Microsoft is luring in non-tech companies with Active Directory and Office 365 and then catches them with promises about good integration into all services. Once the companies are in the Azure dashboard, why not try those fancy services they offer?

It's all smoke and mirrors but it works.

I'm honestly surprised they haven't been trying to bundle GitHub more (or vice versa).

It does work and it is very compelling, at least on the tin. The problem is convincing powers that be that it doesn't do what it says is borderline impossible. The most they've built is equal parts astounding and terrifying.

In a sort of funny twist I feel like this is an area Google could really excel in if they got their shit together. Signing up for Workspace and GCP and everything else makes you feel like they don't want you to use their products.

TFA seems strangely relevant as there seems to be some cultural values reflected in both Microsoft's security posture and reputation, and the ability to bundle and market disparate and downright broken (at least in some cases) products effectively.

Observation from german companies (smaller eg 250 employees, mid, big): Azure DevOps is used. Noone uses GitHub. I am sure it's widespread, but rather for small companies

Where I work (globally well-known brand) GitHub is chosen as the future platform, since apparently that is where MS invests more. DevOps is seen as legacy. Curious if others have different info.

ADO was dead, until customers told Microsoft ADO wasn’t dead.

Once Microsoft learned that ADO was not, indeed, dead, they began to reformulate the path forward for ADO and have actually released a fair amount of preview and release features since the pivot back.

Enterprises like ADO and even when ADO was “legacy”, MSFT continued to see an uptick in adoption. ADO has better integration with Azure, at least for the web app space I play in.

From open source documentation commits and feature lag (new features for DevOps are old GitHub features and even now include GitHub branding) I think it is impossible to avoid the impression that GitHub is active development and DevOps is legacy.

The problem is that Microsoft still hasn't said that officially and directly out loud despite the writing on the wall. They continue to sell DevOps to new teams and point to its "active roadmap" (despite it being mostly unambitious and increasingly "copy X from GitHub"). So a lot of companies still have just enough doubt in the message that DevOps is legacy/dead that they keep inside it and don't migrate to GitHub, because Microsoft keeps giving them that doubt. I'm not sure if it is superstition on Microsoft's part to not kill DevOps (it is an ancient team with quite a legacy; it's maybe Microsoft's albatross), some sort of "magic" migration strategy they want to keep secret until complete, or just that Microsoft loves telling customers what they want to hear and enough companies want to hear "DevOps is alive and in good health" for a number of sunk cost or emotional support reasons.

Are you sure? I have had the "pending/reviewed file" feature in DevOps for years, months before it was available at GitHub afaik. But maybe I'm mixing it up.

In many many many ways, they’re the same thing. GitHub Actions is Azure DevOps.

From what I've heard from cloud consultants in Scandinavia (which is going through a huge move to the cloud as many places) the Microsoft Azure sales machine is on another level compared to competitors.

Microsoft will show up with 10 sales engineer, while others might just be a contractor or a zoom call.

They present themself as the authority for non-technical business and is winning a lot on that.

They're good at capturing market share, no doubt about it.

One incentive spells kickback. When money, and not quality is the measurement.

My old boss directed us to Azure because one potential benefit was 'getting all invoices from Microsoft.' It was a separate invoice and not with O365...

> I can’t for the life of me figure out how executives at big Fortune 500 move their workloads to Azure.

Almost every organisation already has a huge-ass contract with Microsoft for Windows, AD, Office, Teams, Exchange and whatnot, deeply integrated with their core IT. So if the organisation doesn't already have AWS set up as a supplier, it's usually easier to push for an existing supplier instead.

I think of our company as an "indie" startup and we use Office365 for email. There are a bunch of things that I hate about it but what are the plausible alternatives? Before we moved to O365 85%+ of our emails landed in spam folders.

There's google, which is less infuriating to use than microsoft stuff from what I've heard. Microsoft, google and yahoo regularly block or delay mails from independents[1].

[1] https://news.ycombinator.com/item?id=35380823

Fastmail is very good and has been running for 24 years, with good deliverability. Migadu I hear is good. There's quite a few email providers that aren't Microsoft or Google that have their shit together.

Yeah, fastmail is pretty close to office 365. As long as you're not dependent on Aszure for other components. I suggest businesses think about migrating away from 03 65 because this problem will probably get worse in the future, since Microsoft is either too big, or not able to secure their own security implementation.

GSuite tends to work ok for email. There might be others.

85%? I can't imagine even dedicated spam hosting companies in China having that kind of deliverability issues. That is seriously bizarre.

Sometimes you get a bad roll of the dice when you choose a lesser known email provider and you start with worse than average reputation. Can never go wrong with Gsuite, O365, etc.

OK. Maybe the "email provider" part is the problem. They were probably lax on spammers or they couldn't keep up with them.

