Why Azure? Microsoft’s Brandon Middleton Talks Azure, Security – Part 1

Today, we’ll be sharing excerpts from our webinar with Brandon Middleton from Microsoft. As a solution sales professional, Brandon spends most of his time talking with customers in the San Francisco Bay area about Azure, and often about topics like the cloud and security. In this interview, Cloud Academy’s Ben Lambert will be talking with Brandon about the benefits of Azure over other cloud platforms, support for Linux, security, and more.

Stay tuned for part 2 of this interview where we’ll cover more topics including how Azure supports big data, the advantages of moving to the cloud in general (and the “but” that holds companies back), Azure and VMs, security and SSO, and more.

When you say that you get to talk to customers all day about stuff like security, is that in the context of their security concerns in terms of migrating to the cloud?

Brandon M.: Yeah, absolutely. The companies that we’re doing business with range from well-established businesses to startups that were born in the cloud, and everything in between. The conversation is a bit different depending on the business. It’s a lot of, “How do I get to the cloud if I’m a traditional on-prem shop?” Then, if they’re already hybrid mode or in the cloud, it’s

“How do I make things secure?”

When you talk to customers, what’s the benefit of Azure over something like AWS or Google Cloud?

Brandon M.: We’ve been selling Microsoft Office software for almost 40 years now, and the relationships that we have from a sales perspective are at the very top of the food chain, which is Fortune 50 companies, all the way down to startups. The history and comfort with Microsoft are just some of the things that really help gain and garner trust.

When Amazon started in 2006 with infrastructure as a service, the economics of spinning up a desktop or a virtual machine and getting storage from somewhere in the cloud made it really, really straightforward and easy for lots of customers. When you position us against Amazon, I see them as consumer market moving upward into commercial, so big enterprise. Instead, I see Microsoft as starting in enterprise and moving more downstream.

I think the bigger differentiators, in the beginning, were the platform as a service, so anybody can do IS. You can do that on Azure just as well as you can do it in AWS, but when you talk about packaging the Microsoft server OS, in addition to the Linux stuff that a lot of people are doing, I think that it’s a lot easier to build applications and to do integrations with larger ERP system that traditional enterprises run on top of something that’s as flexible as Azure. AWS has been doing a good job of adding capability. Google, I think, is still a considerable distance behind us. I think Diane Greene has got a big job to build out a sales team and become more enterprise, as well.

You mentioned that you can do infrastructure as a service, pretty much anywhere. Does that mean that you view the ability of platform as a service to easily bundle up your code and get it running in production as one of the main benefits of Azure right now?

Brandon M.: I think that each of us has the global scale and footprint. I do believe that we have more regions than AWS and Google in terms of sheer compute. In terms of how many servers are actually out there, they may have the edge there, but worldwide presence is a big deal for multinationals. They need to make sure that as they’re building an application that can be supported, you’ve got CDNs all over the world so that you can get your content to the people who need it.
Platform as a service, yes, I think is probably one of the bigger differentiators and the amount of investment. Literally, we’re building one data center per week this year, which is pretty substantial when you look at some of the competition and some of the even smaller players. I wonder whether anyone except the big three will be able to stay in this game because there is so much money going into the infrastructure and building up more capability. Platform as a service, uptime cost, etc. To some degree, I think we’re seeing a little bit of a flat-lining across the different compute categories, across the storage categories. We have, I think, some advantage when it comes to machine learning as well on some of the big data stuff.

Security would be another area where I think that Amazon has some work to do. Then, our identity story is Active Directory and being able to do single sign-on and leverage a common Microsoft identity to unlock services across your own business, or if you do B2B and partner stuff with other vendors. I feel like the Azure platform is a lot simpler to deal with than either AWS or Google.

With the Active Directory integration, do you find that some existing Microsoft customers are finding it easier to migrate because they already have these things in place, and it’s just the natural extension of technology to move into the cloud?

