Welcome back to Cloudy with a Chance of Insights! In this episode, Cyrus, David, and I covered a wide range of updates across the Microsoft Cloud—everything from practical Zero Trust implementation, Intune’s August security updates, Logic Apps on Rancher, Azure Service Groups, Excel’s new Fabric One Lake integration, and even a major US government cloud deal.
Zero Trust: From Theory to Practical Guidance
Cyrus kicked things off with a deep dive into Microsoft’s updated Zero Trust assessment tool and workshop. Zero Trust isn’t just a buzzword—it’s now a practical framework with six pillars: identity, devices, data, networking, infrastructure, and SecOps. Microsoft’s new tools and spreadsheets make it easier for organizations (and partners like IBM) to measure progress, bridge gaps between IT teams, and implement Zero Trust in real-world scenarios.
What stood out to me is how IBM’s own Zero Trust framework is evolving, borrowing best practices from Microsoft, Google, and others. We’re in a unique position to blend the best of breed from multiple vendors, creating solutions that truly fit our clients’ needs.
Intune August Updates: Security Meets User Experience
Cyrus also highlighted several Intune updates:
- Targeted deployment for Spark app control (WDAC): Now you can whitelist applications for specific devices or departments, making Zero Trust application management much more practical.
- Windows Autopilot patching during setup: Devices now get patched during setup, reducing the dreaded post-deployment reboot marathon for users.
- Apple DDM support in Intune: Near real-time visibility for Apple device updates, thanks to Apple’s Declarative Device Management.
- Multi-admin approval for high-risk Intune operations: A true Zero Trust feature—no single admin can wipe or reset a device without multi-party approval.
These changes are all about balancing security with a better user experience, which is often the biggest hurdle to adoption.
Logic Apps on Rancher K3s: Lightweight Hybrid Integration
David took us through the new deployment option for Logic Apps on Rancher K3s. This is a game-changer for edge and resource-constrained environments, especially in industries like retail and manufacturing. Running Logic Apps on a lightweight Kubernetes footprint means organizations can process data closer to where it’s generated, with validated deployment patterns and Microsoft support.
Azure Service Groups: Governance and Visualization
We also explored Azure Service Groups—a new way to visualize and group resources at the tenant level. While it’s currently more about monitoring and reporting, the potential for future governance and policy application is huge. Naming schemes matter more than ever (don’t let someone else grab “service group”!), and this feature could help bridge the gap between IT and business stakeholders.
Excel Meets Fabric One Lake: Governed Data for All
Excel’s integration with Fabric One Lake means users can now pull governed, enterprise data directly into their spreadsheets. This keeps people in their workflow, reduces risky data extraction, and ensures a single source of truth for reporting and analysis.
US Government Cloud Deal: Sovereign Clouds and Global Implications
I wrapped up with a look at the new OneGov agreement between Microsoft and the US government. This deal brings deep discounts, waived egress fees, and FedRAMP/DoD compliance for AI workloads in GovCloud. It’s a sign of things to come—will other governments strike similar deals with hyperscalers? The implications for sovereignty, security, and AI adoption are massive.
VS Code and Azure DevOps: Developer Productivity Boosts
Finally, a couple of quick updates:
- VS Code now has a visual schema designer for SQL—great for developers and DBAs alike.
- Azure DevOps Test Run Hub—a new single view for test plans and statuses, making life easier for development teams.
Links
YouTube: https://youtu.be/yRdTHYC2oHY
Spotify: https://open.spotify.com/episode/3tUfcPBZ9hM5thuJccocWS?si=709d2bd838f745cb
Apple: https://podcasts.apple.com/us/podcast/sovereign-cloud-zero-trust-real-world-microsoft-cloud/id1783369178?i=1000725477232
The Microsoft Cloud Blog 
Leave a comment