The key message I took from my SQL Server Saturday lectures on Microsoft Azure is that the servers used are not high performance machines and developers need to remember this when designing their applications. Microsoft make up for the lack of power in these base model servers through volume. Essentially, instead of moving your application to a bigger more powerful server as demand grows you expand onto additional servers. This means that as long as the architecture of the application is designed to scale onto additional servers there is in theory no limit to the possible expansion of a service. By using lots of identical (and relatively cheap) servers Microsoft can better manage the hardware side of the business and easily replace faulty servers with a clone.
Despite differences in how the Cloud is structured, with a little bit of thought it is possible to deliver an excellent service at highly competitive costs thanks to geo-replication, automated backups, patching and a whole host of other services that Microsoft are able to offer. Essentially Microsoft take the Infrastructure headaches away so developers can focus on the deliverable.
Another Eureka moment was when one of the attendees asked Conor Cunningham (who works for Microsoft) what his thoughts were on the security of the Azure cloud. This is a hot topic at the moment due to failures in the security of Apple’s iCloud and a series of other consumer based cloud services. This is obviously causing concern amongst the general public as evidenced by a conversation with a colleague in the legal department prior to the conference – I mentioned that I was going to learn about Azure and explained that it was Microsoft’s Cloud Computing Service. This was met by a sharp intake of breath and the comment that he “would never trust his data to the cloud.” I think IT people are a little more rational about the topic but we still realise that if it did go wrong it would be our ‘synonym for donkeys’ on the line. This is why I was relieved by Conor’s answer.. First of all he sighed (as if he has been asked this a thousand times – which he probably has), and then went on to say the following:
- Microsoft have been certified by a whole host of external organisations to assure compliance to strict best-practice standards,
- Microsoft owns all of the Datacenters it uses,
- The Datacenters are staffed entirely by Microsoft employees,
- Everyone who enters the building is not only checked upon entering and leaving but also weighted to ensure they haven’t left or removed something from the Datacenter,
- All lines in and out are secure,
- All lines between Datacenters are owned by Microsoft (no leased lines),
- All servers are patched (at-least) every 30 days.
He also mentioned that security is only as good as the weakest link – i.e. if you are not using strong passwords, encrypting disks, disabling USB access, running regular (up-to-date) antivirus checks and a whole host of other security measures there is a good chance that someone can get into the system (no matter where it is based). Finally he pointed out that if you are currently using an off-site Datacenter you have already effectively gone ‘cloud’ and more than likely without many of the security provisions above.
All in all I am sold. Whatever reservations I had about Azure cloud security are now alleviated – NOTE: I ONLY SAID AZURE CLOUD SERVICES!
(This article was originally posted on my website but I thought it might reach a wider audience through LinkedIn. If anyone is interested in seeing the original article or others on my website please go to www.ortt.net).