July 2022

The Total Economic Impact™ Of Microsoft Azure Arc For Security And Governance

Cost Savings And Business Benefits Enabled By Azure Arc

Microsoft logo

A Forrester Total Economic Impact™ Study Commissioned By Microsoft, July 2022

Table Of Contents

Organizations using the cloud to modernize their IT systems frequently find that some resources are not suitable to migrate to public clouds. Organizations with hybrid or multicloud strategies can realize productivity gains and reduce security risks by using Microsoft Azure Arc to secure and govern non-Azure infrastructure alongside Azure resources.

Microsoft Azure Arc extends the Azure platform so customers can build applications and services with the flexibility to run across data center, edge, and multicloud environments. Azure Arc provides a consistent operations, development, and security model for applications and infrastructure.

Microsoft commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Azure Arc for security and governance.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact on their organizations of using Azure Arc for infrastructure security and governance.

To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four representatives from organizations with experience using Azure Arc. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization in the manufacturing industry with billions in revenue and global operations. The composite organization has 8,000 infrastructure assets including cloud and on-premises servers, virtual machines, databases, and Kubernetes clusters. Although the organization has Azure and Windows assets, many of its assets run on other platforms. The organization has a hybrid infrastructure with half of the workloads on-premises and half in the cloud.

Before using Azure Arc, the interviewees’ organizations struggled to centralize and control the operational lifecycles and security of their distributed infrastructure resources. They sought a solution that would save their IT operations (IT ops) teams’ time, accelerate initiatives to modernize to the cloud, and improve the security of critical systems.

After adding Azure Arc to their infrastructure, the interviewees’ organizations’ IT ops teams saved considerable amounts of time on infrastructure management. The organizations also extended services like Microsoft Defender for Cloud and Microsoft Sentinel to cover these assets, improving security. Finally, they retired tools previously used to manage infrastructure before Azure Arc.

Consulting Team:
  • Jeffrey Yozwiak,
  • Zahra Azzaoui

Key Findings

  • icon
    ROI
    206%
  • icon
    BENEFITS PV
    $3.26M
  • icon
    NPV
    $2.19M
  • icon
    PAYBACK
    <6 months

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

  • Realized IT ops productivity gains of 30%.

    IT ops team members at the composite organization need 30% less time to manage Azure Arc-enabled infrastructure assets (e.g., multicloud and on-premises systems, etc.). The team members automate routine tasks and spend more time on higher-value activities.

  • Lowered risk of a data breach from unsecured infrastructure by 80%.

    Before Azure Arc, much of the organization’s infrastructure was non-compliant with the latest security standards and protocols. Having a centralized view for security management with Azure Arc enabled IT ops to quickly update this infrastructure. The organization also enabled Microsoft Defender for Cloud and Microsoft Sentinel on these assets.

  • Reduced spending on third-party tools by 15%.

    Azure Arc provides management and monitoring capabilities for the composite organization’s non-Azure infrastructure that is superior to capabilities other platforms provide. The organization retires expensive third-party tools used for management, reporting, and security, and it consolidates its billing around Microsoft’s tools.

icon
Time savings managing non-Azure infrastructure: 30%

Flexibility. There are multiple scenarios in which a customer might implement Azure Arc and later realize additional uses and business opportunities, including:

  • Developing applications utilizing hybrid infrastructure.

    Azure Arc can advance hybrid app modernization efforts and developers may realize productivity gains.

  • Increased innovation.

    IT ops team members repurpose time previously spent on routine infrastructure operations towards higher-value activities, such as innovation.

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

  • Azure consumption fees.

    Onboarding to Azure Arc is free. The composite organization realizes the benefits by purchasing the following Azure services: Policy and Automation, Monitor, Microsoft Defender for Cloud, and Microsoft Sentinel. Microsoft bills for these services on a consumption basis.

  • Training time.

    The composite organization experiences short onramp times before IT ops team members are fully proficient with Azure Arc. Onramp time is especially short for team members already familiar with Azure.

  • Implementation effort.

    Given the organization’s large quantities of non-Azure assets, Azure Arc-enabling all assets could take several months. This trajectory is common across large technology projects and is not unique to Azure Arc.

The representative interviews and financial analysis found that a composite organization realizes benefits of $3.26 million over three years versus costs of $1.07 million, adding up to a net present value (NPV) of $2.19 million and an ROI of 206%.

“We [have] a single pane of glass for monitoring [on-premises and other assets] with the same level of detail as we have for cloud workloads. And we can enable new features such as [Microsoft] services.”

