NFS 3.0 support for Azure Blob storage is now in preview

Many enterprise and organizations are moving their data to Microsoft Azure Blob storage for its massive scale, security capabilities, and low total cost of ownership. At the same time, they continue running many apps on different storage systems using the Network File System (NFS) protocol. Companies that use different storage systems due to protocol requirements are challenged by data silos where data resides in different places and requires additional migration or app rewrite steps.

To help break down these silos and enable customers to run NFS-based applications at scale, we are announcing the preview of NFS 3.0 protocol support for Azure Blob storage. Azure Blob storage is the only storage platform that supports NFS 3.0 protocol over object storage natively (no gateway or data copying required), with object storage economics, which is essential for our customers.

One of our Media and Entertainment (M&E) customers said, “NFS access to blob storage will enable our customers to preserve their legacy data access methods when migrating the underlying storage to Azure Blob storage.” Other customers have requested NFS for blob storage so they can reuse the same code from an on-premises solution to access files while controlling the overall cost of the solution. Financial services customers want NFS based offering for their analytic workloads. These are a few of the many examples from customers that have embraced private preview of NFS 3.0 support for Azure Blob Storage.

NFS 3.0 support for Azure Blob storage helps with large scale read-heavy sequential access workloads where data will be ingested once and minimally modified further including large scale analytic data, backup and archive, NFS apps for seismic and subsurface processing, media rendering, genomic sequencing, and line-of-business applications.

During the preview, NFS 3.0 is available to BlockBlobStorage accounts with premium performance in the following regions: US East, US Central, and Canada Central. Support for GPV2 accounts with standard tier performance will be announced soon.

Mount blob container using NFS 3.0

Each container in a newly created NFS 3.0 enabled storage account is automatically exported. NFS clients within the same network can mount it using this sample command:

mount -o sec=sys,vers=3,nolock,proto=tcp <storage-account-name>.blob.core.windows.net:/<storage-account-name>/<container-name> /mnt/test

Replace the <storage-account-name> placeholders with the name of your storage account.
Replace the <container-name> placeholder with the name of your container.

During preview, the test data stored in your NFS 3.0 enabled storage accounts are billed the same capacity rate that Azure Blob Storage has per GB per month. Pricing for transactions is subject to change and will be determined when it is generally available. To learn more, visit our documentation, NFS 3.0 protocol support in Azure Blob storage (preview).

Next steps

We are confident that NFS 3.0 on Azure Blob storage can simplify your workload migration to Azure. To register the NFS 3.0 protocol feature with your subscription, see the step-by-step guide. We look forward to hearing your feedback on this feature and suggestions for future improvements through email at azurenfspreview@microsoft.com.
Quelle: Azure

Advancing resilience through chaos engineering and fault injection

“When I first kicked off this Advancing Reliability blog series in my post last July, I highlighted several initiatives underway to keep improving platform availability, as part of our commitment to provide a trusted set of cloud services. One area I mentioned was fault injection, through which we’re increasingly validating that systems will perform as designed in the face of failures. Today I’ve asked our Principal Program Manager in this space, Chris Ashton, to shed some light on these broader ‘chaos engineering’ concepts, and to outline Azure examples of how we’re already applying these, together with stress testing and synthetic workloads, to improve application and service resilience.” – Mark Russinovich, CTO, Azure

 

Developing large-scale, distributed applications has never been easier, but there is a catch. Yes, infrastructure is provided in minutes thanks to your public cloud, there are many language options to choose from, swaths of open source code available to leverage, and abundant components and services in the marketplace to build upon. Yes, there are good reference guides that help give a leg up on your solution architecture and design, such as the Azure Well-Architected Framework and other resources in the Azure Architecture Center. But while application development is easier, there’s also an increased risk of impact from dependency disruptions. However rare, outages beyond your control could occur at any time, your dependencies could have incidents, or your key services/systems could become slow to respond. Minor disruptions in one area can be magnified or have longstanding side effects in another. These service disruptions can rob developer productivity, negatively affect customer trust, cause lost business, and even impact an organization’s bottom line.

Modern applications, and the cloud platforms upon which they are built, need to be designed and continuously validated for failure. Developers need to account for known and unknown failure conditions, applications and services must be architected for redundancy, algorithms need retry and back-off mechanisms. Systems need to be resilient to the scenarios and conditions caused by infrequent but inevitable production outages and disruptions. This post is designed to get you thinking about how best to validate typical failure conditions, including examples of how we at Microsoft validate our own systems.

Resilience

Resilience is the ability of a system to fail gracefully in the face of—and eventually recover from—disruptive events. Validating that an application, service, or platform is resilient is equally as important as building for failure. It is easy and tempting to validate the reliability of individual components in isolation and infer that the entire system will be just as reliable, but that could be a mistake. Resilience is a property of an entire system, not just its components. To understand if a system is truly resilient, it is best to measure and understand the resilience of the entire system in the environment where it will run. But how do you do this, and where do you start?

Chaos engineering and fault injection

Chaos engineering is the practice of subjecting a system to the real-world failures and dependency disruptions it will face in production. Fault injection is the deliberate introduction of failure into a system in order to validate its robustness and error handling.

Through the use of fault injection and the application of chaos engineering practices generally, architects can build confidence in their designs – and developers can measure, understand, and improve the resilience of their applications. Similarly, Site Reliability Engineers (SREs) and in fact anyone who holds their wider teams accountable in this space can ensure that their service level objectives are within target, and monitor system health in production. Likewise, operations teams can validate new hardware and datacenters before rolling out for customer use. Incorporation of chaos techniques in release validation gives everyone, including management, confidence in the systems that their organization is building.

Throughout the development process, as you are hopefully doing already, test early and test often. As you prepare to take your application or service to production, follow normal testing practices by adding and running unit, functional, stress, and integration tests. Where it makes sense, add test coverage for failure cases, and use fault injection to confirm error handling and algorithm behavior. For even greater impact, and this is where chaos engineering really comes into play, augment end-to-end workloads (such as stress tests, performance benchmarks, or a synthetic workload) with fault injection. Start in a pre-production test environment before performing experiments in production, and understand how your solution behaves in a safe environment with a synthetic workload before introducing potential impact to real customer traffic.

