Microsoft runs the world online and off, for small and medium businesses. As a traditional channel to accessing internet based applications, you are probably using a PC. Even if you aren’t using Windows to access the internet, you are likely working with some servers or services that rely upon Microsoft or affiliated products. But the future is much broader than just the Windows operating system for Microsoft. As a small or medium sized business, what do you need to know about how Microsoft (the publicly traded company) is approaching the future of technology and cyber security? Read on to see some concepts we believe are starting to take shape.

An important note: While many favorable opinions exist here regarding Microsoft and some of their solutions, this is not an endorsement for their services or platforms for your business. Every solution should be chosen based on a lot of variables and, there are competing solutions that offer an excellent fit for certain businesses. 

We are a service provider in web development, cyber security and marketing for the SMB market. This article is intended to cover concepts regarding the future pathway of Microsoft based on our opinions, nothing more.

If you aren’t already using Microsoft products, you’re likely to be in the future (maybe not even by choice)

Microsoft Servers are an indelible part of the small and medium business (SMB) landscape. If you aren’t using one overtly “on prem” (inside your physical location), you’re almost certainly using something Microsoft related as part of a third party delivered service, or an affiliate internet connected/facing infrastructure. But the future that Microsoft envisions is much bigger than just server licenses for Windows OS’s (operating systems). They are moving into a MUCH bigger market. 

In fact, as a security centric organization, business consultant and advisor to many companies, we think it’s important to understand what’s in the pipeline. If you aren’t already heavily invested in the Microsoft ecosystem, there is a high likelihood you will be in the near future. 

“But I plan on using Linux, or Mac, or open source solutions for web-facing applications.” 

Side note: Microsoft as a company is embracing Linux heavily; they are quickly reducing the overall impact of what sparse enterprise options Apple had (if any), and they own some of the most important players (or are contemplating investment or acquisition) in the open source realm. If you need CI/CD (Continuous Integration/Continuous Delivery), Microsoft has their hands in it deeply already, and they are upping their market penetration daily. 

How is Microsoft planning on broadening its already massive user base?

Below we will highlight the specific ways Microsoft is broadening its foothold on several markets.

As a quick primer, the following are the basics of this concept:

  • Improving the learning experience for their own products and including third party solutions into their native platform training
  • Acquiring staffing and recruiting channels
  • Going all-in on open source and other platforms outside of their historically proprietary offerings, and buying up strategic resources 
  • Their security posture is enhanced – after decades of being the go-to attack vector (Windows) – they are improving their attitude towards absolute secure delivery
  • They are pivoting their existing user base to subscriptions instead of one time licenses enhancing the total revenue of the product mix
  • They are using their money to buy solutions they believe represent the future (think Github, Skype, etc.)

Microsoft is buying professional loyalties through a huge investment in their internal learning platforms

They have started giving away certification vouchers to professionals and students. They are creating a huge database of professionals in the tech space that not only relies on Microsoft products to do their jobs, but has already invested significant time and energy into the learning platform. When you’ve got 150+ hours in a system for learning and they offer discounts, free vouchers, or free learning, it’s hard to move away from the platform. It’s a perfect way to increase their footprint in the industry, passively. 

If students know they can get jobs by getting MS or Azure certifications, they tend to go with what they know. Who needs AWS when you can accomplish the same thing on Azure. Forget that Azure costs 35% more in some cases to do the same thing in the cloud – you’re going to recommend to your boss the solution you know and can operate well on. But it’s not so much that Azure costs more, it’s got premium all-inclusive feature sets too – Microsoft is bolstering their offerings to apply the single pane of glass concept to their user base. In many ways, Azure is better than either AWS or Google – especially when it comes to security from a native perspective. 

This is even more true when you have a hybrid cloud setup as a small or medium business. 

The tie-in is easier for those who already are familiar with or using Windows products on site. The overall orchestration is easier with a smaller technical staff. The UX/UI is more approachable. This isn’t even an endorsement for AZ/MS, it’s just a realistic take on the facts.

If you control the student population because you cater to the schools, and you cater to the student tech population, and you make it easier to learn without coming out of pocket, you control the business purchasing narrative in the future as those students mature in their careers. If the students who have built their career on the back of MS services are getting raises and promotions, they will eventually skew towards the MS ecosystem if all other things are equal, as they become the decision makers in an organization. 