Lead data architect, energy

Benefits (Three-Year)

TEI Framework And Methodology

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in Azure Arc.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Azure Arc can have on an organization.

  • icon
    DUE DILIGENCE

    Interviewed Microsoft stakeholders and Forrester analysts to gather data relative to Azure Arc.

  • icon
    INTERVIEWS

    Interviewed four representatives at organizations using Azure Arc to obtain data with respect to costs, benefits, and risks.

  • icon
    COMPOSITE ORGANIZATION

    Designed a composite organization based on characteristics of the interviewees’ organizations.

  • icon
    FINANCIAL MODEL FRAMEWORK

    Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.

  • icon
    CASE STUDY

    Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

DISCLOSURES

Readers should be aware of the following:

This study is commissioned by Microsoft and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Azure Arc.

Microsoft reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

Microsoft provided the customer names for the interviews but did not participate in the interviews.

NEXT SECTION: The Microsoft Azure Arc Customer Journey

Interviews

Role Industry Region Azure Arc-enabled infrastructure Additional infrastructure
Lead data architect Energy Headquartered in Europe 100 to 200 on-premises servers, 500 virtual machines 3,000 cloud servers with Azure and other vendors
Architect, cloud products Energy Headquartered in North America 3,000 to 4,000 on-premises servers 4,000 cloud servers with Azure
Deputy IT director Manufacturing Headquartered in Europe 350 on-premises servers 1,600 cloud servers with Azure and other vendors
VP of IT Finance Headquartered in North America 1,000 on-premises servers and 7,500 virtual machines Kubernetes and cloud servers with Azure and other vendors
“We had many servers to oversee, and a lot of processes were still on-prem. Our goal was to acquire a single pane of glass to monitor servers and move more workloads to the cloud.”

Architect, cloud products, energy

Key Challenges

The interviewees’ organizations all had diverse infrastructures. The IT ops teams managed thousands of servers with a variety of configurations. These included in the cloud, on-premises, physical, and virtual. Most of the servers ran Windows, and some ran Linux. Similarly, most of the cloud infrastructure was on Azure, but some used other cloud vendors, usually as part of a multicloud strategy. Finally, at two of the interviewees’ organizations, the infrastructure included Kubernetes clusters. In short, the IT ops teams had a wide variety of infrastructure to support.

The interviewees noted how their organizations struggled with common challenges, including:

  • Infrastructure that could not be migrated to the cloud was holding back modernization.

    All of the interviewees’ organizations had legacy assets that were difficult to move to the cloud. Sometimes assets needed to remain on-premises for regulatory reasons. The manufacturing organization in particular required low latencies. Therefore, the interviewees’ organizations needed to take a hybrid cloud approach.

  • Managing diverse infrastructures was time-consuming.

    Although the IT ops teams had a variety of processes and tools to manage infrastructure before Azure Arc, the processes were mostly manual and the tools were often vendor specific (e.g., dashboards specific to each provider). Manual and partially automated processes risked errors and disruptions to the business, and multiple tools meant that the teams lacked visibility into the infrastructure they were responsible for.

  • The lead data architect in the energy industry said, “After we invested in a second cloud, the maintenance [became] significantly higher than the potential benefits.”

  • The VP of IT in the finance industry said: “We were using a lot of resources and spending a lot of time on governance and orchestration [—] moving workloads around, speeding up workloads, maintaining [infrastructure], just all of [that]. There was a lot going on. … It was very cumbersome. There was no streamlining, no efficiencies built in. … We used [every] tool available to get the job done.”

  • The deputy IT director in the manufacturing industry said: “The problem was that we had manual processes to configure a server. … We had three different ways of managing a system. … We had manual processes, and the problem with manual processes is that they always prompt errors. And on top of that, there was a lack of reporting, because if you use different technologies, you cannot have a ‘single pane of glass.’ And the problem with this [system] was that it increased the risk of changes.”

Solution Requirements

The interviewees’ organizations searched for a solution that could:

  • Reduce the effort to manage infrastructure.

    The VP of IT in finance explained, “We started to look [for new] ways of doing things faster and more efficiently.” Similarly, the deputy IT director in manufacturing said, “[We wanted] to try to minimize deployment times and [the effort to] maintain infrastructure as much as possible.”

  • Centralize governance and improve security.

    The deputy IT director in manufacturing explained: “We are a very large organization with 21 IT teams. Each team managed their servers independently with manual processes. … There was a high need to implement a configuration management system. … [Azure Arc] enabled us to build a common reporting mechanism and a common configuration repository. The goal was to set a minimum configuration baseline for compliance and security.”

