Top 8 Best Practices to Architect a serverless web application

Serverless computing has been gaining momentum ever since it came into limelight in 2015. It’s a native architecture of the cloud which enables users to create, deploy and run an application without thinking of its server. Serverless, in fact, allows users and developers to shift more the operational capacity, increase agility and innovation.  In short, you get limitless computational power with no infrastructure management tasks such as zero maintenance, cluster provisioning, capacity provisioning, etc. 

Top 8 Best Practices to Architect a serverless web app

Why Serverless

Serverless is the need of time. As technology advances, you need to come up with more enhanced web applications with more power and agility which may not be possible traditionally. And, even if it is possible, you need to spend a lot of effort such as building perfect infrastructure, human resources, time and cost. Serverless helps you remain focused on your core products while leaving all other responsibilities upon the serverless provider. All you need a serverless web application and you pay no heed towards its maintenance, scaling up, agility or anything else. You have immense benefits from having a serverless application. 

So, in this article, we shall be discussing the best practices of a serverless web application that every Serverless Architect should know.

Even though there are plenty of tech giants offering serverless services including AWS Lambda, Microsoft Azure, and Alphabet’s Google Cloud Platform, but we have taken the example of AWS to make it more comprehensive. So, here we go;

1. The Serverless Function Requires VPC-Enable for Better Security

We have taken an example of Lambda as most of us use AWS Lambdas as an event-driven, serverless computing platform. So, it is important to have VPC-enable functions of Lambda operate from VPC which is owned by AWS. Enabling this, you get complete ability to have your function make a network request to any address.

Lambda is not directly accessible to the public, but with the support of AWS APIs Getaway, we can make accessible for the public. So, be it accessing AWS APIs or interacting with AWS DyanamoDB APIs, you can easily do it after enabling the function for VPC access. So, having have your function VPC-enabled, the Subnet will manage all your traffic using its routing rules. 

2. Creating Event-Driven Architectures

When it comes to creating event-driven architectures, it is important to know the mechanisms and how to enable asynchronous messaging pattern. It applies in both creating a simple queuing and message buffering and choreography pattern that is more intricate even-based. To enable this, you need to use queues or streams.

Queuing is also used for intrapersonal communication. That means when you want to initiate communication between one Lambda function another, then Queuing can be the best for you.

3. How to Implement and Orchestrate in a Distributed, Microservices Environment

You need to implement coordinated transactions using coordinated sequenced invocations across services in distributed architectures. The implementation also allows rollback and retry mechanisms put in place. That is quite different from the traditional database-based ACID transactions. 

When you need significant orchestration logic and looking to utilize more of the orchestrator pattern, not the choreography pattern, then the serverless technology lie AWS Step Functions enables you to create highly qualified and complex workflows with its various AWS services that also includes AWS Lambda. 

4. Understanding AWS Lambda Computing Environment

It is important to understand AWS Lambda and programming model. You need to learn how to utilize Lambda in terms of performance and cost optimization. You learn this using the tutorial provided for AWS Lambda as “Lambda Under the Hood”, “Lambda Layers, the Runtime API, and Nested Applications” and “Optimizing Serverless Applications”. 

5. Serverless Deployment Automation

When it comes to a larger number of microservices and smaller components, integrating automation and code management into your application is critical. Given the fact that early integration will efficiently create, deploy and implement the serverless architectures. Importantly, when you use AWS, you get a wide range of first-party deployment tools and frameworks to properly architect your serverless web application. The tools and frameworks you can utilize from AWS include the AWS Serverless Application Model (SAM), the AWS Cloud Development Kit (CDK), AWS Amplify, and AWS Chalice.

Besides, there are various third-party tools and frameworks available to make the deployment of serverless web application easy, they include, Serverless Framework, Claudia.js, Sparta, or Zappa. You are free to create your custom-built framework, though you need to ensure that things such as automation strategy works as per use case, team and workflows. 

6. Identity Management, Authentication, and Authorization 

When it comes to creating a serverless web application, a developer requires planning things such as integrating identity management, building enhanced authorization and authentication functionalities in advance. The utilization of Amazon Cognito enables a developer to deploy these things directly into the serverless web applications. At the same time, when using Amazon API Gateway, the developers can manage things like authorization logic and permit requests straightforwardly. That means you manage the authorization logic at the gateway layer which protects your native authorization being exposed. 

7. Learning End-to-End Security Techniques 

Apart from knowing identity management, authorization and authentication, there are some more important security measures you can learn to create a highly secure serverless web application. Here are some of the top list of things you can consider;

  • Concerns regarding regulatory compliance
  • Ways to validate input and request
  • Metering & Throttling Access to tracking bandwidth and accessing use control based on rules
  • Securing storage and retrieving data as needed
  • IAM execution roles and implementing invocation policies 
  • And, others

You can learn all these things from the AWS tutorial page while creating the application. 

8. Considering Packages Size and Dependencies 

You must take care of package size as having a larger deployment package will slow down the function of the application. Therefore, you are advised to remove all the unnecessary items including documentation and libraries. You can use AWS SDK which enables Java function users to bundle the modules which needed from the SDK. 

Let’s take a look at the example of how using Java Function with AWS SDK create an excellent package;

<dependency>

    <groupId>software.amazon.awssdk</groupId>

    <artifactId>dynamodb</artifactId>

    <version>2.6.0</version>

</dependency>

Here, only the required modules have been used

In case, you are not using Java Function with AWS SDK, you end up creating a larger package with the entire SDK with lots of unnecessary modules. Here’s how it happens;

<!– https://mvnrepository.com/artifact/software.amazon.awssdk/aws-sdk-java –>

<dependency>

    <groupId>software.amazon.awssdk</groupId>

    <artifactId>aws-sdk-java</artifactId>

    <version>2.6.0</version>

</dependency>

Final Thoughts

When it comes to creating a serverless web application, you have plenty of things to learn. Serverless technology is the need of time as people need more services, support, and assistance from technology at the minimum costs. Serverless is the way to cut costs significantly and reward the business with limitless scaling options. Stay tuned for more such information. 

