Clearing Up Cloud Security

Cloud Security Azure Softchoice

You’re about to begin your journey to cloud adoption.

Or, you’ve already started but aren’t sure if there’s something you missed.

Most organizations moving to the cloud face the same problems. They don’t have a real plan. They have a skill gap in their organization. Or, they haven’t taken the time to define governance.

When it comes to cloud security, the same challenges apply. Planning for security is different in the cloud. 65% of enterprise businesses report a skills gap when it comes to cloud security. Governance questions arise about who will procure cloud technologies and who will have access rights to cloud resources.

[Read more…]

SQL to Azure: The Path to Data Modernization

Sql to Azure

You plan to modernize your data strategy, but aren’t sure how to proceed.

You know moving your SQL Server setup to the cloud will make your business more efficient and secure. What you don’t know is which options best meet your needs. Most organizations looking to modernize their data platforms want the same things:

  • Less administration
  • Minimal downtime
  • Data backups in a secure location
  • A replacement for dedicated disaster recovery (DR) sites
  • A cost-effective way to scale processing

Microsoft’s Azure Data Platform offers a variety of paths to these objectives. Our recent webinar focused on SQL Server on Azure Virtual Machines (VM) and Azure SQL Database.

Watch the webinar here:

Guiding Your Data Platform Investment 

On-premises data options need high administrative support and come with dedicated costs. This stems from the need to patch, update and maintain your server platforms. As you move your data off-premises, you realize savings through shared costs and lower admin requirements. And, migrating to a cloud environment introduces the possibility of savings via consolidation, automation, and scaling.

The Azure Data Platform offers two approaches to hosting SQL Server workloads in the cloud:

  • SQL Server installed on VMs and running on the Azure cloud space (Infrastructure-as-a-service).
  • Azure SQL Database, a virtualized SQL database native to the cloud (Platform-as-a-service).

Both approaches offer greater cost efficiency, security, and performance. Each fits a different set of business scenarios.

Which version of SQL Server 2016 is right for you?

SQL Server 2016 offers four different editions. The Standard and Enterprise versions cover most business cases. Standard includes basic analytics and reporting. It also presents the ability to stretch using hybrid options. Meanwhile, the Enterprise version provides higher scalability and resource efficiency. New higher-end features in Enterprise include “Always-On” availability groups and “Always-Encrypted” security.

Throughout its product cycles, Microsoft has integrated some key features into the SQL Server product. SQL Server 2016 has an in-depth security focus. The “Always-Encrypted” feature secures the data stream from point to point. Row-level security and data masking functions provide powerful, granular security for multi-tenant environments.

Other key features:

  • In-memory improvements to enhance retrieval and access performance.
  • Mobile BI technology from Microsoft-acquired DataZen enables scaling across mobile platforms.
  • Stretch Database lets you scale legacy data stored on-premises to Azure SQL DB.
  • Big Data analytics are directly integrated into the core product.
  • Query Store helps troubleshoot query performance by capturing a range of information

IaaS or PaaS? Which Is Right for My Business? 

Whether cost savings, performance or security is your chief concern, the Azure Data Platform covers a wide range of functionalities with Azure SQL Database and SQL Server on Azure VMs.

So, how should you think of the different services? 

SQL Server on an Azure VM is a fully-featured relational database management system (RDBMS). It allows you to run SQL Server installed on Windows Server VMs running on the Azure cloud. IaaS means you’re able to run applications on a “hybrid cloud” combining cloud-based and on-premises servers.

This model is best suited to rapid app development and quick migration to the cloud. It offers 100% compatibility with SQL Server features and permits you to test and deploy code changes quickly in Azure and on-premises. At the same time, this approach is a good fit for customized environments with some dedicated IT resources. However, automated features limit the need for manual configuration and management.

Azure SQL Database offers similar functionality to the IaaS model, but with more elasticity and power to scale. This is the ideal choice to support new, cloud-designed applications needing high SLAs and “full-bar” product functionality. It’s suited to organizations without dedicated database administrators (DBAs), or who need more operational support from Microsoft.

Where Does Azure SQL Database Fit? 

Microsoft has made heavy investments to make Azure SQL Database ready for business-class applications. The solution comes with a 99.99% SLA and ensures predictable throughput and performance through new service design points. Point-in-time protection includes geo-restore and geo-relocation. These features prevent the “whoops,” also known as unintended data deletion or alteration, and allow you to scale out to maintain high availability.