  • Support the needs of a global enterprise running complex, mission-critical systems.

    The lead data architect in the energy industry explained, “We already had a lot of Microsoft products, and so it was an easy choice to [use] one platform [with] very good integration.”

“We wanted a vendor that would provide a solution close to our environment and — like Microsoft — would provide proven support. [And] we wanted a technology … to help us avoid problems [like] business disruption during change management.”

Deputy IT director, manufacturing

Composite Organization

Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the four interviewees, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics.

  • Description of composite.

    The composite organization is a multibillion-dollar company in the manufacturing industry with tens of thousands of employees and multiregional operations. Although the organization has been migrating some of its infrastructure to the cloud, it has significant on-premises infrastructure that cannot be migrated because these assets would be prohibitively difficult to migrate, must remain on-premises for regulatory reasons, or are used in low latency scenarios. To mitigate risk and realize cost savings, the organization has a multicloud strategy: it has cloud infrastructure on not just Azure, but multiple cloud vendors.

  • Deployment characteristics

    The organization has a total of 8,000 infrastructure assets — these are a mix of servers (cloud and on-premises) and virtual machines (VMs). The organization’s infrastructure also includes other databases, Kubernetes clusters, and some edge devices. About 50% of the composite organization’s infrastructure is on-premises, and the rest is hosted in the cloud. While much of the organization’s infrastructure runs on Azure and is Windows-based, some of the organization’s infrastructure runs on non-Microsoft platforms.

    Of the organization’s 8,000 infrastructure assets, 50% can be onboarded to Azure Arc. The company decides to take a conservative approach by onboarding infrastructure assets to Arc incrementally over the course of multiple years. Finally, the IT ops team that overseeing the assets that can be Arc-enabled has 20 members.

Key assumptions
  • 4,000 assets can be Arc-enabled
  • 20 IT ops team members
  • Multiyear timeline
NEXT SECTION: Analysis Of Benefits

Total Benefits

Ref. Benefit Year 1 Year 2 Year 3 Total Present Value
Atr IT ops productivity $377,055 $754,110 $1,005,480 $2,136,645 $1,721,441
Btr Reduced security risk $110,160 $220,320 $293,760 $624,240 $502,934
Ctr Reduced spending on third-party tools and services $101,250 $405,000 $810,000 $1,316,250 $1,035,321
Total benefits (risk-adjusted) $588,465 $1,379,430 $2,109,240 $4,077,135 $3,259,696
“We’re just making everyone’s lives so much easier so they can do other things. … If there is an issue, for example, you don’t have to spend a week troubleshooting to figure out what happened — [with Arc,] you can now just go and bring up a report.”

Architect, cloud products, energy

IT Ops Productivity

  • Evidence and data.

    Interviewees reported that their organizations’ IT ops personnel realized about 30% time savings on regular duties such as configuring and updating infrastructure, managing policies and permissions, troubleshooting and resolving issues, and more. The interviewees reported productivity gains not only from having a single pane of glass to manage diverse infrastructure, but also from features such as automation. Azure Arc-enabled assets could be governed like Azure assets and thereby benefit from Azure services. The interviewees said IT ops spent the time saved on higher-value tasks such as innovation.

  • Interviewees reported the following experiences:

    • The deputy IT director in manufacturing said: “[Before Arc], we [needed] two administrators to manage around 60 servers. … With Arc, a single administrator can manage 150 servers or more with more compliance and security. … Moreover, [before Arc], our team needed at least two weeks to fully update our infrastructure, whereas with Arc, we can update our systems in a weekend.”
    • The deputy IT director continued: “Our team population did not change, but we managed to shift duties and offload our administrators from repetitive and tedious (but necessary) tasks. This shift gained us time for adopting new technologies and modernizing our infrastructure. [We can better] utilize the people [we] have because human capital is very important for adopting new technology and focusing on business goals.”
    • The lead data architect in the energy industry said: “We save effort and money, but we can [also] act more agile, which is one of the success factors for our unit. … The time and the effort [saved is] utilized for innovation.”
    • The VP of IT in finance described shorter ramping periods for new IT ops team members, thanks to Azure Arc: "It allows us to be better prepared when ramping up the next [new team member]. [We just] say, ‘Here’s what we do. Here [is] the tool. … Have a seat and let’s go.’ [Azure Arc] allows for that.”
  • Modeling and assumptions.

