Azure e-book series

Five steps to
modernizing
your data
Creating SaaS apps with the
Microsoft data platform
 Five steps to modernizing your data 2

This guide to data modernization and Who should read this e-book
creating SaaS apps tackles common
issues driving you to consider a We wrote this e-book for software
transition to SaaS. providers who are looking to make the
transition from traditional on-premises
Whether it’s scalability, availability, security, or self-hosted solutions to modern SaaS
globalization, or something else, you’re apps. It includes ways to modernize your
under pressure to respond to customer data platform as the first step in your
demand for cutting-edge capabilities and move to SaaS, the role of the cloud and
lower TCO. At the same time, you need to what you should look for from a cloud
reach new customers, differentiate your provider, key database requirements for
product, streamline your sales cycle, grow multitenant SaaS apps, and how you can
your revenues, and improve your margins. personalize the experience to delight
All of these are areas where the Microsoft customers in compelling new ways.
data platform can help, and this e-book
provides practical pathways forward.

©2020 Microsoft Corporation. All rights reserved. This document is provided “as-is.” Information and views expressed in
this document, including URL and other Internet website references, may change without notice. You bear the risk of using
it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may
copy and use this document for your internal, reference purposes.
 Five steps to modernizing your data 3

1/ 2/ 3/
Are you ready for Many ways to Choosing a proven
the move to SaaS? modernize cloud platform

4/ 5/ 6/
Multitenant Personalization Security and
SaaS apps around the globe compliance

7/
Innovate faster
with Microsoft
 Chapter 1 Are you ready for the move 4
to Saas?

Are you ready

for the move
to SaaS?
When you’re in the software business,
your resources can be spread pretty
thin. You like to stay focused on building
great software, but there are always
distractions—from supporting sales
opportunities to assisting with customer
deployments and troubleshooting existing
installations. With so much time spent
maintaining the status quo, few cycles
remain for modernizing your technology,
streamlining internal operations,
delivering new customer value, and
broadening your customer base.More
 Chapter 1 Are you ready for the move 5
to Saas?

More likely than not, your offerings are ease of use, and flexibility in their purchase
based on an on-premises approach, decisions. ISVs need to prepare for such
forcing you and your customers to spend a transition.”¹
considerable time on essential requirements
like infrastructure, scalability, availability, Given that more and more software buyers
and security. Today, you still must deliver are looking to SaaS solutions, how can
on those essentials, but the solutions you’re you transform your business to meet that
building—or, more accurately, the solutions demand—and while you’re at it, deliver
you want to be building—need to do a lot new customer value? That’s where the
more: support millions of users, span the Microsoft data platform can help.
globe, make sense of petabytes of data, and
wow users in new ways.

At the same time, your customers want

to minimize TCO, which is why more and
more of them are choosing software as a
service (SaaS) over traditional, on-premises
deployments.

The Shift to SaaS: A high-value opportunity

for ISVs, a paper by Keystone Research,
frames the situation well: “SaaS represents
an opportunity for ISVs to fundamentally
transform their business …. The market for
software is quickly changing to demand
this mode of delivery, as software buyers
start considering total ownership costs,

¹ See http://info.microsoft.com/rs/157-GQE-382/images/EN-GB-CNTNT-
Whitepaper-Keystone_Shift_to_SaaS_June2017-en-gb.pdf
 Chapter 1 Are you ready for the move 6
to Saas?

This paper examines Building a multitenant SaaS app that

five of the most can effectively deliver the same services

common issues that to hundreds or thousands of customers—

while ensuring that they can’t see one
you’re likely to face in another’s data
making the transition
to SaaS and maps them Achieving global reach with your
to the Microsoft data app, such as delivering fast, real-time
platform offerings you recommendations to users across multiple
countries and regions
might want to consider
as a starting point.
Ensuring security and compliance,
regardless of what you’re building in
 odernizing your data environment—
M the cloud
as required to make your own move to
the cloud or to simply do more with your Like most software companies, you have
existing on-premises app an existing software stack and skill set,
and want to use what works best for you,
without discarding what you already have
or compromising how your team works.
Choosing a proven cloud platform that
With the Microsoft data platform, it’s easy
can help you deliver on the essentials,
to delight users in compelling new ways
such as scalability and availability, so that
while using your preferred data engine
you can focus more of your resources on
and the languages, frameworks, and tools
delivering new value
of your choice. Read on to discover how
to unlock the full potential of your data—
and your potential for business success—
wherever it lives, in whatever form it
currently resides.
 Chapter 2 Many ways to modernize 7

Many
For many providers of on-premises
software, the modernization of existing
environments is a necessary early step in

ways to the move to SaaS. After all, you’ll likely need

to re-architect your apps to support your
new business model. By modernizing your

modernize environment, you’ll be able to do that faster

and more flexibly. Do it right and you’ll
also streamline application delivery and
enable yourself to build “smarter” apps that
improve the customer experience.