Brandon M.: Absolutely. A few years back, I talked about Active Directory. That was the local on-premise way to store users and groups and do distribution groups inside a company, and hold email lists, etc. With Azure Active Directory, we put the concept of a user store into the cloud and built all of these pre-integrations with SaaS apps that people are comfortable using (Salesforce.com, Concur, Workday). Even at the API level, we can go back and forth and query information.
An Amazon or a Google would have to literally start from scratch, and if they’re 20 years or so behind us, from an identity perspective … When you look at a customer and they’ve got to decide whether to keep doing what they’ve been doing for a little while, and go hybrid with Microsoft, or try to make that same functionality work by daisy-chaining a few technologies from a different few vendors together, that’s a big feather in our cap at Microsoft, I would say. That’s a big deal.

Here is a question from one of our viewers: Does Azure support Linux?

Brandon M.: Yes. For everybody out there, you can query Linux on Azure, any combination of Azure and Linux. You will quickly find that there’s plenty of support for that OS on top of the Azure platform. Actually, more than 60% of the workloads that are operating in Azure right now are on Linux and not on a Microsoft operating system.

I would highly encourage folks to just do a quick query, and you can see all of the different flavors of Linux VNs that you can get stood up on top of Azure. There’s Red Hat support, there’s Buntu support, there’s a lot of different distros that you can play around with, and feel free to Tweet me, or feel free to email me after the session if you’ve got more specific questions, but absolutely, yeah. Linux is a big deal on top of Azure.

Do you think that with stuff like .Net Core being able to run everywhere, is that helping unify Azure to make it easier for developers to get their code running on any operating system? Is that the plan, to make it easier with containers and .Net Core, stuff like that?

Brandon M.: I’d say yes, for sure. These days people look at what our CEO, Satya Nadella, been doing and his messaging is more like open platforms, so a real dedication to open source. Let’s seed our office application and suites on top of IOS and make it a first-class citizen on Android. You see a lot more openness than you’ve seen from the traditional Microsoft in the past. If you look at some of our acquisitions, we bought Xamarin year and a half ago (I think), and that company basically would allow you to write once and then deploy it across multiple mobile operating systems, and we’re tying that into visual studio.

Yes, we’re trying to, as best as we can, give developers the choice to develop on platforms that they’re comfortable with and that they have a history with. We know that developers run the world, they build the applications, and the consumer goes there and brings their money along with it. We understand the way the world works there, and in order to do that, you’ve got to see the developers and give them stuff that makes them happy and gives them the opportunity to be as creative and as awesome as they are. Definitely.

How do people know which provider is right for them? What are the questions that you get when talking to clients? You’ve talked about security and identity. What are other questions coming up from folks as they’re considering their move to the cloud?

Brandon M.: There’s actually been an interesting shift in most enterprises. If you think about the word “DevOps,” that didn’t really exist five, six years ago. Instead, you had classic software engineering, test engineering, and people who lived in the data centers, like the network guys, the server guys, the storage guys. You’re starting to see a consolidation of folks who know how to write code, folks who know how to interact with the CLI of the actual hardware. Folks that know how to do a combination of things, and you’re seeing them land in DevOps. I get questions about how do I get started from just spinning up a trial instance of Azure and doing a lift and shift type of operation, where I want to take a small application and move it into a cluster of BMs in the Cloud.

For some of those security professionals who don’t write code from day to day, where they’re all about compliance and risk management, I get questions about whether Azure is compliant with a number of the United States and global certifications, so I get questions about ISO, and Stock One, Stock Two, and PCI for credit card, and ZipBook. I get questions about disaster recovery scenarios from companies who want to cap their local infrastructure and just make everything from this day forward backed up into the cloud. Things like RPO and RTO, like, “How much time is it going to take in the event of a disaster for these things to come back online, or for me to switch from primary to secondary, and then back once their other data center is up again?”

It all depends. I talk to software engineers, who have their set of questions, infrastructure guys who have their set of questions, and then on the security side, they definitely have their own set of questions. It’s a mixed bag, mostly.

In terms of security, let’s talk about something like PCI or HIPAA. For a new app that plans to have personal information, healthcare information, where does it start? Encryption on disk, in transit, at rest, etc. What certifications does Microsoft have to support HIPAA, and what are the limits for supporting something like that?

