Any information that can be classified as “identified or identifiable” represents personal data. It could be a name, an address, a card number, even an IP address or a cookie ID. The EU’s General Data Protection Regulation (GDPR) tries to strike a balance between being strong enough to give individuals clear and tangible protection while being flexible enough to allow the legitimate interests of businesses and the public. Compliance with the requirements of the GDPR is required when processing personal data.
Data protection is defined as a “legal control over access to and use of personal data”. More specifically, GDPR refers to “the protection of natural persons concerning the processing of personal data”. It is basically a set of laws, regulations and best practice regarding the collection and use of personal data about individuals. Information security is defined as the practice of defending information (both physical and digital data) from unauthorized access, use, modification or disruption.
In xitee we provide services to keep your data safe and secure.
Cyber-attacks on critical infrastructures, such as on hospitals, are becoming more aggressive and frequent. To eliminate any possible risks of your solution, we offer the service of penetration testing. The goal is to use the methods which are typically used by hackers to identify vulnerabilities that allow the system to be compromised, confidential information to leak or impair the availability of services.
Additionally, we recommend and provide the GAP analysis to evaluate your processes, activities, and procedures regarding the requirements of ISO/IEC 27001 and identify all necessary measures to achieve conformity to the legal requirements as well as optional certification.
Code review
Our source code review service aims to discover any hidden vulnerabilities, design flaws and verifies whether you have implemented the key security controls. We use a combination of automatic scanning tools and a manual review to check coding practices, performance problems, security vulnerabilities, such injection flaws & cross site scripting, security-configuration rules, integrated libraries, etc.
The first step of a code review process is to conduct an analysis of the application and creation of a threat profile.
This activity is followed by inspecting of the code layout to develop a specific code review plan for every application individually.
Subsequently, we usually use a hybrid approach to perform automated scans as well as a manual code review.
Once the code is reviewed, we provide you with a final report containing the found flaws and suggested resolutions / steps for improvement.
Gap analysis audit
Gap analysis reveals strategic and operative gaps in your company, which shall be improved. The audit determines the maturity of your information security based on the best-practice requirements of ISO/IEC 27001.
We are providing audits called GAP analysis to evaluate your processes, activities and procedures regarding the requirements of ISO/IEC 27001:2013 and identify all necessary measures to achieve conformity to the legal requirements as well as an optional certification. With our structured best practice model, we protect confidential data, ensure the integrity of your operational data and increase the availability of your IT. The final report includes then concrete recommendations.
Selected key audit areas according to ISO/IEC 27001:2013:
Context and leadership of the organization (management responsibilities, governance, guidelines)
Planning (including risk management)
Support (including resources, competence, communication and documentation)
Access control, cryptography and physical and environmental security
Development and maintenance of information systems
Security incident management
Business continuity management
Compliance
Continuous improvement
Penetration testing
A penetration test is a simulated cyber attack against client‘s computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). The result of the test is a report on the outcome and recommendations for steps for improvement.
Complex IT systems collect and process data that could be potentially misused. Since there is usually at least some part of the system exposed to the public e.g., a web server, it is necessary to assure that only authorized users can operate the system and that security precautions will not allow any unauthorized person to access any of the system elements.
System security is evaluated by performing a simulated attack on the computer system. This test can identify vulnerabilities and impact of potential security breach. Typical threats are for example system malfunction or overload caused by excessive usage of components available from the public network (API, web forms…), sensitive and personal data leakage or unauthorized access to restricted application functionality. The main types of penetration testing include external, internal, and physical penetration tests.
Our approach to testing methodology:
PLANNING – Defining the subject and scope of the security audit
SCANNING – Conducting a kick-off workshop with the persons responsible for IT, information security and the operation of the affected IT systems
GAINING ACCESS – Execution of the penetration testing according to proven and established standards, such as OWASP Testing Guide. Use of proven, up-to-date tools and performance of supplementary manual analyses/rechecks (false positives).
ANALYSING AND REPORTING – Results report and presentation with prioritized recommended measures
OPTIONAL – Carrying out a follow-up inspection
Benefits of penetration testing:
Testing and consulting by industry-experienced experts
Better assessment of current protection level of used IT systems
Assessment of established protection measures
Reduction of the liability risks which arise from inadequate security of your systems
Proof of compliance with regulatory requirements of established standards such as ISO/IEC 27001, industry-specific security standards and GDPR
Once any business-critical system is deployed and customers start using it, this system must be maintained and supported. The main focus is to ensure that the system continues to perform as per the specification. First part of the service “Support” focus on service availability with key principles of redundancy, seamless recovery from failures, minimization of time to repair and fault prediction and avoidance.
