Category Archives: Microsoft Azure

Government Solutions on Azure

Microsoft Azure provides platform as a service, infrastructure as a service, and packaged service solutions.  Below are a few examples of government solutions that can be built or utilized on Microsoft Azure.

Server Backups
A key function of any IT department is ensuring that all important systems are backed up in case of a system failure, accidental file deletion, file corruption, or a virus outbreak.  The concept of backups is very simple, however, putting a good solution in place can be challenging.  Many organizations will backup their systems to tape and then ship those tapes offsite for storage.  Unfortunately tape backup solutions are expensive and sometimes unreliable.  Recovering from tape is a very slow and time consuming process.  Worse yet, you never known for certain if you can recover files from the tape until an emergency arises.

Microsoft Azure provides an online backup solution that easily integrates into Windows Server or Microsoft Data Protection Manager.  With Microsoft Azure Backup you can be confident that your data can be quickly and easily accessed when you need it.  Microsoft Azure Backup ensures that your data is stored with 3 copies across fault zones inside of a Microsoft datacenter.  An organization can also choose geographically redundant storage where and additional 3 copies of the data is stored in a Microsoft datacenter hundreds of miles away.

Built directly into Microsoft SQL Server 2012 and higher is the ability to backup SQL databases directly to Microsoft Azure.   In the case of a major datacenter failure, the SQL databases can be mounted to a SQL database server running as a virtual machine in Azure.

The benefit of moving to Microsoft Azure for backup services is that your files and data are always available online for immediate recovery.  No longer will an organization need to wait for off-site tapes to be shipped back before recovery.  Unlike tapes, you can recover an individual file or database  without having to restore a complete backup set.  Also Microsoft Azure Backup encrypts your data prior to sending it to the Microsoft datacenter for storage.  With up to 6 copies of your data in geographically redundant datacenters you can be confident that your data will be available when you need it.

To learn more about Microsoft Azure Backup visit: http://azure.microsoft.com/en-us/services/backup/

To learn more about SQL Server backup to Azure visit: http://msdn.microsoft.com/en-us/library/jj919148.aspx

Disaster Recovery
Always a hot topic with organizations is disaster recovery.  They key is to identify what types of situations are considered a disaster for your organization.  A disaster could be a natural disaster, a datacenter disaster, a virus outbreak, or simply a deleted file. Each of these disasters would have a different plan of action based upon the needs of the organization.

As discussed in the previous section, Microsoft Azure Backup can help protect important files.  Taking this concept one step further we need to not only protect files, but also complete systems.  Microsoft Azure Site Recovery (ASR) enables organizations to protect important applications by coordinating replication and recovery of private clouds.  ASR enables you to define orchestrated recovery plans so you can be confident your systems will properly failover to your DR site.   Currently in preview, ASR also allows you to replicate your systems directly to Azure and then failover to the Microsoft datacenter when a disaster strikes.   ASR also enables quick and simple site recovery testing to ensure your DR plans will function as expected during a real disaster scenario.

During a natural disaster a government organization may need to communicate with the public quickly and reliably.   These situations can causes a significant increase in traffic to a governments website which could easily overwhelm the servers and Internet connection.  Worse yet, if the organizations datacenter is impacted by the natural disaster any communication web sites could be knocked offline.  

Microsoft Azure Websites can enable a government organization to host a disaster preparedness and communication website very economically.  During a natural disaster the website can easily scale up to meet any demand. 

To learn more about Microsoft Azure Site Recovery visit: http://azure.microsoft.com/en-us/services/site-recovery/

To learn more about Microsoft Azure Websites visit: http://azure.microsoft.com/en-us/services/websites/ 

Cloud Identity
The proliferation of software as a service applications (SaaS) within an organization can introduce challenges for the IT department.  In some cases the IT department may not even be aware of some of the SaaS applications that have been purchases and are being used by other departments with the organization.  This is sometimes called shadow IT.

