What is Azure Governance? Let’s look at the fundamentals

In this blog post, we will discuss the management and operational principles which underpin enterprise governance in Azure which is a necessity for successful cloud adoption and one of the first rails to enable a culture that facilitates digital innovation.

The core components of Azure management are the challenges of Enterprise Cloud Adoption and the components which make up the full set of governance capabilities in Microsoft Azure.

The Azure governance principles are a continuum of tasks, projects and initiatives, therein you build natively in Cloud and also migrate workloads into Azure, securing and protecting those workloads so that they are robust and resilient. You then proceed to monitoring these workloads, so that you can pick up any problems and ensure that they are consuming resources in a manner which is both performant and cost-effective.

Next, you invest in automated configuration to ensure that any changes to your workloads are holistic but also auditable and immutable. Governance ensures that your workloads and the platform on which they run are compliant with your company’s policies and regulatory obligations. This, in turn, creates a more robust enterprise platform, ready to receive new workloads and in turn, a becomes a hub for innovation with the necessary guard rails in place.

Read More »

Are you a decisionmaker contemplating a migration to the cloud? This is what you need to consider and understand

Information security aspects when moving operations from on-premise

So if you are reading this I will make some basic assumptions that you know about Microsoft Azure, Amazon Web Services and perhaps even Alibaba Cloud, these are renowned hyperscale cloud vendors. Last few years cloud computing have been among the IT industries hottest topics. The term refers to on-demand access to computing resources provisioned by another provider. 2019 has been dubbed the year of migrations by several vendors and a pronounced advantage of cloud computing is that they tend to be highly available and easily scalable. For fast-growing business, cloud-computing has revolutionized the way they can work. Organizations typically lease cloud-based resources from outside the organization. Of course, it is also possible (but not as common) to host cloud-based services internally.

While cloud computing can be very cost-efficient and offer fast scaling, it’s challenged by the fact that resources will most likely be hosted outside of the business’ data centre and therefore, outside of the direct control of that business, increasing the complexity to manage risk and handle governance.

Read More »

Super-human data processing might hold good and bad in store for the cybersecurity field

Within the ongoing arms race in the perimeter of information security, artificial intelligence and machine learning are two of the most promising innovations.

cc-ra-360x240v2._CB515844478_

While AI in common „personal assistants“, like those developed by Amazon, Alibaba and Google has recently reached levels at which it can convincingly make phone calls on behalf of their users, the capabilities of AI in the hands of defenders, as well as attackers, will likely evolve from buzzword to technology of significant importance over the next years.

On the defensive side, artificial intelligence powered intrusion detection will deliver the ability to pick up on anomalies within an organizations network or perimeters and raise alerts or even countermeasures much quicker than would be possible for any human security team. AI technologies supreme and literally superhumanly quick pattern recognition capabilities enable it to consistently collect intelligence regarding new threats, attempted attacks, acceptable user behaviour and constantly evolve its knowledge.   This does allow AI-powered intrusion detection mechanism to find the proverbial needle in the haystack (and react to it) much faster and more concise than classical signature-based intrusion detection systems or a human security analyst.

azure-security-center-and-fortinet-integrated-threat-management-solution-for-cloud-workloads-201
Azure Security Center is a cybersecurity solution that leverages artificial intelligence and machine learning integrating with the organization’s digital estate.

This does have a flip-side, of course: The same AI capabilities could be used to learn about specific defences and normal user behaviour pattern in an organization and mask the malicious behaviour so it will not be recognized by classical intrusion detection systems or human onlookers.

Read More »

Four Azure Tools Which Help You Secure Your Cloud Services

In today’s interconnected cloud-first, mobile world, securing your online apps and services is vital. However, building secure solutions which deliver value in today’s complex and regulated environment can be a challenge. With information essentially becoming the currency of the digital age, the creation of multiple compliance regulations has forced organizations to implement technical security measures to protect their online systems and customers. Meeting these compliance requirements can be challenging, especially if you are leveraging the benefits of the cloud. Not only do you need to build and configure your apps and services securely, but you also need to ensure your chosen cloud provider meets any necessary compliance requirements.