    For the composite organization, Forrester assumes:

    • The organization has 8,000 total infrastructure assets, of which 50% can be Azure Arc-enabled.
    • By Year 1, the organization has enabled 30% of supported assets in Azure Arc. By Year 2, it has enabled 60%, and by Year 3, it has enabled 80%.
    • The initiative to enable assets in Azure Arc progresses along timeline typical for large technology projects. The organization first enables the easiest-to-integrate assets — the low-hanging fruit. But the rate of integration slows as the organization hits roadblocks, such as assets not in its original inventory and scope increases.
    • Before Azure Arc, IT ops personnel spent an average 35 hours per year governing each infrastructure asset.
    • Once the asset is enabled in Azure Arc, the time to govern it falls by 30%.
    • IT ops team members earn a fully burdened hourly rate of $42.
    • IT ops team members capture and use 75% of the time they save for other productive tasks (e.g., innovation).
  • Risks.

    This benefit may vary across organizations for the following reasons:

    • Metrics such as the number of infrastructure assets that can be Azure Arc-enabled are organization-specific.
    • Time spent managing each asset before and after enabling it in Azure Arc may vary.
    • Organizations may wish to pursue faster or slower timelines for enabling assets in Azure Arc.
  • Results.

    To account for these risks, Forrester adjusted this benefit downward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.7 million.

“Azure Arc enables you to have a single pane for reporting and a consolidated view of your infrastructure. [Before Azure Arc], there was no clear visibility.”

Deputy IT director, manufacturing

chart

IT ops productivity: 53% of benefits

IT Ops Productivity

Ref. Metric Source Year 1 Year 2 Year 3
A1 Total infrastructure assets (e.g., servers, VMs, etc.) Assumption 8,000 8,000 8,000
A2 Percentage of infrastructure assets that can be Arc-enabled (e.g., on-premises, multicloud, etc.) Assumption 50% 50% 50%
A3 Total infrastructure assets that can be Arc-enabled A1*A2 4,000 4,000 4,000
A4 Percentage of supported infrastructure assets that are Arc-enabled Assumption 30% 60% 80%
A5 Subtotal: infrastructure assets that are Azure Arc-enabled A3*A4 1,200 2,400 3,200
A6 Time spent governing each asset before Azure Arc (hours per year) Interviews 35 35 35
A7 Reduction in time spent governing each asset after Azure Arc Interviews 30% 30% 30%
A8 Total time saved after Azure Arc (hours per year) A5*A6*A7 12,600 25,200 33,600
A9 IT ops personnel fully burdened hourly rate Assumption $42 $42 $42
A10 Percent captured for productive use Assumption 75% 75% 75%
At IT ops productivity A8*A9*A10 $396,900 $793,800 $1,058,400
Risk adjustment ↓5%
Atr IT ops productivity (risk-adjusted) $377,055 $754,110 $1,005,480
Three-year total: $2,136,645 Three-year present value: $1,721,441

Reduced Security Risk

  • Evidence and data.

    Interviewees said that enabling Azure Arc with their organizations’ infrastructures improved security in two ways. First, it allowed the organizations to more easily identify and update infrastructure that did not comply with their latest security standards. Second, the organizations could protect their Azure Arc-enabled infrastructure using Microsoft security services such as Azure Monitor, Microsoft Defender for Cloud, and Microsoft Sentinel. Previously, these services were available primarily for Azure cloud assets (or for on-premises assets, but with fewer features). With Azure Arc, these security services could be deployed across the organization and with additional features. After Azure Arc-enabling their infrastructure, some of the organizations replaced their prior security solutions and standardized on Azure security services.

  • Interviewees reported the following experiences:

    • The deputy IT director in manufacturing said: “With Azure Arc, we gained real insight into our infrastructure, including infrastructure on [another cloud provider]. That helped us identify architecture [gaps] as well as controls to improve compliance. [With Azure Arc,] we found that around 20% of our infrastructure had been noncompliant.”
    • The architect of cloud products in the energy industry explained that Azure Arc helped with configuration management: “[In terms of] baseline security ... if somebody makes a change that goes against what your defined configuration is, you can get alerted to it, and you can automatically revert that change. Basically, [this] helps keep everything stable.”
    • The energy industry interviewee continued: “We’ve definitely seen a benefit [from] utilizing Azure services. [Also,] as we migrated [from our prior security and governance tools], we polished our processes in a lot of aspects. … So, we are still at the same level of compliance, possibly better, and at the same time making [compliance] easier.”
    • The VP of IT in finance said: “This [Azure Arc] platform allows us to address zero-day updates right away. It [also] allows us to report on [security]. It allows me to aggregate that data into quarterly reports I can [use in conversations] with the board. … It’s definitely a lifesaver. Previously, governance was basically siloed. [Azure Arc] definitely helped with that, and [better] governance allows for reporting up within the organization.”
    • The lead data architect in the energy industry said, “We made it mandatory that Defender is installed on all machines.”
  • Modeling and assumptions.

