Language
Theme

Intility Managed Azure

Intility is delivered on a cloud-based and pre-configured IT infrastructure and operating platform that is continuously updated and further developed. Intility operates across Microsoft Azure and its own cloud platform, Intility InCloud. The supplier's multi-cloud service provides security, administration, documentation, and cost control for systems built on Microsoft Azure. Managed Azure is an option that can be triggered for the supplier to take responsibility for applications running on the Azure platform.

Managed Landing Zone

Intility offers Managed Azure Landing Zone as the basic level of management in Azure. An Azure Landing Zone consists of an Azure environment with one or more subscriptions, and is based on a set of strategies and processes for key areas such as security, networking, cost optimization/billing, development, identity and access management, and scaling. These guidelines and processes apply to all subscriptions, regardless of the underlying platform. 

An image containing a diagram Automatically generated description

Intility ensures that Managed Azure Landing Zone is delivered to customers at a Tenant and Subscription level, and in this way, Tenant Management and Subscription Management will be a part of the Intility Managed Landing Zone offering. 

Azure Tenant Management 

The services consist of:  

  • Internal user administration and guest users from third parties/partners.  

  • Role administration and user assignment to subscriptions and resource groups.  

  • Operation of service users and application registration.  

  • Integration between Active Directory and Azure resources.  


Opportunities:  

  • Privileged identity management, auditing, etc.  

  • Multi-factor Authentication (MFA) 

  • Conditional access and multi-level MFA  

  • Other customized integration with Azure AD (AAD) 

Management Groups  

With a Managed Azure Landing Zone, Intility develop Management Groups in accordance with the Microsoft Cloud Adoption Framework (CAF). The Management Group structure is illustrated below:  

An image containing text, screenshot, diagram, design Automatically generated description

Azure Subscription Management  

As part of the Managed Azure Landing Zone, subscription management is included, where the customer itself chooses which subscriptions this applies to. 

An image containing text, screenshot, Font, software Automatically generated description

On the other hand, an Unmanaged Subscriptions come with zero involvement by Intility. Such subscriptions are useful for sandbox and lab environments. Unmanaged Subscriptions are not recommended for companies without a firm grasp of the scope and complexity of Azure management, regardless of the use case. On this tier, the customer assumes full responsibility for all aspects of the Subscription.

At the time of writing, the Managed Subscription includes the following specific services and capabilities: 

  • Activation of Microsoft policies. 

  • Activation of Defender for Cloud Security Posture Management and Defender for Resource Manager.  

  • Centralized activity logging to Intility SOC. 

  • 247/365 security incident response from Intility SOC.  

  • Cloud Documentation; a comprehensive revision of security. 

  • Cost reporting with optimization suggestions in Intility Insight. 

  • Possibility for Managed Azure Direct Link with Intility's standard for security and configuration. 

  • Possibility for "Application Management".

As a service under continuous development, changes and improvements will occur.  

If the customer wants a security report and review of their environment, review of their policies with suggestions for improvement and recommendations, as well as a review of consumption costs in Azure with recommendations for cost optimization and savings, Intility offers this as a consultant service.  

Application management in Azure (Optional)

Intility provides application management in Azure as an end-to-end service for applications and workloads running in Azure. 

Application Management includes 24/7/365 support, application monitoring and automatic error correction, change management, client management, and coordination of third parties, continuous risk mitigation, and the establishment and maintenance of detailed documentation. A common data model for tools, monitoring and documentation ensures that compatibility overviews, log data, monitoring data, product data and knowledge articles can be used for predictive analysis and continuous improvement across the companies on the platform. This ensures stability, guaranteed availability, and high performance for the Customer's applications.

Responsibility Model 

To clarify the responsibility between Intility, customer, and Microsoft, the two levels of mangament is illustrated below. 

Timeline Description automatically generated

Timeline Description automatically generated

Security Operations Center

Intility Security Operations Center (SOC) is a specialized department with dedicated resources that exclusively works to identify and reduce risks of unauthorized access and to protect the underlying platform.

SOC is central to Intilitys operational and technical work to ensure confidentiality, integrity and availability of the information that Intility manages.

SOC monitors and acts on security incidents 24/7/365 and works closely with security vendors to mitigate incidents, notify involved parties and coordinate error correction work.


Intility Security Operations Center


12/21/2023 15:04

01/12/2024 07:52

Azure