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on info@iviewlabs.com and sales@iviewlabs.com.

Download the latest portfolio to see our work.

Adopting right compliances with offshore development partner

What is an Offshore development partner’s purpose? To guide you through the process and to take care of your entire legwork. So you want a company with years of experience developing productive offshore teams.

They are supposed to understand the business, the culture and have seen everything before. Unfortunately, while many companies are calling themselves “offshore construction specialists” or others are providing “offshore outsourcing,” some are far away. 

Let’s look at how to test early doors for an offshore partner – ensuring that they’re genuinely trustworthy and professional – before you’re in too deep.

Offshore Development Partner

Are You Certain You Are Offshoring?

Offshoring and outsourcing are two very different models although they are often used interchangeably. The problem is that as offshoring becomes more popular, outsourcing firms want their pie slice, misleadingly advertising services “offshoring” or “offshore outsourcing.”

  • Offshoring-Building a dedicated software development team in another country (complete with office space, administration and management). Offshoring has many advantages, most importantly the savings and exposure to a vast pool of talent. You own the entire team and they are fully integrated into your company but your Offshore Production Partner handles the administration.
  • Outsourcing-Hiring vendors to cover a power deficit temporarily. These are more like freelancers. They are called in when necessary, but independent of your organization. Workload is outsourced in all industries, typically due to lower costs. And this is always fine. As a result, investing in a great offshore company has major cost benefits.

How to Evaluate Offshore Partners For Compliance

  • Test Their Demonstrated Expertise

It’s 2020: there’s no reason why your offshore partner’s website doesn’t display portfolio items or case studies. These can provide a perceptive view on what your offshore partner can do, and how well they are doing it.

Your prospective partner should be able to showcase their productive offshore development team building experience. The most important information, such as project strategy or relationships, schedules, outcomes achieved, should be highlighted. But check their delivery as well. Do they sound competent and confident, rude and showy, or maybe lazy and insolent?

Keep an eye out for fakes. If an organization really knows their job and accomplishments, they will be able to explain it concisely and make it easy to understand. Rambling words, ambiguous definitions, and unrealistic claims should all be red flags!

Take the time to research their past clients. What kind of feedback do they provide? It’s smart to check online reviews and double client testimonials that you see on their website. This legwork can save you a lot of trouble later.

  • Strike the Quality vs. Cost Balance

While cost saving is often the biggest incentive to offshore your work, it should not be at cost of quality. You don’t want to work with vendors who are cheap but can’t deliver quality work. 

So, how can you ensure that you’re getting value for money when you hire an offshore partner?

The cost of living in developing countries like India and China is lower than in developed nations like USA and Germany. So, you can be rest assured that offshore labor will be lower priced than domestic workers.

Even if you add taxes, utilities, administration, and duties, the grand total can be 50% to 30% lower than indigenous teams. Suppose you land a partner who offers to work for 10% of the domestic cost, you will be tempted to take up the offer. 

But you need to look more closely before jumping the gun. Ask the vendor some questions: 

  • What is the work-cost breakdown?
  • Are there any additional or hidden costs involved? 
  • What are the timelines and quality standards you expect? 
  • Does the vendor have the essential skill set and infrastructure to deliver the quality your expect?
  • Will you be asked to pay for hiring and training new people required for the project?

Get all terms and conditions written in a formal contract and iron out all the kinks beforehand. In this way, you can avoid disputes later and get the most bang for your buck.

  • Proactive about Communication

When your vendor is working thousands of miles away, communication becomes the key to smooth working. You will be surprised to know that one in five offshore projects fail due to poor communication. Clear communication cultivates trust between both parties.

project failure rate due communication

How do you gauge if your offshore partner will communicate proactively once the project commences. You will get inkling about this during your initial communication itself. Do they answer your emails and calls promptly? Do they adhere to the set meeting schedules? Any red flags at this stage should be considered seriously. If the vendor is careless about communication in early stages, they are bound to follow the same pattern later too.

  • Factor in the Culture Gap

Cultural gap can be an impediment to a great working relationship between offshore partners. But there are ways to work around it. The first step is that you need to acknowledge each other’s differences and be committed to bridge the gap.

When we talk about culture gap, it could be as wide as language barriers and as narrow as national holidays. Educate your vendor about the tenets of your culture and ask them to do the same. if the vendor has prior experience of projects in your country, it is a definite plus. 

They will have a pulse around the market condition and audience taste of the area. They will also possess knowledge about the communication protocol prevalent there. All these things become critical when you plan to spend months or even years working together. 

Final Thoughts

This list is by no means exhaustive. We have not touched upon technical competency and hiring, but those factors are already widely explored. It is the finer details covered in this article that we often miss when vetting offshore partners.

To sum up, you want an offshore vendor who is stringent about quality, communication, and commitment. At the same time, they need to have requisite experience and demonstrated performance. If you’re lucky enough to spot such a vendor, it makes sense to hire them even for a higher cost.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

How to Ensure Data Quality for an Analytics Application?

Data quality is of paramount importance for an analytics application. Poor quality data can not only be misleading but also potentially dangerous. Data-driven decisions can get hampered and business intelligence (BI) gets affected if data quality is not maintained.

But the truth is that data quality issue was among the top three problems of BI and analytics users every year in The BI Survey since it was first started in 2002. If the situation is so dismal and its ramifications so profound, it makes sense to look at ways and means of remedy.

Data Quality for an Analytics Application

This post talks about actionable ways by which you can maintain high quality in the data pipelines of your analytics applications.

How Can we Define “Data Quality”?

Data can be said to be of good quality when it fulfills its dependent processes and becomes useful for its intended clients, end-users, and applications. Data quality impacts business decisions, regulatory mechanisms, and operational capacities.

There are five parameters by which we can determine data quality:

  • Accuracy: Is your data accurate and collected from reliable sources?
  • Relevancy: Is the data able to fulfill its intended use?
  • Completeness: Are all data records and values complete?
  • Timeliness: Is the data fresh up to the last minute, especially for time-sensitive processes?
  • Consistency: Can you cross-reference data from multiple sources? Is its format compatible with the dependent processes or applications?