Healthy use of fault injection in a validation process might include one or more of the following:

Ad hoc validation of new features in a test environment:
A developer could stand up a test virtual machine (VM) and run new code in isolation. While executing existing functional or stress tests, faults could be injected to block network access to a remote dependency (such as SQL Server) to prove that the new code handles the scenario correctly.
Automated fault injection coverage in a CI/CD pipeline, including deployment or resiliency gates:
Existing end-to-end scenario tests (such as integration or stress tests) can be augmented with fault injection. Simply insert a new step after normal execution to continue running or run again with some faults applied. The addition of faults can find issues that would normally not be found by the tests or to accelerate discovery of issues that might be found eventually.
Incident fix validation and incident regression testing:
Fault injection can be used in conjunction with a workload or manual execution to induce the same conditions that caused an incident, enabling validation of a specific incident fix or regression testing of an incident scenario.
BCDR drills in a pre-production environment:
Faults that cause database failover or take storage offline can be used in BCDR drills, to validate that systems behave appropriately in the face of these faults and that data is not lost during any failover tests.
Game days in production:
A ‘game day’ is a coordinated simulation of an outage or incident, to validate that systems handle the event correctly. This typically includes validation of monitoring systems as well as human processes that come into play during an incident. Teams that perform game days can leverage fault injection tooling, to orchestrate faults that represent a hypothetical scenario in a controlled manner.

Typical release pipeline

This figure shows a typical release pipeline, and opportunities to include fault injection:

 

 

An investment in fault injection will be more successful if it is built upon a few foundational components:

Coordinated deployment pipeline.
Automated ARM deployments.
Synthetic runners and synthetic end-to-end workloads.
Monitoring, alerting, and livesite dashboards.

With these things in place, fault injection can be integrated in the deployment process with little to no additional overhead – and can be used to gate code flow on its way to production.

Localized rack power outages and equipment failures have been found as single points of failure in root cause analysis of past incidents. Learning that a service is impacted by, and not resilient to, one of these events in production is a timebound, painful, and expensive process for an on-call engineer. There are several opportunities to use fault injection to validate resilience to these failures throughout the release pipeline in a controlled environment and timeframe, which also gives more opportunity for the code author to lead an investigation of issues uncovered. A developer who has code changes or new code can create a test environment, deploy the code, and perform ad hoc experiments using functional tests and tools with faults that simulate taking dependencies offline – such as killing VMs, blocking access to services, or simply altering permissions. In a staging environment, injection of similar faults can be added to automated end-to-end and integration tests or other synthetic workloads. Test results and telemetry can then be used to determine impact of the faults and compared against baseline performance to block code flow if necessary.

In a pre-production or ‘Canary’ environment, automated runners can be used with faults that again block access to dependencies or take them offline. Monitoring, alerting, and livesite dashboards can then be used to validate that the outages were observed as well as that the system reacted and compensated for the issue—that it demonstrated resilience. In this same environment, SREs or operations teams may also perform business continuity/disaster recovery (BCDR) drills, using fault injection to take storage or databases offline and once again monitoring system metrics to validate resilience and data integrity. These same Canary activities can also be performed in production where there is real customer traffic, but doing so incurs a higher possibility of impact to customers so it is recommended only to do this after leveraging fault injection earlier in the pipeline. Establishing these practices and incorporating fault injection into a deployment pipeline allows systematic and controlled resilience validation which enables teams to mitigate issues, and improve application reliability, without impacting end customers.

Fault injection at Microsoft

At Microsoft, some teams incorporate fault injection early in their validation pipeline and automated test passes. Different teams run stress tests, performance benchmarks, or synthetic workloads in their automated validation gates as normal and a baseline is established. Then the workload is run again, this time with faults applied – such as CPU pressure, disk IO jitter, or network latency. Workload results are monitored, telemetry is scanned, crash dumps are checked, and Service Level Indicators (SLIs) are compared with Service Level Objectives (SLOs) to gauge the impact. If results are deemed a failure, code may not flow to the next stage in the pipeline.

Other Microsoft teams use fault injection in regular Business Continuity, Disaster Recovery (BCDR) drills, and Game Days. Some teams have monthly, quarterly, or half-yearly BCDR drills and use fault injection to induce a disaster and validate both the recovery process as well as the alerting, monitoring and live site processes. This is often done in a pre-production Canary environment before being used in production itself with real customer traffic. Some teams also carry out Game Days, where they come up with a hypothetical scenario, such as replication of a past incident, and use fault injection to help orchestrate it. Faults, in this case, might be more destructive—such as crashing VMs, turning off network access, causing database failover, or simulating an entire datacenter going offline. Again, normal live site monitoring and alerting are used, so your DevOps and incident management processes are also validated. To be kind to all involved, these activities are typically performed during business hours and not overnight or over a weekend.

Our operations teams also use fault injection to validate new hardware before it is deployed for customer use. Drills are performed where the power is shut off to a rack or datacenter, so the monitoring and backup systems can be observed to ensure they behave as expected.

At Microsoft, we use chaos engineering principles and fault injection techniques to increase resilience, and confidence, in the products we ship. They are used to validate the applications we deliver to customers, and the services we make available to developers. They are used to validate the underlying Azure platform itself, to test new hardware before it is deployed. Separately and together, these contribute to the overall reliability of the Azure platform—and improved quality in our services all up.

Unintended consequences

Remember, fault injection is a powerful tool and should be used with caution. Safeguards should be in place to ensure that faults introduced in a test or pre-production environment will not also affect production. The blast radius of a fault scenario should be contained to minimize impact to other components and to end customers. The ability to inject faults should have restricted access, to prevent accidents and prevent potential use by hackers with malicious intent. Fault injection can be used in production, but plan carefully, test first in pre-production, limit the blast radius, and have a failsafe to ensure that an experiment can be ended abruptly if needed. The 1986 Chernobyl nuclear accident is a sobering example of a fault injection drill gone wrong. Be careful to insulate your system from unintended consequences.

Chaos as a service?

As Mark Russinovich mentioned in this earlier blog post, our goal is to make native fault injection services available to customers and partners so they can perform the same validation on their own applications and services. This is an exciting space with so much potential to improve cloud service reliability and reduce the impact of rare but inevitable disruptions. There are many teams doing lots of interesting things in this space, and we’re exploring how best to bring all these disparate tools and faults together to make our lives easier—for our internal developers building Azure services, for built-on-Azure services like Microsoft 365, Microsoft Teams, and Dynamics, and eventually for our customers and partners to use the same tooling to wreak havoc on (and ultimately improve the resilience of) their own applications and solutions.
Quelle: Azure

New Windows Virtual Desktop capabilities now generally available

With the global pandemic, customers are relying on remote work more than ever, and Windows Virtual Desktop is helping customers rapidly deliver a secure Windows 10 desktop experience to their users. Charlie Anderson, CIO of Fife Council in the United Kingdom, was planning to modernize his companies’ existing Remote Destop Services (RDS) infrastructure, and then business requirements changed. He needed increased agility and scale to meet the changing requirements. In his own words:

“Windows Virtual Desktop was absolutely essential for us in terms of our response to the COVID-19 pandemic. Like many, we were faced with a continuity issue unparalleled in recent times. For us, this meant not only the continuation of services we already delivered, but also responding very quickly to new demands arising as a result of our public response to the pandemic.