    For the composite organization, Forrester assumes:

    • The cost of a data breach is $2.4 million.2
    • Before Azure Arc, the likelihood of a data breach due to noncompliant infrastructure is 17%.3
    • At the composite organization, data breach risks are due to 20% of the organization’s infrastructure being noncompliant with security standards.
    • As the organization enables new assets in Azure Arc, it uncovers the noncompliant assets and updates them to the latest security standards. This reduces the overall number of noncompliant assets.
    • As the percentage of assets that are noncompliant falls, the organization’s risk of a data breach from noncompliant infrastructure also falls.
    • Forrester calculates this benefit as the value of the reduced exposure to a potential data breach.
  • Risks.

    This benefit may vary across organizations for the following reasons:

    • The cost of a data breach may vary based on industry, organization size, etc.
    • The risk of a data breach from noncompliant infrastructure before Azure Arc could vary due to both unique characteristics of the organization (e.g., some industries may have higher exposure) as well as factors outside the organization’s control (e.g., global trends).
    • The percentage of infrastructure noncompliant with security standards before Azure Arc is organization specific.
    • For simplicity, Forrester’s model also does not calculate some factors that could influence this benefit upward:
    • Better governance also improves compliance with regulations and reduces auditing exposure. Readers who wish to account for this benefit alongside reduced security risks might change the cost of an infrastructure security incident to also include, e.g., associated fines related to noncompliance with regulations.
    • Better governance and reporting from Azure Arc also makes it easier to mitigate risks in the future.
  • Results.

    To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of $503,000.

chart

Reduced security risk: 15% of benefits

Reduced Security Risk

Ref. Metric Source Year 1 Year 2 Year 3
B1 Cost of a data breach Assumption $2,400,000 $2,400,000 $2,400,000
B2 Before Azure Arc: Risk of a data breach from noncompliant infrastructure Forrester Research 17% 17% 17%
B3 Before Azure Arc: Percentage of supported infrastructure noncompliant with security standards Interviews 20% 20% 20%
B4 Before Azure Arc: Supported infrastructure assets that are noncompliant A3*B3 800 800 800
B5 Infrastructure assets newly enabled in Azure Arc A5-A5PY 1,200 1,200 1,200
B6 After Azure Arc: Noncompliant infrastructure assets updated to security standards B3*B5 240 240 240
B7 After Azure Arc: Supported infrastructure assets that are noncompliant B4-(B6+B6PY+B6PY-1) 560 320 160
B8 After Azure Arc: Percentage of supported infrastructure noncompliant with security standards B7/A3 14% 8% 4%
B9 After Azure Arc: Risk of a data breach from noncompliant infrastructure B8*(B2/B3) 11.9% 6.8% 3.4%
B10 After Azure Arc: Security risk reduction after updating infrastructure assets to security standards B2-B9 5.1% 10.2% 13.6%
Bt Reduced security risk B1*B10 $122,000 $244,000 $326,400
Risk adjustment ↓10%
Btr Reduced security risk (risk-adjusted) $110,160 $220,320 $293,760
Three-year total: $624,240 Three-year present value: $502,934
“The administrators actually have greater visibility with fewer tools.”

VP of IT, finance

Reduced Spending on Third-Party Tools

  • Evidence and data.

    Multiple interviewees said that after deploying Azure Arc, their organizations retired third-party software they had previously used to manage and secure their infrastructure. Azure Arc replaced vendor-specific or platform-specific tools as it provided a unified view of infrastructure. Azure Arc also often offered superior capabilities to the old tools. Organizations also standardized across Microsoft’s Azure security services. Because the old tools were expensive, the organizations realized millions of dollars in savings.

  • Interviewees reported the following experiences:

    • The VP of IT in finance said: “[Azure Arc] has reduced the number of tools that we need for operations around Azure. [Before, we had] every tool by every vendor. … [We now spend] a lot more time at the Azure dashboard … as opposed to the specific vendor dashboards that we used to have. … And so, because we don’t need those products anymore, [they] come off the books and those cost savings are captured.”

      The interviewee added, “Sometimes I say to myself, ‘I think [another platform] is a Microsoft competitor, but [Azure] Arc is playing well with them.”

