Hello! I’m a Microsoft UK Azure AppDev Specialist and below I’ll be sharing what I do and why I do it, as well as touch on the current AppDev trends I see and the themes that I’m frequently asked to cover.
Using the Microsoft mission statement as our pole star, with an AppDev lens this leads to the following vision and objectives:
- Empower every organisation to achieve more by exploiting application development to innovate, differentiate and disrupt.
- Empower every application developer to achieve more by unleashing their capabilities with best-in-class tools and education/guidance.
I’m privileged to be part of the Microsoft UK Azure AppDev team, and we’re all passionate about talking App Innovation, development and helping others. If you want an AppDev conversation or just need some guidance, do reach out in the comments below.
For organisations to survive and thrive in this new era, they must embrace digital transformation. The challenge for all is the rate of innovation is getting faster; business competition can be fierce, so organisations must exploit software technology to innovate, differentiate and disrupt.
It’s investment in applications that will enable innovation and provide a business advantage over competitors and their offerings, which will ensure resilience and drive growth.
- The Microsoft Innovation website
- How customers accelerated industry innovation during a year of disruptive change: A look back on 2020
- Enabling digital transformation
We frequently talk about Digital Transformation being fundamental for business success, but it’s software innovation that is at the core of DT – and for that you need application development.
The catalyst for application development is software developers, who have an increasingly vital role in business value creation and will be at the heart of innovation endeavours.
Successful companies will be those that empower software developers to achieve more. They need best-in-class tools and platforms to unleash their capabilities along with a culture of collaboration and sharing.
The Visual Studio portfolio of development tools and services enables application development to be more productive for any developer, any platform, and any language. Visual Studio Live Share combined with GitHub and Teams enables frictionless team collaboration.
Secure Infrastructure on Tap – aka the Cloud
The cloud is a great enabler for businesses by providing secure IT infrastructure on tap. Much like any other utility, such as water or electricity, you turn it on, pay for what you consume and expect it to be there when needed. It enables organisations to be agile, provides scale and resilience, and the cloud economics make it very attractive.
Around the globe Microsoft leads with its Azure presence – currently in over 60 regions – and each region itself comprises of multiple datacentres. Microsoft has also invested heavily in networks to join up the Azure regions and to interconnect the world.
Azure itself is many services – and it’s hard to appreciate the huge breadth of what’s available on the Azure platform. The link below takes you to a graphic tool that I use to show the numerous Azure services available, grouped together in categories such as Compute, Networking, Storage, and so on.
A DevOps approach enables organisations to develop, deploy and improve products at a faster pace than they can with traditional software development approaches. But DevOps is not just a product – it requires a culture of collaboration that’s critical for DevOps to be successful.
Microsoft is a great example of company that had to make big changes in development practices to evolve from shipping box products every three to four years, to a cloud company with a new delivery cadence of every day.
There are two Microsoft DevOps offerings in this space – namely Azure DevOps and GitHub. We now have a single engineering team driving the future of both products.
In DevOps, we often discuss the inner and outer loop. The inner loop is the iterative process that a developer performs when they write, build and debug code. The outer loop is the building, deploying, monitoring and then driving the plan for subsequent development.
The outer loop includes Application Health and Performance Monitoring. The Microsoft offering in this space is Azure Monitor (Application Insights provides application monitoring, Log Analytics provides infrastructure monitoring).
Application Platform Maturity
Application platform maturity is a frequent conversation and covers where an organisation is on their cloud journey, where they want to get to and how fast they want to get there.
The cloud’s economies of scale, flexibility and predictable payment structures are becoming too attractive to ignore. Organisations are moving to the cloud as a cost-effective option to develop, deploy and manage their application portfolio. However, many organisations will ‘lift and shift’ their applications as an approach to migrate the cloud, only getting limited advantages.
To get full value, they need to rebuild and rearchitect with cloud native technologies. This does not necessarily need changes to be done as a big bang, but rather a focus on the areas which are identified as the most business critical, those where future investments are likely and those which give the most advantages. It’s a journey that needs appropriate navigation to optimise returns.
We have several partner migration tools that scan an application’s source code and generates a comprehensive report that identifies issues and areas that need work, to migrate to Azure/PaaS.
It’s applications that provide business value; managing complex infrastructure just consumes resources, time and money with no return. Development teams just want to focus on shipping applications and not be distracted managing the infrastructure stack. They want agility enabled, so there’s a shorter time to market and they can innovate faster.
The application platform needs to auto-scale based on workload demand – scale up to handle spikes, and scale down afterwards to safe costs. Resiliency must be built into the platform. It must offer cloud economics that’s efficient and productive, where you only pay for what you use with no wasted resources.