How Can We Maintain Data Quality?

For an analytics application, data quality is non-negotiable. There should be a zero-tolerance policy for errors in data pipelines because this can impact the credibility and performance of analytics applications.

 In such programs, data is the raw material based on which deductions are made and decisions are taken.  If the raw material itself is sub-standard, the outcome will also be of poor quality. Hence, data quality in analytics applications should be a priority.

Below, we have outlined best practices and actionable steps by which you can improve and maintain data quality in your applications:

Data Quality for an Analytics Application_1

  • Data Profiling should be Rigorous

Often, data is collected by third parties or is submitted by multiple sources, which can be a reason for its dubious nature.  In such cases, quality of data is not guaranteed and a data profiling tool becomes essential.

A data profiling tool should check the following data aspects:

  • Format and patterns of data
  • Consistency between data records
  • Anomalies in data distribution
  • Data completeness

Data profiling should be automated and constant. You should configure alerts for instances when errors are detected. A dashboard with KPI metrics of data profiling should be maintained.

  • Avoid Duplication of Data

“Duplicate data” means the same content as an existing data set, in full or partial. Such data sets are generated by different people for different purposes and applications, but their content is exactly the same. The data set is collected from the same source and by using the same collection logic.

The problem with duplicate data is that it creates a cascading effect on all the applications that are using it. If a data source gets corrupted or a collection logic is erroneous, all the duplicate sets get affected and this can impair all the processes that involve the data set. It becomes difficult to remedy all the affected processes and track the source of leakage.

To avert this risk, you need to establish fool-proof data pipelines from start to finish.  Data modeling and architecture of each pipeline needs to be cautiously designed. Have a data governance system in place. Manage data in a unified, centralized system. 

You also need robust communication systems so that cross-functional teams can get a ring side view of what the other teams are doing.  If they detect any data duplication issues, they can raise an alarm instantly and issues can be capped at the origin itself.

  • Gather Data Requirements Carefully

You should document all data use cases, preferably with examples and visualization scenarios. Try to present data accurately. Communicate clearly with the client about their expectations from data discovery.

Keep all data requirements neatly filed and in a shareable mode so that the entire team can access them. You need business analysts in your development team because they understand perspectives of both sides, namely client and developers.  They also perform analysis of the impact that data requirements will have, plus create A/B tests to check all app iterations.

  • Data Integrity Needs to Be Enforced

You need data integrity measures such as triggers and foreign keys for your analytics application. As data sources multiply, you need to house them in multiple locations. Then, you have to reference data sets relatively. Data integrity ensures this referential system is error-proof.

They corroborate processes with best practices of data governance. With the advent of Big data, referential enforcement has become a complex yet essential module. Without it, your data can be outdated, delayed, or erratic. 

  • Lineage Traceability of Integrated Data Should be Easy

When data sets feed into each other, error in one record can offset a chain of errors that can paralyze the entire application. If you build lineage traceability, you can trace the origin of an error quickly and save impending disaster.

There are two aspects of this process: meta-data and data itself. In the former case, tracing is done by following relationships existing between records and fields. In the latter, you can drill down upon the exact data that has been compromised.

Meta-data traceability should be factored in during the data pipeline design stage itself. It is much easier to sift through meta-data than tons of data records. Hence, this mode should be incorporated in your app’s data governance policy.

Conclusion

You need to empower your data control teams to interweave best practices of data quality within your app’s architecture. It is important that you understand that your analytics app will be of no use to end-clients if its data quality is not pixel-perfect. 

Hope you found the post informative. Let us know about the data quality best practices you follow.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

How to Select the Right Serverless Architecture: A Quick Comparison?

Businesses are benefiting from serverless architecture. They pay only for the services they use and get greater agility in return. Operational costs get lowered and developers can code uninhibitedly without worrying about hardware resource allocation. 

The biggest factor that works in favor of serverless architecture is the freedom to scale up and down as desired.  All these pros make a strong business case for companies that are planning to shift their selected workloads to the serverless model.

If you have already migrated to this disruptive technology or are planning on doing so shortly, these battle-tested tips and hacks can help you greatly. Using these suggestions, you can find the right serverless architecture provider for your business and then chalk out a working model that gives you the best returns.

Right Serverless Architecture

Which is the Best Serverless Provider for Me?

Your serverless provider will have long-term implications on your operations. The wrong selection can result in unimaginable loss in data, privacy, functionalities, and productivity.

There are many cloud computing providers who can help you set up your serverless architecture. But three platforms are undisputed leaders in the Function-as-a-service (FaaS) application model. They are:

  1. AWS
  2. Microsoft Azure
  3. Google Cloud

Let us compare their salient features so that you can make an informed decision for your business.

Features to select serverless architecture

Parameter #1:  Language Support & Deployment Options

AWS Lambda being the pioneer in serverless architecture finds widespread language support and deployment options. JavaScript, Node.js, Python, Java and C# give native support to AWS. It has a wide variety of runtime environments and is a versatile option for developers. Its API comes in a deployment package as a ZIP file which can be uploaded and edited directly in the console.

Azure AWS supports languages like C#, F#, Python, Java, Node.js, Python & PHP. It offers multiple deployment options, such as GitHub, DropBox, and OneDrive. You can also integrate it with Visual Studio and Zip Deployment.

Late entrant, Google Cloud, is supported by fewer languages, including Node.js 6, Node.js 7 and Python 3.7. More languages are expected to be appended in the list. For deployment, you have many options, such as Cloud Storage,  Zip Upload, CLI, and inline web editor.

Parameter #2: Management of Dependency

In AWS Lambda, you have to organize and align your dependencies with your code in a specific way. In this way, you create a deployment package. For doing this, you can use plugins such as Jenkins and Maven.

Azure Functions has the package.json built into your function directory. You can run npm install using the Console or Kudu in the Azure portal. This process is used universally, regardless of your choice of runtime language.

Google Cloud Functions allows you to manage dependencies via npm and lets you create a metadata file called package.json. Unlike AWS, Google install all dependencies on the user’s behalf. 

