As I progressed from “keeping Azure running” to actually owning platform decisions, one thing became painfully clear:
most Azure governance failures are not caused by missing tools — they’re caused by weak technical foundations and late architectural decisions.
I’ll walk through a few very realistic situations I’ve personally encountered over the years. They’re anonymised, but the technical problems are absolutely real.
Continue reading “Why most Azure environments fail at governance”
Are you running Azure subscriptions and want a quick, human-friendly overview of your governance, compute, storage, network and Key Vault hygiene?
The Azure Health Check PowerShell script gives you exactly that — scanning multiple subscriptions, flagging weak spots, and producing a clean interactive HTML report (with charts!).
Large and growing Azure estates can easily drift into insecure or unsupported configurations: unprotected VMs, public storage blobs, missing resource locks, orphaned disks, exposed network ports — all of which can lead to security, availability or compliance issues.
Yet manually auditing each subscription is time-consuming. That’s where automation helps. With this script, you get a multi-subscription health summary, scored, visualised and exportable — ideal for periodic reviews, customer readiness checks, or even compliance audits.
Continue reading “Azure Health Check – A Free Script to Audit and Visualise Cloud Hygiene”
When you work in the cloud, keeping things organised is very important. Azure Policy is a simple tool that helps enforce rules on your resources. In this post, I’ll explain what Azure Policy is and show you a basic example of using it to require a tag on all your resources.
Azure Policy lets you set rules for your cloud resources. For example, you might want every resource to have a tag called Cost Centre so you know which department it belongs to. If someone tries to create a resource without that tag, the policy can stop it from being created.
This tool is very useful because it helps everyone on your team follow the same guidelines and keeps your cloud resources well organised.
In this example, we’ll create a custom policy that requires every resource to have a Cost Centre tag. If the tag is missing, the resource won’t be allowed.
Create the policy rule file.
Create the policy parameters file.
Create the policy definition in Azure using the Azure CLI.
Assign the policy to a scope.
Check if your policy is working.
Continue reading “How to Use Azure Policy for Better Cloud Management”
As an Azure Solutions Architect, I often come across clients who find Azure’s wide range of storage options overwhelming. In this post, I’ll break down Azure Storage into simple terms, so you can make the right choice for your needs.
Azure Storage is a cloud service that provides scalable, durable, and secure storage solutions. Whether you need to store files, structured data, or backups, Azure Storage has an option for you.
Here are the main storage options and their typical use cases:
Blob Storage
Think of this as a place for large files—videos, images, backups, or any unstructured data.
File Storage
Like a network share in the cloud! Ideal for replacing on-premises file servers.
Table Storage
A NoSQL store for lightweight, structured data.
Queue Storage
A messaging store to decouple application components.
Disk Storage
Persistent storage for Virtual Machines (VMs).
Continue reading “Simplifying Azure Storage: Choosing the Right Type for Your Data”
As the digital security landscape continues to evolve, organizations utilizing Microsoft Azure are encouraged to migrate their Identity Protection risk policies to Conditional Access. With Microsoft’s announcement that legacy risk policies in Microsoft Entra ID Protection will be retired on October 1, 2026, now is the crucial time to plan and execute this transition. This guide not only walks you through the migration process but also incorporates Microsoft’s recommended practices for configuring risk policies to protect your organization effectively.
The retirement of the old risk policies necessitates a shift to a more robust and integrated system. Conditional Access provides a more dynamic framework that allows for real-time assessments and adaptive responses to identity-based threats, making it a superior choice for managing security risks in Azure.
Begin by auditing your existing risk policies in Microsoft Entra ID Protection. Identify which configurations are active and understand their implications to ensure that all critical aspects of your security setup are transitioned without loss of coverage.
Get Practical 