No other place is this concept as true as it is in the SMB world. Small businesses are reliant on the knowledge of their 1-2 or handful of professionals in the IT world to make proper business decisions. If those professionals are trending towards favorable perceptions of a specific platform, they will mostly recommend that platform to owners, managers, and purchasing departments. 

Microsoft is genius for giving away certificate vouchers, offering robust training resources on their public facing sites for free, and for hammering the educational market. 

In a much stickier way than Google uses Chromebooks to get into school procurement systems, Microsoft is penetrating the educational market, even on the non-windows side of things. Linux has a huge portion of the roadmap dedicated to it for MS over the next decade. MS is already making native integrations and including realistic/real world Linux specific training into their cross platform certification online. This means they are expanding beyond their traditional proprietary box.

Microsoft is poised to own a large chunk of the recruiting and hiring landscape

They are already the “owner” of Linked In (they promised autonomy to the in-place management team despite being the sole beneficiary of the revenue stream). It’s the dominant workforce social play, and getting bigger daily. 

They are also looking at other resources within that space. They are going to help consolidate the marketplace over the next few years. Having the ability to cross reference data, use the platform for strategic advertising, and have insights into the market makes Microsoft a well positioned player to cherry pick the right technicians and professionals to continue to break away from the pack in the future. 

The diversification that moving into the learning space and the recruiting/staffing space makes the monopoly argument harder to make. Even if they spin off the companies in this marketplace in the future, they will realize massive ROI on the purchases. It’s doubtful that they spin off anything in these areas, however, as they remain poised to own the training space for years to come. They have the income to allow for many years and many rounds of discounts and promotions on learning and recruiting projects that will further make them a go-to market solution.

They are likely to be moving heavily into the space to ensure they have the type of talent and talent acquisition control that they need to maintain a strategic position for the foreseeable future. 

Microsoft is integrating popular solutions into its user base and proprietary platforms

If you look at the offerings Microsoft has currently, you are beginning to see the improvements to the broader service integrations. It started with simple things like RADIUS, TACACS and other confederation services to ensure that authentication, and identity management could be done through existing infrastructure, but it is starting to creep into other areas of the landscape that Microsoft operates within.  

Microsoft has always known how important the enterprise market is to their business, and this is especially true as companies like Apple take larger steps to dominate the consumer market (which they won’t ever be able to control because of business tie-ins to the PC), instead of trying to move into enterprise solutions. Microsoft has also always known the value, to power users and high level systems architecture folks, of Linux.It’s vastly superior in the command line, especially given speed and security control. 

As such, they have begun to make the pivot, in order to control a larger portion of the enterprise landscape, by integrating Linux into their cloud offerings. It’s not going to be long before servers are dual licensed on-prem for SMB’s with Linux boot ups alongside Windows (though this represents less value overall in a growing fully cloud based landscape), compared to cloud based on Linux machines.

Microsoft knows the future isn’t Windows; they are thinking 25 years down the road and want to be seen as a go-to in the enterprise solutions spectrum when it comes to Linux. 

Did you know you can use a Microsoft built SIEM (Security Incident and Event Management) and SOAR (Security Orchestration and Response) solution, with existing AWS and Google Cloud resources. How do you think that plays out? 

Sure you’re on AWS or Google Cloud now, because you started there. But you may opt to go with Azure at a 15%+ cost increase, to make management easier if security incidents increase over time. 

Azure has easier to implement security logging; better threat recognition algorithms, and ever-improving scaling capabilities compared to the other major cloud backbone providers. 

What may be more important: Azure’s more polished interface is at least approachable to non-tech personnel. Not that it’s a best practice to try to configure or manage cloud services without in-depth knowledge or experience. But that means that the decision is easier from a procurement perspective because it is less tied to hiring top talent than other ecosystems. AWS and Google Cloud right now, require significantly more technical staffing to manage on a day-to-day perspective. Also – Microsoft is grabbing a large portion of the future tech professional pool through free certifications and robust training, as noted above.  

Having a solution that interfaces with less moving parts means it’s more likely to be the solution that is chosen in market change environments (hard economies; bad hiring markets, growth phases where staffing is too slow to keep up with needs), regardless of costs, generally.