Parameter #3: Long-term Storage

The beauty of serverless architecture is that it is stateless. The functions written in this framework are not dependent on the underlying infrastructure and variables. AWS Lambda requires no use of variables while composing functions. But you can store variables in persistent locations like DynamoDB and cloud storage.

For Azure Functions, you may use Azure Blob Storage or Table Storage for storing persistent data across instances. In Google Cloud Functions, services such as Cloud Firestore, SQL, Storage, or Datastore should be used by your function is you want to share state.

Parameter #4: Access Management and Identity

Identity and Access Management (IAM) lets you control access to your functions by creating an authorization layer. Using this, you can decide what kind of resources you want (write-only or read-only) and what areas should these resources access (entire project or a single function only).

In AWS Lambda, you can create custom IAM policies and append to them your functions. Then, you can control users, roles, API actions, resources, and groups.

Azure Functions lets you create Resource Based Access Control for modulating function policies. Presently, you can grant read only/write only/ both rights.

Google Cloud Functions gives you more control as you can decide access permissions for each role. 

Parameter #5: Types and Triggers

Triggers are custom events or sources that invoke functions. AWS Lambda allows HTTPS-invoked events using REST API. There is also an endpoint which uses API Gateway. You can also use the wide variety of built-in AWS services. Functions can also be set off via AWS SDKs if you have the requisite permissions.

In Azure Functions, you can use services such as Queue Storage, Table Storage, or CosmosDB to create triggers. One add-on is that you can use external HTTP as well as WebHooks for invocation. 

Cloud Functions too supports HTTP triggers. You can also use Cloud Storage and Cloud Sub/Pub as triggers. New options are expected to be included in its Beta version.

Parameter #6: Orchestration

AWS has Step Functions that help to orchestrate serverless functions in a stateless architecture. Each function’s state is logged into a Step Function and used for subsequent functions.

In Azure Functions, Azure Logic Apps and Durable Functions accomplish the task of orchestration. Using connectors, you can integrate cloud services as well as on-site services. Google Cloud Functions suffers from a lack of orchestration capability.

Conclusion

The latest CNCF study reveals that AWS is the frontrunner among serverless architecture providers by claiming a market share of 70% deployments on Lambda. Its early advent and new updates are mostly responsible for its lead among competitors. But Google and Azure are fast catching up with their superb features and performance.

For newbies in serverless, our best advice is to give each provider a fair shot before making a final choice. You can evaluate each platform for compatibility with your custom software services, and choose the one which is best-aligned.

Get on a call with our expert to understand whether adopting serverless architecture for your web application is the right choice or not. 

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

How to Make Your Websites ADA-Compliant?

We designate parking spaces and create raised markings on roads for helping the disabled. Now, we need to make our websites ADA-compliant too. ADA stands for The Americans with Disabilities Act which came into force in Jan, 2018. If your website or blog isn’t fulfilling statutes laid out by ADA, you can be issued a legal notice for non-compliance.

Why Do Websites Need to Be ADA-Compliant?

ADA compliance is a policy regulation for the inclusion of disabled people in all walks of life. The rationale behind the policy is that physically and mentally-compromised people should be able to access and use websites as well as normal people can.

What Will Happen If you’re not ADA-Compliant? Presently, nothing will happen. There have been cases where a link has been taken down after a complaint was filed with the authorities. But nothing drastic has happened as of now.  But what if the page taken down is one of your well-ranked pages? A page you built with years of careful SEO, back linking, and impeccable content? That will pinch quite a bit.

ADA-Compliant

Do You Need to Worry About This?

Not all companies need to pay heed to ADA compliance regulations. But if you’re in a public service domain, or are a government agency, or have 15 employees or more, you need to pay heed to ADA. Another way of determining this is: if your geographical location falls within an ADA-governed area, you will have to make your website compliant too.

Have you received a complaint or explanation notice for violation of ADA? Well, you’re not alone. Only 5-8% of government pages fulfill all the rules of ADA. Still, you need to be on the safe side of law at all times. 

Tips to Make Your Website ADA-Compliant

  • Understand the Web Content Accessibility Guidelines (WCAG)

Here are some of the recommendations mentioned in the WCAG:

  1. All non-text elements have a text alternative, barring some exceptional situations.
  2. All pre-recorded audio and video content has accompanying captions and audio descriptions.
  3. You have provided sign language references for all pre-recorded audio content.
  4. Instructions are not based solely on sensory characteristics such as size, shape, color, orientation, location, etc.
  5. Each and every text input filed can be programmatically determined.
  6. If a web page contains an audio that gets automatically triggered, there is a mechanism to turn it off within 3 seconds.
  7. The contrast ratio of text and images is not less than 4.5:1.
  • Conduct an ADA audit using the WAVE tool

Google Chrome’s WAVE tool is available at http://wave.webaim.org. You can type in your site URL and review the missing headings, descriptions, and other page structure related issues. The results will also show the ADA-related issues on that one page. We got 3 alerts and 0 errors on our homepage’s ADA evaluation.

Wave - ADA

 

  • Image Descriptions Should Be Complete

All the pictures and rich media elements you use in your site should have proper alt tags. Alt tags are used by page readers and players to describe the image to non-sighted users. If your images lack alt tags, they will be ignored by crawlers once Google starts penalizing sites for ADA-non compliance.

  • Design Your Site for All Users

If your site has illegible fonts or color contrast issues, it will not be of any use to handicap visitors. Similarly, CTAs, buttons, and links should be conspicuous and boldly displayed. Your page style and architecture should be so natural and intuitive that users of all levels can access information easily and painlessly.

Here are examples of good and bad ADA-optimized content:

ADA Example 1

ADA Example 2

  • Follow Copywriting Best Practices

Include white space in your web content judiciously. Write conversational content that is easy to read and digest. Break up large walls of text into small sentences and paragraphs. Organize page content using logical headings and sub-headings. For acronyms like USA, use a period between letters so that screen readers pronounce them correctly. These best practices will not only help your handicap customers but also delight your regular website visitors.

