![\"The](\"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/wp-content\/uploads\/sites\/22\/2019\/06\/WindowsVirtualDesktopHeader.jpg\")
<\/p>\n<\/p>\n
Hello! I’m a Microsoft UK Azure AppDev Specialist and below I’ll be sharing what I do and why I do it, as well as touch on the current AppDev trends I see and the themes that I’m frequently asked to cover.<\/p>\n
Using the Microsoft mission statement as our pole star, with an AppDev lens this leads to the following vision and objectives:<\/p>\n
I’m privileged to be part of the Microsoft UK Azure AppDev team, and we’re all passionate about talking App Innovation, development and helping others. If you want an AppDev conversation or just need some guidance, do reach out in the comments below.<\/p>\n
<\/p>\n
For organisations to survive and thrive in this new era, they must embrace digital transformation. The challenge for all is the rate of innovation is getting faster; business competition can be fierce, so organisations must exploit software technology to innovate, differentiate and disrupt.<\/p>\n
It’s investment in applications that will enable innovation and provide a business advantage over competitors and their offerings, which will ensure resilience and drive growth.<\/p>\n
Resources:<\/strong><\/p>\n <\/p>\n We frequently talk about Digital Transformation being fundamental for business success, but it’s software innovation that is at the core of DT – and for that you need application development.<\/p>\n The catalyst for application development is software developers, who have an increasingly vital role in business value creation and will be at the heart of innovation endeavours.<\/p>\n Successful companies will be those that empower software developers to achieve more. They need best-in-class tools and platforms to unleash their capabilities along with a culture of collaboration and sharing.<\/p>\n The Visual Studio portfolio of development tools and services enables application development to be more productive for any developer, any platform, and any language. Visual Studio Live Share combined with GitHub and Teams enables frictionless team collaboration.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n The cloud is a great enabler for businesses by providing secure IT infrastructure on tap. Much like any other utility, such as water or electricity, you turn it on, pay for what you consume and expect it to be there when needed. It enables organisations to be agile, provides scale and resilience, and the cloud economics make it very attractive.<\/p>\n Around the globe Microsoft leads with its Azure presence – currently in over 60 regions – and each region itself comprises of multiple datacentres. Microsoft has also invested heavily in networks to join up the Azure regions and to interconnect the world.<\/p>\n Azure itself is many services – and it’s hard to appreciate the huge breadth of what’s available on the Azure platform. The link below takes you to a graphic tool that I use to show the numerous Azure services available, grouped together in categories such as Compute, Networking, Storage, and so on.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n A DevOps approach enables organisations to develop, deploy and improve products at a faster pace than they can with traditional software development approaches.\u00a0But DevOps is not just a product \u2013 it requires a culture of collaboration that’s critical for DevOps to be successful.<\/p>\n Microsoft is a great example of company that had to make big changes in development practices to evolve from shipping box products every three to four years, to a cloud company with a new delivery cadence of every day.<\/p>\n There are two Microsoft DevOps offerings in this space \u2013 namely Azure DevOps and GitHub. We now have a single engineering team driving the future of both products.<\/p>\n In DevOps, we often discuss the inner and outer loop. The inner loop is the iterative process that a developer performs when they write, build and debug code. The outer loop is the building, deploying, monitoring and then driving the plan for subsequent development.<\/p>\n The outer loop includes Application Health and Performance Monitoring. The Microsoft offering in this space is Azure Monitor (Application Insights provides application monitoring, Log Analytics provides infrastructure monitoring).<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n Application platform maturity is a frequent conversation and covers where an organisation is on their cloud journey, where they want to get to and how fast they want to get there.<\/p>\n The cloud\u2019s economies of scale, flexibility and predictable payment structures are becoming too attractive to ignore. Organisations are moving to the cloud as a cost-effective option to develop, deploy and manage their application portfolio. However, many organisations will \u2018lift and shift\u2019 their applications as an approach to migrate the cloud, only getting limited advantages.<\/p>\n To get full value, they need to rebuild and rearchitect with cloud native technologies. This does not necessarily need changes to be done as a big bang, but rather a focus on the areas which are identified as the most business critical, those where future investments are likely and those which give the most advantages. It’s a journey that needs appropriate navigation to optimise returns.<\/p>\n We have several partner migration tools that scan an application’s source code and generates a comprehensive report that identifies issues\u00a0 and areas that need work, to migrate to Azure\/PaaS.