To do that, we needed to provide as close to the “in-office” experience as we could to a workforce now working away from our offices. This meant multiplying previous remote working capacities by a factor of 15 almost overnight – something which would have been impossible without a scalable and cloud-based approach, which also worked well on a range of Council and self-provided devices.

There is little doubt that the Windows Virtual Desktop solution will not only be vital to the future resilience of our public services to the people of Fife, but it will also form a key part of our future device strategy as we seek to develop new, agile, and cost-effective approaches going forward.“

In April 2020, we released the public preview of Azure portal integration which made it easier to deploy and manage Windows Virtual Desktop. We also announced a new audio/video redirection (A/V redirect) capability that provided seamless meeting and collaboration experience for Microsoft Teams. We are humbled by the amazing feedback we’ve received from you on these capabilities, and that’s been a huge motivation for our team to accelerate development. We are happy to announce that both the Azure portal integration and A/V redirect in Microsoft Teams are now generally available.

Azure portal integration

With the Azure portal integration, you get a simple interface to deploy and manage your apps and virtual desktops. Host pool, workspace, and all other objects you create are Azure Resource Manager objects and are managed the same way you manage other Azure resources.

 
Customers who have existing deployments based on the previous (classic) model can continue using it. We will soon publish guidance on migrating to the new Azure Resource Manager-based deployment model so you can take advantage of all the new capabilities, including:

Azure role-based access control (RBAC)

You can use Azure RBAC to provide fine-grained access control to your Windows Virtual Desktop resources. There are four built-in admin roles that you can get started with, and you can create custom roles if necessary.

User management

Previously, you could only publish Remote Apps and Desktops to individual users. You can now publish resources to Azure Active Directory (Azure AD) groups, which makes it much easier to scale.

Monitoring

The monitoring logs are now stored in Azure Monitor Logs. You can analyze the logs with Log Analytics and create visualizations to help you quickly troubleshoot issues.

A/V redirect for Microsoft Teams

Many of you use Microsoft Teams to collaborate with your colleagues. Traditionally, virtual desktops have not been ideal for audio and video conferencing due to latency issues. That changes with the new A/V redirect feature in Windows Virtual Desktop. Once you enable A/V redirect in the Desktop client for Windows, the audio and video will be handled locally for Microsoft Teams calls and meetings. You can still use Microsoft Teams on Windows Virtual Desktop with other clients without optimized calling and meetings. Microsoft Teams chat and collaboration features are supported on all platforms.

Next steps

You can read more about these updates in the Azure portal integration and Microsoft Teams integration documentation pages.

Thank you for your support during the preview. If you have any questions, please reach out to us on Tech Community and UserVoice. 
Quelle: Azure

Fully managed HashiCorp Consul Service generally available on Azure today

I want to congratulate the HashiCorp and Microsoft Azure teams on the general availability of HashiCorp Consul Service (HCS) on Azure. This is a first-of-a-kind achievement for HashiCorp running a cloud-based service. Within Azure, we have a deep commitment to build a platform where anyone from startups to large-scale enterprises can deliver reliable, compelling services that augment the Azure platform and benefit our customers.

Throughout the process of bringing this service to production-grade availability, the HashiCorp team has been an awesome partner. We learned a lot together and I’m grateful for the strength of our relationship. Seeing HCS launch on Azure is awesome and a great example of the depth of our collaboration and commitment to serve our joint customers.

HCS on Azure enables Azure users to natively provision Consul servers in any supported Azure region directly through the Azure Marketplace. Consul is delivered “as-a-service" where the Consul servers themselves are managed and operated by HashiCorp SREs while Azure takes care of the underlying infrastructure, virtual machines (VMs), and networks. This ensures customers can focus on the application and business logic they’re building and can offload the operational overhead of running Consul to experts at HashiCorp, including managing upgrades, patching, and providing technical support.

One of the major challenges of adopting open source technology like Consul is learning how to operate it yourself. This new HCS service eliminates this barrier. You can experiment and prototype with an open source solution and go to production with the confidence of the managed service offering.

Consul is a great option for service discovery and service mesh, especially in hybrid environments connecting the Azure Kubernetes Service (AKS) to legacy services running on VMs, or even in on-premises environments. You can secure traffic between components, perform health checking, and even implement access control to on-premises resources with a single solution that also integrates with modern cloud-native services running in Kubernetes.

Because HCS is offered as an Azure managed application, it is integrated with all native Azure experiences. You can create a cluster with a push-button experience in the Azure portal, pay for the service using centralized Azure billing and spending commitments, and integrate identity management with Azure Active Directory (Azure AD). Because of the native platform integration, it’s super easy to integrate HashiCorp Consul with AKS through Helm and the Service Mesh Interface. You can even deploy AKS and Consul using the same HashiCorp Terraform template.

I have always said that it is an open ecosystem that powers the success of a platform, whether that is Kubernetes or Azure. Today’s launch is a great example of how we’re making that vision a reality with fantastic partners like HashiCorp.  Many congratulations and thanks to the HashiCorp and Azure teams!

To learn more and get started, visit HashiCorp Consul Service on Azure.
Quelle: Azure

Migrate to the cloud with confidence

Organizations today are changing how they run their businesses to ensure safety and efficiency. As we work closely with our customers, their top priorities include optimizing business costs, scaling for a remote workforce, and ensuring business continuity. As a result, cloud migration remains a priority and partners play a critical role.

To support your cloud migration projects, we are committed to solutions that optimize costs, scale efficiencies, and bring unmatched security and compliance. We have amazing offers, like Azure Hybrid Benefit, reserved instances, and free extended security updates to help our customers save money. Azure also delivers the lowest total cost of ownership for Windows Server and SQL Server workloads, with up to 3x better performance over AWS (GigaOm*).

We are also seeing increasing adoption of specialized workloads like the Azure VMware Solution as customers look to migrate their entire IT estate to Azure. Lastly, Azure does all of this while remaining flexible, so customers can extend their on-premises investments and leverage them as they move to the cloud. The new Azure Stack HCI preview is one example that we just announced.

Today, we’re sharing new Azure services that help accelerate migration.

Leverage new Azure infrastructure services to migrate workloads efficiently

Meeting your business and budget needs continues to be a priority. Migrate your customers’ mission and business critical workloads with confidence by taking advantage of new compute capabilities. For example, new Azure VMs, featuring Intel 2nd generation Intel Xeon Platinum (Cascade Lake) processors, for general purpose and memory intensive workloads are now available. These VMs series offer up to 20 percent greater CPU performance and better overall price-per-core performance compared to the prior generation. We also introduced a new category of VMs—currently in preview—which lowers the price of entry since it does not include a local temporary disk.

