June 16, 2018 was a big day for the Effortless Admin platform. For the many advisors, plan administrators and employees that use the platform, this would have seemed liked any other day. But behind the scenes a significant change had occurred. This was the day that we retired our physical servers and embraced the robust and powerful cloud computing service created by Microsoft, and loved by countless tech giants… namely, Microsoft Azure.
Far before we decided to transition to Microsoft Azure we knew that cloud computing was the future of the Effortless Admin platform. Keeping up with the demands of our physical servers (hardware failures, upgrading hardware, adding servers, and so on) was challenging at best. Just ask any IT professional what it’s like to manage a physical server farm.
We knew that the right cloud computing environment would help us scale more efficiently and would free us from the nuisances that inherently come with physical servers. The big question was: Which cloud service is right for us? Given the importance of this decision, our engineers set aside countless hours to assess the various cloud computing services offered today, including Amazon AWS, Google Cloud, Microsoft Azure.
Our primary considerations included:
- Security - This was the absolute number one priority!
- Locality of servers - The servers and all data had to be located in a Canadian datacenter.
- Performance - The new solution must deliver better performance than our current physical environment and there must be room to improve performance when needed.
- Scalability - The time dedicated to expanding and maintaining our network was becoming a real problem. Whatever solution we went with had to make asset management a lot easier.
- Subscription cost - We weren't looking to break the bank. Ideally our new cloud solution would not cost any more than our current physical solution.
After months of assessment and due diligence, we decided that Microsoft Azure was the best solution for our specific needs. The purpose of this article isn’t to put a stake in the ground and pontificate why our decision is “right” and why others are choosing the “wrong” service. Nope… you’ll have to do some more Googling if you are looking for an extensive pros-and-cons list. In our situation, however, Azure was the clear winner.
That said, it’s been about six months since we made the transition and we wanted to share what we really appreciate about our new environment. Here are just a few highlights…
Azure is serious about security
Security is, without a doubt, the most important consideration when you’re choosing a cloud computing environment, or any technology solution for that matter. In my opinion, performance, cost, ease of use, and any other metric you are using to gauge a solution all need to take a back seat to security. After all, what’s the point of adopting a new technology if you are putting yourself and your clients at risk?
Answer: there is none… it’s just a really bad idea.
Microsoft, Google and Amazon all have excellent security measures in place. However, Azure currently has the most security certifications out of all providers and they are constantly adding new certifications to maintain their title as the most secure cloud provider. They were the first major cloud provider to be compliant with ISO 27018, and they were the first (and remain the only) provider to be granted level 5 clearance by the Department of Defence for the purposes of national security.
The attention that Microsoft places on keeping their security certifications up-to-date gives us a lot of confidence that our environment is well protected.
Another major benefit with Azure is the many network protections that are included by default. One of the biggest current threats to platform stability are Distributed Denial of Service (DDoS) attacks. This is when a service is flooded with many more network requests than it can handle, which results in the service shutting down completely. We’ve all heard about DDoS attacks bringing down many major services in the recent news. Azure provides all of their customers with built in protection against DDoS attacks at the network level, often before any heavy traffic even gets to their servers.
Azure also offers fine grained control of private networks with network partitioning and firewalls. This has enabled us to precisely define network access and monitoring to be sure things are secure. And, Azure provides numerous methods of encryption allowing us to ensure that data is always encrypted in-transit and at-rest.
Robust Canadian data centers
Out of all cloud service providers, Microsoft offers the most regions worldwide. At the time of this article, Microsoft has two, full-featured Canadian data centers. For a Canadian administrator of employee benefits, using exclusively Canadian data centers is an absolute must.
What we really appreciate about the locality of Azure is that their Canadian data centers are not inferior to their American counterparts. We have never noticed important features being excluded from data centers north of the border.
Performance won’t be an issue
Azure has a reputation for being the backbone of many demanding, enterprise-level applications. This includes massive apps like Adobe’s Experience Cloud, Honeywell’s Lyric solution and Office 365, to name a few. There is no doubt that Azure will be able to keep up with our performance requirements.
Scaling is simple
One of the inherent features of cloud computing is the ability to dynamically change the resources in a deployed environment. This offers a major advantage over traditional (physical) server environments.
As a point of context… a year ago, to add a server to our physical server farm we would manually requisition the new server, wait for days for the physical server to be added to our network and then spend another day configuring the server. Whereas in our cloud environment, a server can be deployed within minutes by simply clicking a few buttons in a web interface. Now we have the ability to double our even triple the size of our environment with relative ease.
Along with the switch to Azure, we adopted SaltStack for automated machine configuration management. By using SaltStack’s intelligent IT automation toolset, deploying new assets is fully automated. For example, when we need to deploy a new front-end web server, we are able to use our Salt script in concert with the Azure API to (1) requisition the server, (2) encrypt hard drives, (3) update firewall rules, (4) deploy production code and (5) update the load balancer to include the server in the rotation. It’s beautiful, more agile, and it greatly reduces the risks involved with code deployment and configuration changes.
And by adopting SaltStack we open ourselves up to a world of opportunities, including orchestrating the deployment of resources based on real-time demand.
We’re saving money
Microsoft Azure’s per minute, pay-as-you-go model allows us to only pay for what we need, when we need it. This means that we can scale our servers down (and save money) when demand is low, such as late at night and on weekends, and then scale the servers back up when demand increases. We are also able to create standalone test and staging environments and only pay for them when they are in use.
Another major cost savings opportunity was the ability to track resource utilization by server and prevent waste by forecasting usage and scaling to match.
Before we made the switch, we used Microsoft Azure’s pricing calculator and estimated that we would save somewhere between 15% to 20% on our monthly hosting costs.
> We are pleased to say that we are getting all of the added power of a robust, secure cloud environment and yet we are saving 16.7% each month. Freaking awesome!