Microsoft is spending a ton of money to make Azure the go-to, security-first solution for cloud computing

Azure is the ONLY major Cloud first solution to take security as seriously as they do – at least from a TCP/IP independent perspective. Largely, SMB’s aren’t at risk as much as larger enterprises regarding constant security concerns, at least from a footprint perspective (larger footprints online means more attack vectors). But they ARE easier targets, and have attack vectors that are largely not tended to properly because they are not spending the same percentage of revenues on pure cyber security solutions as larger businesses. This is a common problem with small and medium sized businesses – they don’t understand that they have exposed risks that are very costly if enumerated on.

This will change. Security concerns will continue to grow. Local hackers, threat actors and vulnerabilities will become much more prevalent as the economy worsens (short term – relative to the time of this writing). It will also increase (cyber crime, that is), as internet footprints grow. Overall company growth leads to more attack vectors and more impetus created for criminals to act against your business. We provide security solutions for Small Businesses and Medium Businesses in Southern California and beyond. This risk will not recede. The threats will continue to grow as time goes on.

Azure solutions include platforms like Sentinel and Defender that offer easy to understand and easy to configure security solutions that incorporate automation, access control, and logging into an algorithm led security model that is always learning. 

Furthermore, as big as Google is in Small and Medium businesses for email, Microsoft, too, has a massive foothold in business email in general, and can incorporate hundreds of thousands of phishing and other email led attack data points into their ever-learning algorithms, per hour. It’s already incorporating millions of data points weekly into their security algorithms that helps to reduce false positives. How many emails do you need to administer before you have enough data points to predict bad actor behavior – Microsoft has the upper hand here.

There are ways to integrate SIEM and SOAR solutions to any cloud environment. Few if any overall integrations are as easy to understand or to implement as Azure and the affiliated solutions. One could argue the power of a completely Azure tied SIEM/SOAR environment is lacking compared to available market solutions, but few would argue that there isn’t (at least initially) a massive economic benefit to using Azure/MS security solutions compared to very expensive solutions. 

This is especially true as logs and computing gets more expensive and the total management of larger databases and services becomes more unwieldy over time. It’s also very likely that MS will acquire or integrate some of the best performing third party vendors into their company portfolio over time. 

What does all this mean? Some combination of Microsoft Sentinel/Defender/etc. is less capable for right now than the most expensive solutions for SIEM/SOAR, but it is vastly cheaper to implement and is very good for small and medium businesses that cannot afford $5K+/month costs to implement a SIEM or a SOAR, or the $150k+ costs of outfitting a proper SOC (Security Operations Center). It’s even much less than implementing a MSSP (Many of which are $10K+/month on the low end). 

Many small and medium businesses could gain access for under $1k a month and some even significantly less than that to utilize Microsoft’s SIEM/SOAR solutions. We can help you orchestrate an Azure cyber security solution for your small business needs

“Single pane of glass” observability is important for tech staff with small overall numbers or low technical depth. If you need to view all things for your enterprise and you already use Windows on-prem, you can’t logically think a move to AWS or Google Cloud makes as much sense as Azure. All-in, the costs will be lower for those SMB’s that have such a need to use Azure. 

Being able to see all your alerts, credentialing, authentication, permissions, and datasets on a single dashboard makes a lot of sense for those who cannot afford a dedicated SOC (Security Operations Center) or a security team. Microsoft is playing it smart here, especially since so many SMB’s are tied to Kerberos, AD and other microsoft tied platforms already. Even as they outgrow these solutions, Azure is going to make sense to migrate to, using substantially similar solutions.  

Most SMB’s aren’t buying $150K security solutions, or at least not frequently – so the logical conclusion is to go with the least disruptive technology option – Azure makes sense for many in this case. A few thousand dollars a year in cost increases beats massive CAP-EX unless there is a windfall or compliance concern in the year of changeover. At least for a majority of small and medium businesses that aren’t already inclined to be security-first in posture.

Microsoft is expanding operationally through smart mergers and strategic investments

They own companies like Linked-In, Skype, Github, Activision/Blizzard, and others. 

“But wait, you listed companies I only do a tiny amount of business with, and what does a game company have to do with my business?” 