In addition, the AMD EPYC™-based Dav4 and Eav4 Azure Virtual Machine series, which provides increased scalability (up to 96vCPUs), are now generally available in additional regions. With these new VM sizes, you can benefit from a greater range in underlying processor technologies. Choose the best solution for your customers, all while increasing cost-effectiveness and achieve significant run-time acceleration.

Along with Azure Virtual Machines, innovations in block storage expand Azure capabilities even further, enabling customers to migrate more workloads and applications to the cloud in a seamless way. With shared disks (now generally available), Azure Disk Storage allows partners to easily migrate customers’ on-premises clustered applications like SQL Server Failover Cluster Instances (FCI) and enterprise applications running on on-premises Storage Area Network (SAN). Benefit from increased disk storage security with Azure Private Links integration (preview), allowing you to transfer data securely over a virtual private network (VPN). Plus, improved flexibility with the ability to increase disk performance independent of size (preview) helps you meet your workload needs and reduce costs.

One of our partners, Pure Storage, is leveraging shared disks to build their own cloud native solution, Cloud Block Store for Azure (currently in beta preview), to help their customers migrate mission-critical applications to Azure. Additionally, benefit from increased disk storage security with Azure Private Links integration, allowing you to transfer data securely over a virtual private network.

Optimizing and addressing the scalability of remote connectivity continues to be top of mind for our partners and customers. Since we announced transit capabilities with Azure Virtual WAN as the first in the public cloud back in 2018, the interest to take advantage of Azure when building branch networks has grown rapidly. To provide the flexibility that our customers need, last week we announced the ability to host third-party network virtual appliances within the Virtual WAN hubs (in preview). Barracuda is the first Virtual WAN partner to bring the advantage of this deep integration allowing customers to take advantage of the Software-Defined Wide Area Network (SDWAN) to improve performance while taking advantage of existing investments and skills.

Additionally, independent software vendors (ISVs) working on optimized and scalable applications connected to 5G networks can now use the new Los Angeles preview location of Azure Edge Zones with AT&T when building and experimenting with ultra-low latency platforms, mobile, and connected scenarios. Register for the early adopter program to take advantage of secure, high-bandwidth connectivity.

Microsoft continues to leverage partnerships to make Azure the number one choice for migrating specialized workloads and business applications. With the new generation of Azure VMware Solution, Microsoft provides a first-party service to ensure greater quality, reliability, and innovation for running VMware natively on Azure. Through Microsoft’s partnership with VMware, Azure has built a seamless integration between VMware applications with Azure. Extend or migrate existing on-premises VMware workloads to Azure without the cost, effort, or risk of re-architecting applications or retooling operations. As a result, customers can gain cloud efficiency and modernize applications over time with Azure services.

Help your customers optimize costs and migrate with confidence

Cloud migration can be a huge project, but we’re here to simplify the journey. Microsoft is continuously upgrading its migration services so you can take advantage of first-class tooling and support. New capabilities in Azure Migrate, Microsoft’s hub of tools for datacenter assessment and migration, help accelerate the journey more than ever. Discover virtual and physical servers running on your customer’s on-premises environment by using the lightweight Azure Migrate appliance, or by importing inventory information through a CSV upload. Better understand dependencies between discovered servers so you can gather machines into groups and minimize risk during migration. After, use Azure Migrate to migrate the server groups to Azure without downtime.

Kainos, a UK-based Microsoft partner, utilized Azure Migrate as the key tool for helping their customer, The Pensions Regulator (TPR), rapidly migrate to Azure from a legacy datacenter facing decommission. After using Azure Migrate to run a full discovery and assess TPR's datacenter, Kainos consolidated TPR’s server estate and migrated 300 servers to Azure. Because of the comprehensive assessment, no issues arose during the migration. Kainos was able to reduce TPR's hosting costs significantly while providing TPR with greater control in the cloud than they had with their legacy system.

For additional migration support, including guidance on migration services like Azure Migrate and more, nominate customers to the Azure Migration Program (AMP). The program provides free and subsidized Azure technical training, partner funding, and support from Microsoft's verified partners with Azure Expert MSP certification or Advanced Specializations, and the opportunity to collaborate with FastTrack for Azure engineers and Microsoft Specialists. AMP supports migration scenarios across infrastructure, data, and applications to address the breadth of customer needs.

Based on customer demand, we’re adding two new scenarios to AMP:

Migrating on-premises Virtual Desktop Infrastructure to Windows Virtual Desktop.
Migrating on-premises .NET web apps to Azure App Service/Azure SQL.

Partners find AMP to be a true accelerator in advancing their customers’ cloud journey—check out how Crayon helped accelerate Tine's datacenter migration efforts through AMP.

Learn more

Through Azure infrastructure offerings, workload partnerships, and services, migrations have gathered tremendous momentum in the past year. Check out Azure Migration Center for updated resources and direction on everything migration, and nominate your customers for AMP today.

 

*Price-performance claims based on data from a study commissioned by Microsoft and conducted by GigaOm in February 2020. The study compared price performance between SQL Server 2019 Enterprise Edition on Windows Server 2019 Datacenter edition in Azure E32as_v4 instance type with P30 Premium SSD Disks and the SQL Server 2019 Enterprise Edition on Windows Server 2019 Datacenter edition in AWS EC2 r5a.8xlarge instance type with General Purpose (gp2) volumes. Benchmark data is taken from a GigaOm Analytic Field Test derived from a recognized industry standard, TPC Benchmark™ E (TPC-E). The Field Test does not implement the full TPC-E benchmark and as such is not comparable to any published TPC-E benchmarks. Prices are based on publicly available US pricing in West US for SQL Server on Azure Virtual Machines and Northern California for AWS EC2 as of January 2020. The pricing incorporates three-year reservations for Azure and AWS compute pricing, and Azure Hybrid Benefit for SQL Server and Azure Hybrid Benefit for Windows Server and License Mobility for SQL Server in AWS, excluding Software Assurance costs. Actual results and prices may vary based on configuration and region.
Quelle: Azure

Enabling customers for success on Azure

The pandemic continues to test business principles, models, and strategies organizations once thought to be bedrock truths of business. The COVID-19 crisis has challenged everything, from leadership principles, financial models, operations, and sales process, to technology decisions and platform strategies. Organizations have been forced to quickly adapt to maintain efficient operations in these difficult times. Technology has remained the common driver throughout this period of worldwide adaptation to change.

The cloud has surged to the center of the recent digital transformation efforts, by quickly creating new solutions securely and reliably, meeting new business challenges, and driving transformation with continuous technological innovation. In meeting the challenges posed by the global pandemic, the cloud is driving digital transformation faster than ever with more organizations adopting cloud technologies.

Microsoft stands with our partners, and we're committed to your efforts, enabling customers for successful cloud use, and harnessing the wave of innovation for organizations across the globe during this challenging time.

