Cloud synergy: Microsoft Azure and its relationship to Microsoft 365 This blog post was authored by Antonio Maio - Managing Director, Software Services on Protiviti's technology insights blog.As organisations increasingly embrace cloud-based technologies to enhance productivity and efficiency, understanding the dynamic relationship between Microsoft Azure and Microsoft 365 becomes crucial for maximising their potential. With the power of Microsoft Azure and Microsoft 365, organisations are gaining agility and driving innovation, but what is the difference between the two? When rolling out Microsoft 365 it’s important to know that Microsoft Azure is a fundamental component of the Microsoft Cloud and important to understand the nature of Microsoft Azure and its relationship to Microsoft 365.Over time, as businesses look to increase their footprint in the Microsoft Cloud to drive even greater agility and efficiencies, they often do this by moving workloads to Azure, integrating line of business systems or automating business processes. They also look to integrate these workloads and processes with Microsoft 365 to foster greater collaboration and access. When undertaking such initiatives, understanding the Azure services that are available and how they relate to Microsoft 365 can help businesses select the most suitable and cost-effective services to maximise their investment. Topics Cloud Technology Enablement Categories of Microsoft Azure servicesMicrosoft 365 is a Software as a Service (SaaS) application, which sits on and is built with Microsoft Azure IaaS and PaaS services. Microsoft Azure is a cloud computing platform which provides several fundamental building blocks for implementing business focused cloud-based solutions. The capabilities of the Azure platform itself fit into the following three categories:Infrastructure as a Service (IaaS) – Fundamental components include virtual machines, storage containers, networking, firewalls and other important computing infrastructure. These are components organisations can use to host their own servers or applications in the cloud, or which can be used by software vendors to build and host online cloud services they sell to their customers. These can also be used by Microsoft to build and host Software as a Service (such as Microsoft 365). Migrating an organisation’s infrastructure to an IaaS solution helps reduce maintenance of on-premises data centers and save money on hardware costs.Microsoft Azure IaaS services are typically configured and maintained by application or cloud architects. It is paid for on a consumption basis (i.e., pay for what is used) and are often licensed with an “Azure Pay as you Go” license. Each Azure IaaS service can have a different price per unit.Platform as a Service (PaaS) – Ready-to-use cloud services that can be utilised by developers and solution architects to quick build cloud-hosted business applications or online services. Traditionally, when hosting a web application, an organisation would set up a three-tiered server environment with:A database layer hosted on servers,An application or business logic layer hosted on servers, andA user experience layer hosted on servers.When doing so, the organisation was responsible for setting up the servers or VMs, configuring the storage services, configuring the networking, configuring the firewalls and security and maintaining that infrastructure, whether on-premises or in the cloud (IaaS). Azure PaaS provides ready-to-use services that are required for building or hosting these types of applications. They can be quickly spun up (like spinning up a VM) and the required servers, storage, networking, security, etc., are all configured automatically. Common examples are Azure SQL for databases, Azure App Service for hosting web-based interfaces (i.e., web sites), Azure Automation and Azure Logic Apps for automation tools, Azure Cognitive Services for machine learning tools, etc.If an organisation needs to build an SQL database hosted in the cloud, they will traditionally create a new VM, with a storage container, as well as appropriate networking and security, and then install/configure an SQL Server within that VM. Instead, with Azure PaaS, start an Azure SQL Database, and Microsoft Azure will automatically create and configure the necessary VMs, storage containers, networking and security and will deploy/configure the SQL Server software. The user is simply given a URL to the Azure SQL database with the credentials selected during the purchase process. Simply start using that database, and all the infrastructure behind the scenes to host it is automatically configured, secured and maintained.Microsoft Azure PaaS services are typically configured/maintained by application developers or DevOps teams. They are paid for on a consumption basis (i.e., pay for what is used) and are often licensed with an “Azure Pay as you Go” license. Each Azure PaaS service can have a different price per unit. The following diagram illustrates the differences and services available within IaaS, PaaS and SaaS capabilities: Image Directory Services – Microsoft Entra ID (formerly known as Azure Active Directory, or Azure AD) represents Microsoft’s identity management and directory services capabilities. It provides storage and management for identities and groups, which are utilised across many Microsoft services, including Microsoft 365. It also provides key security capabilities, such as:Authentication and password servicesMulti-factor authentication (MFA)Group naming policyGroup expiration policyConditional accessRisk-based conditional accessPrivileged identity managementEntitlement managementPrivileged access managementAccess reviewsNote: