My Top 5 Favorite Microsoft Cloud Solutions for the SMBAlex Fields
1. Office 365 (Even if you thought “I already use it“)
Office 365 is, to put it quite bluntly, the new gold standard in productivity at every level of the Enterprise. In the SMB space especially, this is so much the case that I cannot emphasize it strongly enough. If you aren’t already using this product, what is wrong with you? Do you enjoy torturing yourself with that on-premises Exchange or SBS server for something as basic as E-mail? Do you enjoy being stuck in the previous decade with your old Office suite of applications?
Note: You are not fully realizing the benefits of the Microsoft productivity apps unless you are experiencing the full range of what Office 365 has to offer (I recommend higher-end plans for SMBs). Most people who already have Office 365 aren’t even scratching the surface of what is possible:
- Exchange Online with built-in SPAM provider and advanced Enterprise level features such as online archive, litigation hold, and E-mail encryption
- SharePoint Online and OneDrive for Business to share documents and sync files across various devices
- Skype for Business (more than just a chat program–I use this with colleagues to share screens and present content almost every day)
- Subscription to the MS Office suite of applications (on any/every platform), plus online versions to boot
- Enable advanced protections such as Multi-factor Authentication (MFA), Mobile Device Management (MDM) and Rights Management (advanced security & encryption for sharing files & messages)
And actually there are just way too many others to list here. But you get the idea–you probably aren’t seeing these same benefits with your on-premises versions.
2. Azure Active Directory Premium
This is a fantastic product, and in my opinion, a no-brainier for SMB’s. If you already have an Office 365 subscription, then you already rely on Azure Active Directory. To turn on the best SMB-specific features, you need to link your local Active Directory with the Azure AD Connect tool. Now you’ve got the ability to enable password write-back, as well as self-service reset for users.
Not to mention the up-and-coming Azure Identity Protection (automatically detect & block unauthorized or suspicious account activity), and Enterprise State Roaming (sync local desktop & settings to the cloud).
3. Azure Virtual Machines: Build a co-location in the cloud
Let me describe a quick and inexpensive way to provide a secondary / geo-redundant site for your core infrastructure (that could also be used as a recovery site in the event of a major disaster and loss of other on-premises applications–see Azure Site Recovery below).
- Step 1: Create a virtual network connect to it with a hardware-based VPN
- Step 2: Deploy a small-sized server to act as a backup domain controller in the cloud.
- Step 3: Turn on DFS replication for your on-premises file shares.
- Step 4: Enable backup to an Azure Backup vault (see below).
Simple, clean and cheap.
Optionally, you can also consider deploying your next line of business update or upgrade in the cloud, instead of replacing infrastructure onsite. This, of course, if your vendor doesn’t have a nice SaaS offering or migration path. For a two-tier application featuring a database (back-end) and a front-end (web server or RDS session host), this does not have to be too expensive (although an MSSQL-ready VM is admittedly not cheap to run in Azure). Just be sure that you understand the SLA and weigh your options before you decide how to proceed.
4. Azure Backup / Microsoft Azure Backup Server (MABS)
Windows Server does have some built-in Azure Backup features for doing straight disk-to-cloud backups, but (at the time of this writing at least) your backup definitions and schedules will be pretty limited (e.g. only up to 2x backups / day, and retention up to 30 days). You can also use backup vaults in other ways though, in conjunction with System Center Data Protection Manager, for example, or better yet for the SMB–Microsoft’s new free version of DPM–the Microsoft Azure Backup Server (MABS).
MABS allows you to implement a disk-disk-cloud backup solution, keeping short-term backups on-premises, and shipping longer-term retention up to an Azure Backup vault. The compression ratio on these vaults is phenomenal, so you’re not paying a ton for the storage, and you get a very solid and reliable offsite backup solution.
Contrary to popular rumors, customers are not charged for downloading restore data out of the vault–pricing is pretty simple, based on per-instance and then total consumption of storage space. See more details on the Azure Backup pricing page.
5. Azure Site Recovery
Disaster Recovery-as-a-Service is easier than you think. Whether you need to protect Hyper-V or VMware virtual machines, this solution will allow you to replicate your virtual servers into an Azure storage vault, with the ability to fire them up in the cloud on a virtual network, in case your main site goes down. You can also replicate them in reverse once your hardware is restored. The storage is cheap, so the solution is pretty solid and cost-effective.