  • Check Your Site’ s Code

It’s always better to hire a professional site developer and designer look through your website’s HTML and CSS to make sure that there are no lacunas. Outdated content needs to be disposed and clean coding practices should be deployed.

ADA Compliance Checklist

We understand you’re busy growing your business yet want to be abreast with ADA regulations. Below, we have compiled a comprehensive checklist with the major points you need to cover in your website.

Data Point Yes No
All the images, audio/video files, plugins have alt tags?
Text descriptions accompany all complex graphics?
The alt descriptions specify the object’s purpose?
Blank alt tags are attached to graphics that are not clickable?
If an image is also a link, does the alt tag describe the link and graphics destination?
All videos have audio descriptions and captions?
All videos come with text transcripts? Is there a separate link to the transcript?
Are the videos embedded as web objects or present as links?
Tables have tags for identifying the row and column headers?
Layout tables don’t have row and column tags and headers?
No flashing images on pages?
Label tags are used for form controls that are text fields?
Are form fields in a logical tab order?
All plugins and applets in a page are available for assistive tools?
Is there a button for skipping navigation for people who are using screen readers?

Conclusion

There is one last point you need to understand. Making your website ADA-compliant is not a one-off effort. Rather, it is an always-on requirement that you’ll have to adhere as and when you add more content and link to other pages on the web.

Did you find this article helpful? Let us know your feedback in the comments below.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

iView Labs Pvt Ltd. Named a Top Developer in India by Clutch

We never stop looking for new ways to improve. In particular, we want to add value in the fields of progressive web apps, mobile apps, the Cloud, DevOps, and IoT by building secured, scalable operations and code.

In order to progress in these innovative fields, we must consistently refine our skillset and look at industry trends. For instance, we look to the leading business portfolio platform, Clutch, for new ideas.

In return, we recently won a Clutch award for mobile app development! We’re honored to have been recognized by Clutch as a leading B2B developer in India.

This award is a great achievement and ensures our customers and business partners are happy with our knowledge deliveries and services.

iView Labs Pvt Ltd. Named a Top Developer in India by Clutch

Clutch analysts collect reviews about vendor’s projects and then rank the vendors according to the vendor’s market presence, range of specializations, and most importantly, the ratings from their client feedback.

We’re lucky enough to have six positive reviews on our profile, resulting in an overall profile rating of 4.8 stars! We’re grateful to our clients for taking the time to leave thoughtful feedback. There’s no doubt this feedback played a large role in our achievement of this award.

iView Labs Review on clutch

Reading our clients’ feedback on Clutch helps us continue to refine our approach. For example, after reading our most recent review about a mobile app project, we learned that our clients highly value clear, punctual communication.

“Project management was very good, and so was communication. They solved all our problems and were punctual.” — IT Manager, Leen Alkhair

We will use the Clutch award and the positive feedback as motivation to continue enhancing our services. There is no limit to perfection!

If you’re looking to create a modern, robust application that can scale, please contact our team. We’re always thrilled to discuss new possibilities with potential clients.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

What is Serverless Computing?

We all use mobile phones. Many of us use a fixed data plan that charges us for a threshold amount of data per day or month. Anything above this limit is charged at a premium. Now, it’s not necessary that you will use each byte of data for which you’re paying. In fact, most of the data goes unused.

Serverless_Web_App

(Image Source: aws.amazon.com)

This can be compared to the traditional computing system. Companies had to invest bundles of money in buying costly servers. With the advent of  cloud computing, companies could rent storage space on the cloud  which was cheaper than buying servers, but most companies miscalculated and leased more space than needed.

Now, continuing with our mobile phone analogy. Post-paid or pay-as-you-use plans are the preferred choice of most mobile phone users. You pay only for the quantum of data that you use. You don’t have to shell out a minimum amount, neither are you penalized for overuse.

This can be compared to serverless computing. Developers can code but companies need not purchase servers or rent cloud space. Servers are involved but developers aren’t concerned with them. So, ‘serverless’ computing is not actually ‘serverless.’

custom1

Why Serverless Computing?

The main benefit you get from switching to serverless computing is cost savings that you get. You pay only for the services that you use. The entire infrastructure is maintained by the vendor. This turns out not only cheaper but also scales up and down easily. As your backend services expand and you need more server space, you can easily avail it. You won’t have to shell out on servers, physical space, and technicians to maintain the servers.

There are other benefits of serverless computing:

  • Scalability: Scaling up or down is never an issue with companies that opt for serverless architecture. Their developers can do limitless coding while the server vendors look after increasing or decreasing system capacities.
  • Easy coding: Independent methods to invoke calls to backend can be written easily by developers. With Function-as-a-Service (FaaS), coding is quick and hassle-free.
  • Faster delivery: The turnaround time for code deployment and bug fixing reduces considerably. Developers can do testing and fixing on piecemeal basis instead of rolling out complicated overhauls.

Serverless computing is an extended service provided by cloud providers. Many leading cloud providers are the major players in serverless computing. They include AWS Lambda, Azure Functions, IBM OpenWhisk, and Google Cloud Functions.

Serverless computing vs. Traditional Computing

The debate of serverless versus traditional computing goes on. Needless to say, both architectures have their pros and cons. But there is a lot of propaganda by cloud vendors claiming serverless computing as the trend to follow.

Let us know how the two structures compare vis-à-vis some important parameters:

Cost Structure

This is a no-contest. Serverless computing wins hands down in the pricing area. Vendors charge you for the number of function executions that you make. You are allocated time slots for running a function. The more executions, more will be your bill. But the greatest saving comes from the staff overheads that you won’t incur now.

Networking

Here, traditional computing scores over serverless computing. Serverless systems require you to set up private APIs. Traditional computing lets you access code via regular IPs. Though this can be a deal breaker, it doesn’t affect the overall cost structure of serverless architecture.

Integrations

If your application depends on using third-party libraries such as for coding or cryptography, you should opt for traditional computing. This is because serverless computing will require you to make these libraries and integrations available within the application, which can make it too heavy and sluggish. But here again all depends on the context. For simple applications, serverless architecture can still make sense with one or two in-app integrations.