Second part of service “maintenance” is more focused on continuous updates of OS, frameworks, libraries (which is prerequisite for service availability) as well as adding additional features or triaging low priority “bugs” that don’t deteriorate the software design and user experience.
Our company has expertise in providing all three support levels. Our 1st level support is ready to provide you with a professional service desk with e-mail or on-call support. In the 2nd level support for instance we deal with setup and management of all needed environments (dev, test, acceptance, production) and infrastructure of the client, which could be either on-premise or in third party data center. A 3rd level support takes care ofresolving any bugs or other types of issues coming from the customer or the monitoring service.
We do not implement just a monitoring, but we build proactive monitoring systems capable to warn you before your clients notice something is wrong. We also become responsible for emergency backup plans and we support the deployment of your new releases. Our SLA (service-level agreement) including reaction times is individual for each customer based on the specific needs. All agreed KPIs (key performance indicators) are tracked by our service desk management tool and we provide you with monthly reporting.
Our company also offers infrastructure support in popular clouds Microsoft Azure and Amazon Web Services (AWS). On top of the implementation and maintenance of the cloud infrastructure, we can help you with the automation of processes. This could be achieved by Infrastructure as a code with Terraform or support of configuration management where we use Ansible.
Support & maintenance
Once any business-critical system is deployed and customers start using it, this system must be maintained and supported in order to stay updated and perform as per the specification. xitee provides application support and maintenance services to relieve organizations from these non-core business activities.
We have expertise in providing support on all levels:
Professional service desk (1st level support) with e-mail or on-call support, our team is provided with service management tools to track and report KPIs.
2nd level support: environmental issues, conducting deployments, monitoring, patch management of the operating system and 3rd party applications.
3rd level support: resolving any bugs or other types of issues coming from the customer or the monitoring service. Part of the 3rd level support is also application framework & libraries upgrade.
Enhancement of software with new software versions. We offer continuous development of new features & deployment of new software versions.
Backup & emergency plans with regular checks.
Our service hours as well as other parts of the service-level agreement (SLA) including reaction and solution times are individual for each customer based on their specific needs. All agreed KPIs (key performance indicators) are tracked by our service desk management tool and we provide you with monthly reporting.
Together with our partner HBSN AG, we can offer you a full cycle of support/maintenance and monitoring services based on your specific needs and preferences.
Active monitoring
The goal of active monitoring is to ensure that your system is available and performing to the level expected and required to maintain your business. It is especially beneficial for the systems which are integrated with numerous other 3rd party systems.
We do not implement just monitoring, but we build proactive capabilities to warn you before your clients notice something is wrong. The system is also capable to fix issues by itself and minimize impact to all levels of your infrastructure.
Our primary monitoring choice is Zabbix, a professional open-source monitoring system. In our service we provide you with:
Monitoring networks, servers, applications, and services
Inventory of all monitored components
Escalation procedures
Real-time dashboards
Alerting to various channels
Automated remote commands for problem resolution
Trends and predictions
Cloud infrastructure support
The cloud computing model has changed the way that many companies manage their systems and resources. They could pay to rent infrastructure from 3rd party service providers instead of building their own data centers. The leading cloud vendors provide even more advantages than typical 3rd party datacenter. They moved to next level of cloud computing (PaaS vs IaaS), which leads to many new advantages such as ease of short time of infrastructure setup, contracts flexibility (billing in minutes, no long term contracts are needed), automatic updates, scalability and many others..
xitee offers services of cloud infrastructure support which basically consists of a cloud setup, configuration, monitoring, and optimization of the components of cloud infrastructure. We specialize in a migration of on-premise services to the cloud. Our expertise lies in the two most popular cloud platforms: Amazon AWS and Microsoft Azure.
Network infrastructure support (setup and configuration)
Implementation, maintenance & monitoring of infrastructure
Migrating Hyper-V or VMware to AWS or Azure
SQL database servers’ migration from on-premise to AWS or Azure
Automation, configuration, orchestration
Infrastructure automation is the key to reliable and efficient processes. Automation of processes that have multiple manual steps and they are mission critical become a must in modern times. Automating of IT infrastructure helps to maximize productivity and therefore decrease our effort and development costs. Our primary solution Terraform has following main capabilities:
Automation of almost all infrastructure is possible
Support for AWS, GCP, Azure, Oracle Cloud, VMware Cloud, Openstack, etc.
Infrastructure versioning
Keeping the defined status
It is open-source and no license is needed
Perfectly fits to our pool of DevOps tools
Configuration deals with the technical and administrative activities concerned with the creation, maintenance, controlled change and quality control of the scope of work.