In early 2023, Microsoft rebranded Azure Active Directory (Azure AD) to Microsoft Entra ID. Microsoft Entra ID still includes all the great capabilities for identify management and security that were previously available as part of Azure AD.All available Azure services can be found in this Microsoft catalog: https://azure.microsoft.com/en-us/products/.Microsoft 365 relationship to Microsoft Azure servicesMicrosoft 365 is a SaaS platform, but many don’t realise it is built on Microsoft Azure IaaS and PaaS services. More specifically:Microsoft 365 and Azure IaaS – Microsoft 365 is built and hosted on many thousands of VMs, storage containers, networking and security components that are provided by Azure IaaS. These Azure IaaS services sit within the same Microsoft data center which hosts Microsoft 365 for the organisation.Microsoft 365 customers do not have to pay for an “Azure Pay as You Go” license or equivalent. The license costs for Azure are all built into the Microsoft 365 license costs. All the infrastructure components behind Microsoft 365 are completely hidden, obfuscated and not accessible or visible to Microsoft 365 customers.Microsoft 365 and Azure PaaS – Some Microsoft 365 SaaS services may be built upon Azure PaaS services. These are likely higher-level services, such as automatic workflows built into SharePoint Online or other such services. Microsoft does not publish which services are built upon which Azure components. As with IaaS, to utilise these Microsoft 365 services organisations do not have to pay for an “Azure Pay as You Go” license or equivalent. The license costs for Azure are all built into the Microsoft 365 license costs. All the PaaS components that may be behind Microsoft 365 are completely hidden, obfuscated and not accessible or visible to Microsoft 365 customers.Microsoft 365 and Microsoft Entra ID (Azure AD) – Microsoft 365 uses Azure AD as its fundamental identity management platform. Some examples of how this service is used by Microsoft 365 are:When a user authenticates to Microsoft 365, they are, in fact, authenticating to an identity in Microsoft Entra IDWhen a user is prompted for MFA, it is Microsoft Entra ID that is providing the MFA serviceWhen a user is logging into Microsoft 365 and a conditional access policy is validated as part of the login process, it is Azure AD that validates the conditional access policy and makes a policy decision about whether the user may log in or not, etc.When using Microsoft 365, administrators can also have access to the Microsoft Entra ID admin center. Depending on their preference, they may use either the Microsoft 365 admin center or the Microsoft Entra ID admin center to manage users, groups and MFA settings. Other Microsoft Entra ID security services can only be managed in the Microsoft Entra ID admin center, such as conditional access policies and privileged identity management (PIM).As with Azure IaaS and PaaS services that may be utilised to host Microsoft 365 services (once again these are not made public in relation to Microsoft 365), costs for Microsoft Entra ID are bundled into monthly license costs for Microsoft 365. Some Microsoft Entra ID identity and security services are only available with higher-level Microsoft 365 licenses, for example, Microsoft Entra ID PIM is only available with Microsoft Entra ID (Azure AD Premium P2) licenses, which are bundled into Microsoft 365 E5 licenses.Microsoft Azure computing services are fundamental building blocks of the Microsoft 365 SaaS platform. End users generally do not interact with or require knowledge of the underlying Azure services, other than perhaps Microsoft Entra ID (specifically for administrators).One of the most significant advantages of choosing both Microsoft Azure and Microsoft 365 is their seamless integration. Together, they enable businesses to build, deploy and manage applications more efficiently while improving productivity and collaboration. Microsoft Azure and Microsoft 365 are essential tools for modern businesses looking to thrive in the digital age. Azure offers a robust and scalable cloud platform, while Microsoft 365 enhances productivity and collaboration. They form a powerful combination, allowing organisations to innovate, compete and succeed in today’s dynamic business landscape.Read the results of our 2023 Global IT Executive Survey: The Innovation vs. Technical Debt Tug-of-War.To learn more about our Microsoft consulting solutions, contact us. Find out more about our solutions: Cloud Consulting Services Protiviti’s cloud consulting services help organisations implement and adopt cloud capabilities that align with defined business outcomes, including cost savings, agility, scalability and innovation. Microsoft Consulting Solutions Protiviti is a Managed, Microsoft Cloud Solutions Partner with proficiency in all 6 designations: Modern Work, Security, Data and AI, Infrastructure, Digital and Application Innovation and Business Applications. Enterprise Application Consulting Enterprise applications are at the centre of any business transformation. Strategically selecting, designing, implementing, maintaining, and protecting applications is key to success and the foundation for our enterprise application consulting services. Leadership Michael Pang Michael is a managing director with over 20 years’ experience. He is the IT consulting practice leader for Protiviti Hong Kong and Mainland China. His experience covers cybersecurity, data privacy protection, IT strategy, IT organisation transformation, IT risk, post ... Learn More Alan Wong Alan is a director at Protiviti Hong Kong with over 21 years of experience in IT and security solutions and project management. He specialises in