Azure Updates: Resiliency threat modeling; Privileged Identity Management; CycleCloud

CTO Mark Russinovich shared thoughts on resiliency threat modeling for large distributed systems. Microsoft endeavors to keep Azure up and running at all times, but faces inherent challenges given the scope of Azure as a complex distributed system. Microsoft has invested in "premortems" to analyze low level risks in advance, as well as its Postmortem Quality Review Program. Additionally, the Azure team created Risk Threat Models, assessing what telemetry is available to spot risks, what guardrails and processes are in place, or the types of mitigation available.

Along similar lines, CVP for Azure Compute Brendan Burns discussed Privileged Identity Management with Azure Lighthouse, enabled for Zero Trust. The new Azure AD Privileged Identity Management integration with Lighthouse provides a way to offer just in time access for up to eight hours, so that an operator can have short-term access to a customer network. A portal experience is intended to make these short-term permissions easy to implement. 

Manoj Kumar, healthcare business architect with Microsoft Consulting Services, looked into the capabilities of Azure CycleCloud. Increasingly, researchers are leveraging high performance computing for genomics data analysis, but research to date has been limited by a lack of HPC clusters. With CycleCloud, users are able to provision infrastructure for HPC, deploying common HPC schedulers and scaling infrastructure. Workflow managers like Snakemake, Nextflow, Galaxy, and Cromwell are used to accelerate genomic analysis. Commonly, a next-generation sequencing machine can sequence between 12 and 192 samples per run, creating a Binary Base Call output file. This file needs to be converted to a FastQ file, then to BAM format and Variant Call Format.