Multiple Environments

Setting up multiple environments is easy breezy in serverless architecture. You don’t have to bother about setting up different machines for development, staging, and production. So, in the factor, traditional computing takes a rough beating from serverless computing.

Timeout

Some applications or functions require external referencing or have variable execution times. For such functions, serverless architecture is no good. This is because serverless computing has a stringent timeout of 300 seconds (mostly). Not all applications are able to complete their cycles in this duration. Traditional architecture is a clear winner in timeouts department.

Scalability

Scaling up and down is not an issue with serverless computing. It happens instantly and seamlessly. This can be perceived as an advantage by many, but actually it has a downside. Coders are not able to address and mitigate glitches when new functions or executions are instantiated. This means a lack of control over the proceedings which can be counted as a major drawback of serverless computing.

Key Highlights of Functions-as-a-Service (FaaS)

FaaS are not any different from functions in general. They involve lines of code that feed some input into the system. The input is processed and output is produced.

The difference lies in the execution of functions. In FaaS, each execution can exist in a separate container. You cannot expect the files to be available for successive executions. Each execution is independent and stateless.

Another difference is that FaaS cease to exist as soon as they finish executing. The container in which they’re executing gets scrapped while the function is underway.

FaaS can be externally and directly invoked. Sometimes, an HTTP request or message notification triggers FaaS. Most external invokes are raised by other cloud services.

A serverless architecture typically has the following components:

  1. Web server
  2. FaaS
  3. Security token service (STS)
  4. Database
  5. User authentication

custom2

Serverless Architecture: The Developer’s Perspective

Serverless architecture can be a boon for developers. They can save precious bandwidth that they used to devote in server management and administration roles. Their responsibility and liability reduces by a big margin. They can focus on building the application while the server vendors look after the backend services for them.

Conclusion

So that’s serverless architecture in a nutshell. Stay tuned for more in-depth articles on serverless computing and other related topics.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

How to Make Your Cloud Applications GDPR Compliant?

General Data Protection Regulation (GDPR) is an effort to control personal data that is housed and accessed by third parties, including cloud service providers (CSP). The provisions of GDPR are stringent and violation penalties are hefty. Even a slight deviation from the regulation can cost your company dearly.

the-framed-bear-8wewP5tpt-4-unsplash

(Image Source: Unsplash)

Companies that rely on CSPs to run and manage applications will have to be extra-cautious if they want to avoid paying heavy fines and losing customer faith. Even if you are toeing the line set out by GDPR, your CSP might not be doing the same. In that case, you are culpable for a crime you didn’t exactly commit. You will have to pay a huge fine and lose face and goodwill in the marketplace. Both scenarios spell disaster for any business.

If you hear warning bells, let us reassure you that there are many viable ways of making your cloud-run applications GDPR-compliant. But before we delve into the matter, let us know what GDPR is and why you need to follow it.

GDPR- Basic Facts

What is GDPR?

GDPR is a set of rules that dictates companies to protect the personal data of consumers that they collect. It seeks to empower consumers to keep their data confidential and safeguard it against leakage or compromise. The policy is set to replace the data protection laws of 1995 which have become outdated in the current scenario.

Who needs to follow GDPR?

While GDPR governs companies in the European Union (EU), its rules also apply to export of personal data to companies outside the EU. In this way, GDPR covers a large proportion of companies worldwide in its ambit.

GDPR covers companies with:

  • Offices in the EU
  • Non-EU companies that are dealing with data exported from EU
  • 250+ employees
  • Less than 250 workers but whose activities impact a large number of people. By recent stats, nearly 92% of US companies are keeping GDPR compliance as their top security concern.

Types of personal data covered by GDPR

Personal identifiable information (PII) as defined by GDPR includes:

  • Identity information including name, personal address, and IDs
  • Web data like IP address and location
  • Health data and sexual orientation
  • Biometric information
  • Ethnic background and political affiliations

How much is the GDPR non-compliance fine?

There are two tiers of administrative penalties that can be levied if your company isn’t GDPR-ready. These fines are imposed on a case-to-case basis, and not a blanket rule for all operations.

  1. Tier 1- Fine of €10 million or 2% of annual global turnover, whichever is higher
  2. Tier 2- Fine of €20 million or 4% of annual global turnover, whichever is higher

GDPR

Are your Cloud Applications GDPR-Ready?

If you have a lot of cloud deployments hosted by third parties, you will have to ensure that they are as GDPR-compliant as you are. Such companies need more than technology to remain ahead of the curve. Their internal cloud teams will need to be trained so that they can create secure and compliant applications.

Here is a four-pronged approach you can apply:

  • Make your cloud partners compliant

The cloud ecosystem consists of the vendor and the customer, both of whom should be GDPR compliant. The cloud provider (vendor) needs to secure their physical infrastructure as well as resources meant for storage, computing, and database services.

If you’re importing personal data that is subsequently captured by your cloud vendor, ensure that you have firewalls in place, at instance and application levels. You will have to monitor access controls, logging, and encryption of the applications.

Major cloud players such as AWS, Google Cloud, Microsoft Azure have their GDPR regulations in place. The smaller vendors need to follow suit. The ultimate onus of fulfilling GDPR regulations lies with the cloud customer only.

  • Conduct an internal audit

As mentioned, PII includes a lot of sensitive information that can be compromised or leaked. Data security and breach is a top concern with most internet users today. In many surveys, customers have admitted that they hesitate to engage with companies that ask unreasonable personal details. With every high-profile data breach case, the stranglehold around companies becomes tighter.

GDPR is an opportunity for companies to take an objective look at the kind of data they are collecting from customers. Is so much data actually required by the business? What about the existing data within the system? Is it outdated or irrelevant in present situation? If so, it is advisable to dispose it and make your database as lean as possible.

Since cloud applications require exchange of customer data with vendors, an internal audit will ensure that minimum sensitive information passes hands.

