Using Windows Azure to Create a Multi-Platform Application


June 2012

The following content may no longer reflect Microsoft’s current position or infrastructure. This content should be viewed as reference documentation only, to inform IT business decisions within your own company or organization.

Microsoft Information Technology (IT) migrated the Journal Entry Management (JEM) tool to a cloud computing-based financial transaction and document management solution, based on the Windows Azure platform. This new solution delivered performance improvements, regulatory compliance, cost savings and new user capabilities through multiple devices.


Intended AudienceProducts & Technologies

Download Article, 110 KB, Microsoft Word file

  • Business Decision Maker
  • IT Decision Maker
  • IT Implementer

  • Windows Azure BLOB Storage
  • Windows Azure Service Bus
  • Windows Phone
  • Microsoft SharePoint 2010
  • Excel Services in Microsoft SharePoint Server
  • Microsoft Silverlight
  • Microsoft .NET Framework
  • Microsoft System Center 2012 - Operations Manager
  • Internet Information Server 7.5


The JEM application is a cloud-based financial transaction and document management tool that is designed for managing the Microsoft accounting journal entries. Within the JEM workflow, journal entries are authored and supported, posted to the Microsoft business processes system, and reviewed. The JEM project enabled the replacement of two tools that were used to manage journal entry posting and review. JEM supports a user base of approximately 5,000 users worldwide, and processes over 20,000 transactions and approximately 40 gigabytes (GBs) of data per month, which is growing at 10 percent each year.


Microsoft, like many other enterprises today, is seeing an increasingly global revenue model. This shift has had a direct effect on how and where key business processes are being managed, as well as the underlying application software.

With the previous solution, the existing software was not designed to handle the increasingly global business process delivery model. Moreover, three separate applications were being used to create accounting entries, and store evidentiary documents associated with the entries. The solution, based on a Distributed File System (DFS) model, was unable to handle regularly occurring increases in usage. Every month, one third of processed transactions occurred in the last three days of the month. The same pattern was more evident at the end of fiscal quarters, when month-end and quarter-end entries coincided.

Using multiple applications to support the same business process was also difficult to manage in a globalized environment, and made the support role more complicated. One of the applications was a Windows client-based program, susceptible to compatibility issues.

Because of the nature of application installation and maintenance, and the inability to support new business personas and scenarios, the applications were not fully used by the global finance work force. However, the data that the applications stored would be useful to many business units at Microsoft, if they could access it.


MSIT realized that a more effective solution was necessary for managing accounting entries. They were also identifying applications across the organization as potential candidates for migration to Windows Azure, their cloud computing platform.

Design Goals

The design team decided to create a single application, JEM, to unify the accounting transaction business process. The design team outlined several important goals for the new application:

  • Unify all business processes in a single application. Support new personas and scenarios.
  • Improve application performance, especially during peak usage times.
  • Add scalability. Make the application more available to all users who require JEM functionality, without the need for manual addition of resources.
  • Start with a hybrid approach and move the entire application to the cloud eventually.

Designing a Hybrid Application

The team evaluated available technologies for implementing JEM and established a hybrid approach to the solution using several technologies to produce the final solution.

SharePoint 2010 with Excel Services

The team decided to use an on-premises Microsoft® SharePoint® 2010 Server configuration to supply the user interface. Using a combination of Excel® Services in SharePoint Server 2010 for data entry and management and Microsoft Silverlight® for user interface design, MSIT was able to provide a functional, lightweight and universally available user experience. JEM processes and application services were hosted on Internet Information Server (IIS) in components designed in the Microsoft .NET Framework.

While the solution was implemented in the on-premises SharePoint 2010 infrastructure, the development team also designed the SharePoint component of the solution to be ready to run in Microsoft Office ® 365 SharePoint Online with only minor code modifications. This enabled the team to prepare for a migration to a cloud computing-based SharePoint environment without having to refactor the code before migration.

Windows Azure

MSIT leveraged Windows Azure binary large object (BLOB) storage as a service specifically for document management. Windows Azure BLOB storage was used to replace the custom distributed file services-based application named Docman for the storage and access of evidentiary documents. BLOB storage provided decreased storage costs, increased elasticity and scalability, built-in redundancy, and direct integration with other application components.

On-Premises Enterprise Resource Planning (ERP) and Other Components

One of the key on-premises components in the JEM environment was the solution Microsoft used for business data management, SAP. The development team was able to use the web services to integrate SharePoint 2010 and Windows Azure storage with SAP and other on-premises components.

Windows Phone

Moving the JEM interface to a web-based solution like SharePoint 2010 provided for a much larger scope of usability for potential JEM users. An installed, client-based application was no longer necessary, so the interface was open to a new set of users, outside the finance department.

However, MSIT was still not satisfied with JEM’s scope. They wanted to provide highly available JEM information to accounting users and business stakeholders, wherever they were. They also wanted to provide the availability to perform simple workflow tasks, such as entry approval, to as many potential users as possible.

The team leveraged the capabilities of Windows Phone 7.5 to design an application that provided both features. The Windows Phone component of JEM was built with a simple, lightweight user interface that provided several important functions:

  • Viewing dashboard with real time information on the financial close process.
  • Managing approval workflow.
  • Processing notifications to provide alerts and JEM-based information to Windows Phone and tablet users.
  • Viewing the financial close calendar.

System Center 2012 - Operations Manager

Because they were designing in a hybrid solution, the development team realized that they would have to plan for a monitoring and instrumentation solution that could effectively manage all aspects of the application.

By using Operations Manager, MSIT was able to unify monitoring into one dashboard, and use its deep monitoring capabilities to provide accurate and insightful instrumentation across the application. For Windows Azure, the team used the Windows Azure Management Pack as a base for building a solution to completely monitor the Windows Azure environment. They also designed and implemented custom components for Operations Manager to track Windows Azure-based information from JEM.

