Operations as a Service (OaaS) is where you get an external company to assist your in house team manage your application stack from an Operations point of view. This sort of support can come in many forms, from Infrastructure management through to patching your application for the latest security flaw.
Most organisations that run Ruby on Rails applications have a team of developers that have built and maintain the application. This is a good thing. But these team members usually wear many hats. They are the chief architect, infrastructure manager, lead developer, management expectation manager, scrum master, agile ninja, front end developer, user experience designer, systems tester, deploy master and consumer of copious amounts of caffeine.
Even when the "developer" represents a team of 3 or 4 people, the volume of hats they have to carry is quite profound. A recent blog post showed just how many things your modern Ruby on Rails application developer needs to know to get their job done.
With that many things vying for developer attention, it's quite easy to see how "small" things could slip through that net.
For example, does your development team subscribe to the Ruby on Rails security alert list? Do they check that list constantly and take immediate action when new security alerts are announced? Do they even have time to do this?
Do they monitor the application stack on an ongoing basis to make sure backups are happening, that the servers aren't about to run out of disk space and that operating systems are not falling to far out of date?
If not, then you are potentially opening your organisation up to serious risk issues with regards to your liability insurance. Most insurance policies require you to take reasonable technical steps to maintain the integrity of your application. If you are not keeping your Rails stack up to date with announced security patches, or monitoring your backup systems to make sure they are doing a backup, then you potentially are exposing yourself to the risk of your insurer refusing to foot the bill if the worst happened.
At the very least, if you are providing your own application support in house, you should be doing the following:
- Review Rails security mailing lists daily and perform needed updates on all Rails applications
- Upgrade to the latest patch release on all Rails applications within the week of their release
- Review at least once a month that the backup of your Rails stack worked
- Monitor disk space, CPU and RAM utilisation on your Rails stack continuously and alert if outside of norms
- Monitor availability of the Rails application via the web and alert if offline
- Continuously monitor the performance of your Rails stack
- Review operating system patch levels to upgrade and handle any security issues
- Maintain and update the README of the Rails stack to reflect changes in the system or infrastructure
Doing this as a part time job for a development team is daunting. Especially with the constant pressure of feature development deadlines. These sorts of tasks inevitably get pushed to the bottom of the pile of things to do.
The above situation is why we created out Sentinel Ruby on Rails OaaS. It's the first dedicated support service designed for Ruby on Rails applications providing continuous monitoring of your infrastructure and application and immediate upgrades for security alerts.
Sentinel provides you with an industry leading risk mitigation solution for your Ruby on Rails application. Providing a constant safety net for your application.
In the modern world of "always on" and "highly secure" consumer expectation, not having these policies in just opens your company up to risks that don't need to be there.
Understanding technical debt in software and why you should re...
Is your Application Accessible for everyone to use?
Four simple steps to ensure the success of your Salesforce imp...
reinteractive is Australia’s largest dedicated Ruby on Rails development company. We don’t cut corners and we know what we are doing.
We are an organisation made up of amazing individuals and we take pride in our team. We are 100% remote work enabling us to choose the best talent no matter which part of the country they live in. reinteractive is dedicated to making it a great place for any developer to work.
Webinars are our online portal for tips, tricks and lessons learned in everything we do. Make the most of this free resource to help you become a better developer.
The Ruby on Rails Installfest includes a full setup of your development environment and step-by-step instructions on how to build your first app hosted on Heroku. Over 1,800 attendees to date and counting.
The Ruby on Rails Development Hub is a monthly event where you will get the chance to spend time with our team and others in the community to improve and hone your Ruby on Rails skills.