How the Microsoft Cloud dissipates the concerns of transforming your Business in the Cloud

November 24, 2016

By Mirko Bonello

The aim of this article is to list the most common concerns of customers who are weighing the pros and cons of moving to the cloud. It also shows how such concerns are mitigated in the Microsoft Cloud offering while actually help businesses to leverage from the digital transformation a cloud platform can offer, thus making such concerns look more like myths rather than reality.

Concern #1: The Cloud is a black box


This concern can actually be an advantage if the business in question is small and does not have its own IT Pros as they can ensure that their business is running smoothly without having to worry about how it actually works under the bonnet or having to pay 3rd party contractors to manage the hardware and software requirements to run their business.

For larger enterprises, which employs a team of IT Pros, this is a justified concern. For these kind of businesses, the Microsoft Cloud does not and cannot be a black box. In fact, Microsoft invested heavily in giving IT Pros control and power to configure both from a scripting perspective using PowerShell and also in terms of the various portal available such as Azure, Office 365 admin centre and Life Cycle Services (LCS) for deploying Dynamics 365 for Operations, all of which you can own and control end-to-end (including authentication, authorization and release of updates) in a way that is beneficial for your business.

Concern #2: IT Pros will lose their job


This is definitely NOT the case. On the other hand, the millions of dollars saved by the typical enterprise in infrastructure and data centre hosting can leave a lot of room for more exciting tasks and more investment in human capital by the company. IT Pros will not become redundant but on the other hand they can have a more strategic role in the company, where their focus will shift from struggling to ensure that the light remains on (and business does not grind to a stand-still) to focusing on how the IT investment of the enterprise can continue adding real tangible value to the business.

Also, as highlighted earlier in this article, there are still a varied and exciting skill-set to be covered when managing an enterprise level cloud deployment (especially if your enterprise deploys a hybrid cloud-on-premises model) and a team smart people are need to effectively manage these cloud environments. Previous knowledge investments are obviously not lost but the cloud skills build on the “on-premises” knowledge taking, as examples, the familiarity of using PowerShell scripts to manage an Office 365 or Azure Deployment and familiarity (and inter-changeability!!!) of Hyper-V skills and Azure Portal skills. From an ALM perspective, Dynamics 365 for Operations continues to be managed, provisioned and deployed via LCS which was also used in the AX 2012 R3 on premises version.

Concern #3: How robust is the Data Centre Infrastructure?


Microsoft’s data centre infrastructure consists of hundreds of data centres spread across the globe in which Microsoft has invested and continues to invest Billions of dollars in maintaining them and scaling them – a figure which is for sure bigger than the I.T. budget of the typical enterprise. Even before a specific geographical location is considered to be used for a data centre many geographical and climate studies are carried out to ensure these operate in a data-centre-friendly climate with minimal risk. The following diagram depicts the components of a typical Microsoft Data Centre.


All components in a data centre are connected via a fibre backbone due to the huge bandwidth requirements of all the servers to make sure they are connected and running fast. The standard of cabling is also very high with very neat cabling, colour-coding and binding. The air-handling and cooling units are also modular which means they can be easily be swapped or replaced in case of mal-function and due to the large number of Microsoft data centres, none of the data centre components are mission critical as the infrastructure is in itself providing redundancy and fail-over – so swapping and replacing a cooling unit or a server is easy.

Also, the cooling systems of the data-centres (excluding the monitoring systems) are self-contained and adiabatic so no power is used to keep the data centres cool! Most data-centre building have been placed together in blocks or build purposely for being a data-centre and are not simply rooms in an office building (which have been originally been decide to host humans not machines) and have been converted to server rooms. Also, the people physically managing these data centres are highly skilled electrical engineers.

One also has to keep in mind the physical architectural design of a data-centre. Although some Microsoft services use shared mechanical and electrical infrastructure and fibre networks there are actually separate hardware and storage, separate networks, separate encryption procedures, data access controls and compliance policies for different services.

All this is to show the level of detail Microsoft goes into to guarantee the robustness of the data centres running behind the cloud and remember that around 85% of Fortune 500 companies have already moved their business to the Microsoft Cloud!

Concern #4: Sensitive Data is not segregated or secure in the cloud




Typically, the answer to this is that connections to the Microsoft cloud are encrypted both at rest and while on the move and that it offers N-Factor authentication which means getting authenticated is much more than guessing or stealing a password. This is, of course, correct but the reality goes beyond this. A Microsoft Data Centre is protected with multi-layer physical and logical security, a high-security perimeter fence, 24/7/365 surveillance, vehicle check-points and world-class access control procedures. Internally there are multi-factor bio-metric access, full body metal (Airport-Style) detection, state-of-the-art fire suppression systems. Each data centre is divided into pods of servers with each pod having its own access control, its own physical security system and doors. Within each pod you can find server racks, each of which are locked, tagged, marked and tracked. Any physical access to these components is all logged.