Compliance in the Cloud Compliance Is a Shared Responsibility

On Azure, Microsoft is responsible for meeting the compliance requirements for its platform while you are responsible for any compliance measures which relate to your cloud service.

With more certifications than any other cloud service provider, Azure meets a broad set of international as well as industry-specific compliance standards. These include the GDPR, ISO 27001, HIPAA, SOC, among others. Microsoft also conducts regular comprehensive audits to ensure it maintains these standards and adheres to the security controls needed.

However, as stated, ensuring your services that are running on Azure meet compliance requirements is your responsibility. Thankfully Microsoft Azure provides a few tools which can help you secure your cloud services and meet the necessary compliance standards.

Read More »

An update and a recap we are in the middle of 2018!

It’s Summer, the heat in Norway and most of the world is unreal these days with world records being broken. We are in the middle of 2018, and a lot has happened!

I joined Lumagate in March as a Principal Solution Architect, and in May the rebranding to Innofactor was completed which was celebrated with an event called Inspirit that was held in Helsinki.

6Innopaper1920_1200.jpg

Innofactor is a leading provider of digitalization and cloud solutions in the Nordic countries. Our task is to help our customers digitalize their business, promote a collaborative way of working, and develop their business processes by utilizing data-driven decision making and secure cloud services. Together with our customers, partners, employees, and investors we produce solutions that help our customers and society to succeed.

If you are looking for a place where you can work with cutting-edge technology, good colleagues and exciting days, you should definitely check us out.

On the 7th of June, I spoke at GNIST, a cloud seminar put-together by Innofactor. Primed on cloud computing, there were a lot of exciting speakers and topics. I was asked to hold a session, and I did one called “A recipe for Cloud Migration” where I covered getting control over operational costs, increasing workforce productivity and driving business agility by moving to Cloud.

If you are holding an event and have a call for content or speakers, let me know. I’ll check it out, and I can if you want also forward it to other relevant speakers based on topic and audience.

 

aliglobalreach.PNG

Also at the start of July, I was announced as an Alibaba Cloud Most Valuable Professional which I am incredibly humbled by and appreciative to be recognised by Alibaba Cloud for doing the things I love. Nothing is more rewarding than to be able to do what I’m passionate about technology, security and the intersection of it all with the human element. There is no doubt that Alibaba Cloud is the go-to cloud for anyone looking to have a presence in mainland China.

 

2018 has been a year to symbolise new beginnings and challenges which I am thoroughly enjoying. Working a lot with governance for enterprise organizations as well as hosters in the Nordics and massive datacenter migrations to cloud, I’m looking forward to writing more on this going forward and sharing my insight as well as hearing from you; what your thoughts, gotchas, questions or pitfalls you’d like to ask about or share.

 

Bilderesultat for weather 2018 summer europe

Enjoy the summer and remember to stay hydrated!

If there are any topics or areas you’d like me to focus on, don’t hesitate to let me know! As always you can reach me at @UlvBjornsson, via the comments or by connecting with me on LinkedIn.

Microsoft’s Coco framework: Enhancing cybersecurity on the Blockchain

Article-5-2.jpgCoco Framework, is NOT a blockchain ledger.

Coco is a blockchain ledger framework.

It leverages a combination of trusted execution environments, advanced cryptography and innovative blockchain-focused consensus mechanisms to enable new ways of utilizing the blockchain. Coco stands for Confidential Consortium.

If you want a deeper dive, I suggest you check out the Coco Framework whitepaper, here.

Additionally, Microsoft offers BaaS (Blockchain-as-a-service) and was chosen by Bankchain which is a platform for banks that want to implement blockchain technology; members include State Bank of India, ICICI Bank, DCB Bank, Kotak Mahindra Bank, Federal Bank, Deutsche Bank and UAE Exchange.

