Azure Stack enables you to run Azure workloads on-premises or even within a colocation facility, enabling stronger security and control over your data and applications with a single management platform for your public Azure cloud infrastructure and your Azure Stack deployment.
You can use many of the best Azure tools, processes, and features — including add-ons and open source solutions from the Azure Marketplace — in the cloud of your choice, helping to meet regulatory or technical challenges.
Before you get started with this intriguing hybrid and private cloud technology from Microsoft, there are a few things you’ll need to keep in mind, however. Here are some of the most important.
When you work with Azure Automation — and especially if you use Hybrid Worker machines — sometimes you need to use the certificates that are part of the connections created by the automation account on a local VM or server.
Runbooks that use these kinds of certificates work fine in the Azure environment, but if you need to run it in your local environment, using Hybrid Worker machines, this represents a challenge. Here's how to get those connection certificates on your Hybrid Worker.
With all the talk about cloud security threats, it’s important to remember that no matter where your data and applications reside, you should consider your data insecure.
Fundamentally, security isn’t a hyper-complex enterprise; It’s not, as they say, rocket science. It often feels that way, because the discipline is so broad in scope; encompassing both disparate technologies and governance frameworks. But, the vast majority of risk can be mitigated through adhering to basic foundational security.
More to know: A review of breaches outlined within the Verizon 2017 Data Breach Investigations Report (DBIR) against the Center for Internet Security (CIS) top 20 critical security controls found that:
• Adopting the first 5 controls could mitigate 85% of attacks, and
• Adopting all 20 controls could mitigate 97% of attacks.
That basic foundational security can be expressed in one essential formula, which boils down what is under your control as an IT security professional and what is outside your purview. That equation is as follows.
You should put a fair amount of thought into designing your SCOM infrastructure. You need to make sure not only that the design works efficiently for the existing requirements you have, but also that you will be able to accommodate the future growth and expand your current Management Group without compromising its efficiency or performance.
SCOM includes the option to autogrow your Operations database. You can enable this to allow the DB to grow in size along with your overall SCOM environment. In my opinion, you should not do so, however, unless you are absolutely forced to.
A traditional enterprise advisory engagement is often a “one and done” deal — you have an IT problem to solve or a new technology to implement and the consulting agency comes in, gathers info, makes recommendations, helps with the execution and steps out of your way.
That’s great for large-scale improvements. But modern IT practices preach continuous improvement, agile methodology, and DevOps practices even beyond the software development world. With the advent of cloud, it’s all about continuous, constant iterations of your software and services.
Many SaaS platforms take care of this for you. That may not be the case with IaaS and remaining hardware, however. Focusing your existing staff on business goals and service delivery while augmenting it with an advisory and managed service provider partner can take even your backend infrastructure and upstack applications into the realm of continuous improvement via cloud management services, automation, and feedback loops.
