Our journey towards a cloud native secure and scalable platform for managing identity and physical access with our smart locks and devices
Introduction:
Many wonder how Israeli startups do so well globally, and the joke in the Israeli startup ecosystem is that we simply start at full speed, and then slowly increase the pace. Here is what we did to accomplish a big change for our company with great help from aleios (Theodo).
The need for robust and efficient software solutions in today’s fast paced world is ever increasing and is paramount to delivering disruptive offerings to a growing market. At OUTLOCKS, we recently achieved a remarkable feat by developing a SaaS platform in just 7 weeks! Yes, less than 2 months. This platform, we call Nova, is designed to provide secure and highly scalable identity and physical access management, taking full advantage of native cloud technologies.
In this article, we will dive into the specifics of why and how we set out to build this innovative solution and the success we achieved through our cutting-edge approach and partnership with aleios (Theodo), which made all this possible for us.
The Back Story:
Outlocks is a pioneer in locking solutions, with a long history of achievements in sturdy, robust, and smart locks and locking systems, with over 15 years in keyless locks, ultrasonic and digitally encrypted keys, and lately also cryptographic keys over BLE communications.
Our management software, however, has been using a monolithic solution that has not aged well over the years. This solution was deployed per customer with a long deployment, various customizations, integrations, and had so many options that it required a training course to educate our customers how to use it.
This led us to focus on large enterprises to justify a lengthy sale cycle with large accounts. But Small and Medium sized businesses were left out of our target market. This was going to change with our new platform, the Nova platform.
Sometimes we were so busy trying to get our solution to work that we missed out on the right solution.
Our Goals:
To enable Outlocks to reach new markets, primarily the SMB segments, we needed to deliver a new paradigm shift in our products. Our product will be customer centric, providing a seamless workflow and minimal friction. No lengthy training and tutorials, no installation, no setup – it should work ‘out of the bag’.
This led us to choose a SaaS approach, like Gmail, which requires no installation, minimal training, onboarding is easy, and it just works.
It just works and it works at scale.
Infrastructure and Development:
Launching a new service for tens of thousands of smart devices and tenfold of users requires planning. But how to prepare for unknowns and uncertainties?
Luckily our usage model is of bursts of sporadic activity, with no real workloads or heavy processing of large amounts of ingested data. So, a serverless computing model felt like the natural candidate for our Nova development. (Serverless computing means the servers exist, but are managed by someone else, i.e. the cloud provider, and we focus on code, not infrastructure. Just like a restaurant is essentially a kitchenless service, where we focus on dining, not cooking or cleaning dishes 🙂 )
We set out to start a new project with Web and Mobile development (iOS & Android), Secure back-end platform with user authentication, MFA, authorization for each API call, fast performance, highly scalable, and fully audited log.
Key to succeeding was choosing the right components:
Event Driven Serverless Architecture: This enabled us to focus on separation and encapsulation of logic, allowing well defined contracts for each functionality. Development and testing can be completed and used as a black box – encapsulation that allows fast moving teams and focusing each time on a small piece of logic and not the whole architecture or hierarchy of classes.
CI/CD: If we want to move fast, we must fail fast; With this mindset we integrated our manual QA work into the definition of each story/ticket we work on, implemented a robust CI/CD pipeline that enabled code reviews, static code analysis, dependency analysis, security analysis, unit testing, and UI automation testing for each code or functionality added.
Our CD pipeline allowed for automatic release processes, support for multiple environments, and permission-based deployments. Code can be automatically deployed to developer environments, to QA environments (with proper QA credentials), Staging or Production, with proper credentials.
Cloud-native NoSQL Database: Relational databases are fun and intuitive (well, at least for us) but we chose DynamoDB as our cloud-native NoSQL database to provide virtually unlimited storage capacity and highly scalable performance out of the box, without special planning, setup, and complex architectures or configurations. Also, our schema needs are relatively simple and using a NoSQL DB may help us keep data relationships simple (as part of my favorite KISS mantra - Keep It Simple Stupid.) Getting the most out of a NoSQL database like DynamoDB requires some unintuitive de-normalization – and defining when we need performance and when we pay for denormalization is key to deciding which approach suits your business cases.
Leveraging Cloud-native Services: Instead of reinventing the wheel, we opted to leverage cloud native services as much as possible. Incorporating Identity Provider from Cognito, Email services from SES, Mobile application push notifications and crash analysis using Firebase and Firebase Crashlytics.
Full log collection and auditing: We’ve set up a data lake storage solution to provide unlimited storage, true to the SaaS architecture and build for scale paradigm we designed. This enables us to store all data and logs without the need to archive, recycle logs, or delete old logs. Also, we transform all the log data to Parquet format so we can efficiently and quickly query and find relevant logs and usage history.
Observability: Developing a highly scalable high availability platform requires good visibility to potential problems and the ability to dive in and dig out root causes to failures. Using a distributed serverless architecture adds complexity to debugging issues; This is why we chose a best-in-class solution from Lumigo (Acquired by Dash0) to enable clear visibility into what exactly is going on in our systems.
But the most challenging part was to take a team used in monolithic development, and learn a new language, a new development process, and new computing paradigm, and a new deployment model – and flatten the learning curve – to accomplish all of these tasks we partnered with aleios (Theodo), a team of talented native cloud experts, that helped us hit the floor running and keep running to achieve our goals. Instead of crafting a course, learning everything, and then struggling to apply, a.k.a traditional waterfall approach to learning new skills; we coupled a skilled developer from aleios (Theodo) with a trainee developer from Outlocks – taking real tasks and doing real development, gaining first-hand experience.
Within 2 weeks our developers started taking the lead and within 5 weeks we were 80% independent running and developing with a reasonable velocity!
Conclusion:
Developing a new platform in just 7 weeks sounded crazy to everybody I talked to in the company, it was a hard sell and took a lot of explanations and trust. It also required some careful choices of architecture, infrastructure, and most importantly, partners to take on the challenges.
But our team at OUTLOCKS managed to achieve it. By leveraging cutting-edge technologies and a streamlined development process, we successfully created Nova, a comprehensive and scalable access management solution that caters to the needs of modern businesses. This accomplishment not only highlights the power of serverless computing but also showcases the potential of focused and agile software development.