Brandon M.: In the United States, we are HIPAA compliant. FedRAMP, NIST, Sarbanes-Oxley is right around the corner. CJIS is also right around the corner. Our only separate government cloud is for Federal and Department of Defense type of workloads, so it’s actually different data centers than the standard Azure Cloud that we talk about with our customers.

The Azure Trust Center is the portal that we’ve made available for all of the information and documentation. I’ve found that security is kind of the global topic, no matter where you are in an organization–finance, infrastructure, HR–all care about security.

To answer your question, we bought probably four or five different security companies over the last three or four years, and we were pretty excited to come out with Azure Information Protection. So to your point about keeping things encrypted and safe at rest and in motion, we actually have the capability now to do that as you’re writing in real time in your Office documents, PowerPoint, Excel, if you’re dealing with PII (Personally Identifiable Information), security, social security numbers, credit card numbers. Azure Information Protection allows you to dynamically classify that. So if you were to be working on a spreadsheet, you want to save it to your local, personal OneDrive. We allow administrators to put policies in place to flag that information and classify it. At Microsoft, we have different flags or policies such as strictly confidential, confidential, vendor-approved, customer, etc.

The documents that you’re working on get auto-grouped into one of those classifications in order to perform actions on them, like save as a specific file name, save to a specific location, send it out of the company to a vendor. You have to either comply with the policies that have been set or raise your hand for a business justification, so a little popup will say, “Hey, you’re going to sign and say that I want to forego this policy, and it’ll go up to my manager, who will sign off and then have that action approved.”
We’ve taken away the ‘Oops’ button from enterprises and a lot of security professionals and IT groups are starting to thank us. This is something that we’ve come out within the last couple of months, but it’s definitely been a response to security uneasiness, and the hesitancy in IT and in other departments.

Ready to get started with Microsoft Azure?

We just added two new Cloud Academy courses on Microsoft Azure:

Introduction to Azure Virtual Networking

Introduction to Azure Virtual Networking
When it comes to Azure, networking is one of the core components, which makes understanding virtual networks worthwhile. In this course, we’ll cover virtual networks and how to create them, subnets, user defined routes, load balancing, hybrid networks, and more.

Getting Started with Azure App Service 
Getting started with Azure App Service
There’s a lot of effort that goes into keeping our applications available, and secure. That’s why so many cloud vendors offer platforms for hosting web-based applications. If you’re building web apps, APIs, mobile backends, or business processes then you should consider looking into App Service! App Service meets compliance standards from around the world, it’s highly scalable, it supports multiple languages, and makes it easy to get your code deployed.

This course will help developers and IT pros get up-to-speed on App Service so that you can start developing/managing apps.

Avatar

Written by

Cloud Academy Team


Related Posts

Avatar
Cloud Academy Team
— July 9, 2020

Which Certifications Should I Get?

The old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and companies.With all that in mind, the s...

Read more
  • AWS
  • Azure
  • Certifications
  • Cloud Computing
  • Google Cloud Platform
Alisha Reyes
Alisha Reyes
— July 2, 2020

New Content: AWS, Azure, Typescript, Java, Docker, 13 New Labs, and Much More

This month, our Content Team released a whopping 13 new labs in real cloud environments! If you haven't tried out our labs, you might not understand why we think that number is so impressive. Our labs are not “simulated” experiences — they are real cloud environments using accounts on A...

Read more
  • AWS
  • Azure
  • DevOps
  • Google Cloud Platform
  • Machine Learning
  • programming
Joe Nemer
Joe Nemer
— June 19, 2020

Kickstart Your Tech Training With a Free Week on Cloud Academy

Are you looking to make a jump in your technical career? Want to get trained or certified on AWS, Azure, Google Cloud Platform, DevOps, Kubernetes, Python, or another in-demand skill?Then you'll want to mark your calendar. Starting Monday, June 22 at 12:00 a.m. PDT (3:00 a.m. EDT), ...

Read more
  • AWS
  • Azure
  • cloud academy content
  • complimentary access
  • GCP
  • on the house
Joe Nemer
Joe Nemer
— June 12, 2020

Azure Certifications: Our Experts Explain Which Is Best for You

How do you choose an Azure certification? It can be hard to get started when choosing an Azure certification. There are so many to sift through, so many interesting options, and it requires a time commitment to just understand the cert landscape.To help guide you through the select...