Data is often the driver for such

modernization: there’s more and more
of it; it needs to be analyzed faster than
ever; and it’s coming in more and more
forms—including unstructured formats that
legacy relational database systems
just aren’t built to handle.
 Chapter 2 Many ways to modernize 8

Before moving on, let’s so they can focus on delivering greater

customer value instead of deploying and
address the elephant in maintaining servers. Maybe you should too.
the room: the cloud.
You don’t need to make this leap today, as
a first step. But more likely than not, sooner
It’s what’s driving your customers to SaaS, or later, the cloud will play a role—and that
and it’s here to stay. And for good reason. role will grow over time.

It provides powerful economies of scale, Plotting a course to data modernization

global reach, freedom from the hassles of
maintaining physical infrastructure, and Now let’s look at how you can modernize
access to powerful new technologies like your data environment as part of your
artificial intelligence (AI), which would be transition to SaaS and—if you’re not ready
difficult to bring in-house. It’s for all these to make your own move to the cloud just
reasons and more that your customers are yet—what you can do to ensure that you’ll
turning to the cloud in the first place. be successful when you’re ready to do so.
Regardless of the technology stack you’re
So why not make the most of the cloud? If on today and the speed at which you want
you’re considering SaaS, then by definition, to move, the Microsoft data platform
the cloud already plays a role as your means provides a path forward.
of application delivery. Sure, you could host
a SaaS app in your own datacenter, as some
companies do. But do you really want to
maintain your own physical infrastructure,
patch your own servers, manage your own
backups, and pay for new compute and
storage capacity well before it may ever
be needed? After all, your customers are
abandoning on-premises deployment
 Chapter 2 Many ways to modernize 9

If you have a packaged, on-premises app based

on Microsoft SQL Server or Oracle, there are
several paths you can take.

I am... I want to... I need to...

An ISV with a packaged app An ISV with an open-source An ISV with a NoSQL app
built on SQL Server or Oracle app (MySQL, PostgreSQL) (MongoDB) built
on-premises built on premises on-premises

Leverage my
Migrate my data
Modernize my open-source Build a NoSQL
to the cloud to get
on-premises investments to application in
ready for SaaS
applications migrate data to the cloud
deployment
the cloud

1 2 3 4 5

Upgrade to SQL Extend on Linux Migrate my Lift-and-shift my Modernize my Migrate to Azure

Server 2017 and Windows with on-premises SQL on-premises SQL open-source apps to Cosmos DB
SQL Server 2017 Server or Oracle data Server or Oracle Azure Database for
to a fully managed apps to Azure MySQL or Azure
cloud solution with Database for
Azure SQL Database Postgre SQL

SQL Server 2017

Azure SQL Database

Azure SQL Database

Managed Instance

Azure Database
for MySQL

Azure Database for

PostgreSQL

Azure Cosmos DB

Figure 1. Regardless of your starting point, the Microsoft data platform provides a path to data modernization.
 Chapter 2 Many ways to modernize 10

If you’re not ready for the cloud yet, you If you want the benefits of the cloud
can upgrade (or extend) your existing but your existing architecture isn’t fully
database to SQL Server 2017. It runs on compatible—maybe due to instance-level
Windows or Linux and supports your choice functionality or isolation requirements—
of programming languages, including you can “lift and shift” your existing
T-SQL, Java, C/C++, C#/Visual Basic .NET, database built on SQL Server 2008 or
PHP, Node.js, Python, and Ruby. SQL later to Azure SQL Database Managed
Server 2017 provides industry-leading Instance. It provides all the benefits of a
performance,² delivers unmatched security,³ fully managed database service along with
and is the only commercial database with near 100 percent compatibility with SQL
AI built-in—all at one-tenth the cost of Server. So you can continue using features
Oracle.⁴ like the common language runtime (CLR),
SQL Server Agent, and cross-database
querying—all without changing the design
If you’re ready make your move to the of your app.
cloud, you can migrate to Azure SQL
Database, an intelligent cloud database
for application developers. It shares a code Similarly, if your on-premises app is based
base with SQL Server 2017, so you get the on an open-source relational database, the
same powerful technologies—including Microsoft data platform has you covered.
your choice of tools and platforms, If you’re running MySQL, you can migrate
automatic performance tuning, built-in to Azure Database for MySQL, and if you’re
security, and powerful features for building running PostgreSQL, you can migrate
multitenant SaaS applications. You also get to Azure Database for PostgreSQL. Both
all the advantages of a fully managed cloud provide all the benefits of a fully managed
service, including on-the-fly scalability, service, including on-the-fly scalability;
automatic patching and backups, and more. built-in high availability; and automatic
backups, patching, monitoring, and more.
² #1 price/performance in TPC-H nonclustered as of Of course, you also have the freedom to
September 1, 2017 (see http://www.tpc.org/3323); #1 TPC-H keep using your preferred programming
nonclustered benchmark as of September 1, 2017 (see
http://www.tpc.org/3323); and #1 TPC-E performance as of
languages and frameworks.
September 1, 2017 (see http://www.tpc.org/4075).
³ As measured by number of software vulnerabilities for
major database platforms (2010–2016).
⁴ Source: http://www.oracle.com/us/corporate/pricing/
technology-price-list-070617.pdf
 Chapter 2 Many ways to modernize 11