      The interviewee in the finance industry concluded: “[Azure Arc] allows us to be scalable [and] to not have to cannibalize our [prior] investments in [infrastructure]. … We’re not known as an international company, but we have global operations. This technology allows us to be a global company with [our current] headcount because we can scale as necessary.”

    • The architect for cloud products in the energy industry explained their organization’s philosophy: “[We use] that whole 80/20 rule — if it meets the majority of what we need to do, then we replace [our old management tools]. We could see savings of several million dollars over three to five years as we move those servers to Azure Policy and Automation through Azure Arc and … off of [our old platform for] compliance.”
  • Modeling and assumptions.

    For the composite organization, Forrester assumes:

    • To be conservative, the composite organization spends 1% of its annual revenue on IT.4
    • Of that IT budget, the composite organization spends 1% on third-party tools to manage infrastructure that can be Azure Arc-enabled. Again, this is a conservative assumption.
    • After Azure Arc-enabling their infrastructure, the composite organization retires old tools that are no longer needed.
    • The total percent reduction in spending is 5% in Year 1, 10% in Year 2, and 15% in Year 3. The percent reduction increases as the organization enables more assets in Azure Arc, and there is a lag after assets are enabled in the Azure Arc and when the organization retires them.
“When I do dive in, I actually have a faster understanding of [our infrastructure]. So the benefit to me is that I have greater visibility — I need to ask [the team] fewer questions. The [Azure Arc] dashboard is … very easy.”

VP of IT, finance

  • Risks.

    This benefit may vary across organizations for the following reasons:

    • Spending on IT as well as third-party tools to manage infrastructure is organization specific. Forrester’s assumptions reflect market averages, but an organization’s actual spending in these areas may vary based on industry, existing infrastructure, etc. Readers are welcome to substitute metrics from their own organizations in the calculation tables to estimate the value of this benefit at their own organizations.
  • Results.

    To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of $1.0 million.

chart

Reduced spending on third-party tools: 23% of benefits

Reduced Spending On Third-Party Tools

Ref. Metric Source Year 1 Year 2 Year 3
C1 Percentage of supported infrastructure assets that are Arc-enabled A4 30% 60% 80%
C2 Annual revenue Assumption $75,000,000,000 $75,000,000,000 $75,000,000,000
C3 Percentage of annual revenue spent on IT Assumption 1% 1% 1%
C4 IT budget C2*C3 $750,000,000 $750,000,000 $750,000,000
C5 Percentage of IT budget spent on third-party tools to manage supported infrastructure Assumption 1% 1% 1%
C6 Spending on third-party tools to manage supported infrastructure C4*C5 $7,500,000 $7,500,000 $7,500,000
C7 After Azure Arc: Percentage reduction in spending for Arc-enabled infrastructure assets Interviews 5% 10% 15%
Ct Reduced spending on third-party tools C1*C6*C7 $112,500 $450,000 $900,000
Risk adjustment ↓10%
Ctr Reduced spending on third-party tools (risk-adjusted) $101,250 $405,000 $810,000
Three-year total: $1,316,250 Three-year present value: $1,035,321

Flexibility

The value of flexibility is unique to each customer. There are multiple scenarios in which customers might realize additional uses and business opportunities after onboarding to Azure Arc:

  • Similar benefits for other infrastructure assets.

    Infrastructure that can be Azure Arc-enabled includes virtual machines, on-premises servers, Kubernetes clusters, databases, Structured Query Language (SQL) servers, Internet of Things (IoT) devices, edge devices, and virtual machines on other cloud providers. Azure Arc can be a suitable choice for a variety of organizational infrastructure needs. Not all of the organizations that participated in this study had deployed Azure Arc for all of their different asset types, and so Forrester did not quantify the benefits particular to some asset types. However, the organizations that did participate in the study realized consistent, quantifiable benefits despite having widely varying, heterogeneous infrastructures. Organizations might expect to realize benefits like those in this study for other types of Azure Arc-enabled infrastructure, regardless of whether those infrastructure types are explicitly mentioned in this study.

  • Development of applications utilizing hybrid infrastructure.

    Organizations can leverage Azure Arc to develop and deploy applications on hybrid or multicloud infrastructure. Organizations might use Azure Arc in this manner when developing new cloud-native applications or modernizing legacy applications. Interviewees described the potential for developers and DevOps team members to realize productivity gains in these scenarios.

  • IT ops innovation.

    Interviewees reported that IT ops team members used the time saved with Azure Arc on activities of higher value to the business. They repurposed time previously spent on routine infrastructure operations towards innovation.

Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).

