Success in Azure hinges on specialized expertise

In just over fifteen years, Azure has grown to become an extensive ecosystem. But in order to get the most from all its possibilities, businesses today cannot do without specialized expertise: in data integration, applications and AI, but also in infrastructure, network, cybersecurity and data governance. The persistent shortage of IT profiles on the labor market further compounds the challenge of developing all this expertise in-house.

In this article:

• Integration: the foundation for success
• The role of AI in cloud projects
• Automation accelerates innovation
• Cost optimization in Azure
• Security and data governance
• Scalability and data sovereignty
• Conclusion: expertise as the key to success

Integration: the foundation for success with Azure

Why integration is essential for an Azure journey

Integration is a prerequisite for a successful Azure journey, not just for data but also in terms of applications and AI. Why is integration so important here?

Data circulation is essential. If it wasn’t taking place, you’d have to transfer data manually or by means of complex processes from one application to another.

Dirk Luyckx, CTO at Codit

How do you ensure that this flow takes place seamlessly?

Dirk: “We take the Azure Integration Services as our basis for this. Using these services as building blocks, we’ve developed a methodology that allows us to operate in a loosely coupled manner: Codit’s Invictus framework. In other words, we’ve opted for an approach that offers flexibility, but that also makes it easy to scale. It’s software that we use to enforce a reference architecture, so that you don’t have to start from scratch for every project.”

Bert Standaert, Product Manager Cloud at Proximus NXT: “We also use frameworks for anything to do with infrastructure. Specifically, I mean the Microsoft Cloud Adoption Framework for Azure (CAF) and the Azure Well-Architected Framework (WAF). We add another layer of our own to this, to make specific monitoring possible, for example. You can see it as a combination of CAF, WAF and the experience of Proximus NXT.”

Dirk Luyckx, CTO at Codit

The role of AI in cloud projects

How is AI changing application development?

AI is increasingly playing a role in cloud projects. Almost every application gets a new version with a built-in AI component. In addition, AI is changing the way in which new applications are developed.

Dirk: “Absolutely. A solution like Github Copilot offers developers a completely new perspective. They no longer have to see their task in a purely deterministic light, as used to be the case. At the same time, AI isn’t taking over everything, although developers who use it will take over the work of the ‘regular’ developer.”

Can you give an example of an AI project that you regard as spectacular?

Dirk: One example for me is the way chatbots are evolving. Chatting with data – where you get an answer to a question – has been around for a while. But we’re now rapidly moving towards agentic AI, where the application takes specific actions. We’re seeing the same evolution in the Invictus platform that I just mentioned. This has been enriched with AI, which makes it usable for people from business with a less technical background.

For example, an error message that used to appear in JSON is converted by the AI component into readable language, supplemented with suggestions regarding possible solutions. This makes a big difference, because someone with more business expertise will then give instructions that are better tailored to that business.””

Bert: “We’ve also seen this since Copilot was integrated into the Microsoft Azure Portal where, among other things, it provides support in connection with alerts. In general, we can say that using AI lowers technical barriers. People with more business expertise but less technical expertise can still use it. In many cases, this also results in better integration.”

The use of AI lowers technical barriers. People with more business expertise but less technical expertise can still use it. In many cases, this results in better integration.

Bert Standaert, Product Manager Cloud at Proximus NXT

Automation accelerates innovation

Why is automation crucial in Azure?

Gregory Gruber, Deputy Director Security, Cloud & AI Services at Proximus NXT Luxembourg: “The importance of automation belongs in the same context. It’s this automation that’s leading to businesses carrying out deployments in Azure faster. One of the ways they do this is with a landing zone, which involves working quickly, but also consistently and scalably, with a standardized, configurable design. You then use Terraform as a tool to automate those repetitive tasks – such as provisioning – while enforcing the desired compliance with Azure Policy.”

But automation probably goes much further than that, doesn’t it?

Gregory: “Yes, we automate and manage critical processes, for example with Azure Functions, to ensure that all configurations are and remain standardized across all tenants in Azure. Automation is also very useful for managing identity and lifecycle management tasks such as creating new users and assigning user privileges. By automating, you can react more quickly, while reducing the error rate and increasing consistency at the same time. A business would rather spend the time this frees up on innovation and value creation – possibly with Azure to provide leverage again.””

Gregory Gruber, Deputy Director Security, Cloud & AI Services at Proximus NXT Luxembourg

Do you know of an example of this kind of innovation in practice?

Dirk: “Take Schréder Hyperion’s adaptive street lighting, for instance, which Codit is helping with. Again, this involves a lot of integration and automation: millions of connected lamp posts sending data via IoT to a cloud platform, which AI applications can then use. At this point, adaptive street lighting that consumes less energy becomes just one of the possibilities. If extra sensors are added to the lamp posts, this brings completely different applications within reach too: measuring air quality, crowd control, charging points for EVs, and so on.”

Cost optimization in Azure

What are the biggest cost challenges?

Your example shows that a cloud project always has an infrastructure component. What is seen as the single biggest challenge in the context of Azure today?