At Microsoft Inspire, we continue to invest in our customer’s success on Azure focusing on these four priorities:

Generating confidence in their cloud journey, providing technical guidance and skills development resources.
Focusing on processes and operations on their terms, at their pace through DevOps with GitHub.
Supporting every customer’s cloud adoption journey, delivering on business goals and deploying compliant, secure, and well-managed environments.
Enabling customers with architecture design principles that support efficient, optimized workloads.

Here is how we are approaching each priority and how you can use them to strengthen your market position and grow your business.

Technical guidance and skills development

Skilling and technical knowledge are critical success factors for cloud adoption. With the global pandemic and continued rise of remote work and remote learning practices, Microsoft continues to invest in its learning platforms—meeting the demand for digital literacies and the fast pace of digital technology platforms. Studies demonstrate that “the average life of a skill today is less than 5 years”1 and “more than half (54 percent) of all employees will require significant reskilling by 2022.”2 Now is the time for you, our partners to continue to skill up while continuing to support your customers.

Both Microsoft and Microsoft Learning Partners are moving in-person, instructor-led training to virtual instructor-led training. With free, on-demand, self-paced courses on Microsoft Learn to skill-up and certify your skills, Microsoft offers certified, role-based learning resources, enabling organizations to confidently and successfully adopt Azure. Soon, we will release Azure Database Administrator and Data Analyst certifications at the Associate level into our comprehensive portfolio of technical certifications for Azure.

Microsoft is responding to COVID-19, together with our partner ecosystem, ensuring that people across the globe can reach their learning goals and become certified in Microsoft technologies while staying safe at home. Learn more about our updated guidelines for Microsoft Training and Certification.

DevOps with GitHub to support cloud adoption processes and operations

Remote work is forcing organizations to change how they enable software developers to continue to be productive in such an environment. Effective organizations need to find ways to help their developers to continue to code and keep systems running. Software development is a team sport. Most organizations needed to ensure their developers continued collaborating efficiently, and developers needed to continue delivering value to their customers.

Microsoft recently launched Visual Studio Codespaces—powerful development environments hosted in the cloud, allowing developers working remotely to stay productive. Now, with Visual Studio Live Share, developers can continue to collaborate, co-authoring and editing on the same codebase.

50 million developers live on GitHub working on personal and professional projects. GitHub is the world's largest repository for open source code collaboration and includes many businesses codebases. Built directly into GitHub, GitHub Actions supports automating tasks in the GitHub experience, shipping code direct to Azure in a repeatable and automated process. Across Visual Studio, GitHub, and Azure, Microsoft is powering the DevOps processes and code behind development teams as they collaborate and ship software from any point on the globe.

Seamlessly supporting the cloud adoption journey

While cloud technologies are now mainstream, organizations continue to face obstacles and uncertainty with their adoption efforts. Implementing cloud best practices burdens leaders and lack of sound cloud planning, and strategy alignment not only impacts innovation and growth, but it also generates unexpected costs. A recent Gartner study confirms, “through 2024, companies that are unaware of the mistakes made in their cloud adoption will overspend by 20 to 50 percent.”3 

On the other hand, organizations strategically planning for discrepancies between cloud and on-premises operating models remain ready to learn—willing to iterate as their Azure portfolio grows. By creating Azure Landing Zones (with the Microsoft Cloud Adoption Framework for Azure), organizations become more agile, gaining efficiencies and increased confidence throughout cloud adoption. Azure landing zones help customers set up their Azure environment for scale, security, governance, networking, and identity.  Draw on Microsoft’s proven technical guidance, resources, and templates, to guide your customers through iteration and learning as they gain confidence and successfully adopt Azure.

Learn more about Azure Landing Zones in this session and get guidance on how to get started.

Deploying and optimizing high-quality cloud workloads

Without focusing on well-architected workloads, even well-designed cloud environments will not succeed. Organizations are looking at how to optimize costs, increase efficiencies, improve security and reliability, while maintaining performance levels, and deliver on strategic business goals.

Following industry standards and terms already commonly used by partners and customers, the Microsoft Azure Well-Architected Framework offers a set of technical best practices to improve workload quality. It includes five pillars of architectural excellence: cost optimization, operational excellence, performance efficiency, reliability, and security.

Mor Cohen-Tal, Cloud CTO at Turbonomic, one of our partners focused on Performance and Cost Optimization, reflects on how they have been helping organizations over the last year: “You can’t solve for cost without understanding performance, closing the gap between “pay for what you need” and “I have no idea what I need.” Turbonomic customers are able to correlate their application performance requirements with the availability of Azure cloud benefits, such as resilience and reliability, ultimately continuously automating those required well-architected actions, ensuring every app has the right resources, within business compliance, to perform optimally in the cloud.”

Becoming well-architected is an ongoing challenge. Market demands, business strategy adjustments, changing technology availability, and other factors require constant monitoring to ensure workloads are at operating as expected. Azure Advisor provides real-time recommendations on deployed workloads and assets, monitoring and improving workload quality aligned with the Azure Well-Architected Framework. With the Microsoft Azure Well-Architected Review, assess the quality of your customer workloads at any time, and make it a healthy practice for your organization and cloud portfolio.

Learn more about the Microsoft Azure Well-Architected Framework watching this session, reading this blog post, or taking the Learning Path Build great solutions with the Microsoft Azure Well-Architected Framework in Microsoft Learn.

Enabling partners to drive customer success

Azure Lighthouse is a native Azure management solution purpose-built for service providers to build and deliver secure managed services at scale, across multiple customer tenants profitably and efficiently.

With Azure Lighthouse, service providers can structure well-architected managed services offers with Azure native and comprehensive security and management tooling. They can securely and quickly onboard customers, leverage a single-pane of glass for cross-tenant management, monitor and manage cloud costs across all their customers, and optimize cloud infrastructure and operations. All with greater automation, security, and governance from a unified control plane.

Service Providers also have opportunities to expand their revenue with Azure Arc by extending their managed services to on-premises, multi-cloud, and edge environments. “The best part is the customer control. Not only do we access exactly what we need, but the customer maintains complete transparency into what we are accessing, where, and when. It’s significantly faster, more secure and effective, and much more convenient to service our customers now.” – Peter Chiang, Senior Project Manager, CloudRiches

Azure Lighthouse is delivering multiple enhancements today based on partner and customer feedback, including a preview for Azure Multi-Factor Authentication and Azure Privileged Identity Management support for just-in-time access. “We already had granular and secure access, but now we’re able to add security best practices of least-privileged principles, providing even more comfort and confidence for our clients.” – James Brookbanks, Azure Service Manager, Parallo

Partners can now easily activate PIM and MFA by adding type options to Role Based Access Control roles (permanent or elevation eligible) in the arm templates they use for customer onboarding. Partners can elevate access to a privileged role type for a shorter period of time, without needing a permanent level of higher access.

