Category: Solutions

Cloud Computing when Disaster Strikes

I live where the outer bands of Hurricane Michael hit last week.  I still don’t have power at the house, but I got my yard cleaned up and we have a generator running.  My other house is within eyesight of Mexico Beach, arguably the place that has suffered the worst.  I’ve heard people say Mexico Beach has been flattened.

Mexico Beach

Traveling to my house at the coast is not easy right now.  The only road in looks like its been through a major earthquake.  There is no electricity and no running water.

Cape San Blas

Back at the office today, I’m glad to say we have power.  Many of us may be preoccupied with cleanup and recovery efforts, finding it difficult to focus 100% on work.  Now I’m reflecting upon the whole event and several things have happened that will greatly impact my point of view from now on.

First of all, I was extremely concerned about our cloud service customers even before the hurricane hit.  We do our best to advise customers on disaster recovery options, but many are reluctant to act on our recommendations.  So you worry about them.  Then there are those that do select to implement a viable disaster recovery solution.  You worry even more about them!  Some of these customers were directly in the path of the hurricane including the City of Panama City.  Others are in the immediate area and include law enforcement agencies, health care and insurance companies, and school districts.  One customer called me for reassurance as the storm approached, to make sure we would be here and ready to failover his insurance brokerage operations if necessary.

I know that the solutions we deliver work reliably, but its impossible to feel 100% confident.  After all, I’ve lived through a lot of these storms here in Florida; “in the old days” I witnessed a lot of post-hurricane IT failures.

We had one customer contact us for help immediately after the hurricane came through.  A mission critical system was down; one we deployed for them in Microsoft Azure.  It turned out that the issue wasn’t caused by the storm of course.  It was a problem, but just one of your every day problems.  We solved it by email even when none of us on the response team had electricity in our homes or offices.

Other than that, as far as business here at Cloud Navigator goes, the most significant impact we had was not being able to come to the office to work due to a lack of electricity. In fact, even the cloud customers that never did act on our disaster recovery recommendations had zero outages.  Microsoft’s cloud data centers kept on chugging normally.

For me personally, it’s a bit different.  I’ve started back to work, and once again I am evangelizing.  One kind friend of mine who is also in IT posted on Facebook: “Mark Alexander was soooooo right five years ago. Cloud computing simplifies company’s Disaster Recovery Plan (DRP).”  My take away from this post is that I have friends that I can rely on.

I went over to a good buddy’s house yesterday morning to help clear a massive pine tree out of his backyard.  I was already worn out from the previous 3 days of work in my own yard.  But I did my best.  Until about 10 of our friends joined us and got ‘er done.

Then today a friend and business partner called me to find out if I need any help.  Anything she said.  At one point she offered “Just text me.  If you need ice, text me your address and I’ll leave you a cooler full of ice.”

This finally brings me to the point of this post: there is no substitute for good friends and family who you can rely on when you are down. Being able to depend on someone makes life better.  Reliable, dependable IT systems can sometimes improve disaster recovery efforts significantly, but it’s the people that use those systems that we really rely on.

Cloud Center of Excellence (CCoE)

Cloud Center of Excellence (CCoE)

At Cloud Navigator, our laser focus on delivering services related to The Microsoft Cloud helps reduce the complexity of these problems.  Our success with cloud onboarding projects is a big reason for our overall success as a cloud solution provider.  Many organizations choose to partner with a company focused on deploying workloads in the cloud even when they intend to manage those workloads for the long term.

We continuously refine our processes, management strategies, technical approaches, tools, templates, roles and responsibilities, and technology to meet the rapidly changing demands of IT in the cloud.  It requires substantial learning, coordination, and dedication.

This is why we’ve established a Cloud Center of Excellence.

Our Cloud Center of Excellence (“CCoE”) is a deeply experienced team and a set of valuable resources that are focused on cloud transformation.  While many cloud deployments are virtually transparent within an organization, a core goal of the CCoE is to develop a standard and stable methodology for implementing change within an organization.  In our role as cloud service provider, the CCoE must extend into our customer’s organization to be effective.

