Ayton services the healthcare sector with a software suite geared towards the efficient rostering and management of employees and self-employed workers, plus consultancy with the change processes and new way of working. The organisation processes sensitive information and data that is subjected to privacy legislation; conformity with ISO 27001 and NEN 7510 were core requirements.
Continuity was as important, since many organisations depend on the new SAAS solution: even a short disruption would affect many thousands of end-users.
Complete overhaul of applications and processes
Based on traditional development and management processes, our client’s application had run flawlessly for many years. Nonetheless, the management team took a radical decision to shape its applications and processes to the Public Cloud to become even more agile to keep up with its rapidly evolving markets.
Sentia’s Consultants, Architects, and Engineers have helped the organisation through the turbulent process of Cloud Adoption, and built the Cloud environment in accordance with the Continuous Delivery principles. In a process spanning several months, we have transformed the application to a Cloud-based equivalent and showed the organisation the ropes for the newly acquired software and processes.
To ensure conformity with security standards in a public cloud, you must build in security from the bottom up.
Thomas de Ruiter - Security Officer, Sentia MPC
Continuous delivery & security
We shortened the Release interval eightfold (and when needed, we can even further reduce this). Sentia manages the sub-environments for Acceptation, Delivery, Training, and (Multi-Tenant) Production, each with individual settings for AutoHealing and AutoScaling, Design for Failure, and each complies with the Well-Architected Framework. This also maintains the balance between costs and importance of each sub- environment to Ayton.
As part of Continuous Security Sentia has deployed a managed ‘ELK stack’ that presents many monitored parameters to help Ayton demonstrate conformity during security audits.
Special requirements in healthcare sector
In the Dutch healthcare sector, NEN 7510 is a well-known extension to the general Information Security framework, ISO 27001. Together with Sentia, Ayton has come to a technical design that secures the privacy-sensitive data sufficiently to withstand audits. In combination with high-grade encryption in transit, that data is protected End-to-End.
Although active in the medical sector, Ayton is also a commercial organisation and is therefore keen on cost management. The Pay per Use models of the Public Cloud and Sentia have proven to be key elements to keep costs in line with the actual needs.
We are confident that our regions will quickly leverage the comfort and possibilities of the new methods and software.
Nienke Eisenloeffel -Chairperson for Ayton’s client Kentalis
Keeping pace with application version
The SaaS-services are delivered by many sub-applications that are in varying phases of their lifecycle. Additionally, versions of the same application populate the various stages of the Development Street with the Development silo at Ayton’s offices. The matter is further complicated by the layered nature of applications (functions in isolated layers such as Process Management and Reporting).
We therefore linked the Infrastructure-as-Code templates to the correct application version number. This also prevent untested code from accidentally going into Production. Each layer has its own settings for topics like Autoscaling, automatic Incident handling, and data replication. Thus, the environment can scale per component to consistently meet the needs of the day.
In line with the strategy that we drew up together, Ayton is highly independent and launches application versions (without us intervening) that are then automatically merged with our Infrastructure-as-Code templates to make live adjustments to the Cloud. Another example is that each time a new user organisation signs up, Ayton sets up the additional SSL VPNs autonomously.
- A Multi-Tenant SaaS platform on a Multi-Tenant Public Cloud.
- Strict demands on Compliance: many built-in Controls (ISO 27001, NEN 7510).
- Continuous Deployment through Development Street, with an additional, tailor-built Hotfix environment.
- Data in the managed database and in Cloud File Systems.
- Virtual machines entirely stateless: thee Cattle ICT principle means that various
- VMs can fail, without impairing the platform’s functionality.
- All logs are shipped towards a tamper-free Event logger, forward by Serverless
- Functions to a managed, tailor-made ELK stack, and there analysed. ELK here stands for Elastisearch, Lambda and Kibana (a Cloud-optimised, Sentia-designed product).