Now Reading: Moving Legacy Systems to Azure Without Breaking the Business
-
01
Moving Legacy Systems to Azure Without Breaking the Business
You get expensive chaos. And the failure pattern is consistent:
- Leadership mandates speed: “We’ll tighten controls later.”
- Delivery teams hear: “Ship now, governance is optional.”
- Security hears: “Accept risk until audit season.”
- Finance hears: “We’ll figure out costs after exit.”
- The platform team—if one exists—gets a date, not authority.
So what gets measured? Apps migrated. Servers decommissioned. Percent complete. Those are activity metrics. They feel productive. They are also irrelevant. The outcomes that matter are different:
- Time from idea to production
- Stability when change happens
- Predictable cost-to-serve per workload
- How many teams can onboard without inventing their own cloud
Cloud migrations are justified by outcomes, not architecture diagrams. Why This Keeps Surprising Executives An IT project assumes a stable environment and knowable requirements. Enterprise migration assumes neither. The business changes mid-migration. Org charts shift. Compliance expectations evolve. Threat models change. Vendor contracts move. And every exception you approve today becomes a permanent path tomorrow. Exceptions are not one-time decisions.
They are entropy generators. That’s why “we’ll centralize later” is a lie organizations tell themselves. Not because people are dishonest—because once a working path exists, it becomes dependency. And dependencies become politically untouchable. The cloud didn’t create this behavior.
It exposed it. So when leadership says, “Just lift and shift first,” what they’re often buying is time. Time is fine—if you spend it building the control plane. Most organizations don’t. They spend it approving more lifts, more shifts, more exceptions. And then they act confused when cost rises, risk rises, and delivery slows. Failure Story — The Cutover That “Went Fine” A regulated financial services organization decided to migrate internal finance applications quickly. The intent was simple: move the apps in a quarter, keep the same access model, clean up governance afterward. The apps moved. Cutover succeeded. Availability was fine. Then Monday arrived. Access requests exploded because old approval pathways didn’t map cleanly to Azure roles and Microsoft Entra ID groups. Audit trails fragmented because logging wasn’t centralized. Teams created “temporary” fixes: ad-hoc role assignments, shared accounts, spreadsheet-based compliance evidence. Nothing broke technically.
Everything broke systemically. The invisible constraint they ignored was governance throughput. In regulated environments, the speed at which teams can ship infrastructure is faster than the speed at which you can safely change access, policy, logging, and evidence. If you migrate faster than you can enforce intent, you accumulate governance debt faster than you can repay it. That debt doesn’t sit quietly. It shows up as blocked work, audit panic, and incident response that can’t answer basic questions. The boring principle that would have prevented this: Establish the landing zone before you migrate anything that matters. The first workload sets the precedent. The precedent becomes the pattern. The pattern becomes the platform—whether you designed it or not. If your first migration task is moving workloads, you’ve already failed. Act II — Azure Is Not the Destination; It’s the Control Plane Most organizations talk about Azure like it’s a place. “As soon as we’re in Azure.”
“Once we get to Azure, we’ll modernize.” That language predicts chaos. Azure isn’t a destination. It’s not “someone else’s datacenter.” It is a control plane: a distributed decision engine that can enforce intent across identity, network, compute, data, and operations—if you express that intent in a way the platform can enforce. On-prem, control is social. A few people know how things work. That doesn’t scale, but it feels safe. In Azure, the system will let you create almost anything, almost anywhere, unless you stop it. Azure is not a gatekeeper.
It’s an accelerant. Azure without governance isn’t flexibility.
It’s outsourced entropy. That’s why Landing Zones exist—not as diagrams, but as a way to make rules durable when organizations aren’t. You’re not building an Azure environment.
You’re building an enterprise environment that runs on Azure. The real product you want isn’t a VM or a managed service. It’s standardization:
- Identity flows
- Network paths
- Policy enforcement
- Logging and evidence
- Subscription boundaries
That’s what gives the business what it actually wants: predictable change. Governance that lives in decks and memory is not governance. It’s a suggestion. In Azure, governance must be executable: policy-driven, identity-driven, enforced by design so the safe path is the easy path. Migration stops being improvisation when Azure becomes onboarding, not exploration. Failure Story — Cloud Adoption Without a Platform A financial services firm enabled self-service subscriptions to “unlock innovation.” What they unlocked was variance. Every team chose its own network patterns, logging approach, security controls, and identity shortcuts. Some exposed public endpoints. Others miswired private DNS. Temporary service principals became permanent. Nothing broke technically.
Everything broke systemically. The audit didn’t ask if they had Azure. It asked for consistent controls. The organization had hundreds of micro-environments, each with its own truth. The reaction was predictable: panic centralization, freezes, emergency policies that broke workloads, and a return to exception-clearing as a job function. Self-service without guardrails does not scale. It never has. Teams innovate faster when they don’t have to reinvent identity, networking, security, logging, and compliance every time they deploy. That only happens when the platform exists first. Act III — Landing Zones Are an Organizational Contract Landing zones aren’t diagrams. They’re contracts. A landing zone defines enforceable boundaries for how the enterprise operates: identity and access, network topology, security posture, policy enforcement, subscription management. Notice what’s missing from that list. Workloads. Landing zones exist so workloads don’t renegotiate fundamentals every time they move. Without them, every migration becomes an argument. Every exception becomes permanent. Every team improvises guardrails under pressure. In regulated industries, this isn’t theoretical. Audits don’t fail because of missing tools. They fail because the control narrative isn’t coherent. Skipping landing zones also destroys rollback. If you don’t know what policies were active, who had access, and what changed, you can’t roll back to “known good.” You can only hope. Migration is onboarding into a contract.
If you don’t define the contract, the organization will. Accidentally. And accidental contracts always favor speed over control—until the bill arrives. Closing Synthesis — The Migration Mindset Organizations ask for migration plans. What they need is a migration mindset. Migration is not a dat
Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365–6704921/support.
