Everyone loves progress. But no one loves change. That goes for any manner of things—including how people work.
Nonetheless, Microsoft’s Core Services Engineering and Operations (CSEO) group has made big changes that are winning over its employees. As a leading provider of cloud services such as Microsoft Azure, Microsoft has embarked on an effort to transfer its entire workforce of 160,000 employees—along with supporting vendors—to the cloud. This includes IT infrastructure, applications, and services.
The goal is to reduce or eliminate access to the corporate network.
~Mahvish Sheikh, program manager, CSEO
The move is part of Microsoft’s multi-year Zero Trust initiative, designed to improve security and boost productivity. “The goal is to reduce or eliminate access to the corporate network,” says Mahvish Sheikh, a program manager for CSEO who has been active in the cloud work. “We’re asking our engineers to move our applications to an external posture using the cloud.”
That change dates to 2014, when CEO Satya Nadella promised a company future in a cloud-first, mobile-first world.
That seemed like a big promise. At the time, nearly all the work performed by Microsoft employees was done via the corporate network—aka corpnet. On-premises employees connected to corporate through a VPN, and even remote workers used a smart card reader to connect.
In seven years, plenty has changed.
“Now, nearly everything is on the internet,” says Pete Apple, principal service engineer within CSEO. “People open a laptop and log into Outlook in the cloud, or Microsoft 365 for apps, or Teams for collaboration. We still have a few things running on-premises, but that list gets shorter and shorter each year.”
Unpacking the benefits of moving to Microsoft Azure
Why the switch? Six primary benefits plus one unexpected one.
Security. Although VPNs can be protected with passwords and other measures, they have one security flaw. “Once someone is inside the VPN’s firewall, they have access to essentially the entire network,” Sheikh says.
And although that individual may be a trusted employee, they may bring unwanted digital baggage.
“The security risk of a VPN is dependent on how well people take care of their digital baggage,” Apple says. “They may be authorized to be inside the VPN, but they can bring malware with them. And once that happens, the malware can go nearly anywhere within the network.”
Under Zero Trust, users must prove their identity before they can use apps, and they have role-based access restrictions.
It definitely makes my work easier. When you’re looking for files and working with them, it’s much faster to use the cloud than the VPN. People used to say, ‘I don’t want to use the cloud because the performance isn’t that good.’ Now we have solutions that overcome that barrier.
~John Dellenbaugh, senior service engineer, CSEO
Productivity. The cloud is faster and more powerful than the corporate network.
“It definitely makes my work easier,” says John Dellenbaugh, a senior service engineer for CSEO. “When you’re looking for files and working with them, it’s much faster to use the cloud than the VPN. People used to say, ‘I don’t want to use the cloud because the performance isn’t that good.’ Now we have solutions that overcome that barrier.”
One benefit of that is a faster pace for software releases.
“I’ve had many teams that have gone from a quarterly release cycle in which they deploy all their VMs (virtual machines) and all the layers,” Apple says. “Now they’ve gone to a monthly cycle, or even every two weeks.”
Market conditions. Partners and customers also are moving to the cloud. Microsoft seeks to maintain its position as a leader in cloud technology, while also modeling best practices for customers.
“While we do our work, one of the things we’re trying to do is show our customers and partners how we do IT here at Microsoft,” says Vazjier Rosario, a principal service engineering manager in CSEO. “Our hope is showing them how we do things here will help them move their applications to the cloud.”
Modern engineering. Increased efficiency comes from merging development and operations roles—DevOps. This way, any engineer can perform any task on the team. In addition, Microsoft is using development principles, methods, and tools to further shorten cycles.
Run in the cloud. Running apps and services in the cloud allows an organization such as Microsoft to take advantage of the dynamics scalability and disaster recovery offered by Microsoft Azure.
Reduce costs and increase Microsoft Azure consumption. Adopting a cloud-first, internet-first model eliminates the dollars spent on the third-party licenses and fees behind many non-cloud apps, saving millions of dollars. In addition, by increasing Microsoft’s use of Microsoft Azure, the company gains greater insight into how to improve Microsoft Azure to deliver more great products.
Adopting adaptability. One benefit wasn’t anticipated. When COVID-19 struck and Microsoft sent its employees home to work in March 2020, the company scarcely missed a beat. In fact, productivity rose across the company by 129 percent.
“It really proved the idea that we’d been selling,” Dellenbaugh says. “People would contact me and say, ‘This has been a lifesaver.’”
Moving closer to 100 percent cloud-based apps and servers
Getting the bulk of Microsoft employees’ work to the cloud took a big effort on the part of CSEO.
“A big component was designing the right architecture to support the move,” Rosario says. “But really, flipping the switch and going from using VPN to store and share files to an internet-first architecture was very feasible. We’ve shown that.”
With some 85 percent of user traffic now going through the cloud, the company has achieved much of its goal. But getting to 100 percent will take some work.
Three top obstacles currently remain, Sheikh says:
- Apps that are last in the queue and waiting for related apps to adopt a Platform-as-a-Service cloud-based solution.
- Apps that depend on unreleased cloud features.
- Apps that rely on third-party tools that have not yet moved to the cloud.
CSEO is working to resolve these hurdles with the objective of a 100 percent cloud-based workforce. “We’re working to find proactive ways to move customers to the cloud,” Sheikh says. “We’ll be working with people to find out if they’re ready to make the move, and if not, how we can help them get there.”
That still leaves force of habit to fix.
You really should be able to work from wherever you are. People have long thought they had to go into the office to get their job done. Working from the cloud, that’s no longer the case.
~Pete Apple, principal service engineer, CSEO
“I’ve talked to people who have been working from home and they tell me, ‘The cloud is great, but when I’m back on campus I’ll use the corpnet again,” Dellenbaugh says. “And then I ask them: ‘Uh…why? Why not go to the cloud?’”
Still, Microsoft has shown that moving to the cloud not only works, it works very well. The payoff is a world where location simply no longer matters.
“You really should be able to work from wherever you are,” Apple says. “People have long thought they had to go into the office to get their job done. Working from the cloud, that’s no longer the case.”