The goal is to ensure that the configuration of system resources, computer systems, servers and other assets are known, good and trusted. Configuration management involves a high degree of automation to achieve these goals. Therefore we use the tool Ansible as an automation engine which has following capabilities:
Optimization of IT staff activities through automation reduced IT staff time spent “keeping the lights on”, freeing up valuable staff resources for business-related initiatives.
Reduction of a downtime caused by system outages, cyber-attacks, security intrusions, and change and configuration activities.
Optimization of IT operations reduces costs in multiple areas, including infrastructure, outsourced services and management software.
Ensuring that the software can be reliably released at any time.
Configuration versioning to keep the track of all changes for easy updates and rollbacks.
Orchestration is a way of arranging your application portfolio to service-oriented architecture (SOA) and achieving that your infrastructure is dynamic, easily scalable and cost-efficient.
We help our customers to analyze and prepare a plan for the transition from a monolithic application world to microservices. We design the infrastructure and systems for an easy development and fast deployment while keeping costs as low as possible.
To achieve these goals, most of the processes are automated as much as possible so there are minimal requirements for the operations team. We rely on the famous platform in the docker world – Kubernetes which comes with following capabilities:
The world of IT keeps evolving and continuously brings new innovations. These changes can be both an opportunity as well as a threat. Therefore, having an innovative advisor who can help you plan for the long-term, tailor a strategy that fits, and uncover the right tech for your toughest business problems (no matter the industry), is so crucial.
xitee provides a wide range of services to help your organization’s IT effectiveness. Our expert services include specialized services such as digital transformation, business analysis, UI/UX design, project management and IT technology consulting. In the IT technology consulting, the goal is to find the best technology for our clients which supports them in achieving their business objectives.
These services mentioned above can be very beneficial both to the clients with an already existing solution as well as to the ones who want to create a brand new one. We also offer consulting on new solutions either as a part of a complete development project or also individually as a separate service. Our team consists of IT experts with long-term expertise in the areas of change management, software development and requirements management and IT service providers. We can advise and support our customers during the entire process starting from the analysis through the strategy and concept development all the way to the implementation and deployment to production. If required, we can take on interim management tasks as well.
Digital transformation
Digital transformation is the process of using digital technologies in order to create new (or modify existing) business processes and customer experiences to meet changing business and sector requirements.
In xitee, we offer:
solution consulting where we analyze your IT solution and help you to make strategic decisions
digital transformation where we help you with digitalizing of your business. This digital transformation will give the competitive edge to your business
feasibility study where we analyze viability of an idea, such as ensuring whether the project is legally and technically feasible as well as economically profitable
process improvements where we compare your internal IT processes with the best practices used in our company and on the market. The area for process improvements is wide: quality assurance, testing strategy and approach, project management, version control, release management, IT support & maintenance
Business analysis
Business Analysis increases the probability of project success, increases product quality, reduces development costs and enables our experts to optimize customer processes to be suitable for digitalization. The usage of a business analysis comes into consideration especially for larger projects, with many requirements and rather vague scope.
Our business analysts analyze the existing solutions with the intention to either enhance or replace them or define together with the customer the requirements for a brand new one. In order to do this, we can prepare and lead workshops (offline or online) where we go through the existing business processes and define the use cases. This process ensures that no existing key functionality gets forgotten, plus the experience with any existing solution are the basis for new solution enhancements.
Based on our findings, our team prepares, together with you (our customer), the requirement document and specification of the new solution. When needed, we can also help with the definition of acceptance criteria for the new solution to be used during testing.
Typical tasks of xitee include, but are not limited to:
• Analysis of the UI/UX and the database of an existing solution • Analysis & modeling of business processes • Preparation and leading of workshops • Writing and reviewing of use cases • Analysis and writing of requirement and specification documents • Preparation and summarizing of acceptance criteria
Development methodologies
Choosing the right methodology is a key element for the project success and saves costs. Many of our customers have hired us to help them get their projects out of trouble and this is what we are here for.
Our team consists of experts with a long-term expertise in project management. We can advise and support our customers during the entire process starting from the analysis through the strategy and concept development all the way to the implementation and deployment to production.
When approaching our projects, we usually use agile methodologies for their management. In some cases, classical linear models, such as Waterfall, are also used. The choice of the project management methodology is based on the concrete project, its specifics, and requirements.
The classical linear models (e.g. Waterfall) aim for a complete and detailed specification at the beginning of the implementation and are not well equipped to react on changes in requirements during the implementation. While for well-defined requirements these models may be efficient, real live experience shows that it is often very challenging for the customer to define the requirements well at the beginning. This aspect is solved by agile models, which expect that requirements will evolve during the project.