Key Azure application platform technologies are:
- Platform as a Service
- Containers, Container Orchestrators (e.g. Kubernetes)
- Serverless computing – An introduction to serverless technologies
- Build cloud-native applications in Azure
- What is PaaS?
Cross Device/Cross Platform
Most users have multiple devices and expect to securely access their applications on any device from any location, and at any time. They may have a PC, a tablet, and a smartphone, and expect the experience to adapt based on the display characteristics of the device and the quality of the network.
Developing for multiple platforms will add to development costs, so choices must be made. Do you develop natively for each platform, or use cross platform development tools (like Xamarin)?
Modern web development tools provide PWA (progress web applications) that can act like mobile apps – they can be installed, access device hardware (like camera), can operate offline and store data on the device. This is likely to become popular as it provides for maximum reach, with costs contained to the development of a single web version.
Recent advances in device technology means that development may also need to target a new range of devices. Such items include:
- Smart speakers and interactive voice units
- Wearables, smart watches and heath monitoring devices
- Mixed reality headsets
- IoT Devices, sensors and control units
- Games consoles
Microsoft is no longer a Windows-first company – we provide tools and services for all developers and all platforms, and embrace open source software.
- Visual Studio Marketplace
- Progressive Web Apps on Windows overview
- Explore cross-platform design patterns for Xamarin apps
Open Source/Inner Source
Open source is software made available with source code that anyone can inspect, modify, and enhance. It’s also provided with a license that dictates how the software can be used – for example, it might impose commercial restrictions or mandate that any modifications must also be shared back with the community.
Open source software may be developed in a collaborative public manner, which can bring in diverse perspectives beyond those of a single company.
Inner source is the use of open source software development best practices and the establishment of an open source-like culture within organisations. Facilitating code re-use across teams focuses efforts on solving new problems important to business goals, versus those that have already been solved by others.
It’s important that organisations understand and mitigate against the risks of open source. When an open source library is imported/used, then all the dependencies that library uses is also included. There could be many levels of dependencies, resulting in the use of considerable amounts of software from unknown sources.
Software Composition Analysis tools should be employed to analyse the dependency graph and keep an inventory of third-party components being used to build applications. These can then provide ongoing monitoring to:
- report on known security vulnerabilities and software bugs
- alert when updated versions are available
- accurately track the open source licensing conditions to fulfil all legal requirements, helping to avoid unfortunate surprises such as jeopardizing exclusive ownership over proprietary code.
Microsoft are a member of the Openchain project – and are Openchain 2.0 compliant. This means Microsoft can trust the open source code that it uses and ensures all compliance obligations are met.
Infrastructure as Code
‘Infrastructure as Code’ is the practice of keeping infrastructure topology specified in documents and stored in version control, in a similar fashion to the way developers manage code and deploy solutions. This will involve using DevOps tooling which enables consistency, quality, and accountability.
Using this approach, organisations can quickly create and delete infrastructure on demand. This is useful for dev/test environments where you want to provision an environment to do testing, and once completed destroy it to avoid unnecessary costs.
Azure provides native tooling for infrastructure as code – namely ARM templates and Bash/PowerShell scripts using the Management API. Alternatively, several cloud/technology agnostic tools are available including Terraform, Ansible, Chef, Puppet and others.
Business depends on all kinds of applications, often including external systems owned by partners, suppliers, and vendors. Value is realised when applications integrate seamlessly with each other. There are multiple challenges to consider when it comes to application integration:
- Applications have multiple interfaces (mobile, web, desktop, or no interface at all) and APIs to connect and integrate to
- Applications have multiple data sources and even different formats
- Applications may be a collection of smaller services that run anywhere
- Applications can be hosted in the cloud, multiple clouds or on-premise datacentres
Organisations can connect applications in the cloud or on-premise through APIs, workflows, messaging, and events using the right integration pattern for the task.
Azure Integration Services provides the components to facilitate common integration patterns and includes the following services:
- Logic Apps – to schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organisation
- API Management – to expose data and services to employees, partners, and customers by applying polices, such as authentication/authorisation, caching and usage limits
- Event Hub – to manage the routing of all events from any source to any destination
- Service Bus – to provide highly-reliable cloud messaging service between applications and services, even when one or more is offline.
- Integration Services – Seamlessly integrate apps, data and processes for your enterprise
- Route and process data automatically using Logic Apps
- Control authentication for your APIs with Azure API Management
Low Code/Citizen Developer
Citizen developers are employees who create new business applications for consumption by others using development and runtime environments sanctioned by corporate IT. They are typically not professional developers, but instead are end users that encounter/understand business problems and use simple low code tools to create solutions.
