Cloud Crunch
Cloud Crunch

Episode · 2 years ago

S1E06: Azure Cloud Adoption Framework (CAF)


Farida Bharmal, Microsoft One Commercial Partner, joins us today to talk about Microsoft's Cloud Adoption Framework (CAF). We discuss the components of CAF including strategy, plan, ready, migrate, innovate, govern and manage, and where customers are struggling and how they're overcoming those challenges.

Involve, solve evolved. Welcome to cloud crunch, the podcast for any large enterprise planning on moving to or is in the midst of moving to, the cloud, hosted by the cloud computing experts from Second Watch, Jeff Aiden, Co founder and Executive Vice President of marketing and Business Development, Ian will be chief architect cloud solutions, and Skip Berry, executive director of cloud enablement. And now here are your hosts of cloud crunch. Hey everybody. Jeff Hayden Co found our Second Watch here and I am joined by our cohost Ian Willoughby and skip Berry, and we have a special guys today from Microsoft. If you hear some background noise. Like many of you, we are working remote during this period of Covid nineteen and we should every listener out there the very best in staying safe. Today we're going to look at the Azure cloud adoption framework and the Best Practices for cloud adoption using Microsoft asure and cloud date of tools and the basic elements around sentinel security offered by Azure. We're joined today by Freedom Fromal, a clouds solution architect for one Microsoft commercial team, and she has been part of Microsoft for nineteen years, so she is seeing the shift in the last five years that Microsoft's made, as well as their emphasis on the clouds. We're looking forward to hear in those insights today. Freeer from you, and I'll give you a second to kind of give us an overview of what you've observed as Microsoft has really changed and become very aggressive in cloud and clouds solutions. So welcome, hello everyone. Frieda from Microsoft, working as a cloud solution architect, helping Microsoft partners their solutions on an Azure. Today I'm here to talk about Microsoft cloud out option framework and as security practices, especially focusing on Adjus, and to know so, Freeda, you've been at Microsoft for nineteen years and obviously has seen the shift to cloud and it's been very aggressive by Microsoft. Obviously you moved in the cloud group. What got you excited about Azure and put a focus on emphasis on you moving into that group. So I started this journey in the Azure cloud in the as you things around seven years back. I truly feel we are in a fantastic place. The reason Microsoft went on this spot is in this fast changing digital world, our customers need speed. Our customers need to be really quick and be able to get your services out on the cloud. Microsoft strongly belief that a customers need speed. Cloud offers that speed. In one click, one minute, you have your platform on which you can start your business. You can start your solutions, your offerings, in just five minutes. I remember fires back se when, years back, when I ever taught of creating my own website or hosting something like that, I my solutions. I would think about, okay, how much money do I need to invest out front? What will it take for me to have these solutions out there? In today's world, if I have an idea middle of the night, I can go up and have my solution available to my customers in just a few clicks without any upfront of cost. This is the reason why Microsoft strongly believes that cloud is the way. Cloud offers what our customers need and we have invested hundred percent of our resources into making sure that our customers need from the cloud what they want. Wow, so seven years so you saw that change in leadership there, obviously, and a number of changes culturally and changes with as...'re from the very beginning. That's quite a journey to be able to witness from such a large technology company. Hey, freedom, let's jump in and look at you know some of the questions that we prepare today for our lesseners. We're talking about the cloud adoption framework. What are you tell us what that is, why Microsoft developed it and how it's important for our listeners as they start to work with and leverage as your cloud? Sure, sure. I'll give you a start with a very small story, and this is my real experience. One of my partners came into a cloud world, not knowing what it is and knowing that I'm from Microsoft. Payment asked me, okay, I'm doing this migration. I have been trying to do it for the last three months and I still don't see how it's going or when it will finish. I asked my friend, okay, how are you doing the migration? Tell me how many machines you have or tell me which solutions are you starting the migration? And the answer was, let me create a excel sheet and I'll send it that across to you. It took him a week in order to do that and come back to me. The reason Microsoft came out with club, this cloud adoption framework, is so that our customers who are wanting to move to the cloud have a prescribe framework in order to avoid such pitfalls that I just described. Cloud journey is very easy, very seamless if it's done the right way. Microsoft has been helping our customers for years going through this cloud journey. We have got lots of best practices, things that we recommend, tools that we provide to make this cloud transformation journey, the digital journey, seamless easy for our customers. Cloud adoption framework is all these best practices and learnings that we Microsoft have in one way so that it makes our customers experience fast foodless and painless. Sounds Great. So obviously you guys have been involved with a lot of enterprises getting into the cloud. What we run into a lot of times is industries will say, yeah, but our vertical or our particular market segment is is a lot different from everybody's else's. Do you feel as though the cloud adoption framework really expresilt around it? Does it work for all enterprises? Yes and no. So yes, every industry, verticle has its own little things that we need to be careful about or we need to learn from. Example, financial institutions securities the highest need, while, as some educational institution, they want to make sure that our privacies is well provided and cost is a big factor. Cloud adoption framework has taken into considerations the different industries from which we have worked with and learned it, which is literally every industry in the world, and the guidance that we have come up, though it is not currently flice for industry, but best practices and techniques prescribed in this cloud adoption framework, does carry value for every vertical and every industry. So follow onto that. It's interesting. So with each if you look at it from every vertical, you know, and then trying to make a common across. You know, what is Microsoft done with the calf, with the cloud adoption framework, to kind of normalize this across like so explain the Strategy Plan Ready, migrate, Inno, vacavernment. Manage those stages to a depth that's you're fitting for the time that we have, but if you could drill into some of those a little bit, help our listeners understand, you know, the process that they would go through with calf.