Waterfall methodology: a conservative management model which requires a complete project specification before the start of the implementation. The advantage of this model is that the overall project budget can be well estimated at early stage of the project. However, this model requires from the customer to be able to describe the requirements on very detailed level, which is demanding on abstract and analytical thinking. Time and complexity of the specification grows with the project size and in bigger projects prolongs the time needed to start the implementation phase. Disadvantage of Waterfall is costly reworks in case of any change needed during the implementation.
In opposite to the Waterfall, agile models do not require a complete specification before the start of the implementation. The implementation phase starts much faster and is organized into small cycles (increments). Every increment is specified, implemented, and delivered to the customer. Customer checks the increment and adjusts the requirements if necessary. Due to this iterative process, the customer sees the software growing by small steps and can continuously align the requirements to his/her needs.
Agile methodologies represent a structured and iterative approach to project management and product development. It recognizes the volatility of product development and provides a methodology for self-organizing teams to respond to change without going off the rails. The core importance of running the project in an agile way is to utilize the resources at maximum and to enable an instant cooperation between the development team and the customer. The main agile approaches are Scrum and Kanban.
Project management
We have a team of experienced project managers who are experts in agile project management, have extensive experience from dozens of different projects, and use our corporate best practices for the success of projects.
We usually organize our development team following the Kanban methodology and lean development principles supported by tools from the Atlassian stack (Jira, Confluence, Bitbucket and Bamboo). This organization supports continuous flow of work enabling the development team to reach the best performance due to a stable focus. At the same time the team can very flexibly react on changes in task prioritization without a need of extensive planning ceremonies.
Due to its versatility, this team organization can be easily adjusted to a wide range of project management models, from conservative to agile. It also allows us to integrate developers from the customer’s side to the team when requested. On the customer’s request we can also organize the team following a Scrum methodology.
Standard project roles in xitee are a project manager, a technical leader, a business analyst, a developer/member of devops team and a tester. The project manager is the main person and a contact responsible for the project on our (provider’s) side. On the customer’s side, the roles of a product owner and a project sponsor are necessary. Having your own IT expert, who can evaluate our performance is also recommended.
The product owner is the main responsible person and a contact for the project from the customer’s side. Depending on a customer’s organizational structure, the product owner acts on his/her own (e.g. makes decisions directly) or coordinates other roles of the customer (e.g. brings topics to the respective management board for decision). One way or another, the product owner is responsible for defining the business requirements, approving the specification and accepting deliverables, coordinates all activities on the customer’s side and controls the project budget.
It is a decision of the customer how closely the product owner will be integrated with the development team. One option is that the product owner can stay separated from the team and provides feedback through regular demo and planning sessions. Other approach is when the product owner can be completely integrated into the team, taking part on daily stand-ups and has a deep insight into the team’s daily work. The general rule is that more agility and less detailed requirements require more intensive collaboration/integration of the product owner with the team.
The project sponsor is an authority who is accountable for the project and this person is involved in the project on the steering level.
UI/UX design
UI design deals with the “user interface”, which is the graphical layout of a solution. This includes the buttons that users click on, texts, images, sliders, text entry fields, and all the rest of the items the user interacts with. It looks into the screen layout, transitions, interface animations and every single micro-interaction.
UX stands for “user experience”. It focuses on the user and his/her interaction with the product. The goal of UX design in xitee is to bring to our clients and FE developers a real view of the solutions before they are actually made. This gives them a better idea and understanding of the appearance, features, availability on various devices and platforms, and functionality of the software. This can ultimately save considerable funds.
Our approach:
We follow the user centric approach to create highly usable and accessible products for our customers. In the first phase, we are learning and understanding customer business requirements. This means to understand the context in which users may use the solution. In a second phase, we are developing design. The outcomes are subsequently evaluated against the user requirements. We conduct these phases in iterations until the evaluation results are satisfactory. The last stage is then the implementation of final designs.
Benefits or good UI/UX design leads to:
reduced cost for development (no reworks)
increased quality of the solution (by creating user journeys and incorporating the customer feedback)
increased customer satisfaction, engagement and loyalty
building customer brand (by incorporating the company design and logo)
ranking higher on Google (as customers have longer interactions with the UX-optimized website).
xitee offers:
user journeys: a user journey is a visualization of the process that a person goes through in order to accomplish the intended task. Typically, it’s presented as a series of steps in which a person interacts with a product. Our goal is to study your users, understand their behavior, and architect a user journey that enables your users to achieve their desired tasks with minimal effort.
wireframes: wireframes represent the journey of the users as they interact with a website or an app, including UI elements such as buttons or images. These are represented in a simplified version using placeholders.
prototypes: prototypes are interactive final versions of the product pre-development which are clickable and enable users to test the main interactions of the product.
post-launch metrics analysis: metrics are the signals that show whether our UX strategy is working. Using metrics is a key to track changes over time. We can help you setup and use analytics tools such Google analytics or Piwik.