To help IT better identify and manage SaaS applications, Microsoft Azure provides a solution called Cloud App Discovery.  This solution enables the IT department to discover all of the cloud apps that are being used within their organization and how frequently they are being used.   Once the IT department understands the collected information they can begin to create plans to support the services and to protect organizational data.

Organizations that are using SaaS applications face a challenge of managing identity.   This might include creating accounts in the SaaS application or managing password resets.  With Microsoft Azure Active Directory an organization has a comprehensive identity and access management cloud solution that provides a robust set of capabilities to manage users and groups and help secure access to applications.   Enabling single sign-on to a SaaS application can simplify user access to thousands of cloud applications supported by Microsoft Azure.

Included with Microsoft Azure Active Directory Premium is Azure Multi-Factor Authentication.  This solution prevents unauthorized access to both on-premises and cloud applications by providing an additional layer of authentication via a mobile app or phone.

To learn more about Cloud App Discovery visit: http://appdiscovery.azure.com/

To learn more about Azure Active Directory visit: http://azure.microsoft.com/en-us/services/active-directory/ 

Information Protection
Information protection becomes more important as organizations start to utilize SaaS applications.  As cloud services usage increases there is an ever greater chance that sensitive data could be accidentally or maliciously disclosed to unintended recipients.  Using access control lists on SaaS solutions is not enough to protect sensitive content.  

Microsoft Azure Rights Management (RMS) solution included with the Microsoft Enterprise Mobility Suite enables organizations to protect sensitive emails and files from being inappropriately shared.  If a file that is protected with RMS is leaked, an organization can be confident that the information cannot be accessed by unauthorized people.

To learn more about Microsoft Azure Rights Management and the Enterprise Mobility Suite visit: http://www.microsoft.com/en-us/server-cloud/products/enterprise-mobility-suite/ 

File Servers and Archive Storage
One constant in the world of IT is that storage requirements always increase.  A study by IDC shows that year over year organizations are seeing data growth in the range of 50%-60%.

storage

As seen in the graph above, only a small subset of the overall stored data is considered the working set.  This is the set of files that are used on a frequent basis.  Everything else above the green line to the blue line is data that is being kept for compliance or archiving purposes only.

Not only are organizations storing more and more data locally, they are being challenged with backup and disaster recovery solutions.  The cost of tape backups and offsite storage continues to increase while budgets are being tightened. This is why organizations are looking at cloud based storage solutions to address their growing data problem. A study by Forrester shows that local SAN storage costs 4x that of cloud storage. 

Microsoft Azure provides multiple storage options to meet an organizations needs such as:

  • Azure Backup for Windows Server or SQL Server
  • Blob storage for custom applications
  • StorSimple – A hardware appliance for storage, archiving and disaster recovery

Earlier in this post I discussed how Azure Backup can be utilized for disaster recovery scenarios.  Blob storage is a platform as a service feature accessed via REST APIs that developers can use for storing files for their custom applications.   The solution I find most interesting for file storage and archiving is StorSimple.

StorSimple is a hardware device that combines the data management functions of primary storage, backup, archive and disaster recovery with seamless Microsoft Azure integration.  The StorSimple appliance uses Microsoft Azure as an automated storage tier, offloading capacity management burdens and ongoing capital costs, while providing enterprise-grade local performance for the working data set.  Using local and cloud snapshots, application-consistent backups complete in a fraction of the time needed by traditional backup systems while reducing the amount of data transferred and stored in the cloud.   Cloud and location independent disaster recovery allows organizations to recover their data from virtually any location with an internet connection, and test their DR plans without impacting production systems and applications.  Thin restore from data in the cloud enables users to resume operations after a disaster much faster than possible with physical tape, or cloud-base tape methods used with other cloud providers.

To learn more about StorSimple visit: http://www.microsoft.com/en-us/server-cloud/products/storsimple/explore.aspx

Get the free eBook Rethinking Enterprise Storage: A Hybrid Cloud Model from here: http://blog.mikehacker.net/free-e-books/