The CCoE allows us to:

  • Leverage the knowledge of diverse stakeholders
  • Reduce rework and cost
  • Manage change and measure success
Disciplines and Best Practices

The CCoE team at Cloud Navigator is responsible for researching and adopting best practices and applying them in real customer scenarios.  These best practices span disciplines that include:

  • IT Project Management
  • IT Operations Management
  • Business Operations
  • Solution Architecture
  • Distributed Networking
  • AppDev and DevOps

Best practices include:

  • The Cloud Navigator Onboarding Project Framework
  • IT Project Management best practices include tools, templates and standards from the Project Management Institute’s (PMI) Project Management Body of Knowledge (PMBOK) Guide.
  • IT Infrastructure Library (ITIL) codes of practice for IT Operations Management.
  • Microsoft Guidance for Hybrid Cloud deployment and migration
  • Azure solution architectures published by Microsoft
  • Office 365 migration performance and best practices from Microsoft
  • Clear delineation of roles and responsibilities for repeatable project types

The CCoE breaks down cloud transformation into its two major categories of activity: onboarding and operations.  Every onboarding project leads to a new workload that requires operational management.

Average Onboarding Projects Per Month: 12

Total onboarding projects to date: 245

Trusted Execution Environments in Azure

Trusted Execution Environments in Azure

Microsoft is providing greater and greater levels of security for your apps and data.  A recent announcement regarding Trusted Execution Environments in Azure and blockchain additions to Always Encrypted for Azure SQL Database.

I was first interested in learning more about Always Encrypted since we use Azure SQL Database heavily with a number of clients.  The use of blockchain technology to implement encryption-in-use for Azure SQL Database and SQL Server is an enhancement to Always Encrypted which ensures that sensitive data within a SQL database can be encrypted at all times without compromising the functionality of SQL queries.

I then learned about how Trusted Execution Environments or TEEs are coming to Azure, and felt I needed to spread the word.  Azure confidential computing ensures that when data is “in the clear,” which is required for efficient processing, the data is protected inside a TEE (also known as an enclave). TEEs ensure there is no way to view data or the operations inside from the outside, even with a debugger. They even ensure that only authorized code is permitted to access data. If the code is altered or tampered, the operations are denied and the environment disabled.

Read more about it!



Easier External Sharing in SharePoint, but BEWARE the Dangers

Easier External Sharing in SharePoint, but BEWARE the Dangers

Microsoft just announced the ability to share content with external users without requiring an Office 365 or Microsoft account.

“If your OneDrive and SharePoint Online external sharing settings are set to allow sharing with new external users, new external users (that have a file or folder securely shared with them) will be able to access the content without needing an Office 365 account or a Microsoft account. Instead, recipients who are outside of your organization will be sent an email message with a time-limited, single-use verification code when they access the file or folder. By entering the verification code, the user proves ownership of the email account to which the secure link was sent.”

This is a great advancement and it will hopefully remove the primary obstacle that prevents external users from having a good experience when attempting to accept and act on invitations to access content.

Why you should be careful when sharing with external users

At Cloud Navigator we have used external sharing extensively to collaborate with customers on IT projects.  We also use the feature from time to time when we are collaborating with partners to develop proposals together.  SharePoint is a great platform for these activities.

We also use SharePoint for our internal purposes–HR and employment documentation, contracts, policies, and other private internal business content.

When you share content with an external user in OneDrive or SharePoint Online, a user account is created.  In SharePoint, a user profile is created.  This user is also placed in a SharePoint group with access privileges for the content you have shared.  What you may not be aware of at the time of sending the share invitation is that the group that user will be placed in may have access privileges extending far beyond the content you have shared.  That means there is the potential for the external user to access private content to which you didn’t intend for them to gain access.

That’s bad.  It get worse.  At the time of the share and user profile creation in SharePoint, the group that the user is added to may only have rights to access the content you shared, but later on someone else in your organization might extend the rights to other content, thereby sharing unintended content with the external user.  Without the proper controls in place, an external user might be able to give other external users inappropriate access in the same way.

I found an old blog post that explains some of the rights an external user can receive:

How to avoid the danger

The only way to prevent someone from accidentally giving inappropriate access to an external user is through vigilant IT governance and informed SharePoint deployment planning.  The first step is understanding the unintended consequences that may accompany external sharing.  We recommend developing IT Governance strategies that include monitoring/review of user accounts in Office 365 and SharePoint, as well as a review of site permissions and group access rights.

A new way to extend your file shares in The Cloud

A new way to extend your file shares in The Cloud

Microsoft just announced the preview release of Azure File Sync. This is going to be of great interest to a lot of folks that have large, cramped file shares.

Read the announcement here:

Pay close attention to this aspect of the new service:

“The real magic of Azure File Sync is the ability to tier files between your on-premises file server and Azure Files. This enables you to keep only the newest and most recently accessed files locally without sacrificing the ability to see and access the entire namespace through seamless cloud recall. With Azure File Sync, you can effectively transform your Windows File Server into an on-premises tier of Azure Files.”