it provides to augment those on-premises

Last but not least, if you’re running apps with new functionality driven by one
a NoSQL database on-premises, such or more cloud database services.
as MongoDB, you can migrate to Azure
Cosmos DB. It’s currently the only fully
managed database service to offer The Data Accelerator program
turnkey global distribution; support for
key-value, graph, and document data
in a single service; and five well-defined
If you’re ready to
consistency levels—enabling you to best take the next
navigate the tradeoffs between consistency,
step toward data
latency, availability, throughput, and other
considerations. You also get limitless elastic modernization,
scalability across the globe, guaranteed Microsoft is ready
single-digit latency, and industry-leading
service-level agreements (SLAs). And you to help.
have your choice of APIs—including SQL,
JavaScript, Gremlin, MongoDB, and Azure Through the Data Accelerator program,
Table storage. which currently supports all the above
pathways to modernization except for
Although most of the above are cloud Azure Cosmos DB, you can get help from
based, that doesn’t mean you need to the experts at Microsoft. Check out the
make your own move to the cloud all at Data Accelerator program page for more
once. Microsoft is unique in having an information, to see if you qualify, and to
established presence both on-premises and apply for the program.
in the cloud, enabling a hybrid approach
that lets you transition to the cloud at
your own speed, regardless of where your
data and computing resources reside
now. For example, you could upgrade (or
extend) existing on-premises apps to SQL
Server 2017, and then use the capabilities Apply for the Data Accelerator program.
Learn more about modernizing your applications
with Microsoft in a free webinar.
 Chapter 3 Choosing a proven cloud 12
platform

Choosing
No matter what your app does or where
it resides, it needs to deliver on the
“essentials.” Let’s face it, every customer

a proven demands a flawless experience with every

interaction, including fast performance,
high availability, ironclad security, and

cloud uncompromised privacy. And while you

know you need to meet those expectations,

platform
you probably don’t want to spend a lot of
time on the details necessary to do so.

You likely already have a firm grasp

on how well you’re able to support
those basic requirements using your
existing, on-premises database, including
any limitations it may have. But what
about the cloud? To determine whether you
can trust a cloud platform to help
you deliver on the essentials—in a way
that lets you stay flexible and focus on more
important things—it’s worth askingrself a
few questions
 Chapter 3 Choosing a proven cloud 13
platform

How can the platform help me avoid

More than any other
downtime, both planned and unplanned? factor, customer
What does it offer that can help me avoid
experiences determine
calls from frantic customers, or having to
tell them that our app will be offline again whether companies
for scheduled maintenance? thrive and profit, or
struggle and fade.
How can the platform help me handle
unexpected spikes in workload and avoid
Harley Manning and Kerry Bodin
Outside In: The Power of Putting Customers at the
complaints about poor performance— Center of Your Business (New Harvest, 2012)
without having to pay for a lot of spare
capacity that I might rarely need?

Unless you plan to take on everything

Can the platform help me expand to required to host your own SaaS apps, your
other geographic regions? And when it’s move to SaaS begins with choosing the
time to do so, will I still have access to the right cloud platform for your business and
same built-in availability, scalability, and your customers. Invest the time to find a
security mechanisms that I’ve come to provider that can meet your needs both
depend on? today and into the future, and you’ll have
taken a successful first step in positioning
yourself to deliver new customer value and
How can the platform help me keep fuel continued business growth.
customer data secure? If there are
regulatory or compliance requirements,
does the platform have the necessary
certifications?
 Chapter 3 Choosing a proven cloud 14
platform

Generally available

Coming soon

The cloud platform that 90 percent or you can configure your apps to scale up
of Fortune 500 companies trust and down on their own.

Microsoft Azure services are built Azure managed services help ensure
cloud-first, so they’re ready to help you availability through automatic patching and
transform how you deliver value to backups, built-in monitoring and security,
your customers, no matter where you are and more, so you can stay focused on
in the world. Azure runs on a worldwide building great apps. Many Azure services
network of Microsoft-managed are backed by SLA that include uptime
datacenters, across 36 regions (and guarantees and downtime credit policies.
growing), delivering global coverage. To ensure business continuity and disaster
recovery, you can choose from locally
With Azure, you don’t need to worry redundant storage, where data is replicated
about capacity or performance. You can locally within your primary region, or
easily and instantly scale up when more geographically redundant storage, where
capacity is needed, and then scale down to data is replicated to a secondary region
save money when demand subsides. You that’s at least 250 miles (400 km) away but
can configure Azure to let you know when within the same geography.
capacity or performance needs attention,