  • Be proactive about security

Big name cloud providers such as Amazon, Google Cloud, and Microsoft AWS have the following security features in place:

Access: Using IAM, administrators can drill down upon granular-level permissions for each user and service. You can leverage MFA or multi-factor authentication to segregate high-level permissions to users.

Encryption: You should encrypt data that is in transit between internal cloud services. Similarly, data at rest should also be encrypted to fool-proof it. AWS’s key vault and key management services can be deployed for enabling encryption.

Monitoring: You can use monitoring services offered by AWS such as CloudTrail and Security Center,  and CloudWatch by Amazon to plug loopholes in your cloud processes.

Threat Detection: Specific services in AWS and Amazon help to spot malicious URLs and suspicious activities and plug them at source.

  • Empower your teams

You need to keep a watch on your hiring and training processes so that your staff is capable of creating and deploying GDPR-ready applications. Encourage cloud teams to follow security best practices regarding data access and exchange. Keep upskilling workforce to bridge skill gaps and extract maximum productivity. Try to keep ahead of the next technological disruption by monitoring the global trends and challenges.

Wrap up

The technology space is always evolving and you need to remain up-to-date at all times. A loss of personal data will not only invite GDPR’s ire but also show your company in poor light. It is imperative that you follow advancements in the security domain.

Watch this space for the latest news on security and compliance.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

How to Recruit Product Engineers

Product Engineers are changing the face of the product development domain. They are a step up from full-stack engineers and a level away from product developers. Simply put, product engineers are not plain coders; they code keeping user experience in mind. They not only understand technical stacks but also understand product design. You could call them “jack of all trades.”

How-to-Recruit-Product-Engineers_4

Do you get frustrated when your app’s features don’t reflect your vision? You had a perfect idea, precise product specs, technical resources, and tools, so what went wrong?

You missed the critical link between the design board and the market. You envisioned a product. You conveyed your idea to your designer. He communicated required technical specs to your engineer, who started coding. Where’s the collaboration? Where’s a continuous improvement? Consequently, you have a product that neither delivers ROI nor garners user acceptance.

Why Do you Need Product Engineers

If you have engineers who solve problems using code and product managers who take care of product features, why do you need product engineers? They are the critical bridge between design and development teams. By fostering two-way communication, product engineers ease friction between cross-functional teams. 

They code but with end products in perspective. Whenever presented with a coding opportunity, product-minded engineers evaluate how the code will impact the end product. More importantly, they think about user experience and business goals. They balance product specs with technical demands. The result is a product that meets market needs and business objectives- a win-win situation for all teams involved. 

You need a change in mindset here. Having product engineers in your team will create a pragmatic work culture with everyone striving towards building a winning product. 

How to Recruit Good Product Engineers

Product engineers need to have a blend of coding skills, analytical thinking, and business knowledge. A bit of creativity is a bonus. Plus, they have to be efficient managers and smooth talkers. 

How-to-Recruit-Product-Engineers_3

Step 1: Build a Job Description

Outline the proficiencies you desire in your potential product engineers. List their role and skillset categorically.

A sample job description could be: 

Product engineers will play a pivotal role throughout the development cycle, right from conception to testing. An astute understanding of market trends is necessary for the candidate.  

They need to be aligned with user expectations in a relevant niche. Once product specs are made, they will evaluate specs against market needs and re-align strategy to satisfy budget, time, and market constraints.

Product engineers will also have the responsibility to generate technical documentation and support material before a product is launched. They have to perform prototype testing for functionality, intuitiveness, and market appeal.

Add-on responsibilities can be assistance in the manufacturing process and guidance in packaging and marketing the product.

Read more: How to Manage Distributed Product Development Teams

Step 2: Interview Candidates

Go in for a structured interview instead of a generic banter with candidates. Have multiple screening rounds spread across different days? Screen at least two candidates per day so that you can eliminate unsuitable people early. This will save you lots of wasted effort and time.

Divide the evaluation questions into:

  1. Career goal and inspiration
  2. Academic and professional background
  3. Coding proficiency
  4. Product-based thinking skill
  5. Project communication 

Take time to weigh each candidate. You need an all-rounder who will impact your future products in a big way. Determine a candidate’s worth after analyzing his capabilities carefully. Have a ballpark figure in mind and leave room for negotiation.

Sample screening questions can be:

  • Define our company’s vision and values.
  • Why do you want to join us?
  • What interests you in product development?
  • Explain the layers of full-stack.
  • What are the benefits and drawbacks of database procedures?
  • If a product designer lists five desirable features at the end product (give the features), how will you prioritize them?
  • Which setup do you prefer- MVC or some other?
  • What’s the use of the front-end framework?
  • How do you gather user feedback?
  • How important to you is product testing?
  • What team structure do you prefer- full-stacked or layered?
  • How can we scale our teams?
  • What makes a good mentor?

Invite questions from the candidate. Indulge in a discussion if opinions on a question vary widely. Try to gauge the person’s mindset and affinity. Are they concerned only about employee benefits? Do they have genuine concern about delivering classy products? How can they add value to your team?

Your recruiter’s job would include the following:

  • Study candidates’ body language: Make a note of how confident and composed a candidate is. Since this isn’t an entry-level job, you’d expect experienced candidates to not get nervous during interviews.
  • Don’t do passive listening: Listen actively to answers. Jot down your doubts and allow the candidate to clarify or rectify their answers. Reflect on previous answers. Also, refer to them in connected questions. This will show how genuinely a candidate is answering.
  • Make notes while interviewing: Prepare a checklist of must-haves and good-to-haves. Write down your observations succinctly. Highlight each candidate’s unique capability and its impact on the product development process. Summarize the interview answers into brief points. Read back answers to the interviewee and ask if you’ve understood them correctly. By doing this, you can avoid miscommunication.
  • Give instant feedback:  If you find an answer unsatisfactory, call it out immediately. Let the interviewee explain their viewpoint. Once the evaluation is over, don’t leave the candidates in a lurch. Communicate the next steps clearly. Don’t hesitate to end the interview early if you find a mismatch between your expectations and the candidate’s capabilities. 
  • At iViewLabs, we consider recruitment as a vital building block of team building and product delivery. We invest time and energy into it. You can do the same. To save bandwidth, delegate interviewing and screening responsibilities to experienced product managers. Brief them before so that they know what to look for in a candidate. Let them add to the questions and rounds since they are more in touch with the actual development process.