Other key features:

  • 3 dynamically-scaling service tiers and predictable hourly billing.
  • Flexible “pay for what you use” service model.
  • Elastic database pools allowing dynamic resource-sharing among databases on the same server.
  • Programmatic point-in-time restore with tiered retention policy.
  • Geo-restore opt-in feature allowing recovery to any Azure region.
  • Standard/passive and active geo-replication functionalities.
  • Powerful “Always-On” Availability Groups.

Migrating to the Azure Data Platform 

There are three principal ways to migrate to the Azure Data Platform.

The in-place upgrade is simple and when complete produces an up-to-date version of SQL Server. This approach has no roll-back strategy, though, and requires that the existing OS remain in place.

A side-by-side approach uses duplicate versions of Windows Server and SQL Server. It then migrates the databases from one to the other. This provides for easy testing and roll-back and gives an opportunity to refresh or virtualize the OS if this hasn’t been done already.

Azure migration uses the opportunity to move to SQL Server on Azure VM or to the PaaS model. In our webinar above, Microsoft SQL MVP Steve Thompson illustrates the platform’ integrated capability to do this.

It’s also possible to migrate to SQL Server on Azure VM using Always-On Availability Groups, reducing on-premises footprint requirements. This also hedges against equipment and facility issues, serving as a potential replacement for dedicated DR sites.

SQL Stretch Database is a hybrid solution for secure migration of cold data to Azure on a table-by-table basis. It’s effective for lowering on-premises storage and maintenance costs while keeping legacy data online and accessible through smart querying.

High Availability/Business Continuity 

Microsoft has introduced the always-on availability feature to replace database mirroring. Always-On Availability Groups are among the most powerful features in SQL Server 2016. The Standard service tier covers two-node failover, while Enterprise supports multiple nodes for clustering (3 synchronous and up to 8 replicas). The ability to setup any node as “read-only” means you can scale out your reporting needs and offload demand on the primary replica.

Other Azure Data Platform business continuity options:

  • SQL Server IaaS with log shipping enabled
  • Backup SQL Server to Azure storage account
  • Full support for SQL Server Always-On Availability Groups

Now to Begin!

With a better understanding of the cloud data options available, you’re ready to map your path forward. We recommend getting on the path to data modernization with an assessment. The SQL TechCheck provides you with a review of inventoried SQL Server instances and performance monitoring results.  At the same time, you’ll receive a Review SQL Server Modernization examples, including your options for data platform investment, and deploying and maintaining business continuity in Azure.

Avoiding the common Azure mistakes and missteps

Avoiding the common Azure mistakes and missteps

It’s not a question of if your organization is going to migrate some of its workloads to the cloud, or even when. The real questions are: what are you moving, how can you make the most of it, and how can it be done with minimal risk?

[Read more…]

Getting secure in a mobile-first world with EMS

getting-secure-in-a-mobile-first-world-with-ems

We live in a time where a generation of workers has never plugged in a cable to get on the Internet. And while this mobile-first world has been great for productivity, it’s led to greater risk and challenges for the security team.

Today, security is so much more than just a firewall. As we saw in our recent webinar, co-hosted with Microsoft to discuss their new Enterprise Mobility + Security Suite, breaches are resulting from weak end-user passwords or error, as well as a lax attitude toward SaaS and third party “Shadow IT.” Add to that infrastructure complexity brought on by cloud and hybrid environments and everything you knew about security is changing.

[Read more…]

8 reasons to care about Azure Resource Manager

8 reasons to care about Azure Resource Manager

In the beginning, when Azure was new and most organizations were just dipping their toes tentatively into the water, it was usual to deploy a single VM here or a blob storage there. There wasn’t a whole lot to manage as there wasn’t a whole lot up there for most. However, now that many have jumped in and found the water to be just fine, larger and more complex solutions are being deployed necessitating a need for a tool to help manage the resources that make up those solutions.

[Read more…]

Cloud security is a shared responsibility: Azure tools and webinar

Cloud security

Even if cloud providers take most of the hard work off your plate, you shouldn’t take lightly your own responsibilities – what Amazon or Microsoft aren’t going to do for you.

One of the most important of these responsibilities is – security – or at least some aspects of it. When you are leveraging the cloud as a platform for business applications, security duties are split between you and the provider.

[Read more…]