Figure 2. Microsoft Azure runs on a worldwide network of Microsoft-managed datacenters, across 36 regions (and growing).
 Chapter 3 Choosing a proven cloud 15
platform

What’s more, because Azure is available in Customer case study: SnelStart

140 countries and regions, you can put your
data where its users are. The storage of data
can be restricted to a single geography,
Netherlands-based
region, or country, so you always have SnelStart, which has 100
control over how close your apps and data employees, provides
are to the people who use them.
financial and business
Azure also provides comprehensive management software
security and identity management tools
and services, including advanced threat to small- and medium-
detection, Azure Security Center, Azure sized businesses.
Active Directory, Azure Key Vault, and
Azure Multi-Factor Authentication. And
The company ran a successful software
Azure offers the most comprehensive
business for years, using a traditional,
set of compliance offerings (including
on-premises model: code, package, ship,
certifications and attestations) of any
and repeat.
cloud service provider. (Security is such an
important topic that we cover it separately
Over time, as the pace of change grew
later, in Security and compliance.)
faster and faster, SnelStart needed a way
to keep up. An on-premises approach
Whatever your apps do, Azure helps
limited how often the company could
them do it with enterprise-proven levels
deliver new releases. To complicate matters,
of scalability, availability, and security—
SnelStart could never be assured that
everything your customers expect.
customers upgraded to the latest version
And while Azure takes care of those
of its software, which meant that SnelStart
fundamentals, you get more time to focus
had to support several versions and made
on new ways to delight customers and grow
providing that support more difficult.
your business.
SnelStart moved to a SaaS offering running
on Microsoft Azure. The company now
can fix bugs and provide new features
 Chapter 3 Choosing a proven cloud 16
platform

rapidly, without customers needing to

download and upgrade software to adapt
to new requirements, such as changes in
accounting rules. Because the move to SaaS
also enabled SnelStart to reduce overhead
and automate deployments, the company Apply for the Data Accelerator program.
can grow its business without a linear Learn more about modernizing your applications
increase in staff. with Microsoft in a free webinar.
Learn why you can trust Microsoft Azure with
“We were able to grow our current your data.

operations with a very small staff while

simultaneously increasing scalability,
speed, and disaster-recovery options for
our clients,” says Carlo Kuip, IT Architect
at SnelStart. “The shift to services
development freed up resources to focus
on new services and features, instead of just
updating existing code to keep up with new
regulations or tax codes. By automating
management and using the SaaS offering,
we are able to deliver more value for
our clients without having to make large
investments in operational staff.
 Chapter 3 Choosing a proven cloud 17
platform

Working with Azure

means we can deliver
software faster, quickly
react to customer
demands, and scale
solutions when
demands increase.

Henry Been Hear from other customers who are using Azure.

OutsideSoftware Architect, SnelStart

 Chapter 4 Multitenant SaaS apps 18

Multitenant
According to Keystone Research, “SaaS
represents an opportunity for on-premises
software providers to deliver greater value

SaaS apps to customers, sell software to a broader

range of customers, and streamline their
internal operations.”⁵ Keystone cites a
wealth of benefits experienced by ISVs
who successfully transitioned from a
traditional software-licensing and delivery
model to SaaS:

New customer segments through lower

adoption and operating costs

Reduced customer TCO through decreased

infrastructure complexity

Improved product offerings through the

integration of value-added cloud services

Product improvements driven by

the aggregation of usage data and
data-scale effects

⁵ See http://info.microsoft.com/rs/157-GQE-382/images/EN-GB-CNTNT-
Whitepaper-Keystone_Shift_to_SaaS_June2017-en-gb.pdf
 Chapter 4 Multitenant SaaS apps 19

ISVs who made the move to SaaS also How can we keep customer data
improved recurring revenue and financial secure—and isolate it to ensure that
predictability, drove increased revenue our customers can’t access one another’s
through new pricing models that were information? And how can we help
better aligned with customer needs, and customers ensure secure access across their
shortened sales cycles through new trial own user bases?
and end-user engagement opportunities.
Finally, they reported significant operational As the data in our app grows, how
benefits—including a 33 percent increase can we uncover relationships in the data
in the speed of product development and gain new insights from it—in areas
and a 26 percent increase in engineering ranging from app performance to customer
efficiency. Pretty compelling, isn’t it? behavior?

So how can your business successfully How can we help customers visualize
transition to SaaS? To effectively build their data to gain new insights quickly and
a SaaS app that serves hundreds or easily—and thus add even more value to
thousands of customers, delivers essential our offerings?
elements such as data isolation and security,
and helps protect your margins, you might
want to start by asking these key questions:
If these questions
resonate, you probably
How can we provision new customer already have a firm
environments quickly—and keep
performance high as overall usage grows? grasp of what you need
How will I handle varied and unpredictable from a cloud database.
spikes in demand?