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n It’s applications that provide business value; managing complex infrastructure just consumes resources, time and money with no return. Development teams just want to focus on shipping applications and not be distracted managing the infrastructure stack. They want agility enabled, so there’s a shorter time to market and they can innovate faster.<\/p>\n The application platform needs to auto-scale based on workload demand \u2013 scale up to handle spikes, and scale down afterwards to safe costs. Resiliency must be built into the platform. It must offer cloud economics that’s efficient and productive, where you only pay for what you use with no wasted resources.<\/p>\n Key Azure application platform technologies are:<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n Most users have multiple devices and expect to securely access their applications on any device from any location, and at any time. They may have a PC, a tablet, and a smartphone, and expect the experience to adapt based on the display characteristics of the device and the quality of the network.<\/p>\n Developing for multiple platforms will add to development costs, so choices must be made. Do you develop natively for each platform, or use cross platform development tools (like Xamarin)?<\/p>\n Modern web development tools provide PWA (progress web applications) that can act like mobile apps \u2013 they can be installed, access device hardware (like camera), can operate offline and store data on the device. This is likely to become popular as it provides for maximum reach, with costs contained to the development of a single web version.<\/p>\n Recent advances in device technology means that development may also need to target a new range of devices. Such items include:<\/p>\n Microsoft is no longer a Windows-first company \u2013 we provide tools and services for all developers and all platforms, and embrace open source software.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n Open source is software made available with source code that anyone can inspect, modify, and enhance. It’s also provided with a license that dictates how the software can be used \u2013 for example, it might impose commercial restrictions or mandate that any modifications must also be shared back with the community.<\/p>\n Open source software may be developed in a collaborative public manner, which can bring in diverse perspectives beyond those of a single company.<\/p>\n Inner source is the use of open source software development best practices and the establishment of an open source-like culture within organisations. Facilitating code re-use across teams focuses efforts on solving new problems important to business goals, versus those that have already been solved by others.<\/p>\n It’s important that organisations understand and mitigate against the risks of open source. When an open source library is imported\/used, then all the dependencies that library uses is also included. There could be many levels of dependencies, resulting in the use of considerable amounts of software from unknown sources.<\/p>\n Software Composition Analysis tools should be employed to analyse the dependency graph and keep an inventory of third-party components being used to build applications. These can then provide ongoing monitoring to:<\/p>\n Microsoft are a member of the Openchain project – and are Openchain 2.0 compliant. This means Microsoft can trust the open source code that it uses and ensures all compliance obligations are met.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n ‘Infrastructure as Code\u2019 is the practice of keeping infrastructure topology specified in documents and stored in version control, in a similar fashion to the way developers manage code and deploy solutions. This will involve using DevOps tooling which enables consistency, quality, and accountability.<\/p>\n Using this approach, organisations can quickly create and delete infrastructure on demand. This is useful for dev\/test environments where you want to provision an environment to do testing, and once completed destroy it to avoid unnecessary costs.<\/p>\n Azure provides native tooling for infrastructure as code \u2013 namely ARM templates and Bash\/PowerShell scripts using the Management API.\u00a0Alternatively, several cloud\/technology agnostic tools are available including Terraform, Ansible, Chef, Puppet and others.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n Business depends on all kinds of applications, often including external systems owned by partners, suppliers, and vendors. Value is realised when applications integrate seamlessly with each other.\u00a0There are multiple challenges to consider when it comes to application integration:<\/p>\n Organisations can connect applications in the cloud or on-premise through APIs, workflows, messaging, and events using the right integration pattern for the task.<\/p>\n Azure Integration Services provides the components to facilitate common integration patterns and includes the following services:<\/p>\n Resources:<\/strong><\/p>\n Citizen developers are employees who create new business applications for consumption by others using development and runtime environments sanctioned by corporate IT. They are typically not professional developers, but instead are end users that encounter\/understand business problems and use simple low code tools to create solutions.<\/p>\n Microsoft Power Platform provides low code tooling to facilitate the citizen developer and encourages a culture of innovation amongst the workforce which helps release untapped value.