Read more
  • AZ-900
  • Azure
  • Certifications
Alisha Reyes
Alisha Reyes
— June 11, 2020

New Content: AZ-500 and AZ-400 Updates, 3 Google Professional Exam Preps, Practical ML Learning Path, C# Programming, and More

This month, our Content Team released tons of new content and labs in real cloud environments. Not only that, but we introduced our very first highly interactive "Office Hours" webinar. This webinar, Acing the AWS Solutions Architect Associate Certification, started with a quick overvie...

Read more
  • AWS
  • Azure
  • DevOps
  • Google Cloud Platform
  • Machine Learning
  • programming
Rebecca Willis
Rebecca Willis
— June 3, 2020

Azure vs. AWS: Which Certification Provides the Brighter Future?

More and more companies are using cloud services, prompting more and more people to switch their current IT position to something cloud-related. The problem is most people only have that much time after work to learn new technologies, and there are plenty of cloud services that you can ...

Read more
  • AWS
  • Azure
  • certification
Alisha Reyes
Alisha Reyes
— June 2, 2020

Blog Digest: 5 Reasons to Get AWS Certified, OWASP Top 10, Getting Started with VPCs, Top 10 Soft Skills, and More

Thank you for being a valued member of our community! We recently sent out a short survey to understand what type of content you would like us to add to Cloud Academy, and we want to thank everyone who gave us their input. If you would like to complete the survey, it's not too late. It ...

Read more
  • AWS
  • Azure
  • blog digest
  • Certifications
  • Cloud Academy
  • OWASP
  • OWASP Top 10
  • Security
  • VPCs
Alisha Reyes
Alisha Reyes
— May 11, 2020

New Content: Alibaba, Azure Cert Prep: AI-100, AZ-104, AZ-204 & AZ-400, Amazon Athena Playground, Google Cloud Developer Challenge, and much more

This month, our Content Team released 8 new learning paths, 4 courses, 7 labs in real cloud environments, and 4 new knowledge check assessments. Not only that, but we introduced our very first course on Alibaba Cloud, and our expert instructors are working 'round the clock to create 6 n...

Read more
  • alibaba
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Alisha Reyes
Alisha Reyes
— May 1, 2020

Introducing Our Newest Lab Environments: Lab Playgrounds

Want to train in a real cloud environment, but feel slowed down by spinning up your own deployments? When you consider security or pricing costs, it can be costly and challenging to get up to speed quickly for self-training. To solve this problem, Cloud Academy created a new suite of la...

Read more
  • AWS
  • Azure
  • Docker
  • Google Cloud Platform
  • Java
  • lab playgrounds
  • Python
Alisha Reyes
Alisha Reyes
— April 30, 2020

Blog Digest: AWS Breaking News, Azure DevOps, AWS Study Guide, 8 Ways to Prevent a Ransomware Attack, and More

  New articles by topicAWS Azure Data Science Google Cloud  Cloud Adoption Platform Updates & New Content Security Women in TechAWSBreaking News: All AWS Certification Exams Now Available Online As an Advanced AWS Technology Partner, C...

Read more
  • AWS
  • Azure
  • blog digest
  • Certifications
  • Cloud Academy
  • programming
  • Security
Alisha Reyes
Alisha Reyes
— April 9, 2020

New on Cloud Academy: AWS Solutions Architect Exam Prep, Azure Courses, GCP Engineer Exam Prep, Programming, and More

Free content on Cloud Academy More and more customers are relying on our technology and content to keep upskilling their people in these months, and we are doing our best to keep supporting them. While the world fights the COVID-19 pandemic, we wanted to make a small contribution to he...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
  • programming
Avatar
Logan Rakai
— April 7, 2020

How to Effectively Use Azure DevOps

Azure DevOps is a suite of services that collaborate on software development following DevOps principles. The services in Azure DevOps are:Azure Repos for hosting Git repositories for source control of your code Azure Boards for planning and tracking your work using proven agil...

Read more
  • Azure
  • DevOps