Practical help getting started in the Azure cloud

Microsoft Azure – a guide to getting started

When you’re considering Microsoft’s Azure (now Microsoft Entra) cloud technology for the first time – either evaluating it for your organization or as a consultant on behalf of another organization – you know you’ll need to get the basic features up and running as painlessly as possible. And then you’ll need to show how these features can be configured and extended to bring real benefits – real enough that someone is willing to pay real money to build and maintain them.

Azure cloud – rushing in is something that you may regret

The danger is that proving its benefits may lead to you rushing into a solution, which makes the fundamental infrastructure unsuitable for a production implementation. With on-premises solutions, this is not so important; you can simply tear down the solution and start again. But your tenant in the Azure cloud is not so easy to tear down – so it’s important to get it right the first time. For all the ‘how-tos’ out there, there are some options that are not trivial to change, for example, the choice of whether Intune will be driven via a web interface or integration with System Center Configuration Manager. Rushing into a cloud build is something that you may regret.

A cloud project is often driven towards tangible goals set by a functional need such as device management or content management. To make sure you get everything right requires a broad awareness of the platform, not just a functionally-focused one. Because Microsoft’s Enterprise Mobility + Security Suite (EM+S) is a set of products licensed together, you will often also need to get several functional areas into the room to complete your business justification. So it is often not enough to persuade the device management group that EM+S is a good idea – you will need to talk about content security, MFA, and ADFS integration as well. Understanding the purpose, capabilities, and configuration of all of the components of EM+S is essential to the success of the overall project.

Practical Understanding

There’s a whole bunch of information right here on the web – blogs, articles, how-tos, etc, – but what if you want something a bit more structured, considered, and logical? IT professionals we’ve spoken to (and we’ve spoken to a lot) tell us they want a practical step-by-step approach that examines the many options along the way, allows them to understand the possibilities, and test stuff before they try to apply it to their businesses.

Don’t jump into the cloud alone! Come with us and get it right the first time.

We have several Microsoft Azure (now Microsoft Entra) training courses – practical, hands-on courses, stuffed with labs that take you step-by-step through the underpinnings of a successful deployment to the cloud. Our training explains the individual components and how they fit together. Come and try it out – with expert tutor guidance – in a test environment before you take the plunge. You’re only going to do this once, so be sure you do it right. first time.

Keeping up to date with Azure Updates

As a practicing identity and security consultant, I find that the constant flow of updates to the functionality in the Microsoft Azure cloud presents a serious challenge: how do I keep up? If I am designing a solution for a customer I ask myself: is there an update to this function on the way? Will there be a better way of achieving this goal in a few weeks? Will I paint the customer into a corner if I use a feature that will soon be superseded by a new development?

The constant flow of new functions from Microsoft is a blessing: we can deploy solutions as the functions become available, rather than waiting years for a new major release of a product. But this blessing harbours a curse: we have to look ahead and be aware of changes as they come along, to avoid the pitfalls I just mentioned.

Because of the speed and frequency of updates to products within the Enterprise Mobility + Security (EMS) such as Azure AD, RMS, and Intune, there is often no single, centrally-managed documentation from Microsoft that answers all the questions about architectures and possibilities. A new feature arising in one part of the system may enable the use of a different feature in a new way – but this connection is not necessarily yet documented. Microsoft publishes a series of good and informative blog posts, which, so long as you can stay current, are a great foundation for knowledgeable practitioners.

I have no easy answer to this! Nevertheless, we do tweet product updates on our Twitter feed when we find them, so follow us!


Note: Since these resources were created, Microsoft has rebranded Azure AD to Microsoft Entra ID and Azure AD Connect to Microsoft Entra Connect.  However, the resources are still valid and useful.