Application Management and Maintenance

Our application management activities can be broken down into three categories:

• Proactive maintenance: to safeguard continuity and prevent incidents, we monitor, improve, and update the software proactively, focusing on improving availability, reliability, accessibility, maintainability, security, and costs. We monitor a wide range of components with the latest tooling, from security and potential vulnerabilities to package updates, quality of code, and test coverage.
• Reactive administration: if there is an incident report, we try to restore the functioning of the software as fast as possible.
• Continued development: you can submit a request for modification if you wish to adapt, improve or replace (partially) your application. We will then join you in looking at the magnitude of the request and what will be needed to fulfill it. More comprehensive requests will be taken up by our team of Software projects.

Below you find a detailed service description of each component.

We provide continuous monitoring of the application's performance, availability, and functionality to ensure it meets the desired KPIs. Our monitoring services:

• Automated health checks with alerts: proactively identify and address any issues or anomalies in the system's health.
• Process monitoring: analyzing business processes within the software to optimize efficiency and effectiveness.
• Technical infrastructure monitoring: we monitor servers, networks, etc. that support the application to ensure stability and performance.
• Functional monitoring: monitoring the functionality of the application to ensure it meets user requirements, expectations and KPIs.
• Integration monitoring: monitoring the integration (end-)points between different components or systems to ensure smooth communication and data flow.
• API monitoring: monitoring the performance and availability of APIs used by the application for data exchange or integration with other systems.
• Performance monitoring: monitoring and analyzing the performance of the application to identify and address bottlenecks or areas for optimization.
• Security monitoring: continuous monitoring of the application and its environment for security threats or vulnerabilities, with proactive measures to mitigate risks. More on that in a moment.
• Workload management: managing and optimizing the distribution of workloads across the application's resources to ensure efficient utilization and performance.
• Azure monitoring: utilizing Azure monitoring services to track the performance, availability, and health of the application deployed on the Azure platform.
• Source code monitoring: monitoring changes and activities in the source code repository to ensure code quality and security.

In addition to monitoring the existing applications, we take care of updates and upgrades to incorporate new features, enhancements, and security patches:

• Application framework: upgrading the underlying framework of the application to leverage.
• Application package: upgrading packaged components or libraries used within the application for enhanced functionality or security.
• Application version: managing upgrades to major and minor versions of the application to ensure compatibility and maintain support.

Ensuring the security of the application through vulnerability assessments, security monitoring, and proactive measures.

• Source code Security: implementing security best practices in the development and management of the application's source code.
• Package vulnerabilities: identifying and addressing vulnerabilities within packaged components or libraries used in the application.
• Microsoft Defender for Cloud: leveraging Microsoft Defender for Cloud to protect cloud workloads and detect and respond to threats.
• Microsoft Sentinel: utilizing Microsoft Sentinel for security information and event management (SIEM) to identify and respond to security threats.
• Azure DDOS Protection: implementing Azure DDOS Protection to defend against distributed denial-of-service (DDOS) attacks targeting the application.
• Limited access IP Whitelisting: restricting access to the application by whitelisting specific IP addresses to enhance security.
• VPN setup: establishing a virtual private network (VPN) to secure communication and access to the application and its resources.

We implement mechanisms to control access to the application based on user roles and permissions.

• Microsoft Azure AD (Entra): utilizing Microsoft Azure Active Directory for authentication and access control to the application and its services.
• Microsoft Azure B2C: implementing Microsoft Azure Business-to-Consumer (B2C) for customer identity and access management.
• Cloud identity management for applications: managing identities and access control for cloud-based applications to ensure security and compliance.

We implement governance practices to ensure consistency, quality, and compliance in the development process.

• CI/CD: implementing continuous integration and continuous deployment pipelines to automate software delivery and ensure rapid and reliable releases.
• Source code scanning: scanning the source code for potential security vulnerabilities or code quality issues.
• Source code Analysis: analyzing the source code for performance optimizations, bug fixes, and compliance with coding standards.
• Code coverage management: managing and improving code coverage through unit tests to ensure thorough testing and identify potential issues.
• Periodic scans to assess the integrity: conduct periodic scans to assess the integrity and security of the application's hosting environment.
• Site Reliability Engineering: utilizing Site Reliability Engineering practices to conduct load tests and ensure the application can handle expected traffic and workloads.
• Manage DevStack: manage the development stack environment to streamline the development and deployment process.
• Source code takeover: assuming responsibility for the maintenance and management of the application's source code from the client.
• GitLabFlow: leveraging GitLabFlow, a methodology based on GitLab's features, for managing the development lifecycle, including version control, continuous integration, and deployment pipelines, enhancing collaboration and efficiency within the development team.

Betabit is a Microsoft Cloud Solution Provider (CSP). We leverage the program for managing Microsoft cloud services and subscriptions.

• Branching strategy & advisory board: establishing a branching strategy and advisory board to manage code changes and ensure alignment with project goals.
• Cloud assessments: assessing the feasibility and readiness of the application for migration to cloud environments.
• Tactical Assessments: conducting tactical assessments to evaluate and improve various aspects of the application's performance, security, and reliability.

• Backup management for applications: implementing backup strategies to protect against data loss or corruption in the application.
• Backup management for Databases: managing backups for databases supporting the application to ensure data integrity and availability.

Planning and executing migrations of the application to cloud environments for scalability, flexibility, and cost-efficiency.

We report monthly about the major requests, incidents, and actions and the amount of time we spend on them, accompanied by a physical meeting to discuss progress, challenges, and strategic alignment. Plus, depending on the agreements reached and the level of the development processes, we provide you with personalized KPI updates.

Our service and software management will be based on a management services contract, in which we record how your questions, requests, and wishes will be dealt with. This might include service requests due to bugs and incidents signaled by both you and us which can be created. Also requests for software modifications and/or additions.

The starting point is that the deployment of knowledge, people, resources, and continuity of the services will be optimally provided within the agreed framework.

This is how we lay the foundations for a successful collaboration. With our Managed Services, you can relax and focus on that which sets your organisation apart.