Azure Active Directory expertise is an important part of management too. “AD experience with Microsoft 365 will give you a leg up,” says Boyd. Azure AD hasn’t quite reached feature parity with domain services on-prem, he adds, but there are features in Azure AD you don’t get on-prem.
Other vital resource categories such as monitoring server and application health, costs, and security become more important in Azure because they create vulnerabilities in the cloud if you don’t pay attention, adds Boyd. “Security levers and controls are easier in the cloud, but encrypting data at rest, key rotation, encrypting data channels, and the like must be done correctly, and in new ways.”
Mushkatin agrees, stressing the need for security policies. “Clients get a security bill every month and think they’re covered,” he explains, “but we see security challenges all over without security policies in place.” For instance, during a security assessment, he found a customer had configured 46 containers, and all were public. “You have to be secure by design on every level,” Mushkatin says.
The greater surface area for attack in the cloud makes security more complex, he continues. Even large organizations rarely have the muscle to govern security comprehensively because they started with a mesh of different approaches and tools. “Once you get everything on Azure management, you can see how inconsistent a customer’s security configuration was,” says Mushkatin.
Critical security-related resource management tasks for Katikaneni include selecting the correct architecture to integrate your on-prem environment with the cloud, and paying attention to where people store things when configuring your backup process. Without controls, users spread files between various servers.
Boyd still finds he must educate customers on the misconception that moving to the cloud will automatically save them money. Savings are possible, he notes, but not for the main value propositions of the cloud, which are time to market, ability to configure the right service for the right job, compliance certification, and security across multiple regions. In fact, he says, you may spend more.
Costs are a hot button for all customers, and mistakes in Azure can slam your own bank account, says Mushkatin. “Before, you ordered hardware, you had to wait, and you had time to prepare properly. Now, you can click and have whatever you want. One client department had six replicas rather than two, and it cost them $10k per month.” Another of his customers forgot to change the verbosity setting on a log report and generated terabytes of useless data during a stress test. “It’s a pay-as-you-go model with easy acquisition, and you can waste a lot of money,” Mushkatin notes.