fbpx
Share

Top 5 tips for efficiently running an Azure environment

As more and more people adopt cloud computing, it’s become evident that business are struggling to manage the costs associated with operating cloud environments. After reviewing the many health checks we have performed on customers’ Microsoft Azure instances, we found that a staggering 75% of customers are paying too much for Azure. Of those customers, some are overpaying by as much as 70%*. Some of the main advantages of the cloud is the promise of a cheaper, faster and more resilient platform to run business applications. The challenge we are seeing, is that users of the cloud are adopting traditional on-premises methodologies, rather than adapting to the newer ways of cloud infrastructure management. To help overcome some of these issues, I have outlined the top 5 tips for efficiently running your Azure environment.

1. Are you tagging your resources?

Tagging is the cornerstone of all tracking within Azure. Tagging should be used similarly to metadata you apply to documents. It gives your Azure resources more context as to what their actual function is within the Azure environment. This can be very powerful, as many systems or applications often have multiple Azure resources (storage, network adaptor, etc.). By tagging your resources you can easily analyse costs associated with specific projects or systems, as well as build out automation and resiliency within your systems.

2. When was the last time you looked at Azure Advisor?

Microsoft does offer recommendations to customers around how they can use their Azure environment more effectively. Azure Advisor will do a high-level analysis of your environment in relation to high availability, security, performance, operational excellence and cost. It is suggested that Advisor be monitored on a regular basis, with recommendations being either implemented or addressed. This will help ensure the operation of your environment is in line with Microsoft best practice, as well as being the most cost-effective and efficient way to run your Azure instance.

3. Have you enabled Security Centre Standard?

Another fundamental gap we see with our customers, is how they secure their Azure environment. Any on-premises security architecture or framework should also be extended or applied to your Azure environment. Security Centre is a built-in function of Azure, that will monitor and report on the overall health of your environment. While all environments are covered with the “free” version, this doesn’t allow for root cause analysis, automated remediation or regulatory compliance mapping. It is advised that everyone upgrade to Security Centre Standard to take advantage of these extra features to ensure your environment is secure and protected.

4. How many Global Admins do you have?

One common issue we see, is the prominence of users with elevated access permissions within the Azure environment. The Global Admin role should be treated the exact same as an Enterprise Admin within on-premises Active Directory. Users should be profiled for their role and responsibility within Azure to ensure the correct access levels are provisioned. Through the use of Azure Policy (see below), users can still maintain a certain permission level, without having the need of Global Admin. There are other features like “just-in-time access” and “privileged access management” that will allow the ability to grant evaluated access on an approval and time-based scenario.

5. Have you enforced Azure Policy?

One of the biggest issues we see with customer environments is in relation to governance over the usage of Azure. While one of the benefits of using Azure is agility and speed to market, without appropriate controls, we have seen resource sprawl, and in most cases, “bill shock”. Through the use of Azure Policy, organisations can control the usage of an Azure environment, while still allowing its users to be productive. Azure Policy allows Admins to restrict or mandate certain functions within Azure. Policy is very similar to Group Policy in Active Directory. This allows organisations to enforce governance over the use of their Azure environment, while still allowing users to do what they need to do without too much restriction. It also helps alleviate human error. There are 236 native policies built into Azure. You also have the ability to create your own policy if you wish. Examples of policies within Azure are enforcing MFA on all Admin Accounts, making tagging a required field during resource creation or restricting what regions an Azure resource can be deployed to (data sovereignty as an example).

Regardless of where you’re at in your cloud journey, Data#3 can help.

Whether you are new to Azure or looking for advanced Azure services to take your business to the next level, Data#3 can help. We are proudly part of the Azure Elite program with Microsoft’s Azure engineering team and have the deep expertise your business needs to maximise its investment in Azure.

Reach out to me on LinkedIn to discuss further or contact Data#3 today.

 

* Data collected by Data#3 from 100 Azure customer engagements over a 12-month period in 2018 to 2019.

Tags: Cloud, Microsoft Azure, Public Cloud

Featured

Related

Data#3 wins Aruba as a Service award
Data#3 wins Aruba ‘as a Service award for two consecutive years

February 1, 2023; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, today announced that it has been named…

How-can-you-centralise-control-of-distributed-environment-KC-CARD
How can you centralise control of distributed environments?

Here’s a simple question – how many disparate infrastructure environments are you currently maintaining for your organisation across multiple clouds…

Why would you deploy SASE?
If Secure Access Software Edge (SASE) with Cisco Meraki is the destination, what does the journey to get there look like?

Firstly, let’s set the scene. The term SASE was first mentioned by Gartner Analysts in July 2019 and Gartner continues…

Data#3 named (HPE) Platinum Partner of the Year and Aruba GreenLake Partner of the Year
Data#3 enjoys double scoops at HPE/Aruba awards night

December 08, 2022; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is proud to announce that it has…

Azure BaaS
Protecting Data in a Cloud World: Will Backup as a Service be what Keeps Your Business Online Through a Crisis?

Very few organisations could run in a technology-free environment, so naturally, strong IT departments put considerable effort into business continuity…

Azure Site Recovery
Beyond Backup: The Role of Azure Site Recovery in Business Continuity

In the first of our Azure Backup blog series, we discussed the value of data, and the critical importance…

Protecting Data in a Cloud World: What You Need to Know About Azure Backup

Welcome to part 1 of our 3-part blog series, exploring data protection options and considerations for when you’re operating in…

Data#3 HP Services Award Partner of the Year 2022
Data#3 Takes Home HP Services Partner of the Year Award

November 24, 2022; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is pleased to announce that it has…