How can we manage customer

environments at scale, so that I won’t
need to bring on new staff linearly as my
business grows?
 Chapter 4 Multitenant SaaS apps 20

Azure SQL Database: With Azure SQL Database, you can

Redefining multitenancy take advantage of:

Azure SQL Database, an intelligent

relational cloud database service, helps Elastic database pools, which enable
you avoid the typical tradeoffs between cost-effective and predictable pooling of
development efficiency, manageability, resources to help you handle varied and
performance, and security for SaaS apps. unpredictable spikes in demand.
As your SaaS app runs, Azure SQL Database
employs built-in machine learning to
continuously assess its behavior, tune
performance, and automatically improve
Elastic database jobs, which streamline
reliability and data protection—freeing you
admin tasks by letting you make changes
to focus on other things. And as demand
to many databases at once—ultimately
for your SaaS app grows, Azure SQL
enabling you to manage thousands of
Database scales on the fly, with virtually no
databases as one.
app downtime.

In-memory online transaction

processing (OLTP), which keeps active
data in main memory to improve
performance by a factor of up to 30—
giving you more performance for your
money.

ColumnStore, which stores table data as

columns instead of rows to deliver 10 times
the data compression and queries that are
up to 10 times faster.
 Chapter 4 Multitenant SaaS apps 21

Tenant 1

Tenant 2

Database per tenant

Every tenant in its own DB

Tenant z

Tenant 1 Tenant 2 Tenant z

Shared-Sharded
Multiple tenants per DB,
sharded across many DBs
Application tier

Shared-Single
Data tier

Multi-tenant All tenants in one database

SaaS application
Tenant Tenant Tenant
1-n o-p q-z

Tenant 1-z

Numerous ways to help keep customer Graph processing, which can make
data secure—including row-level security, it easier to express certain kinds of
dynamic data masking, and the Always queries—and potentially improve query
Encrypted feature. performance—by enabling you to model
many-to-many relationships among
relational data.

Built-in intelligence to further boost app

performance and data security—including
features such as Threat Detection, Query
Performance Insight, and Azure SQL
Database Advisor.

Figure 3. Azure SQL Database supports multiple data models for multitenant SaaS apps.
 Chapter 4 Multitenant SaaS apps 22

Azure SQL Database supports multiple it quick and simple for your customers to
data models for multitenant SaaS apps, integrate with an existing Windows Server
so you can choose the one that delivers Active Directory, enabling them to leverage
the optimal balance of isolation, cloud existing on-premises investments to
resource costs (compute and storage), and manage access to your app.
DevOps complexity for your customers and
your business. This also allows for a more Power BI Embedded
flexible business model that includes a trial/
free tier; serves a breadth of moderately Few SaaS apps are complete without some
active customers; and offers high-end, sort of reporting environment. But all too
dedicated, premium offerings for your most often, such reports are static and deliver
demanding customers. only limited insights. Embedding a rich,
interactive analytics environment into your
A list of all major Azure SQL Database features (with app is another way to increase its usefulness
links to more information) can be found on the and help your customers make quick, data-
Azure SQL Database features page.
driven decisions.

Azure Active Directory

Microsoft Power BI Embedded is an Azure
service you can use to bring data to life
With a multitenant SaaS app, you need a
within your app—without the time and
way to organize and manage user accounts.
expense of building and maintaining
More likely than not, your customers
your own analytics environment. You can
already have an identity management and
easily embed stunning, fully interactive
authentication mechanism. And they don’t
reports into your app in a cost-effective
want to use and maintain a different one
and scalable way, adding value and further
just to access your app.
differentiating your app. You could also
gain an additional revenue stream if you
You can use Azure Active Directory (Azure
choose to position such functionality as
AD)—a multitenant, cloud-based directory
a premium offering. You don’t need to
and identity management service—to
change the design of your app to use Power
easily add single sign-on to your SaaS app
BI Embedded, and your users can sign in to
for greater value and differentiation in the
your app just like before.
marketplace. With Azure AD, you make
 Chapter 4 Multitenant SaaS apps 23

Customer case study: Umbraco says Niels Hartvig, founder of Umbraco.

“We initially considered hosting the servers

Umbraco is a popular, ourselves, but capacity planning would

have been a nightmare.”
open-source content
management system. By choosing Azure, Umbraco is able
to provide customers with optimal
performance, without the investment in
To deliver new customer value, Umbraco IT resources that a self-hosted solution
used Azure SQL Database and other would require. “We love the developer
Microsoft Azure services to build Umbraco- convenience and scalability that Azure
as-a-Service (UaaS), a multitenant SaaS gives us, and our customers are thrilled with
app that lets customers provision new the features and reliability,” says Morten
environments themselves. Christensen, Technical Lead at Umbraco.