IT technology consulting
Technology consulting services are designed to help customers achieve optimal ROI (return on investment) from technology through the fast and cost-effective optimization of their IT systems and processes. xitee brings the expertise, technology, and best practices to deliver secure enterprise solutions that meet both current and future needs while minimizing the risks.
We cooperate with our customers on our way to construct and maintain IT infrastructures that are modern, efficient, scalable, configurable, and cost-effective. Our main focus lies in these areas:
Architecture consulting: our experts help customers to carry out the transition from the outdated and ineffective IT delivery systems and architectures to a cloud-based infrastructure that allows implementation of new technologies into their software strategy.
New Technology adaptation: nowadays, companies need to implement new technologies in order to stay competitive and meet the demands of modern users while they also have to ensure the consistent delivery of high-quality of their IT products and services. We are here to help you with this matter with our devops team using the latest modern technologies.
Testing reveals the possible functional and technical defects affecting your product. Software testing provides information about solution’s functionality and whether its quality meets all expected requirements and specifications. The result of the testing process is a report of all identified issues and the level of their severity.
We have experience in testing mission critical, high-performance systems as well as testing various web solutions from different sectors. Testing of trading platforms includes both manual and automatic tests during the entire product life cycle. The stress test simulation of users, quotes and trades, regression tests and integration tests play here the most important role. In the area of web solutions, we have experience in E2E (End-to-End) automation testing including cross-browser and cross-platform tests, security penetration tests, and automatic regression tests with custom-made regression tools.
Delivering high quality products in xitee is supported by continuous test integration (unit test, E2E test, integration test, regression test) & automated inspection of code quality by SonarQube. Our team consists of Czech, English & German speaking testers and consultants with vast experience of testing in various projects.
xitee also provides test and QA consulting & test management services. Test consulting helps to identify transformation initiatives to improve the organizational test processes leveraging the test best practices. The test management combines project and risk-management enhanced by the best practice test methodology.
Functional testing
A functional testing consists of tests evaluating whether the functions of the solution meet the requirements. These requirements can be described for example as part of business requirements specifications, user stories, use cases, or functional specifications. The functions of the solution represent “what” it should do.
The functional testing is a broader term including specific types of testing such as manual testing, cross-browser testing and real device testing.
Manual testing is executed by experienced tester using the standardized testing techniques as boundary value analysis or state transition. This approach can assure the software functionality correctness in every situation, also in edge cases that might not even be mentioned in the client’s requirements. The tester provides a valuable feedback regarding the user experience and the user interface and usability.
Cross-browser testing verifies whether the solution works across different browsers as expected/wished. It is always beneficial to know what browser your users prefer. And it is always the best to start testing together with the start of the development. We always automate this process with the latest technology and tools available on the market
Real device testing - in some cases, testing on emulators and simulators is not enough. Performance and functional tests behave differently on real devices since the emulators are simply a virtual device. The functionality and stability of the software on various devices can be fully guaranteed only by a test executed on the real devices with various hardware and software. Here we have experience with browser stack which has 200 real iOS and Android devices and hundreds of iOS and Android emulators with different OS versions.
Test automation
A test automation runs many test cases consistently and repeatedly on different versions of the tested system and/or environments. It is an important part of the agile development. It helps to quickly identify new or recurring defects in already tested areas of the solution.
One or more of the following activities can be automated: setup of a test environment and preconditions, a test cases execution, a comparison of actual outcomes with predicted outcomes, a test status reporting. Each of these activities takes a significant amount of time when it is done manually and is prone to a human error, especially when repeating the same or similar actions many times.
An automatic E2E (End to End) testing is a process of executing a test scenario against a real browser. The entire product is tested to ensure that all pieces work together properly.
A unit test is used to ensure that the selection (a unit) of the application meets its design and behavior as intended. A unit testing increases confidence in changing/maintaining the code. A reasonable percentage (agreed with customer) of the code should be always covered by unit tests.
Security/penetration testing
There is usually at least some part of the system exposed to the public e.g., a web server. It is necessary to assure that only authorized users can operate the system and that security precautions will not allow an unauthorized person to access any of the solution’s elements. The system security is evaluated by performing a simulated attack on the computer system. This test can identify vulnerabilities and impact of a potential security breach. Typical threats are a system malfunction or overload caused by an excessive usage of components available from the public network (API, web forms, …), a sensitive and personal data leakage or an unauthorized access to the restricted application functionality. xitee uses Kali Linux distribution with OWASP ZAP and OpenVAS security scanners to assure that the system is not an easy target for attackers.
Performance testing
Every system has an expected load stated by various metrics, such as number of simultaneously connected users, number of transactions per second or response times. The ability of handling of expected, increased or peak load can be tested only by performance tests. The tests can be focused on execution of mission-critical operations where every millisecond counts and the performance of these operations is crucial for project success.
