Armored-Truck Company Entrusts Tracking Software to Windows Azure Cloud
U.K.-based cash-transport firm G4S is trusting the security of Microsoft's Windows Azure cloud service to keep safe the application that tracks where the money is as it travels to and from customers and the company's vaults in armored trucks.
G4S runs fleets of armored vehicles in 70 countries, and in seven of those is switching its eViper tracking application into the Azure cloud, starting with Cyprus but expanding to the others over the next four months, says Richard Wallace, the company's technical director for its Cash Solutions division.
FIRST LOOK: Windows Azure
The company specifically rewrote the application, called eViper, from Progress to .NET just so it could deploy it somewhere in the cloud as a way to save money, but also to make the application centrally available.
It considered using Amazon Web Services as well as Azure, seeking strong uptime guarantees, high availability and the ability to mirror the application in two cloud data centers for failover should the primary instance fail. Amazon Web Services quickly dropped out of contention because it couldn't offer what G4S wanted, he says.
The failover G4S has worked out with Azure takes 15 to 20 minutes as the application is shifted from an Azure data center in Ireland to one in Amsterdam. G4S had to write the failover code itself because Microsoft didn't offer it at the time, Wallace says.
He says he had a checklist of 170 points about security concerns and that he satisfied them using Microsoft documentation about its service and third-party evaluations of Microsoft's infrastructure. He was offered a site visit to the Ireland data center but didn't go.
He says he is not concerned that his data will be mixed with that of other customers. Since the data involved isn't personal data such as Social Security numbers or credit card numbers, it doesn't fall under more restrictive security standards.
"With the security I'm seeing in Azure [applications are] as secure in the cloud as at my managed service provider," he says.
He says he's also not too worried that criminals might hack the application and find out where the trucks with the money are since the trucks are already in plain sight on public roads. "If they want to the crooks can follow our trucks back to our depot," he says.
eViper is the only application G4S is entrusting to the cloud because it is stand-alone and doesn't call for a lot of data to be sent to the cloud, which would come with an extra cost. Should the application require more resources, though, they are available quickly and relatively cheaply compared to other models, he says.
If personal data is involved, a more stringent security evaluation is required and if cloud is used, it may have to be a private one, he says.
Saving money was an important factor in choosing Azure, reducing costs about $23,000 per month and resulting in a 2.5-year payback. G4S also saved money with the project by offshoring the application build and support, which cost about half what it would have cost in the U.K., he says.
The company has better functionality with Azure as well. For example, getting a new server from the managed service provider it used before took six weeks to assess an order and another six weeks to provision the new gear, he says. With Azure, more resources can be turned up within hours.
But Azure isn't without drawbacks. For example, with a managed service provider, the company contracted for notification of failures within 15 minutes with an assessment of what was wrong. With Azure the best he can expect is that they will look at problems within an hour but without details of what the problem is.
With a managed service provider, the company could negotiate penalties for failure to meet negotiated SLAs. Azure has an overall agreement with fewer penalties.
He says he'd like it if Azure offered business-intelligence services such as SQL reporting as part of its service, but he realizes the service is new and evolving and such services may come eventually.
Read more about wide area network in Network World's Wide Area Network section.