Find more information and comprehensive resources that support all these initiatives on Azure Partner Zone. We have a great opportunity ahead of us. Let’s continue to partner, continuing our common endeavor, helping our customers successfully use Azure to achieve their business goals.

1 LinkedIn Workplace Learning Report.

2 World Economic Forum: The Future of Jobs Report, 2018.

3 Gartner, 4 Lessons Learned From Cloud Infrastructure Adopters, June 30, 2020.
Quelle: Azure

Innovate in Azure with confidence

As the world navigates through the pandemic, it’s inspiring to see companies across every industry innovate to rethink their operations, engage with customers in new ways, and keep their employees safe. When it comes to innovating in the cloud, customers tell us that they need a platform that enables them to stand up solutions quickly, be agile to respond to their dynamic environments, and do so in a cost-effective manner. Azure has them covered.

Customers today are innovating in Azure more than ever before for their applications and their analytics solutions. Here’s why.

Applications

Customers that modernize their applications, or build new ones, on Azure realize significant cost savings and performance gains. A common pattern we see is customers modernizing their .NET applications with Azure App Service and Azure SQL Database. The Clover Imaging Group, for example, successfully migrated 200 applications to Azure with Azure App Service and Azure SQL Database with minimal effort to free their development team from administrative burdens like patching and updates.

Another common pattern we see are customers developing new applications from the ground up based on cloud design principles. These applications are typically built on containers with Azure Kubernetes Service, take advantage of microservices architectures, use managed databases like Azure Cosmos DB and Azure Database for PostgreSQL and integrate AI capabilities with Azure Cognitive Services and Azure Machine Learning. This pattern is so common that by 2023 more than 70 percent of global organizations will be running more than two containerized applications in production, up from less than 20 percent in 2019.1 And, by 2022, over 50 percent of new enterprise applications developed will incorporate machine learning (ML) or artificial intelligence models.2

A great example of a customer doing this today is the Peace Parks Foundation. Combatting rhino poaching in South Africa, Peace Parks developed an application using Azure Kubernetes Service, Azure Database for PostgreSQL, Azure Functions, and custom ML models with Azure Machine Learning to detect poachers across a 96,000 hectare park. They stood up a proof of concept in three weeks and had the solution in production in a few months. With this solution, Peace Parks is saving the lives of hundreds of rhinos each year.

Analytics

Customers are also turning to Azure more than ever before for their analytics solutions. Core to achieving the agility required for today’s environment is the ability to gain fresh, continuous insights from data. Azure Synapse Analytics brings together the world of big data and data warehousing into a single service and enables immediate insights by breaking down the barriers between operational and analytical systems through Azure Synapse Link. It is deeply integrated with Power BI, the undisputed leader in business intelligence, and Azure Machine Learning, which enables developers and data scientists of all skill levels to build, manage and deploy ML models responsibly at scale. 

This combination offers unmatched value and performance. According to another recent Forrester Consulting Total Economic Impact™ study, customers using Azure Analytics with Power BI realize a 271 percent ROI over three years with a nine-month payback period. A fantastic example of a customer using these services today is Walgreens. Walgreens migrated their entire on-premises data warehouse for inventory management to Azure Synapse Analytics in just three months. With this solution, they were able to gain three times the performance at a third of the cost.

“With Azure Synapse, we were able to create a platform that is streamlined, scalable, elastic, and cost effective, enabling my business users to make the right decisions for the fast-paced market.” – Anne Cruz, IT Manager for Supply Chain and Merchandising, Walgreens

Get started today

There has never been a better time to innovate and invent with purpose with Azure for your applications and analytics. Get started today.

1 Gartner, 3 Critical Mistakes That I&O Leaders Must Avoid With Containers, Jeffrey Hewitt, August 2, 2019

2 Gartner, Machine Learning Alters the Role of the Developer, Van Baker & Jim Hare, October 31, 2019
Quelle: Azure

Deliver hybrid cloud capabilities with the next generation of Azure Stack HCI

Customers are increasingly moving their workloads to the cloud to save money, increase efficiency, and to innovate. At the same time, some workloads need to remain on-premises for compliance, latency, or other business and technical reasons. As organizations look for cost-effective solutions that bring hybrid capabilities to their datacenter while being able to use existing skills and investments, we are committed to giving them more choice and the best solution for their hybrid needs.

Customers have been using Azure Stack solutions to meet their hybrid needs across datacenters, remote offices, and edge locations. Customers have choice and flexibility for running hybrid applications with Azure Stack Hub that is Azure consistent and can be run connected or disconnected, high-performance virtualization on-premises with Azure Stack HCI or an Azure managed appliance that provides intelligent compute and artificial intelligence (AI) at the edge with Azure Stack Edge.

Today, we’re delivering the next generation of Azure Stack HCI, an Azure service that combines the price-performance of hyperconverged infrastructure (HCI) with native Azure hybrid capabilities, all while letting enterprises leverage existing skills.

Azure hybrid by design

The new Azure Stack HCI solution is an Azure service, giving customers the latest security, performance, and hybrid enhancements. It delivers an integrated management and operations experience with Azure allowing customers to manage Azure Stack HCI deployments and Azure resources, side-by-side, right from the Azure portal. Customers can monitor multiple clusters at scale and even view and manage virtual machines (VMs) running on Azure Stack HCI taking advantage of Azure Arc.

IT administrators can also use a new deployment wizard to quickly setup an Azure Stack HCI cluster and connect to Azure and take advantage of Azure Stack HCI native integration with core Azure services such as Azure Backup, Azure Security Center, and Azure Monitor, so customers can easily take advantage of Azure hybrid management capabilities.

Enterprise-scale and great price-performance

We give customers the flexibility to run small deployments, like remote and branch offices, or scale to datacenter grade deployments. The flexible per core subscription model enables customers to optimize cost based on their needs. For example, in a branch-office scenario, an 8 core server with less than 16 VMs, the upfront cost for Azure Stack HCI is 2.5 times less than other HCI solutions in market today.

In addition, the new Azure Stack HCI includes no cost Extended Security Updates (ESU) for Windows Server 2008 VMs running on it.

We want to help customers save money while delivering great performance. Early benchmarking shows Azure Stack HCI input/output operations per second (IOPs) in the 13 million+ range, and over one million requests/sec for TPC-c SQL server workloads—both in line with industry leading performance demonstrated with the first-generation Azure Stack HCI.

We also included new features, such as Stretch Cluster, which delivers native high availability (HA) and disaster recovery, so you can extend a cluster from a single site to multiple sites easily.