Solution Challenges and Design Re-factoring

Because development within Windows Azure was a fairly new process for the developers, they took several opportunities to re-analyze the solution design and address challenges that presented themselves in the solution.

Ensuring End-to-End Security

JEM was designed to process and contain important and sensitive financial data for Microsoft. As a result, the security design for JEM was very important, and the development team implemented the following security-related components:

  • Windows Azure Service Bus with Active Directory® Federation Services (AD FS) was used to authenticate, manage and protect communications between Windows Azure and on-premises components.
  • To manage the process of uploading documents to Windows Azure BLOB storage, the team leveraged the Shared Access Signature (SAS) security model. With SAS, the connection is secured through HTTPS while the time bound and fine-grained SAS key expires in a pre-defined time interval. This process practically eliminates the risk of unauthorized access to the application data.

Designing a Multi-Platform Application

Designing JEM for both SharePoint 2010 and Windows Phone resulted in improved application availability and better integration into Microsoft accounting practices. While the decision and results were significant, the developers found the effort in implementation was not.

Designing for Windows Phone reused a large amount of code and application structure that was developed for Windows Azure and Office 365. Communication with on-premises systems, such as SAP and others, through mobile devices, was facilitated through Windows Azure Service Bus. Windows Azure Access Control Services (ACS) and AD FS were used to ensure the protection of data and seamless integration with corporate Active Directory Domain Services (AD DS) data. Documents from Windows Azure BLOB storage can be downloaded directly to a Windows-based phone or tablet for viewing.

Additionally, the team implemented live notifications using Microsoft Push Notification Service to enable multiple notification options on the mobile device.

Implementing Instrumentation for a Hybrid Solution

Implementing instrumentation for JEM was simplified by the integration of all the technology platforms that are used with Operations Manager. The team was able to develop a useful monitoring and logging solution for the application to ensure proactive notifications for operations and support.

Reducing Application Down-time and Implementing System Recovery

The development team was able to take advantage of Windows Azure platform built-in scalability and resiliency, making JEM a much more robust application than its predecessors. However, the team also needed to make conciliations for data backup and retention that Windows Azure did not natively support.

Because of regulatory requirements and company policies, information in JEM needed to be backed up to an offsite data location, and retained for seven to ten years, depending on the type of information. The development team built a custom component that synchronized the data that is stored in Windows Azure BLOB Storage to an on-premises storage location, where it was backed up to removable tape for retention. Data more than six months old was not required for regular journal entry transactions and storing the data on tapes enabled reduced storage costs.


MSIT achieved several significant benefits from the implementation of JEM for accounting transaction management.

Business and End-User Benefits

Microsoft IT realized the following business-related benefits with the JEM implementation:

  • Large cost savings over the previous solution:
    • $22 million USD over five years in business operational costs.
    • $144,000 USD per year in engineering operations support costs.
  • Increased access to business information for users through Windows Azure and Windows Phone, leading to increased efficiency in the financial close process.

Technical Benefits

Microsoft IT realized the following technical benefits with the JEM implementation:

  • Increased reliability. JEM can handle peaks in usage better than the previous solution, due to the built-in scalability of the Windows Azure platform.
  • Greater extensibility. The Windows Azure-based solution is much easier to update and maintain than the previous solution. This provides for a more stable and available application, and makes the solution more adaptable to change in the future.

Lessons Learned

Designing hybrid applications in Windows Azure was a fairly new process to the team at MSIT, and they identified several important insights into the development process:

  • The Visual Studio® compute emulator for Windows Azure is easy to learn and easy to use.
  • For cloud services-based components, security of data storage and transmission must be decided upon during the very early stages of the project.
  • Monitoring and instrumentation of applications is very important to get operations on-board.
  • Designing for Windows Phone mobile devices does not require a significant departure from Windows Azure application code. Mobile application implementation frequently involves a simplified, lightweight UI.
  • Security and privacy require special attention when you design for mobile platforms. Data that is stored in the device must be separated and not available to other applications on the device.
  • Expanding applications to the cloud and to mobile devices enables the consumerization of IT. Applications are easy to use and can be accessed from anywhere.
  • Migrating applications to the cloud does not have to come at the expense of on-premises investment. On-premises solutions can be extended to the cloud in hybrid scenarios.

Best Practices

The team established several best practices for designing Windows Azure applications in a hybrid environment, especially with Windows Phone mobile devices:

  • Build applications with a loosely-coupled, rich services model. This allows for easy and low cost extension of applications onto different devices.
  • Help secure data during transmission and storage by using HTTPS and the Shared Access Signature security.
  • Ensure that a hybrid application is monitored and instrumented as a single solution in order to obtain accurate performance and reliability data.
  • Design for simplicity on mobile devices.
  • Integrate mobile applications more securely with on-premises components by using Windows Azure Service Bus and Access Control Services.
  • Consider processor usage and battery life when designing mobile applications.
  • Use cloud-computing’s universal availability to consumerize your applications.


Microsoft IT used Windows Azure and Windows Phone to develop a financial accounting transaction management application, JEM, which provided significant improvements over the previous solution in performance, reliability, usability and operating costs.

To summarize:

  • Windows Azure storage as a service provides great options for document management workloads where elasticity and scalability is required.
  • Features such as Windows Azure Service Bus enable improved connectivity with on-premises systems and easy extension to devices at a very low cost.
  • The overall Windows Azure development model is easy to learn.

For More Information

For more information about Microsoft products or services, contact the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Order Centre at (800) 933-4750. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information via the World Wide Web, go to:

© 2012 Microsoft Corporation. All rights reserved.

This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, Windows Azure, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.