Sure, so there is no single adoption path that will work for every organization. This is a guidance, right, and in the guidance faith. What we have done is we strongly recommend that you go through this motion of first strategizing what you need. What's still motivation for your cloud migration? What are the business outcomes that you are expecting? Why are you going to through this cloud journey? And, of course, what would be your first project that you want to go through this motion of of getting it to the cloud? Some of the best practices technique recommend is when you select your first project, make sure that first project is a project is does not impact your bottom line, a project that is not high on the risk factor. The reason is, when you go through this motion, this journey, you will be learning along, and that's where the first project needs to be one where you can afford to make mistakes. Once you are strategized. Okay, why I need to move to the clouds? What are the business outcomes I need? And that's the time you go into the planning. In the planning phases, what you want to make sure is you you know what is your digit estate. For example, you have fight housand machines on Cram and you want to move to the cloud. Do you know which machines are serving which solutions? Do you know how how good or bad these machines are utilized? Do you know your current network? What's your digit digital asset that you have currently have. Certain other things to be considering while you are planning through this would be if your organization aligned to go through this journey. Many of our customers who are coming from the on pram world or other places, they may not be aligned to the cloud world. What I mean by that the on treme world is more ticketing based, like okay, all PECs based and I need for machines. Come to me after four months and you'll get these for machines. Do you have a central management team? How Are you aligned in the cloud world? You want to pull it down any barriers that you have between your operational units, between Your Business units, making sture that you are rightly organized aligned to go through this journey. All these best practices has to what at alignment might look like. The recommendations, the learnings are well documented. Great. So now you know that you want to migrate these solutions. You know that you have aligned your teams to be successful. Are Your teams ready in terms of the skill set? There are operational, fantastic operational teams. However, they will not know how the cloud words. They may not know what's a virtual network compared to physical CISCAL router. Make sure that we have a good skill readiness plan. They may not be ready today, but we have to make sure they're ready few months down the lane. When Your Business operates in the cloud, and that's the whole planning phase that the best practice is the different aspects that you need to look at for your organization to be ready to take this leap in the cloud. It may not be an overnight process. However, if it's planned well, it does go very quickly. Where do we where do we see most customers struggling in that arc of those gates that you go through? From your experience, there are different types of customers in terms of where they start with. So do strategy phase comes from the business. If the businesses know why they're moving, we are good. However,... the planning phase, some customers take the leap too quickly in the sense of do you want to Migrate Your First Sap Workload in the cloud, which may not be the best idea, or so in terms of maturity in where I see customers do is about strategizing and planning in the right fashion. You want to have a strong partner with you who have gone through this journey couple of times. The reason is they will make sure that you don't go fall into hurdles and bit first that they have seen their customers go through. A few things that I have seen is the breaking down, especially for larger organizations, breaking down the barriers that were generally see when companies opera on prem world. In the on fram world, the business units are separate from the IT operational units are separate from the support teens or separate. That is very defined swim lights. In the cloud world we have to make sure we operate as virtual teams. We will have definitely have our own swim lanes. It's not that the developer will do the operational teams the job. However, the film late start merging and there will be over lasts and what developers are doing compared to what a operation schemes are doing. I give a very simple example. In a cloud world, the developer has the ability to create their own new machines, virtual machines to deploy their code directly into the deaf environments. Right. So the operation steams job over here would be making sure that what about the developers need to do they are able to do with speed. However, managing the security and the compliance needs that are required for the organization to stay safe. Now, a lot of times we run into customers and they've started their own strategy and maybe some planning, and we find them stuck with the call analysis paralysis. It just gets you to get out of the gate. Do you feel as though, from your experience with this, that if they start with this process that all eliminate a lot of that aspect? Definitely, if you are right. Well, people do go into circles. The reason is not knowing what the future holds for them. Not having that experience going through this motion of vibrating or taking your cloud journey according to the recommendations that come from the cloud adoption framework, definitely makes them feel comfortable, makes them see what the future holds for them and help them to organize so that they are set up for success. It's funny. We say a lot of times that we're like cloud shrinks right in in that process, you know, but it is it is hard right to get people to think these new thoughts. But I think that explains it for you know very well. As far as keeping customers focused on what's ahead of them right and how to align and how to you know, basically, you know, be prepared for for evolving. So that's great explanation. Yeah, cloud therapist right. Yeah, well, everybody that's worked through the customers moving to the cloud or large customers understands that one hits free to is there a certification process for calf, you know, the cloud adoption framework, or is it just the standard, you know, documentation that you want to follow? Can you explain that process, chure? Schure? So cloud adoption framework is best practices documented along with tools that are available in terms of certifications. Not Necessary as such, a certification for end customers. However, for a partners, when we enable our partners coming from...