Let us know how you recruit product engineers. We would be glad to assist you with more helpful resources and free consultation. 

If you are looking to build a web, mobile or a cloud product, you can avail of a round of discussion with iView Labs’ tech team. Our developers and project team are always here to help and suggest what is required and necessary for your products.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.

5 Effective Ways of Retaining Product Customers

In a saturated marketplace such as ours where competition is stiff, it makes sense to conserve the customer base that you have acquired. It’s a well-accepted fact: if you service the customers you have, you won’t have to go around hunting for new ones. Yet, sales and marketing people exert effort and expenses in generating leads.

5-Effective-Ways-of-Retaining-Product-Customers_1

You can sell to an existing customer 7 out of 10 times, but only 1 out of 10 times to a new customer. Plus, acquiring new customers is costly. You can retain present customers at a fraction of this cost, one-sixth to be precise. And here’s the trump card of statistics in favor of customer retention: Gartner states that 80% of all your future ROI will come from just 20% of your customers. Wow, that’s an eye-opener! This means your business can survive (at least break even) just by cross-selling or up-selling to your existing customers. You almost don’t need to onboard new customers.

Are you thinking – this doesn’t concern me, I have a great product and my customers will never abandon me? Then, there’s another bitter pill you’ll have to swallow: no matter how good your product or service is, your customers might leave if they feel neglected. This is why many top-notch products and companies shut down. They just don’t work hard enough to build customer loyalty. In fact, a good 68% of customers say a company’s uncaring or impersonal attitude is a relationship-killer.

The graphic below will prove our point:

5-Effective-Ways-of-Retaining-Product-Customers_2

Source

So putting things in perspective, we have compiled battle-tested techniques for retention of product customers.

1) Deliver Quality Products: The key to gaining repeat business is delivering top quality products. Nothing works as well as a product that wows with its features. Even if your product is marked higher than competitors, it will reign supreme if it’s a cut above the rest.

Let’s illustrate with an example: Two doorstep service providers, Urban Clap and Yes Madame. Both offer at-home salon services at competitive prices. Urban clap is priced higher than Yes Madame. Yet, it is market share is bigger. Why? The differentiator is service quality. UC technicians are better trained, use branded products, and are punctual and courteous. Granted, UC has the first-mover advantage, but it’s managed to keep up and even beat competition just because of its killer services. Although, the great marketing helps, but remember, even the most radical marketer can’t sell a product that sucks. Do ample market research when creating your product strategy. Understand what your audience needs. Have a long vision plus short-term goals. Never compromise on quality when faced with time or budget constraints. This is a non-negotiable area that every successful product company excels at. 

Read MoreIs Your Product Really Solving a Problem?     

2) Nurture Customer Relations: KPMG in their study found customer retention to be the biggest revenue driver for companies. The secret that many product companies don’t know is that loyal customers are their best promoters. Satisfied customers become brand ambassadors of a company. They campaign unknowingly about the superb experience they’ve had with a company or product they’re using. Their genuine, first-hand account is a marketing billboard in itself. You don’t need to hire expensive influencers for generating brand awareness or leads for yourself. Your happy customers are doing it for you. So, provide excellent customer service. Reward your return customers with gated offers, discounts, and resources. Treat them well and they’ll treat you better. Keep in touch with them via email, newsletters, and your website. Feature their stories on your social apps and website. Make them your family. Involve them in your journey and they will stay till the very end. A practical way to do this is to draw a list of customers who buy from you regularly. Reach out to them via exclusive offers and make them feel special. Another good tip: List out subscribers to your newsletter. These are people who show an active interest in your work but haven’t purchased anything yet. To make them jump boat, send a first-time promotion offer or discounted service/product. 

3) Lend a Personal Touch: Personalize all your emails and offers. Rid the assembly line approach of sending mass emails. An Ecoconsultancy survey has proved personalized offers, based on a user’s purchase history and preference, can surge your ROI to the sky. This infographic compares the business returns of companies using personalization vs. those that don’t.

4) Listen to Your Customers: Some product companies just never stop selling. Every effort of theirs is geared towards the cash register. This is hardly effective as customers, existing or new, don’t want to be taken for a ride. You’ll have to give them something in return. One of the best ways to make the relationship mutually beneficial is to incorporate their feedback into your future offerings. Don’t send lengthy questionnaires to customers asking them for their opinion or experience with your product. Keep it short and simple. Encourage specific, precise feedback regarding what they liked or didn’t like. Try to collate points and factor them into your product strategy. Do keep respondents in the loop, reassuring that their feedback isn’t ignored. When you value your customers’ opinions, they become stakeholders in your business.  Your product becomes more aligned to market needs. Your ROI improves and so does your customer satisfaction index.5-Effective-Ways-of-Retaining-Product-Customers_3 Source

5) Use a CRM: A CRM system is a handy way to keep track of how customers interact with your product. Draw up metrics of customer inquiries. What bottlenecks are customers facing with your service or product? Are they content with the after-sales service you’re giving? Do you need to improve in some areas? Deeply inspect issues that are reported by the majority of your customers. These have to be resolved on a priority basis. CRM also gives you a sneak peek into how well your sales or customer service staff are working. Disgruntled employees and lackadaisical post-sales staff can annoy a customer big time. This is a serious red flag for any organization and should be attended to immediately.

Wrap Up

By now, you must have grasped the impact customer retention can have on the sales and success of your business. Work your magic on your current customers. They are the big fish that’ll act as bait for the other fish in the pond.

If you are looking to build a web, mobile or a cloud product, you can avail of a round of discussion with iView Labs’ tech team. Our developers and project team are always here to help and suggest what is required and necessary for your products.

To know more about iView Labs, kindly log on to our website www.iviewlabs.com and to get in touch with us with your queries and needs just write us an email on  and .

Download the latest portfolio to see our work.