The point is that they aren’t just buying game companies, recruiting companies, and VoIP companies. They are buying complementary solutions that aid the company in getting all the hooks into a small business. Furthermore they are investing in technologies that have reach beyond the obvious focal points of their respective existing business models. 

Activision/Blizzard as a business solution? Not overtly, but definitely there is some potential for your workflows to benefit from it. Imagine a gamified learning solution for technology professionals in your organization. Imagine a documentation system that improves through game theory. Imagine a solution in the future that incorporates metaverse and AR/VR solutions for marketing or as a delivery channel for your products,pioneered by a gaming company. These are realistic potential integrations. 

Linked-In as a solution? Everything as a solution. You need additional technology professionals on staff to improve throughput or capabilities from an architectural perspective. Why wouldn’t you rely on the internal data and crossover value of the solution you are hiring for, provided by the same company that owns that solution. Microsoft owns Linked-In, so you can look to them to staff your needs for Microsoft administrators. Linked-In is a built-in ecosystem of people that are already vetted to some extent, that you can look to, to fill staffing needs. This is a realistic integration.

Skype allows you to build VoIP channels on the backbone of your already integrated tracking, marketing and biz/dev solutions. Imagine having a BI (Microsoft Power BI Data Visualization) dashboard that quickly shows ways to improve conversion on your website, or proves conversion from certain channels, thanks to the tie-in to dedicated phone numbers on your VoIP system. This is a realistic integration. 

Moving from static documentation to a version control solution to help with Dev/Sec/Ops or Dev/Ops and trying to implement CI/CD? This is already an existing solution through Github and other affiliated offerings. The future is moving that way, and the market is moving in a more aggressive way towards this concept. This is already a proven integration, and the Microsoft folks are moving harder to implement more of it, going forward. They own github. 

Microsoft is embracing open source and community oriented solutions and tying it to in-house proprietary platforms

Microsoft is embracing open source because people recognize the value in crowdsourced solutions; the importance of community oversight, and have the desire to stay away from license fees. Historically, MS has been in the proprietary license business. They have moved to a subscription based model (Think MS 365 and bundled subscription softwares). This model is cheaper to deliver and more secure, more profitable and more easily controlled by MS as a company. 

Microsoft is embracing open source because they see the huge potential for money there. Open source might be free from a license perspective, but that doesn’t mean that there are not significant costs. If you want a website built in WordPress, for instance, it’s free to use from a license perspective, but you’ll have to handle the development yourself (We offer WordPress Websites that are secure and fully maintained and optimized). Kubernetes and Docker are perfect examples of real world, innovative, and necessary open source type solutions that are fully embraced by Azure and Microsoft in general. Microsoft owns the Powershell distribution and that has carryover to many different scripting scenarios on many different platforms. They have made investments into Bash (Bourne Again Shell), which is an essential piece of the Linux landscape. 

Microsoft is playing the broader field, while other competitors are building out in a focused way

This concept is one that may or may not pay off for Microsoft as a company. Overall, it’s our belief that Microsoft will make more money playing this game, than trying to compete with the other behemoths on focused service offerings. 

AWS by Amazon and GCP by Google are massive. They provide great service with good pricing (relative to peers), and they are “vendor neutral” – at least in the sense that they generally don’t tie to specific services with a hard sale, even if they try to keep their ecosystem streamlined. 

Microsoft is going with the broad approach while AWS is going for world domination in the cloud compute and storage space. 

AWS will probably own this space for a very long time, and Azure will only have incremental growth. But seeing companies like Oracle move fully into the cloud offering space as a backbone provider shows that AWS will always see pressure at the top. And Microsoft need not even be the company puting the pressure on it. Google and others will be applying pressure too, over time. 

Meanwhile, instead of cost cutting to compete on the cloud front, Microsoft will make their offering too irresistible to businesses to not pay the slight premium to access Azure cloud environments. They will add enhanced security options to millions of businesses already in their system. They will upgrade their data centers through partnerships and new company acquisition, and AWS will still have the same growth curve, and will only compete on total costs. Eventually the premium provider will win out as the labor force shrinks relative to internet facing specialist availability, and more need exists for skilled professionals. 

Ease of implementation and choice will ALWAYS outweigh having to hire more technology staff at higher wage structures. Paying 25k a year more to Azure for easier integrations on your cloud provider interface is better than paying for a 125k/year professional to manage your AWS instances. 