Earlier in this article I mentioned the electrical engineers maintaining the data-centre. I use those two words specifically as these are focusing specifically on the power and cooling engineering, physical networking and hardware and are not the service engineers. Service engineers (for example the various Office 365 teams) do not physically go near the data centres (i.e. your data) and manage everything remotely. Contrast this with your on-premises scenario where your IT Pros (and the general public) are physically close and have physical access to your hardware!

Besides some of the region-specific clouds built purposely to fit the legal requirements of a specific-country, such as the German and Canadian cloud, one has to also keep in mind that the Microsoft cloud is, up till the time of writing of this article, the only cloud service approved by the European Union’s Privacy authorities. Quoting this Microsoft article, “The EU’s 28 data protection authorities acted through their “Article 29 Working Party” to provide this approval via a joint letter. Importantly, Microsoft is the first – and so far the only – company to receive this approval. This recognition applies to Microsoft’s enterprise cloud services – in particular, Microsoft Azure, Office 365, Microsoft Dynamics CRM and Windows Intune.”


Besides having the data centre redundancy and fail-over discussed earlier in this article, redundancy and fail-over is also applicable down to the data level. Just a simple example, one can refer to the next diagram, to see the number of copies that would be happening for a document stored in SharePoint. The 10+ physical copies are not only across racks but also across data centres (in the same region unless you configure multi-region redundancy). Also keep in mind that all this happened on the back-end without the user even knowing that this is happening. You can also create your own extra backup copies in the cloud for a “point-in-time” restore. As another example, via the Azure Portal or PowerShell you can configure “Availability Sets”. Servers/components in the same availability set stored on separate fault domain and separate server racks, thus avoiding a single point of failure! Thus in a typical scenario you would point your AD machine and a backup copy in the same availability set, SQL Server and your SQL Server backup in the same availability set (i.e. at least one WILL always be available), your middle tier and its mirror in the same availability set, etc. That is the power and level of detail you get with the Microsoft Cloud!

Conclusion: Your data will remain your data and only you will have sole access to it or to any parties you grant rights too. Microsoft never accesses your data or lets 3rd parties access your data. The only exception would, of course, be when there are official request by law enforcement authorities but even in this case Microsoft will stick to its policy of transparency and inform you about such request. Microsoft will also not give access to law enforcement agencies by default but its legal teams will use all the necessary means to try and avoid actually giving the information.


Concern #5: Lack of connectivity will grid the business to a stand-still


Besides the billions of dollars in Data Centre infrastructure investment one has to keep in mind that the Microsoft network is as deep as it can be to the internet backbone so it is as close as possible as it can be to customers. All Microsoft cloud services are hosted in Microsoft’s cloud infrastructure composed of more than 100 globally distributed data centres, edge computing nodes, and service operations centers. This infrastructure is supported by one of the world’s largest multi-terabit global networks, with an extensive dark fibre footprint, that connects them all. The architecture involves a complex network of Complex Delivery Networks (CDNs), metro solutions/peering points and caching which ensure the fewest amount of hops possible to get on Microsoft’s world-class network. So even though there might not be a data centre in your city or region CDNs ensure the quality of service. Microsoft also has various agreements with various ISPs so that from a specific ISP there is the best possible connection to the cloud. From a “last-mile” perspective all the apps are built in a way to allow peer-to-peer communications and can intelligently determine the shortest route between one client and another. A classic example for this is Skype-for-Business which communicates directly with other clients for a voice or video call and does not necessarily route through the data-centre. Office Apps also have various smart endpoints to smoothen the network noise for example when hopping between a 4G and a Wi-Fi network on a device.

Besides all of the above, both Azure’s IaaS offerings (e.g. VPN endpoints) and also the SaaS ERP offerings (meaning Dynamics 365 for Operations i.e. Dynamics AX in the cloud) offer or will offer hybrid cloud and on-premises co-operation so that the really sensitive data and the really critical operations can happen on-premises while the management, deployment and intelligence services can still be handled in the cloud.


Concern #6: With all of the above in mind, the cloud must really be expensive


But is it? In all its cloud offerings Microsoft offers free trials and usage and also offers levels and plans which are suitable starting from the home user and small business up to enterprise-scale companies. For Dynamics 365 there is also the concept of “tiered pricing” where the price per seat goes down as the number of deployed seats increases. In terms of Dynamics 365, with some digging around on the public price lists you will find out that Microsoft has some of the best pricing in the market. Just as an example, Dynamics 365 for sales or customer service or field service costs $95 per user per month and <$10 for team members access. The Office 365 ProPlus and Enterprise bundles and Dynamics 365 Plan 1 and Plan 2 bundles make the enterprise cloud offering even more attractive and cost-effective and remember that with the cloud model you save the big lump-sum infrastructure investments at the start of the project and get rid once and for all, of the headaches that come along every 5 or so years as the current version of your live product approaches its end of life and support and the requirement of re-investment.