IT governance, risk assessment, regulatory compliance, and cybersecurity assessment and consulting. He also has an extensive ... Learn More Featured insights BLOGS Building a Business Case for Copilot for Microsoft 365 – A Game-Changer for Business Efficiency With the rapid rise in artificial intelligence (AI) tools, companies are updating technologies and processes as quickly as budgets allow. Industries are transforming rapidly as the drivers for economic growth are evolving. BLOGS Improving Financial Services’ Efficiency with Copilot for Microsoft 365 In an era of rapid technological advancement, businesses are increasingly turning to artificial intelligence (AI) to enhance productivity, streamline processes and improve decision-making. One such tool making waves in the financial services sector... BLOGS Unlocking Agile Insights: Building Automated Burndown Charts with Microsoft DevOps Analytics View and Power BI In the fast-paced world of software development, staying ahead of the curve requires more than just coding prowess. Agile methodologies have emerged to provide a structured framework for teams to navigate the ever-changing landscape. BLOGS Building an Accessibility Culture with Copilot for Microsoft 365 Organisations across the U.S. recognise the criticality of accessibility for both consumers and employees. This concern dates to the early 2000s, when several well-known brands were targeted by lawsuits that ultimately changed how e-commerce works.... BLOGS Microsoft SharePoint Premium simplifies content management and governance Content management involves the creation, organisation, storage and distribution of digital content within an organisation, ranging from documents and images to videos and web pages. One of the biggest problems businesses face with content management... BLOGS 9 common errors to avoid while implementing security in Microsoft Dynamics 365 Finance and Operations Microsoft Dynamics 365 Finance and Operations (D365FO) is a comprehensive ERP solution that empowers businesses to optimise financial management and operational efficiency. With its integrated approach, powerful analytics, scalability and continuous... BLOGS Navigating the GenAI course with Microsoft Copilot Generative artificial intelligence (GenAI) is a hot topic these days, and not just in the IT world. The statistics indicate off-the-charts interest in GenAI’s capabilities, with AI spending predicted to more than double to $300 billion by 2026.... BLOGS Azure DevOps: 3 tips to organise work items using standard functionality To effectively manage software development projects, it’s crucial to organise work items efficiently. Proper organisation not only boosts productivity but also enhances collaboration among team members. Microsoft Azure DevOps (ADO) is a powerful... BLOGS Capabilities, limitations of Microsoft’s native SoD tool Segregation of duties (SoD) is a well-known term among auditors and anyone who has ever been audited. SoD is the understanding that no user should have access to two conflicting business functions that would allow a user to commit fraud or error (e.g... BLOGS Creating Read-Only Roles for Microsoft Dynamics 365 Finance and Supply Chain Management This blog post was authored by Sarah Guthrie - Senior Consultant, Enterprise Application Solutions on Protiviti's technology insights blog. In today’s fast-paced business landscape, organisations rely heavily on robust enterprise resource planning... BLOGS Migrating Security from Microsoft Dynamics 365 Finance and Supply Chain Management Microsoft Dynamics 365 Finance and Supply Chain Management (D365 F&SCM) publishes security changes with new code releases. These changes are automatically applied to out-of-the-box security roles, duties and privileges when the code is upgraded... Button Button Featured client stories Discovering Actionable Insights From Customer Feedback With Azure OpenAI Struggling with extracting customer data for product development and quality control? Learn what this leading pet retailer did to integrate advanced analytics and Azure OpenAI to enhance productivity. Global Hospitality Company Achieves Efficiencies with Microsoft and Nintex A global hospitality company needed to transition their highly manual process for RFPs to one that was more automated. The need to update their processes was driven by the changes required to address the Covid-19 pandemic, which created a dynamic... Global Retailer Goes Digital: Revitalising Store Operations and Enhancing Community Commitment Protiviti leveraged Microsoft Power BI to help this client transform its operational analytics. We built a user interface that generates analytics every 15 minutes and is easy to use with little training required. From staffing and sales targets to... Intelligent Document Retrieval System, Powered by Responsible AI, Helps Reduce Air Pollution This company is a leader in the supply of after-sale services to the world’s engine and compressor markets and is trusted by nuclear power plants, the U.S. military and both public and private electricity generators around the globe. With the EPA’s... Global Health Services Company Modernises Data and Applications with Microsoft A global health services company needed to execute on its corporate promise to deliver affordability and convenience to its patients. However, the company discovered that there was a disconnect between that promise and intended delivery. Further... Manufacturer Optimises Supply Chain Analytics With Azure Machine Learning Global Manufacturer optimises supply chain analytics with Microsoft Azure Machine Learning significantly improving its ability to adapt to rapid changes in both processes and cost analyses. Button Button