...a partner organization, we do have way to certify them in the sense that we review their offerings and their solutions and make sure they are aligned to cloud adoption framework. The reason is when they approach your customers, we want a partners to embark this journey so that it makes it easier for our customers. So the calf has six different steps, so that we would recommend. Not necessarily you have to go in serialize fashion across this, but make sure new strategize, you plan in the readiness phase. We highly recommend that you have your landing zones or best practice validations. Simple example would be when you are ready for your cloud journey. Do you want your disk to be encrypted? What is your security landscape that you're looking for? What type of machines you want in the cloud? Do you want to limit the type of machines your developers can get? All those best practice validations? You may want to go through in your ready faces of your cloud adoption framework and review the guide infer the readiness as to how you can get ready for your cloud journey. In the adopt faith, we discuss or we think about as to will you be just migrating what you currently have on trapt and move it to the cloud like an infrastructure migration, or do you want to do a little more innovation where you want to continualize your applications? What what is the best rout for you? For one customer it may be lift and shift, for another customer it may be that we need to continualize your applications. So those are the type of discussions that you may want to see through when you are going through the migrations in the adoption there are governed and manage faces in these fall across your strategy, plant ready and adopt. In terms of governance and management, the cloud offers a lot of automations that you can leverage to make sure that your cloud infrastructure remains secure and you have insights and are your cloud infrastructure. There are new customers who are not aware as to how will I make sure that my development does not open port eighty or are the people into my environments? There are tools, like as your policies, that you can leverage to see if there are deviations from your existing environment, if anyone has made it unsecure, Microsoft cloud will come and tell you that, okay, these other holes or these other things which you need to make sure are implemented so that your environment is secure. Highly suggest recommend review the governance and management so that when you go into the cloud, you have a complete insight into your environment and if you're environment devates to what you would like it to be, you know about it. We want you to be safe and secure in your end compliant, whether you're in cloud or in a hybrid environment. That is what cloud adoption framework talks about. Documents, it best practices, learnings and tools all along the journey free. That is a great overview of calf as well certification process and documentation. Really appreciate you explain that to our listeners. And one thing to go back around kind of govern and manage, you know, around security is, as you're sentinel key, take a minute to describe what that service is and how it can help protect the customers. Sure, as your sentinel is a cloud based, seems and for solution, which means it helps you for your security, incident and even management and take automated action is based...