NEXT SECTION: Analysis Of Costs

Total Costs

Ref. Cost Initial Year 1 Year 2 Year 3 Total Present Value
Dtr Azure consumption fees for composite organization $34,373 $137,491 $274,982 $366,643 $813,490 $662,087
Etr IT ops training $17,640 $0 $0 $0 $17,640 $17,640
Ftr Implementation effort $110,880 $110,880 $110,880 $110,880 $443,520 $386,622
Total costs (risk-adjusted) $162,893 $248,371 $385,862 $477,523 $1,274,650 $1,066,349

Azure Consumption Fees For Composite Organization

  • Evidence and data.

    The interviewees’ organizations paid no costs to onboard infrastructure assets in Azure Arc. To realize the full benefits of Azure Arc, though, the organizations invested in Azure services for the Azure Arc-enabled assets, including Azure Policy and Automation (which yielded productivity gains), and Monitor, Defender, and Sentinel (all three of which yielded security benefits).

  • Modeling and assumptions.

    For the composite organization, Forrester assumes:

    • There is no cost for onboarding assets to Azure Arc-enabled servers.
    • Azure Policy Guest Configuration and Azure Automation Change Tracking and Inventory Management cost $6 per node per month.
    • For Azure Monitor, each Azure Arc-enabled asset generates 0.1 GB of log data per day, and the organization retains these logs for 12 months.
    • Microsoft Defender for Cloud runs on each Arc-enabled asset for an estimated 730 hours per year.
    • For Microsoft Sentinel, each Azure Arc-enabled asset generates 0.1 GB of log data per day.
  • Risks.

    This cost will vary based on an organization’s number of Arc-enabled infrastructure assets and its unique consumption needs.

  • Results.

    To account for these risks, Forrester adjusted this cost upward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $662,000.

chart

Azure consumption fees for composite organization: 62% of costs

Azure Consumption Fees For Composite Organization

Ref. Metric Source Initial Year 1 Year 2 Year 3
D1 Onboard to Azure Arc Assumption $0 $0 $0 $0
D2 Azure Policy and Automation A5 * $6/month * 12 months $21,600 $86,400 $172,800 $230,400
D3 Add-on: Monitor A5 * 0.1 GB/day/asset * 30 days * $196/100 GB + A5 * 3 GB/month * 11 months * $0.10/GB $1,764 $7,056 $14,112 $18,816
D4 Add-on: Defender A5 * 730 hours * $0.02/hour $4,380 $17,520 $35,040 $46,720
D5 Add-on: Sentinel A5 * 0.1 GB/day/asset * 30 days * $100/100 GB/day $900 $3,600 $7,200 $9,600
Dt Azure consumption fees for composite organization D1+D2+D3+D4+D5 $28,644 $114,576 $229,152 $305,536
Risk adjustment ↑20%
Dtr Azure consumption fees for composite organization (risk-adjusted) $34,373 $137,491 $274,982 $366,643
Three-year total: $813,490 Three-year present value: $662,087

IT Ops Training

  • Evidence and data.

    Interviewees reported that IT ops personnel typically became proficient with Azure Arc within a month.

    • The lead data architect in the energy industry said: “It’s a learning curve — [IT ops has] to train, but there is documentation, and we had less issues, I believe, than we would have had with [other platforms].”
“The documentation is, I believe, quite good: an IT expert can dive in and just implement [Azure Arc].”

Lead data architect, energy

  • Modeling and assumptions.

    For the composite organization, Forrester assumes:

    • There are 20 IT ops personnel managing supported infrastructure assets.
    • IT ops team members earn a fully burdened hourly rate of $42.
    • IT ops personnel receive an initial 20 hours of training time spread out over several weeks, and then they do not need additional training in subsequent years.
  • Risks.

    This cost may vary across organizations for the following reasons:

    • IT ops’ previous exposure to Azure Arc or other Azure technology.
    • Some IT ops personnel may require more robust training than others.
    • IT ops salaries will vary across organizations and geographies (e.g., average salaries may be higher in some countries than others).
  • Results.

    To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV of $18,000.

chart

IT ops training: 2% of costs

IT Ops Training

Ref. Metric Source Initial Year 1 Year 2 Year 3
E1 IT ops personnel managing supported infrastructure assets Interviews 20 20 20 20
E2 IT ops personnel fully burdened hourly rate A9 $42 $42 $42 $42
E3 Training time (months per year) Interviews 20 0 0 0
Et IT ops training E1*E2*E3 $16,800 $0 $0 $0
Risk adjustment ↑5%
Etr IT ops training (risk-adjusted) $17,640 $0 $0 $0
Three-year total: $17,640 Three-year present value: $17,640

Implementation Effort

  • Evidence and data.