\u00a0The Platform includes:<\/p>\n The applications developed can be used to connect to Office 365, Dynamics 365, Azure, and hundreds of other third-party applications to enable end-to-end business solutions.<\/p>\n Optionally, any built Power Platform applications can be incorporated into DevOps tooling to ensure anything deployed that becomes business critical can be managed, supported, and governed.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n This is huge subject with many facets, and application security is a common discussion due to the importance in protecting the business.<\/p>\n The protection of applications and associated data is critical for the success of an organisation. Cyber-crime is a huge industry and will attack organisations of any size; it’s often the case that exploiting just one vulnerability can open the doors to further wide-ranging malicious actions, ultimately resulting in severe damage to the confidentiality, integrity, and availability of data.<\/p>\n Even the best case will cause severe financial impact (corrupt data, compliance violation fines, loss of customer trust) and in the worst case can cause business ruin. In the most catastrophic case, a malicious cyber-attack can cause loss of life.<\/p>\n Information security is the practice of protecting systems\/information by mitigating risks. The risk management process identifies risks, the likelihood of it being exercised and the impact that it will cause. It’s then a business decision to decide how to address the risk \u2013 such as avoid, mitigate, share, or accept. This will be an iterative process, so that the results of ongoing monitoring are fed back into subsequent cycles of the process.<\/p>\n Network security is an example of controls that may be implemented to mitigate against various known attack vectors. Application security often involves discussion around networking such as firewalls, gateways and load balancers, and ensuring the infrastructure is locked down from certain types of attacks.<\/p>\n Information security addresses many aspects including Application Security \u2013 this includes measures taken to improve the security of an application often by finding, fixing, and preventing security vulnerabilities. Microsoft has guidance, tooling and services to help make sure application security and code scanning is automated and baked into DevOps in a pervasive manner.<\/p>\n Application configuration secrets (e.g. database connection strings, API keys) must be locked away from malicious attack or accidently being leaked \u2013 Azure Key Vault provides hardware security modules that can help ensure such values are protected safely.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n With an organisation\u2019s trusted people now working from anywhere, on untrusted networks, and with the risk of untrusted people present on their own trusted networks, many security experts will claim that identity has become the most important protection mechanism in information security.<\/p>\n Identity will combine with access controls to impose rules on who can access what and what level of access they have. For example: a user may have access to a data store but be limited to read-only. Access controls can generate audit logs of who did what, for later analysis.<\/p>\n Identity access solutions require both Authentication and Authorization.<\/p>\n Authentication is the process of identifying a user is who they claim to be. This could include multifactor authentication (MFA) checks e.g. the user must prove they have some item of knowledge (e.g. a password) and own a token (e.g. a specific phone with an authentication app). A successful authentication will generate a security token that will contain information about the user \u2013 this token is passed in any application messages that require authorisation.<\/p>\n Authorisation is the process of determining if an authentication user is granted the rights to perform the action that want to take.\u00a0OpenID Connect\/OAuth 2.0\/SAML are commonly used protocols for authentication and authorisation processing.<\/p>\n Handling identity may be wider than just known employees \u2013 it might also need to support external parties such as suppliers, business partners and customers. For some scenarios, it might not be about people \u2013 identities can also be assigned to trusted devices and services.<\/p>\n Azure Active Directory (Azure AD) is a cloud directory that can store users and be used as an authentication endpoint. Azure AD can sync identities with a corporate Windows Active Directory. Azure AD can federate with other organisations Azure AD, and is useful for B2B applications.<\/p>\n Azure AD B2C can federate the authentication process with both Azure AD and social identity providers (e.g. Facebook), and the latter is useful for many consumer applications.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n Hybrid cloud is evolving from being the integration of a datacentre with the public cloud, to becoming units of computing available at even the world\u2019s most remote destinations working in connection with the public cloud.<\/p>\n The intelligent edge is the continually expanding set of connected systems and devices that gather and analyse information close to the physical world where data resides, to deliver real-time insights and immersive experiences that are highly responsive. At the edge, the application is contextually aware and can run in both connected and disconnected states.<\/p>\n Microsoft have several offerings for Edge computing\/Internet of Things:<\/p>\n <\/p>\n Applications need to store and consume data \u2013 such information must be stored in repositories are reliable, fast, secure, scalable, and cost effective. There are many options ranging from cheap blob storage to relational databases to NoSQL\/document databases.