To make new customer environments

available virtually immediately, Umbraco
uses elastic database pools to maintain
a pool of preprovisioned databases. As
the preprovisioned databases are used,
new elastic database pools are created
and new databases are preprovisioned. Apply for the Data Accelerator program.
When databases are no longer needed, an Learn more about modernizing your applications
automated process restores them to the with Microsoft in a free webinar.

elastic database pool. As of October 2016, Get hands-on experience in GitHub Developer
Immersion.
Umbraco had nearly 3,000 databases across
Browse the code samples in the GitHub Reference
19 elastic database pools.
Implementation Repository.
Review the advanced security and compliance
Remarkably, Umbraco doesn’t employ any features in Azure SQL Database.
database administrators. “We wanted to Learn how to help secure your Azure SQL Database.
spend our time on solving our customers’ Get details about application development with
problems, not managing infrastructure,” Azure SQL Database.
 Chapter 4 Multitenant SaaS apps 24

Elastic database pools

are a perfect fit for our
SaaS offering because
we can dial capacity up
and down as needed.
Provisioning is easy,
and with our setup, we
can keep utilization at
a maximum.

Morten Christensen Hear from other customers who are using

Azure SQL Database.
Technical Lead, Umbraco
 Chapter 5 Personalization around 25
the globe

Personalization
around the
globe In today’s global economy, apps and their
users span the planet. To support rich, real-
time personalization at a global scale, your
SaaS app needs fast access to the data that
drives this personalization, regardless of
where the user is located.

To achieve this, from a data perspective,

you need to consider how to:

Manage and version complex schemas.

Scale both throughput and storage to

meet global demand.

Balance the tradeoffs between the limited

consistency models in a distributed
database, including latency, availability,
throughput, and scalability. (Most
databases offer only two models, consistent
and eventual, forcing you to choose from
one end of the spectrum or the other.)
 Chapter 5 Personalization around 26
the globe

can model your data the way your app

Deliver customized, real-time, and highly requires, using familiar APIs, tools, and
responsive experiences. frameworks.

Azure Cosmos DB provides:

Ensure an always-on system around
the globe.
Turnkey global distribution—Azure
In addition, to deliver the greatest Cosmos DB is currently the only fully
value, you need to handle a variety of managed database service to offer
unstructured data at scale. Social media turnkey global distribution, letting you
posts, mobile data, document text, app put your data where your users are for
telemetry, and website content are just a fast, responsive access. Every database
few examples of today’s data that doesn’t account can be associated with any number
always fit neatly into rows and columns. You of Azure regions, and the data replicates
also need to collect and analyze the data automatically, synchronously, and durably.
needed to drive real-time personalization
before you can operationalize it for real-
time access. Support for multiple modes and APIs—
Only Azure Cosmos DB empowers you
Azure Cosmos DB: A globally with key-value, graph, and document
distributed, multimodel data in one service. Azure Cosmos DB
database service automatically indexes all data, so you don’t
need to worry about schema or index
Azure Cosmos DB provides low-latency management. You also have your choice of
access to rich data anywhere in the world— APIs—including SQL, JavaScript, Gremlin,
making real-time personalization at a MongoDB, and Azure Table storage.
global scale exactly the type of scenario
that Azure Cosmos DB is ideally suited for.
What’s more, with Azure Cosmos DB, you
 Chapter 5 Personalization around 27
the globe

Limitless elastic scale around the globe— Industry-leading, enterprise-grade SLAs—

With Azure Cosmos DB, you Azure Cosmos DB is currently the only
can independently and elastically scale cloud database service to offer industry-
storage and throughput at any time, leading SLAs for 99.99 percent availability,
anywhere across the globe, paying only latency at the ninety-ninth percentile, and
for the throughput and storage you need. guaranteed throughput and consistency.

The capabilities provided by Azure Cosmos

Multiple, well-defined consistency DB make it well suited for many use cases
choices—Azure Cosmos DB offers beyond real-time personalization at a
an intuitive programming model and global scale—including the Internet of
is currently the only nonrelational Things and telematics, retail and marketing,
database service to offer five well-defined gaming, web and mobile apps, banking,
consistency levels. You can build for and other mission-critical, global scenarios.
the unique needs of your app, and best
navigate the tradeoffs between consistency, Azure Functions: Enabling a
latency, availability, throughput, and serverless architecture
scalability.
By taking advantage of how Azure Cosmos
DB and Azure Functions work together,
you can quickly and easily build and deploy
Guaranteed low latency—With its latch-
event-driven, serverless, personalized apps
free and write-optimized database engine,
that have low-latency access to rich data on
Azure Cosmos DB guarantees less than 10-
a global scale. Because Azure Functions are
ms latencies on reads and less than 15-ms
event driven, you can just listen to a change
latencies on (indexed) writes at the ninety-
feed from Azure Cosmos DB instead of
ninth percentile.
creating your own listening logic. You can
also bind a function to an Azure Cosmos
DB collection using an input binding
 Chapter 5 Personalization around 28
the globe

Region 2
Region 1

End-user app
Region 3

Region 4

Region 6
Azure App Azure Azure
Service Functions Cosmos DB Region 5

(which reads data from a container when Used together, Azure Cosmos DB and
a function executes) or using an output Azure Functions deliver a compelling
binding (which writes data to a container set of benefits: event-driven, serverless
when a function completes). computing at a near-infinite global scale,
with low-latency access to rich data for
With Azure Functions, there are no limits— serverless apps, app performance that
you set the parameters, and the functions enables a real-time user experience, and
execute in parallel, with the Azure Functions freedom from infrastructure through fully
service spinning up as many times as you managed services.
need. The service creates new instances
of functions whenever an event fires
and closes them as soon as the function
completes. This makes functions good for
quick tasks and enables you to pay only for
the time your functions are running.