The performance test shows the system behavior and stability under the expected and increased load, and the usage of hardware resources is monitored. Often this type of test is performed by using an automated test tool to simulate a large number of users. An execution of such test in a production-like environment is essentially a basis for further solution performance optimization, a hardware setup evaluation and a possible failover scenario design and implementation.
Goals of performance testing:
Measure the response time & the resource usage
Define the possible breakpoints & the maximum load
Gather the data to provide optimization recommendations
Verify, if the service level requirements are met
Check the system reliability
Identify the possible bottlenecks in the system
QA consulting & test management
There are various quality assurance methodologies and tools. The ones that are used in the particular software development project might not be always optimal. An evaluation of used processes and tools can therefore reveal weak points in the software development, propose actions to mitigate risk and improve quality assurance efficiency. Also, a setup of appropriate processes in a new project facilitates maintaining of a high quality of the product and can save the effort in later stages of the project – usually in the acceptance testing and the go live
Test consulting goals:
An assessment of client’s testing maturity against the best practices
Identification of recommended initiatives required to achieve the desired state
A detailed road map to support implementation of the transformation initiatives
An initial test assessment provides a quick insight, which can be used as a basis to goal-driven consulting and transformational initiatives.
The test management combines a project- and risk-management enhanced by the best practice test methodology. This is a key success factor to
structure and secure the test process
optimize productivity and efficiency of test engagements
make sure that test is aligned to business requirements
Our certified test management team governs the full test lifecycle. This includes from a test planning and controlling of operational test activities till an organized test closing.
Cloud computing, simply put, is the delivery of computing services. That includes servers, storage, databases, networking, software, analytics, and intelligence over the Internet (“the cloud”) with a clear goal of enabling faster innovation, more flexible usage of resources and economies of scale. You typically pay only for the cloud services you use, which consequently helps to decrease operating costs, helps to run the infrastructure more efficiently, and scale according to the current needs of your business. Another benefit of cloud is low requirements for pre-investment (it is not necessary to invest in the purchase of HW at the beginning of the project, but it is spread over time).
We provide our customers with cloud consulting services, cloud infrastructure services, cloud application development and cloud application migration services. On top of that we are active in the field of IoT (Internet of Things).
Our cloud migration service can help you move towards digital business operations in the cloud. Migrating your in-house servers including services & applications running on them to the cloud can provide you with several cutting-edge advantages for your business. It is however very crucial to perform the transition properly and according to the specific requirements. As every business has different needs, we also follow a slightly different process for each individual cloud migration.With our cloud-native development, we help you to build and run applications that fully exploit all advantages of the cloud computing model. Our cloud-native computing service uses: open-source software stack to be containerized, dynamically orchestrated and microservices-oriented.
Cloud consulting
Adoption of cloud computing can help you to reduce operational expenses, boost innovation, unlock new possibilities, and realize your strategic IT objectives.
Our cloud consulting service starts with understanding of your current technology landscape, business challenges and goals. We know that our clients have unique needs and are at different levels of maturity on their cloud journey. Therefore we are providing a tailored set of cloud consulting services which support you through your decision-making process and help you to accomplish your business objectives.
Based on the level of the cloud adaption in your company, we can provide following expertise:
Cloud adaption: we ensure that your first steps into public cloud are efficient, smooth and secure. Our experts will help you build a resilient cloud platform.
Migration Assessment: The destination platform could be a public or private cloud infrastructure. We help you to assess the suitability of on-premises machines for migration to cloud. We provide you with correct sizing of VMs (virtual machines) and cost estimates for running infrastructure.
Cloud Optimization: We analyze your cloud infrastructure, detect under- and over-provisioned instances and idle resources, and identify security gaps to remove performance bottlenecks and lower your cloud computing costs.
Cloud strategy: It’s no longer about looking at one application or a specific part of the business, but how to transform your whole company, help it to to develop faster and be more efficient than the competition.
Cloud migration
Our cloud migration service can help you move towards digital business operations in the cloud. Migrating your in-house servers including services & applications running on them to the cloud can provide you with several cutting-edge advantages for your business. It is however very crucial to perform the transition properly and according to the specific requirements. As every business has different needs, we also follow a slightly different process for each individual cloud migration.
Before the cloud migration begins, it is important to establish its goals. The migration goals are individual for every company. For one company it could be an increase of the performance of an application or enabling new services. Other company might expect cost savings or relieving the IT department from application support duties.
The other important concern when establishing cloud migration goals is to agree when the old infrastructure has to be terminated.
