If you are an MSP with multiple end customers on Azure and are struggling managing all of them, have you tried Azure Lighthouse? Azure Lighthouse is a free service from Microsoft on Azure that allows you to manage the Azure resources of all your end customers from a single control plane in your own Azure Portal. You no longer need to have multiple accounts, request access to directories, have shared (unsecured) accounts, copy scripts and much more. Does that sound good? Then read on.
The multi-tenant environment challenge
The challenge with multi-tenant environments today is the complexity of managing credentials for multiple end customers, particularly regarding governance and security. As an MSP, you are dealing with a fragmented reality in which many end customers have their own Azure subscriptions. So, if you have 100 end customers it means you manage a minimum of 100 separate accounts, starting with the classic “admin@...” shared accounts within the MSP organisation with equal access to all levels within the end customer. Imagine the security risks…
The multi-tenant environment solution for MSPs
The solution to this growing challenge is Azure Lighthouse, a new service offered by Microsoft on Azure and developed primarily for MSPs to efficiently manage multiple customer environments for support and services. Azure Lighthouse is a service that makes the life of every MSP easier. And there are five reasons why.
1. Ease of management and governance
Azure Lighthouse is all about simplicity in management and governance. One platform, one portal, one script. With Azure Lighthouse you can perform management tasks and automated workflows in one consolidated view, for example with ARM templates, Azure Marketplace or APIs. You can scale manual operational tasks and user management, using your standard work login account and one script, also across different end users.
2. Enhanced visibility
Azure Lighthouse offers one single control plane to deploy and manage all your end users. Likewise, customers onboarding on your portal give granular access to the entire subscription or a number of resources. One control plane and complete transparency into who does what and when improves visibility for both MSPs and end users and builds trust.
3. Higher security and GDPR compliance
Azure Lighthouse improves security issues for MSPs in many ways: only your own set of MSP credentials to protect instead of multiple or shared customer accounts; simultaneous and automated implementation of multi-user security policies; granular access to tenants, subscriptions, resource groups and resources; transparent log files to record all activities; ability to enforce MFA. This contributes to much higher security and GDPR compliance than before for both MSPs and their end users.
4. Growth and new business
Azure Lighthouse helps you grow your business as an additional marketing channel and offers an opportunity to promote and market new or existing offerings in the Azure Marketplace. As an MSP, you can publish more services here with less effort. Existing and new customers can just search and buy your offering straight from Azure Marketplace and become new or bigger customers.
5. Azure Lighthouse is FREE
And last but not least: Azure Lighthouse is a free service on Azure for MSPs. Free as in: with no extra costs. Waiting for you to be used.
These are just five reasons why I am excited about Azure Lighthouse and how it will make your life as an MSP easier. How it will help you achieve greater efficiency with automated management and governance, better security, and greater visibility of what is happening to the resources. Now is the time to take on the challenges of the multi-tenant environment and start using Azure Lighthouse.
So, what can your next step be? My advice is to assess your current situation:
- do you manage multiple customers on Azure?
- are you struggling with governance or management of your current environment?
- are you experiencing security limits, e.g. for the implementation of Multi Factor Authentication?
Then have a look at Azure Lighthouse. And this is only the beginning, since from here numerous other doors will open, like Azure Arc, extending Azure management to any infrastructure, and Azure Sentinel, the scalable solution for security information event management (SIEM) and security orchestration automated response (SOAR). Want to know more? Send me a message or call for advice. Always happy to help.