Labor is made obsolete in some ways by automation and free, value-added services. Microsoft knows this. They want to run things algorithmically and through stable, CI/CD channels rather than hacked together offerings. Small Businesses will eventually relent because the tech world wage structure is too heavy, and the availability of local human capital is getting harder to access with large companies having an economic advantage. 

The generalist approach, and the integration of open source technologies that a lot more people can learn a lot faster and for less cost as an employee will rule that landscape. And that is a fact: if a potential employee can learn online for free on an open source, highly documented product/software/code language or other solution, they will. 

Ultimately, it will allow for a cheaper labor force in the long run. But Microsoft is already balancing that scale as well, not only embracing open source in their platforms, but by offering their proprietary training for their existing umbrella products. The result is a long-term win-win, with employees (en masse) recommending more MS products in total. 

Of course AWS and Google will polish their interfaces, and the labor market will never not have professionals available to service these solutions, but they may take a back seat to the easier to understand, fully-faceted solution Microsoft is envisioning.

Microsoft is ridiculously profitable, and they are not going to be getting any smaller – they are essentially unbreakable at this point

Unless they suffer a major breach, or willingly do something shady/illegal and get hit with major government-imposed fines/sanctions, they are in a fortress that will only grow and get stronger. 

Microsoft as an entity, prints money. They make so much revenue it’s hard to believe. They could – independent of monopoly laws – buy just about any other company in about 75% of their competitive marketplaces. Sure, they aren’t buying Google or Amazon, but they could buy Linode (major hardware server solution in the data center space), or Splunk (major cybersecurity player in the SIEM/SOAR space), or even Palo Alto Networks (TCP/IP/Security player, a la Cisco). They could likely buy a company as large as Salesforce, a major competitor with a huge foothold and several very strategic, very profitable platforms (including Slack, Salesforce, Tableau and others). 

Any of the listed companies being acquired by Microsoft would lead to a doubling in revenue over 15 years for the company in that given marketplace, or even more than that. Furthermore, it would lead to an absolute market penetration that would be unlikely to have a rival for the next several decades. It would broaden the user base by 15% for the company on the Microsoft side, and lead to improvements in synergies and total revenue. 

It’s important to note that this is not an investment overview for MSFT (the ticker symbol for Microsoft Corporation), rather it’s a landscape overview for where it seems Microsoft is logically moving.  

Their revenue and income levels are basically insulated and growing, and their footprint can get bigger with any number of easily assimilated corporate acquisitions. 

The point? Microsoft is growing, and they will be buying more big companies. Thai means there is a good chance you’ll become affiliated (or further affiliated) with the company sooner rather than later.  

Other ways Microsoft is owning the market

As a CASB

As a CASB (Cloud Access Security Broker), Microsoft has good market penetration already. With shortcomings from a compliance, security and access control perspective, Dropbox, Box, Google Drive and other solutions are significantly hamstrung in security oriented enterprises. Sure, they could improve their company-specific offerings, but Microsoft has the upper hand currently because of LDAP, server specific login control, and other confederated credentialing and Identity and Access Management solutions. IAM is owned by Microsoft, generally. At least right now. 

If you think MS isn’t already exploring serverless and password authentication, you are mistaken. They are not going to make the same misstep that Blockbuster made with Netflix. They’ll just buy the Netflix they see in their competitive industry, or they will put them out of business by building a stronger solution and crowding the company out. 

They are incorporating technological solutions regardless of their legacy offerings. Sure, Active Directory is big today, but Microsoft knows that AD and LDAP and other solutions may not be the preferred method in the future. It’s pivoting as needed to improve that experience and securitize the channels of authentication. You think they cannot reinvent the idea of passwordless authentication if they wanted to? They make billions in income per month. FREE and CLEAR.

Need to control what access your employees have to assets and data? A CASB is the solution. As a CASB, Microsoft has a lot to offer. 

