Saas Based Employee Benefits Enrollment System

Views:
 
     
 

Presentation Description

This case study explores the challenges involved and solution implemented by Harbinger Systems in building a secure, customizable and flexible SaaS based employee benefits enrollment system that caters to multiple large enterprises with sizeable concurrent user load as clients

Comments

Presentation Transcript

PowerPoint Presentation:

Case Study: SaaS Based Employee Benefits Enrollment System

PowerPoint Presentation:

SaaS Based Employee Benefits Enrollment System This case study explores the challenges involved and solution implemented by Harbinger Systems in building a secure, customizable and flexible SaaS based employee benefits enrollment system that caters to multiple large enterprises with sizeable concurrent user load as clients . Situation A US based industry leader in Employee benefits catering to large and diverse client base, wanted to build a high performance enterprise application that supports sizeable concurrent user load The client desired a single portal implementation enabling activities like online enrollment, decision support, human resources, compensation management, payroll and electronic data transfer Key Challenges Providing services to number of companies under one implementation Scalability to support peak performance needs during enrollment period Flexible design to handle varying customization and configuration needs for clients without affecting the performance Managing evolving code base and ever increasing data as separate databases are provided for different enrolling companies for HIPPA compliance High Security requirements for the application Accessibility on multiple platforms and devices Solution Approach The following section covers various aspects of the portal including Design, Performance, Security, Mobile availability and Deployment. Design Designed a SaaS based portal with cloud deployment for high availability and scalability Designed the application in Modular fashion using MVC pattern to speed up the development and simplify the deployment process. Customized classes that mimic MVC pattern and support remoting architecture Implemented Load balancing architecture to increase the availability of system Implemented Web server and application server farming Implemented Remoting and Web service for communication between the web and application servers Implemented Native application for mobile access Implemented RWD website for marketing purposes and sales demos

PowerPoint Presentation:

Performance Currently the portal supports 8000 concurrent users from multiple clients at peak load time. This was achieved using following techniques. Load balancing architecture and web farming provided higher performance WCF technology used for faster response time and to overcome page time out problems CSS Sprite used for Style sheet and image load optimization Connection Pooling and proper web server configuration in addition to Data Caching, Image and style sheet caching played an important role in boosting the performance Following Database and .NET code optimization increased performance and scalability Optimized indexing of the database Scripts to shrink the database size Optimization of the dynamic screen routines and web pages Optimization of the import and export modules Security The portal achieved A+ rating from independent third party authorities. This was achieved by following: Security development life cycle used in application development List of Tools: security flaws, SQL injections, cross site scripting, penetration testing through web services and modification of web requests .NET techniques used in business logic layer to overcome security flaws Application makes use of ASP.NET Windows Authentication to take advantage of its built in security mechanism Encryption Methodologies: Password and other important details are stored in database with encrypted form and decrypted at application level PGP encryption used. Using Public key and Private Key only files can be decrypted Https v3 protocol used instead of HTTP Impersonation is used to download the files from File server or FTP server CAPTCHA used to ensure that the machine is not generating the user load automatically Data not stored at client side in cookies or in URLs to ensure security Firewall with proper configuration for access control is used to prevent the data from getting exposed to outside world

PowerPoint Presentation:

Mobile Availability Enterprise application also available on Android(2.x+) and iOS (5.x+) tablets Application has rich native UI that talks to the backend server via web services Mobile application has security certification from a third party authority 25% user base taking advantage of the online mobile application Application available on Apple Appstore and Google Marketplace for free download and quarterly upgrades Deployment Portal deployed using Enterprise Cloud TerraMark as an IAAS for auto scaling and high availability Tiered architecture using separate app server, web server, file server and databases, coupled with modular design enabled easy application and changes for further scaling Application was migrated to 64 bit(Windows 2008 R2) for supporting cloud deployment Native application available on Apple app store and Google market place Technologies & Tools Benefits The application serves 60 companies with the total user load of 100,000+ with one implementation Successful performance testing was done with following results: 8000 concurrent users Average 140 requests per user 60 Databases on Production Single code base enables handling all the customizations Mobile availability has enhanced the application reach Coverage against hazards, hacking and data exposure with security certified implementation Futuristic design in terms of modular architecture enabling scaling and enhancements as well as possible migration to NoSQL databases VSTS .NET 3.5 ASP.NET MS SQL Server 2008 R2 WCF and Remoting Ajax Control Toolkit PGP Library IIS PGP encryption Zed Attack Proxy ANT profiler Paros SQL profiler Memory Profiler SQL DTA

PowerPoint Presentation:

About Harbinger Systems Harbinger Systems is a leading provider of software engineering services to some of the world's best product companies. Since 1990, Harbinger has developed a strong customer base worldwide. Harbinger’s customers are software product companies, including hi-tech startups in Silicon Valley, to leading product companies in the US and large in-house IT organizations. The Services from Harbinger Systems span across enterprise software development , advanced testing services for software ISVs and solution consulting in eLearning domain. Harbinger is known as a thought leader in eLearning industry and provides solution consulting and technology services to organizations across the globe. In 2009, Deloitte named Harbinger Systems among the fastest growing technology companies in its Technology Fast 500 Asia Pacific and Technology Fast 50 India programs. Harbinger Systems is recognized as a ‘Super Star’ in 10th Annual Mobile Star Awards™ 2011. Harbinger Systems is ranked in 2012 and 2013 Global Outsourcing Top 100 companies listing by International Association of Outsourcing Professionals and is among 2012 Top 100 Outsourcing Service Providers listing by Global Services. Harbinger Systems is a part of Harbinger Group. Harbinger Group is a leading global provider of innovative software products and services to companies in over 57 countries. To know more about Harbinger Systems visit: www.harbinger-systems.com. Awards and Recognitions: To learn more about our awards Click Here Visit us at: www.harbinger-systems.com

authorStream Live Help