    The interviewees all oversaw the implementation of Azure Arc at their organizations. Interviewees described the effort as a dynamic process that required adaptability as scope and business needs changed. Interviewees also explained that, after enabling assets in Azure Arc, they spent time migrating prior configurations to policies in the solution as well as developing new processes and workflows. The interviewees explained that Microsoft support was an important resource for overcoming challenges.

  • Interviewees reported the following experiences:

    • The deputy IT director in the manufacturing industry said that their organization enabled 350 physical servers in Azure Arc in one fiscal quarter. The interviewee also said that migrating old configurations into Azure Policy usually took a few weeks.
    • The lead data architect in the energy industry said: “We had more than 300 servers connected from the private cloud and there were one or two cases where some issues occurred and the agent couldn’t be deployed. We called Microsoft for support to find the root cause and they were able to get it working.”
  • Modeling and assumptions.

    For the composite organization, Forrester assumes:

    • Five IT ops personnel are involved in Azure Arc implementation.
    • IT ops team members earn a fully burdened hourly rate of $42.
    • IT ops personnel spend on average 320 hours per year enabling new assets in Azure Arc. They distribute this work over the course of each year, balancing it alongside other projects (e.g., other modernization efforts).
  • Risks.

    This cost may vary across organizations for the following reasons:

    • The state of the initial infrastructure environment — for example, the number of assets that need to be Azure Arc-enabled — will differ by organization, and therefore impact the amount of effort required for implementation.
    • Some organizations may adopt Azure Arc more slowly than others. Organizational change is inherently difficult, and optimal use of Azure Arc requires new strategies and processes.
    • Conversely, some organizations may wish to deploy Azure Arc faster than modeled.
  • Results.

    To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV of $387,000.

chart

Implementation effort: 36% of costs

Implementation Effort

Ref. Metric Source Initial Year 1 Year 2 Year 3
F1 IT ops personnel involved in Azure Arc implementation E1 5 5 5 5
F2 IT ops personnel fully burdened hourly rate A9 $42 $42 $42 $42
F3 Time spent on Azure Arc implementation (hours per year) Interviews 480 480 480 480
Ft Implementation effort F1*F2*F3 $100,800 $100,800 $100,800 $100,800
Risk adjustment ↑10%
Ftr Implementation effort (risk-adjusted) $110,880 $110,880 $110,880 $110,880
Three-year total: $443,520 Three-year present value: $386,622
NEXT SECTION: Financial Summary

CONSOLIDATED THREE-YEAR RISK-ADJUSTED METRICS
  • icon

    These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.

Cash Flow Chart (Risk-Adjusted)

Cash Flow Table (Risk-Adjusted Estimates)

Initial Year 1 Year 2 Year 3 Total Present Value
Total costs ($162,893) ($248,371) ($385,862) ($477,523) ($1,274,650) ($1,066,349)
Total benefits $0 $588,465 $1,379,430 $2,109,240 $4,077,135 $3,259,696
Net benefits ($162,893) $340,094 $993,568 $1,631,717 $2,802,485 $2,193,347
ROI 206%
Payback <6 months

The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.

NEXT SECTION: Appendixes

Appendix A: Total Economic Impact

Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.

Total Economic Impact Approach

  • icon

    Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.

  • icon

    Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.

  • icon

    Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.

  • icon

    Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”

  • icon
    PRESENT VALUE (PV)

    The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash f lows.

  • icon
    NET PRESENT VALUE (NPV)

    The present or current value of (discounted) future net cash f lows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.

  • icon
    RETURN ON INVESTMENT (ROI)

    A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.

  • icon
    DISCOUNT RATE

    The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.

  • icon
    PAYBACK PERIOD

    The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.

The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.

Appendix B: Endnotes

1 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.

2 Source: “The 2021 State Of Enterprise Breaches,” Forrester Research, Inc., April 8, 2022.

3 63% of surveyed firms reported a data breach in the 12 months prior to the survey, and 27% of external security attacks targeted cloud servers, public cloud environments, private cloud environments, and IoT devices. Source: Forrester Analytics Business Technographics® Security Survey, 2021.

4 Source: “2020 To 2021 US Tech Budgets: The Industry Outlook,” Forrester Research, Inc., March 3, 2020.

About Forrester Consulting

Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from a short strategy session to custom projects, Forrester’s Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit forrester.com/consulting.

Forrester Research, Inc.© All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional information, go to forrester.com.

Cookie Settings