Read More »

Artificial intelligence and Cloud computing: Real-time fraud detection in online banking application within the cloud

Over the last few years, cloud computing has been the buzz. Cloud computing services offer an infrastructure that is highly scalable and supports high-performance computing. With high adoption by businesses of all sizes. Development and deployment of applications within the cloud platform are easy and time to market is done in a fraction of the time.

Artificial intelligence is not a new technology. It has been here for a long time and has helped develop computers and software that perform tasks that are associated with intelligence. Machine learning and deep learning are subsets of artificial intelligence that involve the development of algorithms that learn from data inputs and give intelligent output based on that data and the learned patterns.

A lot of research has been done and still is being done on implementing artificial intelligence into cloud computing. Cloud service providers such as Amazon, Google and Microsoft have already integrated AI into their clouds to improve service delivery. AI brings about capabilities such as machine learning, recognition of patterns and robotics to the cloud. On the other hand, the cloud is able to provide a wide range and large volumes of data since these capabilities are largely dependent on data as input so as to produce the desired output. The cloud also allows the systems to open-access and open-source data which is very crucial in facilitating collaborative learning.

Read More »

Creating a Load Balancer in the Microsoft Cloud: Azure

WHAT IS AZURE LOAD BALANCER?

Azure Load Balancer secures high availability and network performance to your applications/frontend/backend.

It is a Layer 4 load balancer (TCP/UDP) that distributes traffic among instances of services defined in the load-balanced set.

You can load-balance web applications, Virtual Machines, and so-on by routing traffic based on NAT rules that you configure on the load-balancer.

Read More »

Connect to Microsoft Azure with Powershell

In this article I’ll walk you through the steps needed to connecting to your Microsoft Azure environment, as well as giving you a glimpse of how you can manage it by starting up a IaaS virtual machine.

There is endless potential, to what you can manage and automate of Azure resources with PowerShell, but from here to there, first step is connecting it!

autoallthings.png

Installing Azure PowerShell Module

First off we are going to install the Azure PowerShell module

WebPlatformInstaller_2017-07-03_13-05-42
The installer takes a few minutes, once installed we will connect to your Azure subscription.

Read More »

Microsoft Azure: Azure PowerShell – ForbiddenError: The server failed to authenticate the request.

Hey, so if you are getting this error I’ll walk you through the easiest ways to remedy it.

powershell_2017-07-03_13-53-48.png

PS C:\> Get-AzureVM
Get-AzureVM : ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and i
s associated with this subscription.
At line:1 char:1
+ Get-AzureVM
+ ~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureVM], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.GetAzureVMCommand

or

Set-AzureSubscription : ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.

The solution often is easier then you’d think, just like how browsers have their cache so does your Microsoft Azure PowerShell so you’ll want to input this:

Clear-AzureProfile

powershell_2017-07-03_13-58-31.png

This will clear your current Azure profile.

You should also consider deleting the content of this folder:

C:\Users\%USERNAME%\AppData\Roaming\Windows Azure Powershell

After which you can run

Add-AzureAccount / Login-AzureRMAccount

and then you can execute any Azure PowerShell commands that you’d like to run. For a more detailed walkthrough check my article on connecting and managing Microsoft Azure via PowerShell.

 

PS: If you are still getting errors, you should check whether the mode you are running in is incorrect you can input 

Switch-AzureMode AzureResourceManager

Important to note that “Switch-AzureMode” is deprecated and will be removed in a future release. However doing so seemed to import the certificate and removed the “ServiceManagement” modules that were loaded with this install and installed the correct certificate.

So now to see if it’s working we can run Get-AzureVM or Get-AzureRMvm

which outputs:

powershell_2017-07-03_15-20-32.png

 

chrome_2017-07-03_15-22-47

As always, you can follow me on Twitter at @UlvBjornsson or follow me on here, if you have tips for articles you’d like to read or topics you want to hear more about, hit me up.

Ulv