Figure 4. Native interoperability between Azure Cosmos DB and Azure Functions makes it easy to build fast, serverless,
personalized apps at a global scale.
 Chapter 5 Personalization around 29
the globe

Customer case study: Next Games the data close by the player, no matter
which datacenter it comes from.”

Next Games, Currently, all player data is in Azure

maker of the popular Cosmos DB except for the actual saved

mobile strategy game player file, which is stored in Azure Blob

storage. In addition to Azure Cosmos DB
The Walking Dead: and, soon, Service Fabric, Next Games is
No Man’s Land, has using Media Services for streaming video,
Event Hubs for analytics, Notification
been with Azure Hubs to send push notifications to clients,
from the start. Traffic Manager for load balancing, and
Web Apps for the dashboard, which
provides game management.
By 2017, No Man’s Land had 16 million
installations, had generated 120 GB of
new data each day, and was handling
11,500 database requests per second. To
support continued growth, Next Games
needed more storage, increased flexibility,
and the ability to maintain availability
and performance for users who aren’t
geographically close to one another.

Learn more about modernizing your

To meet those needs, the company adopted applications with Microsoft in a free webinar.
Azure Cosmos DB. “We want our game data Read the technical introduction to Azure
to always reside in the datacenter closest Cosmos DB.
to the player so that we can load the player Watch the Introducing Azure Cosmos DB video.
data as fast as possible,” says Kalle Hiitola, Learn how to partition and scale in Azure
Chief Technology Officer at Next Games. Cosmos DB.

“[The Azure Cosmos DB] replication feature Check out the sample Azure CLI scripts and
Azure PowerShell scripts for Azure Cosmos DB.
allows us to do this, so that we always have
 Chapter 5 Personalization around 30
the globe

The good thing about Azure is

that we can incrementally add new
features Microsoft brings on to
Azure into our platform and switch
them behind the scenes. You just
start a new service, and off you go
exploring what it can do for you.

Kalle Hiitola Hear from other customers who are using Azure
Cosmos DB.
Chief Technology Officer, Next Games
 Chapter 6 Security and compliance 31

Security and
No matter what you’re building, you
need to protect users’ data and ensure
compliance with any applicable regulations.

compliance You can do some of this within your app,

which is why key security features that
are specific to certain Azure services are
covered earlier in this e-book, under
the relevant scenarios for those services.
However, when you rely on a cloud service
provider for your infrastructure, you’re also
relying on that provider to help you keep
your customers’ data secure. It’s the same
with regulatory compliance; if the cloud
services you’re using aren’t compliant,
neither is your app.

One of the best reasons to use Azure for

your apps and services is to take advantage
of its many built-in security tools and
capabilities—additional layers of protection
that you can use to achieve a defense-
in-depth approach. For example, across
all scenarios, you can use Azure Security
Center for increased visibility and control
over the security of all your Azure resources,
use Azure Active Directory to help secure
access to on-premises and cloud apps, use
Azure Key Vault to safeguard cryptographic
keys and other secrets used by your cloud
apps and services, and use Azure Multi-
Factor Authentication to provide even more
security for your data and apps.
 Chapter 6 Security and compliance 32

Responsibility

Data classification
& accountability

Client & end-point

protection

Identity & access

management

Application level
controls

Network controls

Host infrastructure
Cloud Customer

Physical security
Cloud Provider

Microsoft Azure: The trusted platform Functional security areas

From facility to apps, the Azure Depending on the cloud service model,
infrastructure is designed for hosting responsibility varies for managing security
millions of customers simultaneously, at different solution layers. Azure provides a
providing a trustworthy foundation upon wide array of configurable security options
which you can meet your needs. Security so you can customize security to meet your
and privacy capabilities are built in from unique requirements.
the start, beginning with the Security
Development Lifecycle (SDL), which Security capabilities built into the Azure
addresses security at every development platform cover all major functional areas,
phase and helps ensure that Azure is including network security, database
continually updated to make it even more security, storage security, compute security,
secure. Operational Security Assurance operational security, security monitoring
builds on SDL knowledge and processes and management, and more. The
to supply a framework that helps provide introduction to Azure security provides an
secure operations throughout the lifecycle overview of all those areas.
of cloud-based services.