After migration goals are agreed on, the company focuses on creating a security strategy. The ultimate objectives for a security of the organization don’t change with the introduction/implementation of cloud services, but the way how those objectives will be achieved is going to be modified. Security teams must still focus on reducing business risk from attacks and focus on getting the confidentiality, integrity, and availability assurances built into all information systems and data. Cloud cybersecurity requires a different approach compared to the on-premises security. In the cloud environment, corporate assets are no longer protected by an on-premise firewall, and the network perimeter basically does not exist.
When a company becomes confident with security assurances, it is time to choose a suitable cloud provider and to copy the data over. This should be done continually throughout the migration process so that the cloud data remains up-to-date. There are many tools which support migration of complete servers as well as the individual databases.
The most complex part of the process is then moving the company application including their business intelligence. This part might involve refactoring or rewriting the code.
After a proper testing and verification, the last step of the process is to switch the production from on-premise to the cloud.
Cloud-native development
With our cloud-native development, we help you to build and run applications that fully exploit all advantages of the cloud computing model
Our cloud native computing uses an open-source software stack to be:
Containerized: every part (applications, processes, etc.) is packaged in its separate container. This eases the reproducibility, transparency, and resource isolation.
Dynamically orchestrated: containers are actively scheduled and managed to optimize resource utilization.
Microservices-oriented: segmentation of the applications into microservices, which greatly increases the overall agility and maintainability of applications.
Among the main advantages of cloud native development belong:
avoiding high initial costs with pay-as-you-go model. No initial infrastructure investment needed
reducing the time-to-market with optimized infrastructure setup, CI/CD delivery & deployment
innovative technology – cloud application platforms are exposed to the latest technology, such as big data, AI (artificial intelligence), IoT (Internet of Things), etc.
global scale – ability to scale elastically according to the needs. Start small but be ready to grow big
ensuring high availability & reliability – cloud computing makes data backup, disaster recovery and business continuity easier and less expensive
The main challenges for organizations connected to the cloud native development are:
In xitee, we have experience in developing software solutions with the know-how of digital businesses, finance & energy and healthcare sectors. We have a wide range of customers, from small startups to big corporate companies. We serve customers who have no experience with software development as well as specialized software houses.
Our goal is to always produce high-quality, well-tested software which is ready for production use in the shortest time with the lowest cost possible. These apparently divergent goals are achieved by following a plan and our internal best practices that remove the typical pitfalls of software development projects.
We anticipate any possible costly mistakes, such as failing to ask the end-user or client for feedback, which eliminates redundant rework and after-the-fact fixes. We focus profoundly on the testing phase and code reviews, which save a lot of rework, time, and money in the future. Also, we are always applying our deep industry knowledge.
New development
We offer development of solutions with maximum added value for our customers. That includes everything starting from business requirements analysis, through solution design (functional, graphical and technical), realization, deployment and following support.
Our past projects included a variety of different technologies for almost all platforms. Most commonly we use Java or .NET as backend and Angular or React for new web solution software development. Our experienced team is ready to always find the best solution for your specific needs. For more information about the technologies refer to Technologies.
Each project we work on includes a proper quality assurance (QA) before the project goes live.
Quality assurance
There are six foundation blocks (Version control, Continuous integration, Issue tracking, Unit tests, Reviews, Code analysis) that ensure the quality of the software and therefore of the product itself. Various synergies between the specific parts enable transparency and maintainability. At the same time these components work as a toolkit for every single software developer.
Through the usage of a version control, each modification of the code is comprehensibly documented, and each version can be restored at any time. This grants flexibility to the development and allows a precise analysis of all arising errors of the software.
The use of a continuous integration (CI) system allows a controlled compiling of new software versions as well as continuous reporting for the developers regarding any arising errors during the compilation. Additionally, automatically elicited key figures, which display the state of the product, can be generated and reported. Features and bugs, as well as milestones and project tasks, are managed through the Issue tracking system (JIRA and / or Confluence). This creates traceable and transparent development from requirement analysis to delivery and allows the creation of relationships between individual tasks or features.
Redevelopment
When evaluating the health of your current solution’s architecture and deciding whether to rewrite or refactor, every company needs to consider many aspects to make a correct decision.
Some of the key aspects are:
Achieving business goals: might be different for each company. Some examples of business goals are a focus on new customer requirements & feature releases, a focus on quality and performance of the product, gaining new customers & market share etc;
Technology : we have to consider how long the currently used languages and frameworks will be supported. Are there any emerging technologies and trends which the application can benefit from? (i.e. clouds, microservices, new framework versions);
Reduction of costs to maintain and implement new features: reduction of current technological depth, shorten time to market
Performance & security: Is performance an issue which cannot be resolved with a current architecture? Do you want to examine your security with security penetration testing or security certificate? Do you want to elevate your security standards?
