As more businesses grow comfortable moving environments to the public cloud, the number of pieces of infrastructure living there has exploded. The ease and security allowed through a cloud service has naturally resulted in a significant growth in the sheer number of machines currently running. This has brought many benefits to customers but has also increased the complexity of environments.
For Managed Service Providers (MSPs), this increase in complexity presents a challenge. Although most MSPs are built to scale across multiple customers by their very essence, that growth was still largely predicted to scale in a linear fashion. If a customer had 500 servers, over 12 months that might creep up to 520, or 550. In the new world, however, that customer might suddenly have 1,000 or 2,000 servers, and across all customers, an MSP might need to manage an order of magnitude more devices. At large enterprises, these challenges were also present, especially at firms built up via acquisition of other organizations.
Most MSPs have built a series of tools allowing them to automate as much as possible, certainly within a particular environment. But building solutions that operated across environments was typically a thornier issue. And even if a solution was created, customers typically wanted to have visibility into the level of access granted so that they would understand the governance model and maintain compliance with their corporate policies.
Microsoft has just taken the wrapping off a solution, designed for MSPs, called Microsoft Azure Lighthouse, that solves many of these challenges.
Azure Lighthouse helps automate manual operations and provides a way to manage customer’s Azure estates at scale, all the while retaining a clear governance model employed for customers, by service providers. For the MSP, there is a single pane of glass where they can see all assets under management, instead of having to hop from tenant-to-tenant to solve a security or configuration challenge. And this isn’t tied to a single license from Microsoft – regardless of how a customer consumes Azure, an MSP can use Azure Lighthouse to gain precision, granularity and predictability in driving automation.
Azure Lighthouse was built hand-in-hand with one of Microsoft’s highest Azure partner bars: the Azure Expert MSP designation. These partners, who work with global customers at the highest standards, helped ensure Azure Lighthouse was both easy to deploy with a customer, and incredibly predictable and precise to drive value quickly and comprehensively. As an Azure Expert MSP partner, New Signature participated in an early adoption program to experience the benefits firsthand.
Azure Lighthouse is complementary to management structures such as Azure Policy and Resource Health – so it allows a team at an MSP or a large enterprise to use their existing knowledge, while gaining the ability to make operations across a slew of different digital estates. Best of all for customer security teams: the permissions are setup at the initial sign-up stage, using standard Azure role based access control (RBAC) constructs, so there’s no need for customers to maintain an always-up-to-date list of the partner consultants. Instead, individuals at the MSP are simply placed into a standard resource group scopes that has a set of defined permissions. If a person leaves the organization – the risk is now fully shifted to the MSP instead of asking a customer to make a change to their identity – this in turn gives customers more confidence.
For any MSP or large enterprise shepherding a fleet of Azure subscriptions or resource groups, using Azure Lighthouse is a great choice. As more and more digital estates expand, we anticipate seeing a greater number of shops getting up to speed on it.