November 04, 2021
Infrastructure as a Service (IaaS) and Shared Responsibility for MSPs
What You Need to Know
The shift to Infrastructure as a Service (IaaS) is building momentum. Many businesses rely on IaaS because it allows them to avoid CapEx spending on hardware and software, instead shifting to more flexible OpEx pricing models. The nature of the cloud also enables businesses to provision IT resources on demand, enabling great agility.
Shared Responsibility on Azure
Different as-a-Service pricing models (e.g., IaaS, SaaS, and PaaS) are accompanied by varying levels of shared responsibility between the cloud provider and the tenant (your customer). As Microsoft Azure, with its myriad IaaS capabilities, continues to be a popular option for small and medium businesses (SMBs) migrating to the cloud, managed service providers (MSPs) should be aware of the Shared Responsibility Model on Azure.
SMBs moving to Azure need a plan in place for business continuity and disaster recovery (BCDR). That’s where MSPs come in.
Sometimes, SMBs operate under the incorrect assumption that Microsoft is responsible for all of their operational needs regardless of the service model. However, a look at Microsoft’s Shared Responsibility Model shows that, when it comes to Azure, this responsibility is divided between Microsoft and the customer:
Azure customers (the SMB and their MSP) will always be responsible for data, applications, endpoints, accounts, access control, and more. But as you can see from the Shared Responsibility Model, Microsoft’s IaaS offering comes with some distinct advantages and tradeoffs:
- IaaS is the closest thing to managing physical servers without actually doing so, giving you more flexibility and control compared to other service models.
- With this additional flexibility comes additional responsibility — as described above, MSPs must protect their clients’ data, endpoints, accounts, and access control.
This tradeoff ultimately benefits MSPs by allowing them to provide more services than they could under a SaaS or PaaS model. For example, when you or your clients choose to run IaaS as opposed to SaaS or PaaS applications, you’ll need to account for things like keeping your apps up and running and protecting your operating systems. Being able to address these specific BCDR needs is essential to supporting IaaS cloud environments.
Business Continuity with IaaS Models
To meet their end of the Shared Responsibility Model, many MSPs may first consider cloud-native backup and recovery services -- a cloud service offered by Microsoft directly to enable local- or geo-redundant backups and recovery.
While this is a great solution for helping manage and protect sensitive data, it sometimes doesn’t fully address the challenges that MSPs face when it comes to protection, cost, and management of a BCDR solution. MSPs who want to differentiate their offering should consider a multi-cloud backup like Datto Backup for Microsoft Azure, which can help you:
- Stay up and running during Azure outages
- Gain extra protection against malicious attacks
- Verify hourly backups
Datto Backup for Microsoft Azure was purpose-built for MSPs, offering simplified management for SMB environments at scale and flat-fee pricing.
Building BCDR for IaaS
By understanding the benefits and challenges of IaaS and how it interacts with BCDR, MSPs can provide the planning and protection their clients need.
When your client decides to run on an IaaS model, selecting Microsoft Azure comes with increased responsibilities that you can help guide them through. IaaS provides the flexibility many organisations need, and Datto Backup for Microsoft Azure helps to ensure your Azure clients have comprehensive BCDR protection.