Microsoft Power Platform provides low code tooling to facilitate the citizen developer and encourages a culture of innovation amongst the workforce which helps release untapped value. The Platform includes:
- Power Apps
- Power Automate (Includes robotic process automation (RPA))
- Power Virtual Agents
- Power BI
The applications developed can be used to connect to Office 365, Dynamics 365, Azure, and hundreds of other third-party applications to enable end-to-end business solutions.
Optionally, any built Power Platform applications can be incorporated into DevOps tooling to ensure anything deployed that becomes business critical can be managed, supported, and governed.
- The Power Platform website
- Microsoft Tech Days: An Introduction to Power Platform
- Get started with Power Apps
This is huge subject with many facets, and application security is a common discussion due to the importance in protecting the business.
The protection of applications and associated data is critical for the success of an organisation. Cyber-crime is a huge industry and will attack organisations of any size; it’s often the case that exploiting just one vulnerability can open the doors to further wide-ranging malicious actions, ultimately resulting in severe damage to the confidentiality, integrity, and availability of data.
Even the best case will cause severe financial impact (corrupt data, compliance violation fines, loss of customer trust) and in the worst case can cause business ruin. In the most catastrophic case, a malicious cyber-attack can cause loss of life.
Information security is the practice of protecting systems/information by mitigating risks. The risk management process identifies risks, the likelihood of it being exercised and the impact that it will cause. It’s then a business decision to decide how to address the risk – such as avoid, mitigate, share, or accept. This will be an iterative process, so that the results of ongoing monitoring are fed back into subsequent cycles of the process.
Network security is an example of controls that may be implemented to mitigate against various known attack vectors. Application security often involves discussion around networking such as firewalls, gateways and load balancers, and ensuring the infrastructure is locked down from certain types of attacks.
Information security addresses many aspects including Application Security – this includes measures taken to improve the security of an application often by finding, fixing, and preventing security vulnerabilities. Microsoft has guidance, tooling and services to help make sure application security and code scanning is automated and baked into DevOps in a pervasive manner.
Application configuration secrets (e.g. database connection strings, API keys) must be locked away from malicious attack or accidently being leaked – Azure Key Vault provides hardware security modules that can help ensure such values are protected safely.
- Downloadable security guide on GitHub
- Microsoft Tech Days: Security Edition
- Introduction to Power platform security and governance
With an organisation’s trusted people now working from anywhere, on untrusted networks, and with the risk of untrusted people present on their own trusted networks, many security experts will claim that identity has become the most important protection mechanism in information security.
Identity will combine with access controls to impose rules on who can access what and what level of access they have. For example: a user may have access to a data store but be limited to read-only. Access controls can generate audit logs of who did what, for later analysis.
Identity access solutions require both Authentication and Authorization.
Authentication is the process of identifying a user is who they claim to be. This could include multifactor authentication (MFA) checks e.g. the user must prove they have some item of knowledge (e.g. a password) and own a token (e.g. a specific phone with an authentication app). A successful authentication will generate a security token that will contain information about the user – this token is passed in any application messages that require authorisation.
Authorisation is the process of determining if an authentication user is granted the rights to perform the action that want to take. OpenID Connect/OAuth 2.0/SAML are commonly used protocols for authentication and authorisation processing.
Handling identity may be wider than just known employees – it might also need to support external parties such as suppliers, business partners and customers. For some scenarios, it might not be about people – identities can also be assigned to trusted devices and services.
Azure Active Directory (Azure AD) is a cloud directory that can store users and be used as an authentication endpoint. Azure AD can sync identities with a corporate Windows Active Directory. Azure AD can federate with other organisations Azure AD, and is useful for B2B applications.
Azure AD B2C can federate the authentication process with both Azure AD and social identity providers (e.g. Facebook), and the latter is useful for many consumer applications.
- Microsoft named a Leader in Access Management
- Microsoft identity platform documentation
- Secure access to your applications by using Azure identity services
Hybrid cloud is evolving from being the integration of a datacentre with the public cloud, to becoming units of computing available at even the world’s most remote destinations working in connection with the public cloud.
The intelligent edge is the continually expanding set of connected systems and devices that gather and analyse information close to the physical world where data resides, to deliver real-time insights and immersive experiences that are highly responsive. At the edge, the application is contextually aware and can run in both connected and disconnected states.