<\/p>\n Azure includes a variety of databases that are run as a managed service \u2013 enabling a focus on application development and not database management.<\/p>\n Data can be used for machine learning and enabling artificial intelligence. There is an expectation today that applications will be infused with artificial intelligence to provide innovation and differentiation.\u00a0This is a conversation typically handled by my data platform specialist colleagues.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n Recent regulations mean UK public sector organisations have a legal duty to make sure websites and apps meet accessibility requirements. Commercial organisations should also adhere to these requirements because it is the right thing to do.<\/p>\n Microsoft is committed to revolutionising access to technology for people living with disabilities, impacting employment and quality of life for more than a billion people in the world.<\/p>\n I believe many of us in the AppDev community still have lots to learn here, but we need to be onboard and encourage\/help everyone to build products that enrich the lives of all people and of all abilities.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n At Microsoft, we see sustainability and our response to climate change as one of the greatest challenges of our lifetime. Early last year we made a commitment to be carbon negative by 2030, and by 2050 to have removed from the environment all the carbon the company has ever emitted since it was founded in 1975. Further environmental commitments include reducing our water use intensity (water positive by 2030), reducing our waste (zero waste by 2030), and our support for biodiversity projects and conservation ecosystems.<\/p>\n I believe Application Developers can play their part here. Sustainable Software Engineering is an emerging discipline with principles, philosophies, and competencies to define, develop, and run sustainable software applications. Sustainable applications are normally cheaper to run, more performant, more resilient and more optimised – but that\u2019s just a welcome addition. The key thing is developing applications in such a manner will have positive impact on the planet.<\/p>\n Resources:<\/strong><\/p>\n <\/p>\n The global pandemic has caused the way we work and live to change, and organisations of all sizes have scrambled to move to remote work. Developers are fortunate in that in most cases, their role can readily adapt with the shift to remote work.<\/p>\n Remote development by low-cost offshore code factories has been happening for several years, and the approach has been proven to be successful.<\/p>\n Microsoft has the tools developers love and the enterprise trust to keep them productive when working remote, enabling developers to:<\/p>\n However, I recognise that ‘lockdown remote working’ is not normal remote working and sadly many people are struggling with mental health and wellbeing for themselves and their family and friends. The past year has been bad for some and a complete disaster for many \u2013 with peoples plans and dreams thwarted. Hopefully with the vaccine roll-out happening we can start to be optimistic that there is light at the end of the tunnel.<\/p>\n #staypositive\/keep busy, active and learning\/build connections with others\/and please just reach out if you want to talk.<\/p>\n Resources:<\/strong><\/p>\n — — —<\/p>\n Thanks for reading! What have I missed? What is your AppDev top of mind? Let me know in the comments below.<\/p>\n -Mark<\/p>\n <\/p>\n Mark Harrison is an experienced Microsoft sales specialist with a wide and diverse range of technical skills, expertise and a wealth of customer facing experience. He has accomplished twenty-one years in Microsoft as a solution sales\/technical specialist, and prior to that worked for seventeen years for systems integrators in all areas of the software lifecycle. You can find him on LinkedIn<\/a> and GitHub<\/a>.<\/em><\/p>\n <\/p>\n Mark Harrison takes a look at the AppDev trends he’s been seeing so far this year, as well as touching on the themes he’s frequently asked to cover as an Azure AppDev Specialist.<\/p>\n","protected":false},"author":430,"featured_media":34758,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"categories":[594],"post_tag":[519],"content-type":[],"coauthors":[1628],"class_list":["post-46247","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technetuk","tag-technet-uk"],"yoast_head":"\n\n
Developer Velocity<\/h3>\n
\n
Secure Infrastructure on Tap – aka the Cloud<\/h3>\n
\n
![\"Microsoft](\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/sites\/22\/2021\/02\/MDC19_coldAisleLow_001.jpg\")
<\/p>\nDevOps<\/h3>\n
\n
Application Platform Maturity<\/h3>\n
\n
Cloud Native<\/h3>\n
\n
\n
Cross Device\/Cross Platform<\/h3>\n
\n
\n
Open Source\/Inner Source<\/h3>\n
\n
\n
Infrastructure as Code<\/h3>\n
\n
Integration<\/h3>\n
\n
\n
\n
![\"Male](\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/sites\/22\/2021\/02\/CLO20b_Alain_Jean_Cafe_001-scaled.jpg\")
<\/p>\nLow Code\/Citizen Developer<\/h3>\n
\n
\n
Application Security<\/h3>\n
\n
Identity<\/h3>\n
\n
Intelligent Edge<\/h3>\n
\n
Resources:<\/h3>\n
\n
Data Storage & AI<\/h3>\n
\n
Accessibility<\/h3>\n
\n
Sustainable Software Engineering<\/h3>\n
\n
![\"a](\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/sites\/22\/2021\/02\/M365CO19_ENT_dellLatitude13_0444-scaled.jpg\")
<\/p>\nRemote Development<\/h3>\n
\n
\n
Useful Links<\/h3>\n
\n