Reviewing Microsoft Azure news from the first quarter of 2019

April 8 2019

It's April, which means the first quarter of 2019 is now behind us. Three months into the year, what do we know now about Microsoft Azure that we didn't at the start of the year? Financially, Azure stayed steady into the new year, with a nearly flat 76 percent growth rate. Azure watchers witnessed a torrent of new updates in areas including security, storage, databases, government, and enterprise partnerships.

The security picture

Microsoft's focus on security in Azure is in a way reminiscent of its overtures to the developer community after acquiring GitHub in June 2018. Back then, the company began offering bounties of up to $200,000 on targeted Azure DevOps products. But unlike fixing the bugs that show up perennially in any system, like the CVE-2019-5736 in runC vulnerability for Docker, patched in early February, many Azure security updates are less obvious. Some focus on adding security to elements of the Azure portfolio that may have been overlooked in the past, including tools for access control, threat intelligence, and compliance with data protection laws such as GDPR or the California Consumer Protection Act of 2018.

Microsoft has worked to harden IoT and databases, co-authoring the IoT Security Maturity Model Practitioner's Guide with the Industrial Internet Consortium, launching Sentinel for security event management or deploying traffic pattern analysis to make network security recommendations. On the database front, it boosted tag filtering and threat intelligence options with Azure Firewall combined with VNet service endpoints to trim access options for Azure Database for MariaDB.

azure_sentinel_anomaly_detection

Following a Cognitive Services security update at the end of January, February brought news of machine learning anomaly detection for Azure Stream Analytics as well as large scale "metric alerts" with Azure Monitor. In the cloud age, so many organizations build on Azure that it's critical to make sure that third-parties like customers and partners are taking the right steps. In conjunction with the HIMMS healthcare IT conference and Things Conference, Microsoft released its Security and Compliance Blueprint for Azure Sphere.

Even on a secure platform like Azure, constant vigilance is needed from both the Microsoft and third-party side, as the hijacking of Blob Storage instances by scammers running fake websites goes to show.

The government focus

Although elections and policy changes can shift priorities, government spending—particularly military spending—tends to be a very reliable source of income, and from Microsoft's perspective is probably a good way to generate high-revenue customers and maintain steady share values. The US Department of Defense put the bidding war between Amazon and Microsoft for its lucrative JEDI cloud contract on hold at the end of February to investigate possible personal conflicts of interest on the part of Deap Ubhi, who worked for the military in-between his time with AWS.

However, such slowdowns haven't put the brakes on Microsoft's overall pitch to government users. At the end of January, for example, the team brokered a five year, $1.76 billion AI and IoT contract with the Space and Naval Warfare Systems Command in San Diego.

Even for non-military customers many updates are being moved quickly to availability on the government cloud, such as the Standard Load Balancer for high-throughput or Azure Migrate to do data migrations into the US Gov Virginia region. Data security is a central concern for governments and Microsoft has secured FedRAMP certification for offerings like Video Indexer or added query-based alerts for Log Analytics, serving US Gov Operations Management Suite users.

Encircle Amazon

About Eamon McCarthy Earls

As the assistant editor of MSDynamicsWorld.com, Eamon helps to oversee editorial content on the site and supports site management and strategy. He can be reached at eearls@msdynamicsworld.com.

Before joining MSDynamicsWorld.com, Eamon was editor for SearchNetworking.com at TechTarget, where he covered networking technology, IoT, and cybersecurity. He is also the author of multiple books and previously contributed to publications such as the Boston Globe, Milford Daily News, and DefenceWeb.

More about Eamon McCarthy Earls