Figure 5. Who manages security—whether the cloud customer or the cloud provider—depends on the cloud service model.
 Chapter 6 Security and compliance 33

Compliance Customer case study: GEP

In a world where data breaches and

government requests for access to online
GEP delivers software
customer information happen daily, you and services that enable
need a cloud platform that helps you procurement leaders
ensure regulatory compliance. Microsoft
provides the most comprehensive set to maximize their
of compliance offerings, including business impact.
certifications and attestations, of any cloud
service provider.
In the past, the company ran SMART
by GEP, its cloud-based procurement
For example, in May 2018, a European
platform, in its own datacenters. But
privacy law, the General Data Protection
the investments required to ensure the
Regulation (GDPR), is scheduled to take
scalability and performance of that model
effect. The GDPR imposes new rules
were steep. Regulatory requirements
on companies, government agencies,
in new markets would have made the
nonprofits, and other organizations that
necessary investments more daunting
offer goods and services to people in the
still. “To meet that demand with our
European Union (EU) or that collect and
existing datacenters, we would have had to
analyze data tied to EU residents, and it
expand our infrastructure and IT resources
applies no matter where the organization
considerably,” says Dhananjay Nagalkar, VP
is located. Microsoft is committed to GDPR
of Technology at GEP. “The investment
compliance across its cloud services when
and time frame for that would have
enforcement begins May 25, 2018, and
been enormous.”
provides GDPR-related assurances in its
contractual commitments.
GEP explored several cloud options, but
most were infrastructure-as-a-service
Review the list of all Azure compliance offerings on providers that still would have required
the Trust Center. substantial investment in IT resources. The
Read the white paper on how Microsoft Azure can Azure platform-as-a-service model
help organizations comply with the GDPR.
 Chapter 6 Security and compliance 34

turned out to be a much better fit.

“With Azure, GEP doesn’t need to deal
with database management, virtual-
machine configuration, patching, or other
infrastructure-management tasks,” says
Nagalkar. “Instead, we can focus our Apply for the Data Accelerator program.
resources on what we do best: leveraging Learn more about modernizing your applications
our expertise in procurement to write with Microsoft in a free webinar.
software that truly delivers results for Learn more about Azure security at the Azure
our customers.” security documentation site.
Get details on Azure database security.
By moving to Microsoft Azure, GEP has
been able to cost-effectively accommodate
its continued growth. For instance, through
its worldwide network of Microsoft-
managed datacenters, Azure has enabled
GEP to overcome regulatory barriers that
kept it out of some global markets—such
as European markets where regulations
require data to be stored in that local
geographic region.

Azure services have also enabled GEP

to address other customer needs. For
example, the company used Azure Access
Control service—now part of Azure Active
Directory—to support a broad range
of options for signing in to its software,
enabling GEP to offer single sign-on for
customers without worrying about storing
user credentials and maintaining customer-
password policies.
 Chapter 6 Security and compliance 35

Microsoft Azure has

played a key role in GEP’s
success by allowing us to
rapidly scale services with
agility, and by providing
regional datacenters
that help us meet the
regulatory needs of our
global customers.

Dhananjay Nagalkar Hear from other customers who are using

Azure Active Directory.
VP of Technology, GEP
 Chapter 7 Innovate faster with 36
Microsoft

Innovate
faster with
Microsoft
With a broad portfolio of services, business. Azure also supports a fully hybrid
Microsoft Azure can help you successfully architecture, which helps you deliver the
transform from a seller of on-premises functionality you need, regardless of
software to a SaaS provider in the cloud. where the data or computing resources
You get all that you need to deliver greater that power your apps reside: your own
customer value, sell software to a broader datacenter, a customer’s datacenter, an
range of customers, and streamline your Azure datacenter, other public cloud
internal operations. What’s more, you can datacenters, or even a mobile device.
do so across your choice of technology
stack, with innovative, built-in technology
like analytics and AI to help you wow your
customers and make you more productive.
The Microsoft cloud platform supports
more than a billion customers in more
than 140 countries and regions, providing
a unique platform to help you grow your
 Chapter 7 Innovate faster with 37
Microsoft

With Azure and data Easily build and deploy anywhere.

Use your team’s existing skill sets and
services from Microsoft, favorite tools to integrate data and build
you can: intelligent apps, and then deploy without
a change in code. Build once and deploy
anywhere—in the cloud, on-premises, and
to edge devices—knowing that the global
distribution of Azure means you can reach
your users wherever they are.

Create an impact with an open platform.

Maximize your team’s effectiveness
while using the technology of your
choice, including open source, backed
by a platform that offers unparalleled
performance, availability, and security. You
can choose from several languages, employ
a comprehensive range of data engines and
processing technologies, and then deploy
on your favorite platform.

Develop apps with built-in intelligence.

Creating intelligent apps with Azure is easy;
it includes advanced analytics and a rich
set of cognitive APIs that provide human-
like intelligence to enable more natural
and contextual user interactions. No other
platform brings analytics and native AI to
your data wherever it lives, in the languages
you use.
 Be the data hero

Get insights from all your data. At scale. Put your Get help with your
database skills to work in the cloud. Get free database project. Talk to a
and AI services—and a $200 credit. Start free > sales specialist >