Bert: “Primarily costs, I would say. We’re seeing businesses opting for a rational approach. Everything cloud-first or everything on-prem? They’re no longer making such a sharp distinction. They’re thinking much better about which workloads and which data to entrust to which type of cloud. Cost optimization gets a lot of attention in this context: rightsizing, working with capacity reservation, closing unused capacity, and so on. And then there’s cost control, by using policies to enforce correct use of the cloud.”

This is a big contrast with the early days of the public cloud, when cost reduction was the main argument.

Bert: “If you transfer your entire environment one-on-one from on-prem to Azure, you’ll pay more. You’ve got to optimize and build in cost control if you want to make the case. The cloud sometimes has hidden costs too, which is why it’s absolutely essential to maintain an overview. Incidentally, sustainability is another factor that will grow increasingly important, especially in the context of the sustainability goals for 2050. We’re gradually seeing more movement in this area.”

Dirk: “Costs still often put a brake on the process. A business that’s invested heavily in its own data center is less inclined to simply abandon it. But costs aren’t always decisive. Other factors are often considered too in the assessment of on-prem versus cloud, such as the physical location of the data – sensitive data for example – or the latency of an application, for example in the operational control of machinery.”

NIS2 requires best-in-class encryption: at rest, in transit and in use. To achieve this, Azure offers special hardware that makes encrypted public cloud possible.

Bert Standaert, Product Manager Cloud at Proximus NXT

Security and data governance

Secure in the cloud: detection, encryption and least privilege

Along with costs, cybersecurity is the biggest challenge in the cloud. How can a business detect suspicious activities on its Azure platform?

Gregory: “We offer a wide range of services for cloud and hybrid environments, such as advanced threat detection, monitoring and incident response. This service offering is seamlessly integrated with Azure Security Center in order to achieve proactive protection. Together, these services ensure compliance and data sovereignty, supported by the team of cybersecurity specialists at Proximus NXT.”

Bert: “Data sovereignty is generally an important point to consider. NIS2 requires best-in-class encryption: at rest, in transit and in use. To achieve this, Azure offers special hardware that makes encrypted public cloud possible. But you can also go a step further to achieve ‘confidential compute’, by taking the management of the encryption key away from Azure and entrusting it to another partner, such as Thales. Finally, you can have the whole system attested – not by Azure itself, but again by another partner, such as Intel.”

One key concept in contemporary cybersecurity is ‘least privilege’. Can you also apply that within Azure?

Gregory: “Absolutely. In fact, least privilege is an essential concept for achieving a secure cloud environment. It’s about giving users, systems, or processes just enough access to perform their tasks – no less, of course but, above all, no more. This is how you prevent misuse and reduce the risk of incidents. The most important thing is to first identify all the accounts that need access to Azure.

You classify them in groups, each with a specific set of roles and responsibilities, to which you then link the appropriate access. Then comes the technical part. To put least privilege into practice in Azure, we usually combine different approaches, such as role-based access control and just-in-time access.”

In Azure, you can choose the specific region where you edit and store your data. The Azure Policy tool then consistently applies that choice.

Gregory Gruber, Deputy Director Security, Cloud & AI Services at Proximus NXT Luxembourg

Scalability and data sovereignty

Guarantees concerning location, availability and scalability within Azure

In addition to data and application access management, physical storage location or data residency is another consideration that can deter businesses from choosing the public cloud. Is it possible to obtain guarantees about the physical location of your data within Azure?

Gregory: “Definitely. In Azure, you can choose the specific region where you edit and store your data. The Azure Policy tool then consistently applies that choice. Organizations with very strict needs in terms of sovereignty can use Microsoft Cloud for Sovereignty. Among other things, this solution makes it possible to determine the physical location of the data even more strictly so as to comply with all the relevant regulations. Compliance is then overseen through the Azure Monitor and Security Center.”

Bert: “Microsoft’s new data centers in Belgium – expected in the second half of 2025 – meet the demand for data sovereignty. There will be a guarantee that the data will remain in Belgium. The latency of data traffic will also decrease further as a result.”

And what about high availability and scalability?

Bert: “Azure offers the necessary guarantees in terms of high availability. Scalability is another issue. Azure is almost at its ceiling in Ireland and the Netherlands. Further expansion is not possible there, as the impact on the electricity supply would be too great. But even so, the public cloud remains the best solution for anyone who needs a high degree of scalability. In any case, you can still scale much faster in the public cloud than with on-prem.

At the same time, with Azure Arc you can easily extend your on-prem environment towards Azure – and then manage the whole thing on a single platform anyway. You then end up with the ultimate hybrid model.”

Conclusion: expertise as the key to success

There is no doubt about the advantages of Azure in terms of capacity, flexibility, scalability and security. However, the Azure ecosystem is now so extensive that many businesses have gradually lost a clear overall grasp of it. In order to benefit fully from what Azure has to offer, a great deal of specialized expertise is also needed. However, the persistent shortage of IT profiles on the labor market further adds to the challenge of developing the required expertise in-house. For all these reasons, Proximus NXT makes the difference as an Azure Expert Managed Services Provider.

Microsoft has awarded Proximus NXT the Azure Expert Managed Services Provider certificate. This shows that Proximus NXT has all the necessary Azure expertise. The certificate serves as a quality mark for partners that help their customers to get maximum value in complete security, even from the most complex Azure projects.