Microsoft Azure is a cloud service provider that offers hosting services to clients on a pay-as-you-go subscription basis. The cloud provider is the most appropriate for federal government agencies because it provides a dedicated cloud to the United States government through the Azure Government cloud platform. Migrating and adopting an Azure cloud platform is beneficial. Its advantages include assurance of data security and privacy, offers scalability, and high availability of services hosted on their clouds. Azure cloud platform offers three types of cloud, which include the platform-as-a-service (PaaS), infrastructure-as-a-service (IaaS), and software-as-a-service (SaaS). The three types are dependent on each other and are placed hierarchically, with IaaS being the most foundational. The Microsoft Azure cloud platform consists of three deployment models that include a public cloud, a private cloud, and a hybrid cloud. The deployment models define the environment in which the cloud services are provided. Some of the standard Azure cloud service terms used include a tenant, subscription, a resource, and a resource group. Additionally, the Azure government provides a program called FedRAMP that ensures the security of government services on the cloud. Consequently, an Azure cloud deployment’s success greatly depends on its governance model, which is used to enforce and audit policies for Azure policies use.
Microsoft Azure Plan
Among the modern cloud service providers is Microsoft, whose cloud system is called Azure and offers both civilians and the United States government services. The Azure Government cloud service is most applicable for government institutions and provides a dedicated platform that enables the institutions to transfer their system operations to the cloud. A Microsoft Azure plan offers its users cloud services that clients pay for at standard pay-as-you-go rates (Collier & Shahan, 2016).
Benefits of Using Azure
Cloud services have proved to be very important for most modern business enterprises and government organizations. However, several institutions are yet to adopt and migrate their systems to the cloud fully and are constantly being faced with various problems that hinder the operations when the systems are on the premises. With the systems at the site of the process, a federal government agency has had issues with the security of its data, which is vulnerable to intrusion, loss, or theft. Additionally, the capacity of the on-premise systems is limited and has restricted the agency from expanding and improving its operations due to the cost of acquiring additional equipment. Moreover, the on-premise systems mostly experience downtime and are unavailable when required to provide urgent services. The best solution to solve these problems is a cloud service where the systems are hosted virtually in various locations.
Microsoft Azure has many benefits to the users of its cloud services. Foremost, Azure ensures data security and privacy for the clients, thus protecting them from intrusion, theft, or loss. It provides the most secure platforms for networking, communication, transactions, and even systems development. With cybersecurity targeting sensitive data being a prevalent problem in modern technological systems, Azure cloud services ensure that security is highly prioritized. Secondly, the Azure cloud platform is highly scalable with its ability to provide additional required resources and affordable cost. Similarly, if the organization would require to reduce the capacity of its resource’s utilization, the cloud platform would offer the service and at a reduced cost. Thirdly, the Azure cloud platform has a high availability due to the distributed nature of its data centers. It ensures that data is easily recoverable in the event of loss and constantly offers the services required by the clients. Unlike the on-premise data centers that are vulnerable to downtime, loss, or theft that may affect its availability, the Azure cloud platform guarantees perpetual security and availability.
Azure Cloud Types
Azure is a robust cloud-computing platform that offers a wide range of cloud services ranging from application development, data storage, and service hosting and management. Microsoft Azure mainly has three types of cloud services to host web applications over the internet for its clients, namely, platform-as-a-service (PaaS), software-as-a-service (SaaS), and infrastructure-as-a-service (IaaS).
Firstly, Azure IaaS is the most basic Azure cloud service and its foundational cloud platform layer. It is an instant computing infrastructure provided to a client over the internet under the management of the IaaS provider (Mukundha & Vidyamadhuri, 2017). The client purchases and subscribe to the service and gets access to arbitrary software, which they install, configure, and manage independently. Thus, it enables the customers to deploy custom applications on the cloud platform they use for their operations. IT administrators use the IaaS Azure service for internet-based access to storage, network, and computing processing power. IaaS enables a client to rent IT infrastructures which include virtual machines, networks, and operating systems, from the Azure cloud service provider. Using IaaS is beneficial to the cloud service subscriber in several ways, such as removing the need to set up several physical or virtual machines. In addition, it helps them reduce the maintenance of the on-premises infrastructure and saves them money that they would have to spend on hardware requirements. IaaS is advisable for an application that needs complete control, offers quick transition of services to the cloud, and is flexible for scalability. Moreover, with IaaS, the user can quickly provision new applications, get efficient design time portability and real-time business insights. Examples of IaaS solutions offered by Microsoft Azure include Azure Virtual Machines and Azure Storage accounts.
Secondly, Azure platform-as-a-service is a robust and complete computing platform that provides a development and deployment environment that include an operating system, integrated development environment, databases, servers, and web services (Soh et al., 2020). Developers and application providers mostly use it. PaaS is designed to support a complete web application lifecycle from testing, deploying through managing to evolution. Generally, it offers a cloud-based platform and environment for developing and managing software applications. Thus, it removes the developer from the worry of setting up and managing the underlying development infrastructure such as servers, data storage, networks, and the database management systems required for software development. The advantages of using PaaS include reducing operating costs as resources are automatically allocated based on the demand. Security of the software systems is guaranteed and supports geographically separated development teams. Additionally, PaaS saves the developer coding time, efficiently manages the application lifecycle, and offers an abstraction of the underlying processes to the developer. Standard platform-as-a-service solutions offered by Microsoft Azure include Azure App Service, Azure SQL databases, Azure Logic App, Azure Web App, and Azure Cosmos DB.