Familiar management and operations

IT teams can build on their knowledge and familiarity of Azure, Windows Server, and Hyper-V to run and operate Azure Stack HCI. Customers can use familiar tools such as Windows Server Admin Center or Azure portal to manage and monitor resources in your deployment. Management tasks are completely scriptable using the popular cross-platform Windows PowerShell framework.

Choice of hardware and deployment options

We are working with partners to bring Azure Stack HCI to a broad range of validated hardware solutions that meet our customer needs. These validated solutions are based on standardized reference architecture that are supported by Microsoft and our hardware partners.

To improve customer experience, we are bringing Azure Stack HCI integrated systems as a new purchasing option. Integrated systems offer an appliance-like deployment experience, for the quickest time-to-value with factory preinstalled bits enabling easy deployment, integrated updates across the full stack of firmware, drivers, agents, and the operating system, and many more unique capabilities.

Lenovo is one of the first partners that are bringing Azure Stack HCI integrated systems to market with their innovation on hardware and customer experience and we are truly excited with this partnership.

“Lenovo and Microsoft's long-time partnership continues to grow—together we are elevating our mutual customers’ experience by bringing Azure Stack HCI to our award-winning Server and Software-Defined portfolios, including our ThinkAgile MX1021 edge server platform. The combination of our technologies will further accelerate customers' modernization of their IT and journey to the hybrid cloud, leveraging hybrid capabilities with the seamless integration of Azure.” —Kamran Amini, Vice President and General Manager, Datacenter Infrastructure and Software-Defined Solutions, Lenovo Data Center Group

Intel is another partner that has long history of partnership with Microsoft, and investment in our mutual customers journey to the cloud and hybrid capabilities.

“We’re seeing an increased urgency for digital transformation, and technology is playing a critical role in helping customers find the resilience and reimagination required to navigate a time of disruption. Azure Stack HCI takes advantage of the latest technologies from Intel’s broad portfolio, so customers can quickly modernize their infrastructure. Customers can quickly adapt in a dynamic world and have cloud efficiency for on-premises workload, while getting the flexibility, performance, and scale they trust from Microsoft and Intel.” —Jason Grebe, Corporate Vice President, General Manager, Cloud Enterprise Solutions Group at Intel

We are also offering the flexibility of running Azure Stack HCI on existing hardware if it matches our validated node solution. We believe this is an important new change for customers to get the most value out of their current hardware investment.

Modernize your datacenter

Azure Stack HCI can be used across a variety of use cases to modernize datacenters with high-density virtualization and storage. This is an ideal solution for organizations that want to reduce their datacenter costs especially for legacy hardware or SAN environments with modern hyperconverged infrastructure through both the savings in OPEX and efficiencies gained by centrally managing from Azure.

Banks, retail stores, factory floors, and edge locations can leverage the broad choices of hardware available from small systems to server class hardware to run solutions like virtual desktop infrastructure (VDI) or high performance SQL environments supported by a single control plane for fleet and cluster management through Azure.

Get started

We are excited about these big changes to Azure Stack HCI, and we want you to try it today. Visit Azure Stack HCI solutions and provide us with feedback while in preview to continue to bring you the best hybrid approach in the industry.
Quelle: Azure

Introducing the Microsoft Azure Well-Architected Framework

As the technology requirements of your business or practice grow and change over time, deploying business-critical applications can increase complexity and overhead substantially. To help manage this ever-growing complexity, we are pleased to announce the introduction of the Microsoft Azure Well-Architected Framework. Following industry standards and terms, the Azure Well-Architected Framework provides a set of Azure architecture best practices to help you build and deliver great solutions.

The Azure Well-Architected Framework is divided into five pillars of architectural best practices: cost management, operational excellence, performance efficiency, reliability, and security. These pillars help you effectively and consistently optimize your workloads against Azure best practices and the specific business priorities that are relevant to you or your customers' cloud journey.

Get started with the Azure Well-Architected Framework:

Read the framework content, reference material, and samples available in the Azure Architecture Center.
Take the Azure Well-Architected Review on Microsoft Assessments.
Learn how to Build great solutions with the Microsoft Azure Well-Architected Framework on MS Learn.

Here is how each of these modalities can help you improve your workloads and grow your business.

Get started

Designing and deploying a successful workload in any environment can be challenging. This is especially true as agile development and DevOps/SRE practices begin to shift responsibility for security, operations, and cost management from centralized teams to the workload owner. This transition empowers workload owners to innovate at a much higher velocity than they could achieve in a traditional data center, but it creates a broader surface area of topics that they need to understand to produce a secure, reliable, performant, and cost-effective solution.

As an example, consider a Dev/Test workload that you’ve deployed as a simple proof of concept to measure the feasibility of Azure. If you’ve never had to manage the security, cost, performance, and reliability constraints for a workload, how do you ensure that your proof of concept is valid? How do you know you’re even asking the right questions or reviewing the metrics that you have available? The Azure Well-Architected Framework helps you make all the appropriate considerations for your workload.

For existing workloads, an additional tool that aligns with the Azure Well-Architected Framework is Azure Advisor. The guidance provided by Azure Advisor helps you pinpoint specific resources in your application that can be improved across the five pillars. Additionally, recommendations are prioritized according to our best estimate of significance to your environment, and you can share them with your team or stakeholders.

Review your workloads consistently

The Azure Well-Architected Review is designed to help you evaluate your workloads against the latest set of Azure best practices. It provides you with a suite of actionable guidance that you can use to improve your workloads in the areas that matter most to your business. Every customer is on a unique cloud journey, so we designed the Azure Well-Architected Review to be tailored to an individual company’s needs. You can evaluate each workload against only the pillars that matter for that workload, so when evaluating one of your mission-critical workloads, you might examine reliability, performance efficiency, and security first and then later come back and look at the other pillars to improve your operational efficiency and cost footprint.

 
As you complete the assessment, you're provided a score for each pillar that you chose to evaluate and an aggregate score across the entire workload. You also receive a set of actionable recommendations that you can follow to better align the workload with your business priorities.

At the current pace of technical innovation, having a well-architected workload is a moving target. As best practices and technology evolve, business priorities change, or other factors shift, what was best for your workload may move right along with it. To continuously meet these targets and requirements, update your process to regularly review and monitor your or your customers' most important workloads to ensure that they're reliable, secure, and operating as expected.

Learn how to build great solutions

At Build 2020, we introduced the Build great solutions with the Microsoft Azure Well-Architected Framework learning path, which you’ll find helpful if you’re new to building solutions in the cloud or prefer a more interactive experience. This learning path consists of six modules: an overview of the framework along with one module for each pillar that provides a high-level conceptual overview without getting bogged down in the specific details of workload optimization.

 

Next steps

For a quick introduction to the Azure Well-Architected Framework please visit us at this session, or explore one of the modalities that we’ve detailed above.

