Overview
A state transport organisation needed a faster, safer and more scalable way to share operational data with external operators. Arinco delivered a secure Azure-based data-sharing platform that replaced manual daily file transfers with governed APIs and automated data pipelines, enabling near real-time access, within seconds, while protecting safety-critical systems.
Business Challenge
The organisation operates a large and complex network that generates significant volumes of operational and sensor data, each day, including information from operational and monitoring equipment.
It needed to provide external operators with timely access to operational and asset condition data relevant to their services. This information supports asset monitoring, identification of potential issues and more informed operational decisions.
The existing process relied on scheduled file transfers, creating delays of up to 24 hours and limiting its value when operators needed to respond quickly.
The organisation also needed to support inbound data from external partners. This created a need for controlled bidirectional sharing, with the organisation both providing and receiving operational data.
Any new approach had to work across a complex environment spanning operational technology and ICT systems, while meeting strict government security, privacy, compliance and governance requirements.
The organisation needed a scalable, repeatable model for data sharing and an expert partner that could bring together OT, ICT, security and cloud expertise.
Solution
The state transport organisation engaged Arinco to design and deliver a secure data-sharing platform that could support multiple operational data-sharing scenarios.
Arinco delivered a cloud-native platform on Microsoft Azure, designed as a reusable integration hub. It connects to the organisations on-premises operational environment with Azure services, allowing selected data to be shared with approved external parties through secure, governed interfaces.
Discovery and design
Arinco worked with the organisation to define the business, technical, security and governance requirements, engaging stakeholders across OT, ICT, external operators and service providers.
Arinco also supported architecture validation through the organisations internal review boards to ensure the approach aligned with governance and compliance processes.
Because OT and ICT teams had different processes and priorities, Arinco adapted its delivery approach while maintaining alignment across the project.
To reduce risk, Arinco delivered an early proof of concept within four weeks, validating the proposed approach before full implementation began.
Platform architecture
Arinco developed a hybrid architecture that connects the organisations on-premises OT systems with Microsoft Azure. Data flows securely through ExpressRoute and VPN connections into an Azure integration environment.
The platform uses Azure Front Door, Azure API Management and Azure Logic Apps to manage access, orchestration and integration workflows, with a multi-region design supporting resilience and availability.
This creates a controlled layer between internal systems and external consumers, reducing direct dependency on safety-critical environments.
Data sharing patterns
Arinco implemented a set of reusable data sharing patterns to support real-time delivery, historical data access and secure inbound data exchange.
For near real-time sharing, Arinco used SQL Server change tracking and Azure Logic Apps to identify and share updated operational data, replacing the previous daily file-based process.
For historical data, Azure Data Factory and Azure Databricks support movement, transformation and incremental ingestion. Azure Service Bus and Azure Functions support event-driven processing as more use cases are added.
Together, these patterns allow the organisation to support outbound and inbound exchange through consistent, governed interfaces.
Security and governance
Arinco embedded security throughout the platform using Microsoft Entra ID, managed identities and private endpoints to manage access and reduce exposure.
Data remains under the organisation’s control, with access managed through defined policies and auditable processes. Integration with existing IT service management tooling gives teams visibility across the environment and supports ongoing operations.
Project delivery
Delivery required coordination across OT teams, ICT teams, external operators and service providers.
Arinco maintained momentum through regular communication, proactive stakeholder engagement and structured escalation, helping manage dependencies and resolve issues early.
The project was delivered within agreed timeframes and budget parameters, with changes managed transparently throughout delivery.
Outcomes
The platform has modernised how the organisation shares operational data with trusted partners.
Key outcomes include:
- Reduced data latency: Moved from manual daily transfers with delays of up to 24 hours to near real-time access to selected operational data.
- Improved operational safety: External operators can access timely asset condition data, helping them identify and respond to potential issues sooner.
- Reduced manual effort: File-based file transfers have been replaced with automated, API-driven data exchange.
- Lower integration complexity: External parties can consume data through well-defined APIs and repeatable patterns.
- Stronger governance and control: The organisation can centrally manage, monitor and audit data access while maintaining control over operational systems.
- Bidirectional data sharing: The platform supports outbound access and inbound ingestion from external partners.
- Greater scalability: The organisation now has a reusable platform that can support additional data sources, partners and use cases.
- Improved delivery certainty: Early validation, strong stakeholder management and clear governance helped keep delivery on track.
Most importantly, the organisation can now share operational data in a faster, safer and more scalable way, while maintaining control over critical systems and information.
What’s next?
The organisation plans to onboard additional data sharing use cases, expanding access to operational and analytical data across more internal teams and external partners.