Thirdly, Azure software-as-a-service is an online method for delivering software applications on-demand through a subscription plan (Mukundha & Vidyamadhuri, 2017). The software applications are centrally hosted and managed by cloud providers with a single version of the software used across all clients and enabling a single user to have the same application on multiple devices simultaneously. Also, the providers host and manage the underlying infrastructure, and they handle any application maintenance such as updates and security patching. With SaaS, the user accesses the applications by connecting to the internet through a web browser. The advantage of SaaS includes helping the user quickly get their applications up and running at minimal upfront costs, gives the user access to sophisticated applications, enables the client to mobilize their staff members quickly, and assures access to the application data from anywhere. Examples of SaaS services provided by Microsoft Azure include MS Exchange, Dynamics, and Microsoft 365.
Azure Deployment Models
There are three Azure cloud deployment models or cloud environments on which the applications run, and they include public, private, and hybrid clouds (Tavbulatova et al., 2020). Foremost, an Azure public cloud deployment model is where the infrastructure such as servers are owned by the cloud service providers who manage and administer them and available to the general public, thus eliminating the requirement for businesses to acquire their hardware. Microsoft Azure provides its subscribers with access to the public cloud on a pay-as-you-go basis. The public cloud is easily accessible, flexible, cost-effective, and guarantees 24/7 availability. Secondly, an Azure private cloud deployment model is a customized infrastructure owned by a single business and offers centralized and controlled access to IT resources. A private cloud can either be hosted externally or managed on-premises. Although they are maybe comparatively expensive, private clouds are more secure thus most used by large enterprises that host sensitive data. Thirdly, an Azure hybrid cloud deployment model integrates both public and private clouds and optimizes the advantages of both deployment models. The model is beneficial as it enhances flexibility and improves data security and privacy at an affordable price.
Azure Terms
The Azure cloud platform has its vocabularies and terms that the providers and clients use. First, a tenant is a client or customer who rents the Azure platform’s cloud service and pays through a chosen payment plan. Second, an Azure management group refers to a container or logical pool that allows Azure Administrators and Azure users to manage and organize their cloud resources. In addition, the containers help to address the user’s access, policies, and compliance services of various multiple subscriptions. Third, an Azure subscription is a logical entity linked to an Azure account and provides entitlement to users of Azure services for the deployment and consumption of a cloud service. It holds the user’s details of resources such as virtual machines and databases. Fourth, an Azure resource group is a collection of related cloud services for an Azure cloud solution and may include all or just a single resource the user wants to manage. Fifth, an Azure resource refers to an individual computer, networking data, or application hosting cloud services that a user pays individually (Preston, 2016).
Significance of FedRAMP
The Federal Risk and Authorization Management Program (FedRAMP) is a program developed by various federal government security agencies (McLaughlin, 2020). The program is developed to provide federal government agencies with a standard approach for assessing, authorizing, and sustaining cloud services security. The program provides the agencies with certification to access government cloud services to protect them from unauthorized access. The significance of FedRAMP lies in its effect on the safety of the cloud services that federal government agencies use and the rate at which the agencies can deploy them for their use. Therefore, FedRAMP aims to ensure the security of the government resources and services hosted by cloud service providers. It secures the government products and services on the cloud from vulnerabilities such as cyber-attacks and breaches.
Azure Governance Model
An Azure governance model consists of a set of rules and policies that govern cloud computing services to secure applications and data regardless of their geographical location. According to De Tender et al. (2019), Azure governance aims to manage the risk that may develop from the Azure cloud service provision by constantly monitoring and auditing the Azure resource usage to achieve the organization’s goals and requirements. For the federal government agency cloud deployment to be successfully effective, foremost, an excellent Azure governance model will be necessary. An effective Azure governance model involves proper management of the identities of users who will gain access to the cloud services’ critical data. The administrators should ensure adequate authentication and verification of users gaining access to the agency cloud systems. Secondly, the access management groups should involve secure role-access controls and policies that stipulate the levels of privileges assigned to various users of the federal government agency cloud services. Thirdly, robust security controls such as passwords and physical security systems should be guarded and policies put in place to define the most appropriate way to be shared among various users. Moreover, the network services used to access the cloud services should be well vetted to ensure that they have no vulnerabilities that may expose sensitive government information to malignant intruders. In addition, the Azure Blueprints should be deployed throughout the organization’s systems to ensure total governance of its environment.
References
Collier, M., & Shahan, R. (2016). Fundamentals of Azure. Microsoft Press.
De Tender, P., Rendon, D., & Erskine, S. (2019). Pro Azure Governance and Security. Berkeley, CA: Apress.
McLaughlin, M. (2020). Reforming FedRAMP: A Guide to Improving the Federal Procurement and Risk Management of Cloud Services. Information Technology and Innovation Foundation.
Mukundha, C., & Vidyamadhuri, K. (2017). Cloud computing models: a survey. Advances in Computational Sciences and Technology, 10(5), 747-761.
Preston, S. (2016). Microsoft Azure Terminology and Concepts. In Using Chef with Microsoft Azure (pp. 29-53). Apress, Berkeley, CA.
Soh, J., Copeland, M., Puca, A., & Harris, M. (2020). Microsoft Azure and Cloud Computing. In Microsoft Azure (pp. 3-20). Apress, Berkeley, CA.
Tavbulatova, Z. K., Zhigalov, K., Kuznetsova, S. Y., & Patrusova, A. M. (2020). Types of cloud deployment. In Journal of Physics: Conference Series (Vol. 1582, No. 1, p. 012085). IOP Publishing.