We’re rapidly iterating to build out Azure Well-Architected across each of the channels we’ve detailed. If you have feedback, please reach out to us via GitHub, Facebook, and Twitter.
Quelle: Azure

Build safer, more resilient workplaces with IoT solutions

We are coming together as a global community, looking for opportunities to act or perform small steps that drive change for the better. Many parts of the world are still in the first stage of responding, actively working through the immediate crisis with urgency. While other areas have started on recovery, looking at how to restart the economy, provide stability, and most importantly bring together our society. Amidst these goals are also questions, how do we make it safe for people to connect in person? To have a meal with friends, travel to see loved ones, or function as a community?

Top of mind for many organizations, and a theme prevalent at Microsoft’s inaugural virtual Inspire conference this week: how do we make it safe for people to return to the workplace? And how can the Internet of Things (IoT) play a role in supporting these phases of responding, recovering, and rebuilding?

Digital capabilities enabling business resilience

The COVID-19 outbreak has been a reminder of how interconnected humanity is globally—and how resilient the human spirit can be. But it has also shown that businesses using technology to stay connected have been more resilient than others.

In the world of IoT, we have the ability to transform analog and digital feeds, to reason over data and respond immediately. The response is important. In today’s increasingly connected world, we have seen organizations and industries respond to market demands and needs by putting technology at the center of their business. But more importantly, we are also seeing customers use technology built on the Microsoft platform to develop their own unique digital capabilities.

As we see these organizations build out their own digital capabilities—most recently with a focus on coming out stronger from this global outbreak—it is those that are able to quickly adapt to the changes around them that emerge resilient. At Microsoft, we built an edge and cloud methodology grounded by the principles of trust, responsibility, and inclusiveness. And organizational resilience is built upon cloud-enabled technologies that offer on-demand tools tailored to your needs, enable productivity enhancement, drive cost savings, and so much more.

Innovations leading the way to safer workplaces

It has been energizing to see the innovative strides being made by our partners and customers. To see how they are investing in digital capabilities and addressing our global challenge. And this use of technology has helped many of our customers as they were forced to adapt to new ways in an accelerated fashion. What would have taken years has happened in mere weeks.

As we enter this phase of recovery, many of our partners are using IoT solutions to solve the question of how we enable safer workplaces. Microsoft’s role as a platform provider is to empower our partner ecosystem with platforms upon which to build solutions to meet the evolving needs of their customers.

Employee health testing

One of the first areas we have come to re-examine as part of this global outbreak is how sick you should be before you avoid the workplace. We have also shown ourselves time and time again in the past few months that you do not need to be in the office to be productive, efficient, and connected.

However, as some of us slowly return to work in office or factory environments, we are all sensitive to how others around us are feeling. IoT partners are building solutions on the Microsoft platform to monitor public health in public spaces, including business offices. These IoT solutions use connected devices—such as thermal imaging cameras for temperature monitoring, smart sensors for promoting social distancing, and hand sanitizer dispensers to encourage recommended hygiene—and turn the data gathered at the intelligent edge into valuable insights that can help manage how people are interacting with their environment.

Employee wellbeing, proximity, and contact

With the return to work, we anticipate how our work environments are structured will change. From office layouts and break rooms to the normal business handshake, some level of social distancing will be part of our daily routine.

Microsoft partners have developed IoT solutions that use proactive monitoring and real-time alerts to track employee proximity and ensure a safe, healthy working environment is being promoted. Microsoft partners have architected contactless UI systems that help minimize potential exposure by reducing touchpoints throughout the day.

Workplace sanitization

Even with reduced touchpoints and increased distancing, workplace sanitization will be more important than ever. BrainLit's BioCentric Lighting™ (BCL) system is a dynamic, self-learning, IoT-based system that delivers disinfection through ultraviolet light in unoccupied spaces, to promote health and well-being and help kill viruses without disrupting business operations. This solution leverages Azure Sphere, which connects the BrainLit devices directly to the cloud for complete Azure-based security and the latest OS and app updates, ensuring an up-to-date and scientifically based lighting and disinfection system.

Just as important as hygienic workspaces will be, so will the use of personal protective equipment (PPE) as we return to work. Partners have built solutions with the Azure intelligent edge to increase visibility of adherence to face mask policies, so safety violations and concerns can be quickly addressed, and a safe work environment maintained.

The role of security in digital capabilities

With solutions like the above, we are capturing more and more data that is used to generate valuable insights and contribute to a safer, healthier workplace for our employees. Yet a key part of this conversation is the importance of building all these solutions on a foundation of security. Especially as we move to a more connected world where we realize our potential to work from anywhere, it is more essential than ever to also protect our companies and our employees from a cybersecurity perspective.

From democratized data to digitized processes, companies must ensure the necessary security practices and procedures are in place to manage disparate technologies and various attack vectors. Plus, with attackers becoming increasingly creative in how they try to infiltrate IoT deployments by identifying security weaknesses, building security into every part of your IoT platform helps minimize risks to your private data, business assets, and brand reputation.

As companies build out their digital capabilities, they must be thoughtful and implement security by design. It requires that protection be built-in at each stage of your solution’s deployment—including your cloud services and devices—and that security weaknesses are minimized where they exist. And it requires using technology built on decades of experience to make your threat detection and response smarter and faster with AI-driven security signals that modernize your security operations.

Just as critical is protecting people’s privacy, especially as companies focus on digital technologies used for tracking, tracing, and testing to fight the global outbreak. Here at Microsoft, we believe privacy and ethical concerns must be considered as we move forward to use data responsibly in creating safer workplaces. We have seven privacy principles that we believe everyone should consider using to ensure people are in control of their data and understand how it will be collected and used—from providing appropriate data safeguards to deleting data as soon as it’s no longer needed.

Learn more about creating safer workplaces

In this increasingly connected world, it is thrilling to see the variety of IoT solutions and devices that exist to help generate valuable insights. Yet these same solutions don’t always have the necessary digital capabilities due to legacy, inflexibility, or the need for human intervention to respond. The result of this is we fail to act on the very insights presented to us.

Now, more than ever, we can’t afford to fail. But even more importantly, we can’t afford to not act. The decisions we make now as individuals, leaders, societies, organizations, and countries will have both an immediate and long-lasting impact. And the decisions we don’t make—even more so.

As companies look to reopen, how they bring together technology and people will play a key role in creating safer, more resilient workplaces. And companies that enhance their digital capabilities, so they can act more quickly and make informed decisions, will be able to successfully navigate future changes and uncertainties.

Contact iotcovidsupport@microsoft.com to discuss how IoT solutions built on Azure can help you to return to the workplace safely.

 

Microsoft does not create technologies related to contact tracing, exposure notification, and case management and does not imply or expressly represent any vetting or endorsement of contact tracing, exposure notification, or case management technologies.
Quelle: Azure