Customer experience: Are you current end-customers satisfied with your application’s UI/UX designs? Can new UI/UX further improve efficiency? For internal applications we can consider for instance whether an app can further improve productivity of employees.
Quality of current codebase: Does your solution have correct design patterns? Did you use code style & unit tests? Does your solution suffer from bugs?
xitee can take over support & further development of your solution during the analysis stage.
Examples of possible agreed approaches:
continuing to develop with the old codebase;
keeping the old codebase but focusing on refactoring;
rewriting the whole system from scratch;
rewriting the system part by part.
Mobile development
xitee offers different types of mobile development based on your requirements. Native development produces solutions with high performance; however, it can be rather costly to build. If you have a limited budget to work with, a cross-platform development might be a suitable option for you. It is possible to save up to 50% as only a single codebase is created for a solution that works on both Android and iOS.
If you do not need to have your solution on App Store or Google Play and you wish just to provide mobile friendly environments for your users, we can use Progressive web apps (PWA) with some of mobile application capabilities. The cheapest and fastest solution might be to use only web solutions optimized for mobile devices.
Native development
Native applications are being developed through their native operating environment. In the case of a native development, developers use a programming language adopted for a particular platform, such as for example Objective-C and Swift for iOS or Java for Android.
Advantages of native development:
stable and fast performance;
maximum app lifetime;
the application is more flexible and scalable, due to the native tools usage;
less restrictions in the architecture and functions;
the interface is made in a full compliance with the platform.
Cross-platform development
Cross-platform solutions are developed through a shared operating environment, such as Xamarin. A cross-platform solution is a universal solution that is supported by several mobile platforms at once. On one hand, it is convenient and profitable, but on the other hand, there might be a need to accept certain compromises, since it is difficult to tailor the solution to various operation systems.
Advantages of cross-platform development:
the development takes less time and resources;
the speed of development increases.
Progressive web app (PWA)
A progressive web app is built from web technologies, such as HTML, CSS, and JavaScript, but with a feel and functionality that rivals an actual native app. Due to smart additions, you can turn almost any website into a progressive web app, which means that you can build a PWA in a short period of time.
Advantages of PWA development:
you do not have to go through the process to get into different app stores;
PWAs are smooth, fast and lightweight;
PWAs work offline, unlike your regular site;
you can use push notifications to re-engage users.
Web solutions optimized for mobiledevices
In this scenario we are creating a separate design for mobile devices. It is the fastest way to provide your solution for mobile users.
Advantages of a web solution optimized for mobile devices:
low costs;
time to go to market.
Data warehousing & reporting
Data warehousing is the way of constructing and using a data warehouse. Adata warehouse is created by integrating data from multiple heterogeneous sources that support analytical reporting and decision making. xitee has experience with numerous different technologies including databases, date warehouses and migration projects.
Data reporting is a process of collecting and formatting raw data and subsequently transforming them into a digestible format to assess the ongoing performance of your organization. A data report reveals then where to spend the most time and resources, and what needs more organization or attention.
An accurate data reporting plays an important role in every industry. Therefore, we provide a service focused on data warehousing and reporting. We have experience with the following tools and technologies:
SQL Databases – database design, optimization and upgrade for popular DB systems (Oracle, Microsoft SQL Server, MySQL, MariaDB, Galera Cluster, PostgreSQL);
noSQL databases & search engines – selection and usage of proper technology for particular needs (Cosmos DB, Mongo DB, Lucene, Elasticsearch);
Data migration as a part of a new software development, typically using self-made (project specific) migration tools. Either as a batch process or a continuous data transfer/synchronization;
Data Warehouse – design and implementation of a cloud based as well as a tailor-made data warehouse solution, including data import, data keeping, data analytics and data export functions;
Reporting – creation of reports, dashboards and exports including data access, processing, presentation and storage layers. Output can be UI-based, or document based, including an electronic document signature. We have knowledge of many popular libraries, such as Highcharts, chart.js, IOS Charts and tools such as JasperReports, SQL Server Reporting Services (SSRS) and Microsoft Power BI.
Prototyping
Software prototyping offers you the possibility to visualize a software solution before it has been created. Since the development of a software from scratch requires a great investment of time, money and effort, it is beneficial to have a visual prototype developed before the development of the actual product starts. The prototype acts as a ‘model’ which replicates the appearance, and sometimes the functionality, of the product that the client wants to develop.
In order to decide whether you should use prototyping for your project or not, there are a few aspects to consider.
Considerations and situations where prototyping might be the best choice:
When the requirements of the product are not clear to the team;
When the demands of the product are unstable and change quickly;
When there are software-intensive and complex systems that need experimentation and a minimum risk;
Big projects with tight timelines and deliverables.