...on if you get alerts or if you get things that are not right for your security environment. Being a cloud based seen solution gain it brings the power where you don't need any infrastructure to start on this journey of being a sock provider. So as your sentinel is a scene solution that provides a bird I view across your environment. Beat cloud, beat on Pram. If there are attacks that are happening in your environment, you will see it. In fact, if Sentinel is rightly implemented in your environment, these attacks can be avoided prevented up front, so you remain your environment remains secure. Microsoft has done a fantastic job of providing a cloud native, scaleable security information and management seem solution. That's our sentinel and it just doesn't do that. It orchestrates the automated responses. If there are things wrong in your environment, you can automated responses. The reason Microsoft is able to deliver sentinel is because Microsoft has hundreds of services that we host in a cloud. Microsoft has tons of services that have been around for the last twenty plus years. As your dynamics officetrey, exty five and sixty five xbox, and I can keep on going. Because we have the experience of operating in the cloud, we have security intelligence that we are now leveraging in as your sentinel to provide the same level of security that Microsoft leverages to protect its own services. In Sentinel we have provision to collect logs across your hybrid environment, not just your own tramp, not just your as your cloud. You can even collect and look into your third party cloud providers. We provide intelligence where you can detect treats minimize false positives because of the intelligence and our experience of protecting our own systems in the cloud. When there are treats or alerts that happen in the environment, Sentinel offers you the capability to provide automated responses two suspicious activities that may be happening in your environment. So, Furida, is it learning all the time, since it seems like Microsoft is leveraging its own internals? If you will watch in the House of Azure, is it learning all the time, and that's the customers, clients that are using their standstream or reaping the benefits of that AI process for threat detecture and monitoring and what have you? Yes, definitely, yes, Microsoft. I think there is a number that we had put out some time back. We have like ten petabytes of information that we collect on a daily basis. It is based on this information that we collect. We have our own machine learning and treat intelligence models that are integrated into the system and based on that, Sentinel Services is leveraging the Microsoft intelligent treat intelligence that's provided by and used by Microsoft. So yes, you are getting a lot out of sentinel just because of the treat intelligence and machine learning that we incorporate into sentinel. Very impressive. I think anybody has to work with security arditors is going to love this product as well. Could you share what the our audience just like? Let's take a couple examples of some of the automatic remediation steps that could take place. Maybe a typical kind of security event, and what would happen without even any intervention from humans. Sure. So, let's say,...

...if you are in the security world, you may already know about when a bad actor gets in your environment, generally they have an intent of getting to your data or harming you. Most of these bad actors they are operating on a commercial scale in order to mon it ties what a data they can get out of your environment. One example is, let's say today I am Oh here in Dallas, Texas, and tomorrow I go to China, or it appears that I have gone to China because I log in from a machine that's located in the China system. One of the things that you can do is, okay, you figured out for EDA has logged in from China region. Maybe send an automated email to my manager. Of course, you can all dynamically discover who my manager is and send an email to my manager asking was for DA supposed to be in China at this day, end time, and if my manager says yes, she was on a business with it, great, no action may be needed. However, for my manager Says No, she's not supposed to be there, it means either my account got hacked or something. Some bad actors are trying to get into some systems. Go ahead and automatically disable my account next time I log it. Forced me to change my password. These are the type of automated actions that you can take. Many of these actions are completely customizable, so, based on your business needs, you can take the automated actions that fulfills your business requirements. That's great. Now let's talk about how easy it is it get started with this this opportunity, with this product. Is it hard to roll out or do you find that it's relatively easy? I have been like we already talked nineteen years right. Sentinel is one of the few few products where on day one it was like how will we be able to handle the volume and interest in this product? And the reason is, if you have ever leveraged any seam solution, you will know how much upfront cost is associated with it. It takes at least a few days to set it up. Sentinel being a cloud native SIMP, it is less than five minutes where you can go to the as your portal and say I need a sentinel work space. I need to get started on sentinel. Start sending your logs into central. Thirty days. You have to pay nothing. Many of the logs ingested into sentinel or free, like our azure activity logs or mptry sixty five alerts and logs. They are free. So, to answer a question, it's less than five minutes to get started on sentinel and it's unbelievably easy in order to use it once you get started for it. Thank you very much for that explanation. Share my pleasure to get started on as your sentinel. I would say differ sinitely going as your portal and try it out if this is a product that fits your need and you need for the help you need for the deeper engagements he's do engage a partners the very well equipped. We work very closely with them to make sure they are educated and equipped to help our customers. Second Watch is a fantastic partner and an example who is well West with cloud adoption framework and will post and has built up your muscle to provide sentinel security services. Hey, freedom, thank you so much for joining us today. I enjoyed the conversation and, on behalf of skip and EAN, just want to appreciate you sharing your experience with our listeners. Hey, and listeners for feedback or...

...questions or comments. Please send those to cloud crunch at second watchcom. Stay safe out there, practice social distancing, and we look forward to you listening in next week. Thank you. Thank you. You've been listening to cloud crunch with Jeff aiden, Ian Willoughby and skip Berry. For more information, check out the blog second watchcom company block or reach out to Second Watch on twitter.

In-Stream Audio Search


Search across all episodes within this podcast

Episodes (43)