How organizations are using Microsoft's on-premises cloud platform

Azure Stack is Microsoft's on-premises version of its Azure cloud service, enabling customers to hold sensitive information within their own facilities but with the ability to reach the Azure public cloud, too.

Rand Morimoto Mar 06th 2018

Microsoft’s on-premise Azure cloud platform, Azure Stack, has now been embedded in real-world, core business environments with early adopters validating business use cases that require secured and host environments.  Here are some of the current uses of Azure Stack that are deployed in enterprises.


Azure Stack in healthcare

Healthcare organizations have been a prime candidate for Azure Stack as they fit the model of having large (extremely large!) sets of data and customers, and also face regulatory policies and protection aimed at securing the data being transacted.  Azure Stack fits the mold of providing healthcare organizations the cloud-scale that they wish to achieve, in a protected, managed and secured environment.

Beyond simply providing cloud-scale operations of Azure on-premise, Azure Stack has also enabled healthcare providers to leverage Azure (public) for application development and the flexibility to host applications on the on-premises, secured environment.  Public cloud provides a wonderful platform for application development, allowing an organization to code, develop, test, rollback, retest and start all over on platform systems.

The organization doesn’t need to buy hardware for an application-development cycle and then sit on the investment for weeks or months until the next large development and redeployment cycle.  Cloud provides an organization the ability to burst during peak development times, then completely de-allocate all systems and configurations until resources are needed again.

Since the code development doesn’t have sensitive and protected patient data, the open development in a public cloud doesn’t compromise the organization’s ability to develop in a shared cloud environment.  Once the application is developed and tested, it can simply be moved to Azure Stack on-premise using the EXACT same system configuration states, settings, template builds and models ensuring that application dev/test validation will work on-premises as it did in  Azure public-cloud test cycles.

Azure Stack in government

Another core sector where Azure Stack has taken hold in with initial production deployments government.  Both in the areas of international government entities as well as specific defense contact enterprises.

Microsoft has an isolated Azure instance for U.S. government entities, but not for other governments around the globe.

Azure Stack has filled this need by providing protected Azure cloud services to international government entities, allowing them to take advantage of Azure resources both for open and publicly accessible resources, as well as for private content and resources managed by Azure Stack.

Additionally, in the U.S. an initial group of defense-contract entities are leveraging Azure Stack for high-performance, tightly managed, and secured cloud-scale platform environments. These defense contractors are leveraging Azure (public) and Azure Stack (on-premises) just as healthcare organizations do.

There are a couple ways Azure Stack fulfills the needs of  government entities.  One is to leveraging cloud resources on an as-needed basis. Organizations can provision resources they require, and when they’re done, reallocate them to other workloads. The other scenario is handling workloads that need to be secured. Organizations can apply security policies and practices to workloads in Azure Stack that they may not be able to do easily in the public Azure Government cloud.

So Azure Stack meets government needs in two ways. One is fulfilling project-based scale-up to leverage public cloud resources on an as-needed basis, then having those resources drop off and be deallocated after the project is completed, minimizing long-term costs of buying, maintaining, supporting or leasing equipment.

The other is to provide secure operations for key workloads that can retain a level of security to which organizations can apply age-old security policies and practices. Then they can utilize secured cloud instances in the Azure Government cloud.

Azure stack in isolated environments

Some organizations do application development with users that do not have reliable Internet connectivity.  One such enterprise’s development team is in a part of the world where Internet connectivity is spotty at best.  The model has been to work on standalone systems using containers, where the containers can be ported across when Internet connectivity is working or the containers are saved to physical media that is shipped to a location where the code and content is needed.

The challenge for the organization has been around the security of code development. With multiple standalone systems and with containers being moved around, the integrity of the code and leakage of intellectual property has been something the organization has been unable to manage.

With Azure Stack, all users are connected within the walls of the remote site.  All content being created remains isolated in the secured and encrypted Azure Stack environment.  When content is created and needs to be ported, that can be accomplished via secured connections between Azure Stack (on-premises) and Azure (public).

These transfers are logged, tracked and tightly managed, providing the organization a seamless way to move intellectual property around, yet retain integrity and security of the content being developed.

Azure Stackprovides real-world solutions to business cases that we anticipated would be important as the product was being developed two-and-a-half years ago and that now are available for use by enterprises and government entities around the world.