Skype for Business Cloud PBX

Replace your traditional phone system by adding a set of calling features delivered in Office 365 with Skype for Business Online. Make and receive business calls in the office, at home, or on the road, using your phone, PC, or mobile device.

cloud bpx features

Cloud PBX enables you to make, receive, and transfer calls to and from phones, mobile phones, tablets, and PCs, from nearly anywhere that has Internet access. With Cloud PBX, you don’t need a separate phone system because users get all the calling features they need, and IT administrators can use the Office 365 administrator portal to manage users’ communications.

SharePoint Services

SharePoint empowers teamwork with dynamic and productive team sites for every project team, department, and division. Share files, data, news, and resources. Customize your site to streamline your team’s work. Collaborate effortlessly and securely with team members inside and outside your organization, across PCs, Macs, and mobile devices.

Our ServicesSharePoint screenshots

We help our customers begin their implementation through a business and technical analysis of current work processes, collaboration requirements, and the types of in-place content. This information is compiled into a set of documents that cover requirements; an architecture of the SharePoint structure and hierarchy that best meets the business’ needs; the sites, applications and forms required to disseminate information and improve collaboration; and a migration strategy to move information and data from previous locations and applications to SharePoint.

Business Intelligence

Timely and actionable intelligence can make or break any organization in this time of digital transformation and cloud adoption.  Rapidly deployed business intelligence can be critical.  Our solutions combine simple and easy to use end users tools with robust and reliable data management systems.

Power BI – Easy to Use and Powerfulpowerbi screenshot

Power BI is a suite of business analytics tools that deliver insights throughout your organization. Connect to hundreds of data sources, simplify data prep, and drive ad hoc analysis. Produce beautiful reports, then publish them for your organization to consume on the web and across mobile devices. Everyone can create personalized dashboards with a unique, 360-degree view of their business. And scale across the enterprise, with governance and security built-in.

Extract, Transform and Load into SQL Data Warehouse


Azure SQL Data Warehouse is a SQL-based, fully-managed, petabyte-scale cloud data warehouse. It’s highly elastic, and it enables you to set up in minutes and scale capacity in seconds. Scale compute and storage independently, which allows you to burst compute for complex analytical workloads, or scale down your warehouse for archival scenarios, and pay based on what you’re using instead of being locked into predefined cluster configurations—and get more cost efficiency versus traditional data warehouse solutions.

We use Azure Data Factory, a cloud data integration service, to compose data storage, movement, and processing services into automated data pipelines. This service goes way beyond ETL, allowing customers to securely transmit data from local sources to cloud data stores in a timely and fully managed way.

Analysis Services – a Proven analytics engine

  • Get started quickly without managing an infrastructure
  • Scale resources to match your business needs
  • Visualize your data using your favorite data visualization tool
  • Govern, deploy, test, and deliver your BI solution with confidence

Enterprise Mobility

Centrally manage identities across your datacenter and the cloud with an identity and access management solution, providing secure single sign-on to all of your applications.

If you already have Office 365, expand your Office 365 management and security capabilities with Enterprise Mobility + Security.

EMS Capabilities

  • Control identity + access in the cloud

Centrally manage single sign-on across devices, your datacenter, and the cloud.

  • Get identity-driven security

Comprehensive, intelligent protection against today’s advanced attacks.

  • Manage mobile devices + apps

Securely manage apps and data on iOS, Android, and Windows from one place.

  • Protect your information

Intelligently safeguard your corporate data and enable secured collaboration.

  • Virtualize your desktops

Efficiently deliver and manage Windows desktops and apps on all devices.




Virtualization in The Cloud

Read customer stories.

Azure offers a powerful compute, networking, and storage platform to meet the cloud objectives of your customers. Many customers are in the process of choosing their cloud provider of the future and Azure infrastructure—coupled with your value-added services—provides them with the right strategic investment.

Azure IaaS

More than 57 percent of Fortune 500 companies rely on Azure, which offers enterprise grade SLAs on services, 24×7 tech support, and round-the-clock service health monitoring.

Customers who utilize Azure IaaS solutions benefit from the flexibility, reliability, and scalability an enterprise-ready cloud provides. Backed by the industry-leading security and compliance of Azure, customers can rest assured about the safety of their apps and data. Azure also supports customers who have hybrid deployment requirements, enabling them to move workloads between their own datacenters, partner datacenters, and Azure.

Monitoring iconMonitoring

Monitoring for uninterrupted operations, system failures, performance, security and improvements is a part of our service that spans compute, networking and storage aspects of workload management.  With Microsoft Operations Management Suite (OMS), we are able to leverage the following benefits:

  • Gain immediate insights across workloads
  • Enable consistent control and compliance
  • Respond faster to security threats
  • Ensure availability of apps and data

Customer Stories