Azure: the ability to Scale up and Scale Out

You can make a WordPress Website that scales automatically to meet market demand and increased traffic on Azure. But that is a single concept. Sure WordPress is great for a lot of businesses in the small and medium size range, but there are a lot more platforms, CMS’s and code libraries and languages that also scale up and out on Azure. To scale up means to meet immediate demand in traffic/resources on the fly for spike type traffic. To scale out means infinite distribution for more total capacity over time for your public facing internet enabled application. You can grow, without having to have all the one time infrastructure costs that are more than just “one time”. Typically you have to scale up and up and up, and then out eventually, each time having an associated cost. With a solution like Azure (AWS and Google Cloud can also do this) you can be ready for growth with a single one time architectural expense from a building/deployment perspective, at least from the initial implementation perspective. (Development changes will have separate costs independent of your deployment at the initial offering). Of course you’re going to pay for increased compute and storage usage, but you won’t have to pay a dev to remove/replace/transplant your application. 

A lot of the continuous integration and development considerations are built into the Azure ecosystem if you choose to use them. That will help to keep development overruns in check, though a team or agency should be maintained to ensure security and maintenance needs are met in an ongoing fashion. With bespoke builds by agencies on third party intermediaries, it’s not as fluid a growth scheme, and future planning can be riddled with expensive redevelopment costs. 

Having a true full-cloud application solution can mitigate unexpected costs, even if it is a larger expense from start to finish. Often, consistency in budget line items is more important than total costs. This is especially true when it comes to security and threat actor planning. 

If you know you will want security operations, it may make a lot more sense to accept the incremental monthly costs now and over time, instead of trying to address actual threats on a one-off basis, as that can be a situation that could cause bankruptcy for some SMB’s. 

It’s a small price to pay (that can potentially be written off as infrastructure or costs of doing business) to ensure you have real-time monitoring and security solutions when it only costs an extra couple of hundred dollars a month, but may reduce total labor force costs and minimize risk exposure to actual data or web application breaches. We offer small and medium business security solutions for cyber threats and for your internet footprint

Conclusions about where Microsoft is going in the future

From a practical sense, you may not care what Microsoft has on the horizon, but from a business solutions perspective, you should know that Microsoft is making an aggressive push towards getting more of your dollars, more of your attention, and more of your workforce on board with their offerings.

As of now, they offer the most complete single company solution for small and medium businesses on cloud-based, internet-facing, security-forward applications. If you want to compete with larger enterprises in your local area, their solutions can be beneficial from an economic perspective. That doesn’t mean they will be the cheapest solution, necessarily. 

They are also the easiest to understand from a total technology perspective, so despite slightly elevated costs, they are already top of mind for a lot of small and medium business ownership and management teams. 

The real point of this article and why we chose to write it now, is that Microsoft is making a play to be a much bigger service provider than they are currently. And that means there is a potential for some flexibility if you are an early adopter. It also means you can benefit from synergies as they occur on the broader landscape if you are in that ecosystem ahead of other mass adoption. Most importantly, we want to inform you of the happenings of the industry that will affect overall capabilities for your business. 

Security is a real problem right now, but we haven’t begun to see how detrimental a lack of seriousness can be, with regards to small and medium business risk exposure online. Cybersecurity is always a bigger company’s problem to deal with until it hits your business. And Microsoft is the only backbone cloud provider taking security as seriously as they are. 

Workforce sourcing is a problem right now, but as security becomes a bigger problem that will cut qualified professional pools significantly, and as a SMB you will potentially be hurt as a result of it. Knowing what MS is doing to impact that pool of candidates directly affects you, if not today, in the future, certainly. 

Learning management and workforce development is a problem right now. But as the workforce shrinks with regards to the total skill set across the tech sector (mostly because of enhanced need for employees), it’s going to get tougher to attract and retain qualified employees. It will also get more difficult to offer premium learning solutions. Microsoft is trending towards a bigger piece of the pie in that scenario too. It makes sense to follow along with their inroads, and see if you can grab some insights or FREE/INEXPENSIVE solutions for your tech staff. 

In all, the company we all know as the consumer computing giant is making an even bigger play for the enterprise market than it has in the past, and this time not just in computing and software. 

Microsoft is on the edge of where bigger enterprise solutions providers are treading, and they are legitimately leading the way in many regards. Knowing what they are up to can help you thrive as a small or medium business owner in the face of ever-increasing pressure from bigger enterprises in your industry. 

If you need help navigating the small and medium business cyber security or website landscape, let’s chat.