Microsoft have several offerings for Edge computing/Internet of Things:
- Azure ARC enables us to extend the Azure control plane out to the Edge platforms. For example, ARC will enable remote Kubernetes clusters such that applications will run at the Edge, but they have governance/policy imposed and monitoring from the central cloud.
- The IoT Edge runtime is a collection of programs that turn a remote device into an IoT Edge device. Collectively, the IoT Edge runtime components enable IoT Edge devices to receive code to run at the Edge and communicate the results.
- IoT Hub is a managed service, hosted in the cloud, that acts as a central message hub for bi-directional communication between IoT applications and the devices it manages. It enables IoT solutions with reliable and secure communications between millions of IoT devices and a cloud-hosted solution backend. You can connect virtually any device to IoT Hub.
- Azure Stack Edge are managed devices bringing compute, storage, and intelligence of Azure to the edge.
- Azure Sphere certified chips is a comprehensive IoT security solution, including hardware, OS, and cloud components, to provide highly secured devices and actively enable defence in depth.
- Build your first IoT apps
- Azure Stack – Build and run hybrid apps across data centres, edge locations, remote offices and the cloud
- The future of computing: intelligent cloud and intelligent edge
Data Storage & AI
Applications need to store and consume data – such information must be stored in repositories are reliable, fast, secure, scalable, and cost effective. There are many options ranging from cheap blob storage to relational databases to NoSQL/document databases.
Azure includes a variety of databases that are run as a managed service – enabling a focus on application development and not database management.
Data can be used for machine learning and enabling artificial intelligence. There is an expectation today that applications will be infused with artificial intelligence to provide innovation and differentiation. This is a conversation typically handled by my data platform specialist colleagues.
- Azure AI – Make artificial intelligence (AI) real for your business today.
- Azure managed databases
- Choose a data storage approach in Azure
Recent regulations mean UK public sector organisations have a legal duty to make sure websites and apps meet accessibility requirements. Commercial organisations should also adhere to these requirements because it is the right thing to do.
Microsoft is committed to revolutionising access to technology for people living with disabilities, impacting employment and quality of life for more than a billion people in the world.
I believe many of us in the AppDev community still have lots to learn here, but we need to be onboard and encourage/help everyone to build products that enrich the lives of all people and of all abilities.
- Microsoft is committed to accessibility
- Azure DevOps – Hands-on Lab Script
- Accessibility fundamentals
Sustainable Software Engineering
At Microsoft, we see sustainability and our response to climate change as one of the greatest challenges of our lifetime. Early last year we made a commitment to be carbon negative by 2030, and by 2050 to have removed from the environment all the carbon the company has ever emitted since it was founded in 1975. Further environmental commitments include reducing our water use intensity (water positive by 2030), reducing our waste (zero waste by 2030), and our support for biodiversity projects and conservation ecosystems.
I believe Application Developers can play their part here. Sustainable Software Engineering is an emerging discipline with principles, philosophies, and competencies to define, develop, and run sustainable software applications. Sustainable applications are normally cheaper to run, more performant, more resilient and more optimised – but that’s just a welcome addition. The key thing is developing applications in such a manner will have positive impact on the planet.
- The Principles of Sustainable Software Engineering
- Sustainable Software – Learn how to define, build and run sustainable software applications.
- Azure sustainability
The global pandemic has caused the way we work and live to change, and organisations of all sizes have scrambled to move to remote work. Developers are fortunate in that in most cases, their role can readily adapt with the shift to remote work.
Remote development by low-cost offshore code factories has been happening for several years, and the approach has been proven to be successful.
Microsoft has the tools developers love and the enterprise trust to keep them productive when working remote, enabling developers to:
- Code from anywhere
- Collaborate from anywhere
- Ship from anywhere
However, I recognise that ‘lockdown remote working’ is not normal remote working and sadly many people are struggling with mental health and wellbeing for themselves and their family and friends. The past year has been bad for some and a complete disaster for many – with peoples plans and dreams thwarted. Hopefully with the vaccine roll-out happening we can start to be optimistic that there is light at the end of the tunnel.
#staypositive/keep busy, active and learning/build connections with others/and please just reach out if you want to talk.
- Create resilience through remote development
- Improving the pace of vaccine distribution through technology
— — —
Thanks for reading! What have I missed? What is your AppDev top of mind? Let me know in the comments below.
Mark Harrison is an experienced Microsoft sales specialist with a wide and diverse range of technical skills, expertise and a wealth of customer facing experience. He has accomplished twenty-one years in Microsoft as a solution sales/technical specialist, and prior to that worked for seventeen years for systems integrators in all areas of the software lifecycle. You can find him on LinkedIn and GitHub.