I have experience with hosting my own on dedicated servers. It's mostly been fine.

This is what I used to do (and what my father still does). Essentially if you don't have 20+ years of history you appear to be doomed on this. Adding DKIM / SPF even configured correctly didn't seem to do much good.

This has not been my experience but every circumstance is different.

GSuite or whatever Google calls it now, Zoho.

> I can’t for the life of me figure out how executives at big Fortune 500 move their workloads to Azure.

Blame CTOs and system admins who are either married to the stack because it's the most familiar OR they were forced onto it by a CTO because, "no one ever got fired for picking a Gartner upper right quadrant option."

Well, I can't talk for all of them, but at least 2 I worked for have migrated or are finalizing their migration from Azure.

It’s not just workloads, but all of the Azure AD and Active Directory things along with office 365. It’s a ton of services and few companies actually don’t use AD.

I used to work as a federal contractor for the US Military in 1996-1997 and they replaced their Windows Web Servers with Macintosh ones because the Mac had better security.

I used to run a Windows 2000 Pro web server, after lack of security I switched to Linux.

Microsoft may be popular, but they have big holes in their security. Always has been.

Also worth of mentioning, the USS Yorktown incident which happened in that period.

https://www.wired.com/1998/07/sunk-by-windows-nt/

No, that is not worth mentioning because that problem had nothing whatsoever to do with the operating system.

What happened was that someone entered a 0 on a data entry form in a field that was not supposed to be 0. That form was submitted to an application on a server, which used it as a divisor and got a divide by zero exception.

That application did not handle divide by zero exceptions and so was terminated by the OS.

With the server application no longer running terminals around the ship that relied on that application were no longer useful.

They replaced Windows NT with Classic Mac OS?

Yes.

https://news.slashdot.org/story/99/09/10/1034202/army-dumps-...

Isn't that like moving from Windows NT to windows 95 for hosting your web server?

That's not as crazy as it sounds, because the problem they were trying to address was website security against threats from the internet.

As long as the underlying OS is secure enough that attackers can't get in via something like a buffer overflow in the TCP code, website security is almost entirely a matter of web server application security.

A well written web server application on Classic Mac OS then could be more secure than a less well written web server application on a more secure operating system such as NT.

Harder to execute a useful payload in a cooperative multitasking environment.

Win 2K Pro IIS5 would have been limited to 10 conconnections.

Not exactly useful for a web server beyond development.

FWIW, I had an Apache box running on Slack which got fork bombed around the same timeframe.

Security was largely up to the competence of the individual. I was learning Linux :-)

There is a book on Linux Hardening that helps secure Linux.

Win 2K Pro is limited to 10 connections. In 2002 I worked for a surgical tool company with sterilizing software for 300 clients and they tried to do it on Win 2K Pro, so I switched them to Server with SQL Server 2000 instead of Excel.

The better to sell you a product to patch that hole.

Like "antivirus".

> This issue is specific to Azure and Microsoft. I find AWS and GCP to be fine.

This issue.

Services get compromised often, cloud or customer managed. Microsoft has a mature, professional and effective security team. They got compromised, due to implementation flaws and one or more (my conjecture) corrupted insiders. Most organizations would have no idea wtf happened and would not be able to identify what has been revealed to the public.

Hindsight is 20/20.

The issue isn't that they were compromised in 2021. The issue is that they didn't purge their systems and the key/backdoor created then are still available after 2 freaking years.

I'm not surprised, it's Microsoft after all. They lied about their data security to win bids in health market, only to let everybody down after a year when they finally understood the cost to secure that particular data were too high for them.

It's not about securing user's data, it's about not being blamed for it.

It doesn't matter that China/Whichever state actor is snooping on all your user's data. Either no-one finds out and you're good. Or the blast radius is _so_ wide, that all blame falls on Microsoft

> I can’t for the life of me figure out how executives at big Fortune 500 move their workloads to Azure.

Because they’re not financially liable for the mistakes of Microsoft. They go to these services because they sign contracts offloading that risk to another company. If Microsoft leaks your entire datastore because of poor security on their end, you sue them for damages because ensuring the protection of your digital property is part of the reason these companies are enticing to use in the first place. They use Microsoft because everyone uses Office 365 because it integrates well with Active Directory which they’ve used for their corporate directory for 20+ years.

> The only selling point Microsoft has for Azure in some domains is that Amazon is their competitor.

Can you explain this more? What's wrong with AWS compared to Azure?

The sentence is worded a little confusingly, but my interpretation of it is that for certain companies, since Amazon is a competitor in the business domain of that company, AWS is a nonstarter even if it's product offerings are a better choice. Walmart is the canonical example.

I worked for a company where this exact thing happened, for this exact reason.

I no longer work there, but they chose GCP because AWS wasn't even in the running because of this.