When we started building our SaaS platform in mid-2014, it was clear that we were going to the cloud. As many of you contemplate hosted offerings, the path we traveled may be of interest for you. Following extensive research and discussions around architecture customization and control, security considerations, and ROI, we concluded that our time was better spent building a platform that addresses key industry pain points, rather than building in-house infrastructure. DiligenceVault is not an infrastructure firm, and the security demands and rigor of our industry could never justify investing in internal infrastructure early on. Additionally, for rapid and iterative development, we needed strong and scalable DevOps. The public cloud checked that box with simple, yet effective native logging, deployment bells and whistles, alerts and diagnostics. So, our first build vs. buy decision was pretty much a no-brainer.
Choosing the provider was the next step and another important decision. We looked at AWS, Azure, Google and IBM, and ultimately the decision came down to two leaders: AWS vs. Azure. Below are the factors that guided our decision-making process in 2014, and our decision was ultimately driven by business reasons and not just technicalities:
For the first year, our sole focus was application development. As the product matured, many features of Azure’s advanced functionality made our lives simpler!
Azure security center: delivers a unified view of security across all of Diligencevault cloud workloads 24x7. It automatically discovers and onboards new Azure resources and applies security policies across our hybrid cloud workloads to ensure compliance with security standards. It further collects, searches and analyse security data from a variety of sources, including firewalls and other partner solutions.
Easy monitoring & alerting: While controls can help you build a fortress, the ability to be alerted to unusual activity, or a potential vulnerability, is key. What you do not know can hurt you very much, so visibility of issues was important for us. Azure’s security and vulnerability assessment features have matured since 2014 with significant additions to logging and alerting mechanisms.
Shared service offerings: The availability of app service PAAS (Platform as a Service) meant we did not have to configure virtual machines from scratch. Whenever we were ready to add micro services, we gradually incorporated IAAS (Infrastructure as a Service).
Configurable administration & security: Azure has offered significant configurability to improve data security and administration. Examples include multi-factor authentication to access Azure resources, and IP address whitelisting to access the database, which adds yet another layer of security controls. A lot of optional security hard wirings are now standard, starting with transparent data encryption, vulnerability center, and application insights.
Seamless deployments: We particularly find the deployment process efficient:
Easy integration with our code repository and active use of deployment slots. This makes maintaining environments very easy for us. You can develop and test in the cloud, eliminating issues around: “works on local, but not on Azure instance”, which often results as a consequence of different frameworks, dependencies and libraries across environments.
Automated testing and deployment to ensure there’s a round of quality testing on deployment.
Integrated load testing on deployment to ensure scalability.
Given the complexity of developing any application, let alone an enterprise one, eliminating points of friction tremendously affects the throughputs and the ability to maintain code shipping velocity to be responsive to our clients.
AWS is known to offer greater flexibility when it comes to open source technologies, and it is a platform of choice for startups. AWS is also marginally cheaper in terms of computational power, so it is economically better for data and computer-heavy research.
As we bifurcate the research and development teams, we expect research to be heavy on AWS and development on Azure. This strategy helps DiligenceVault manage our own vendor risk, and it keeps us close to enhancements on both platforms.
The relationship with Azure extends beyond just the platform and infrastructure offering. Their client engagement has been equally helpful. The Azure EIR signed us up for BizSpark Plus which had significantly greater benefits that came in handy as we started scaling with users in late 2015. The Azure startup team has also been fantastic - providing technical and security consultation when requested, helping us deploy new architecture, bringing us as an Azure startup to their enterprise clients, and providing webinars on cognitive offerings. Not that other cloud providers do not do this, but for us as an enterprise SaaS platform this support system is incredible.
So will you join DiligenceVault on our cloud? :)