premises, behind strict security measures to protect it from potential intruders. An analogy to consider is how you handle your personal money and assets. Most people trust banks to keep their money safe, rather than keeping large amounts of cash at home, because banks are experts in the field of security.
Similar to personal money and assets, data security and privacy concerns can also be viewed in terms of expertise and resources. Major public cloud providers are heavily audited by many different organizations, ensuring that they can provide consistent and reliable data and account security. Additionally, public cloud providers are increasingly using AI-driven monitoring, detection, and elimination of active intrusion probes, which is more sophisticated and adaptive than what can be implemented in-house. By using public cloud services, your organization can take advantage of a security infrastructure that is constantly learning and adapting to new exploit types.
The primary reason for public cloud migration obstacles and objections is often due to the perception of losing control. As the industry shifts towards public cloud computing as the standard approach for business applications, it is important to understand and acknowledge such concerns. By having a clear understanding of the trade-offs and benefits of public cloud migration, you will most certainly be able to help stakeholders within your organization envision the possibilities and speed up the adoption process.
Most of all, we are here to help you during your public cloud migration journey. We are Zure. We advise, build, and support on Microsoft Azure. We provide services end-to-end on Azure, from adoption to design, development, and maintenance. The hardest problems are solved together. You know your business goals, needs, and stakeholders. We know the design methods, technology, and Azure. Together, there are no problems we cannot solve.
(1) https://www.microsoft.com/en-us/Investor/earnings/FY-2023-Q1/press-release-webcast
Our newsletters contain stuff our crew is interested in: the articles we read, Azure news, Zure job opportunities, and so forth.
Please let us know what kind of content you are most interested about. Thank you!