A provider of documentation management services turned to Altoros to migrate its mobile app to a modern technology stack, ensuring reliability and ease of maintenance, as well as improving security.
Brief results of the collaboration:
- By migrating its mobile app—serving 115,000+ daily users across 5,000 organizations—to a modern technology stack, the company optimized performance, ensured high crash-free rate (up to 99.5%), and achieved ease of maintenance.
- Thanks to data encryption and the updated security libraries/frameworks, the customer eliminated vulnerabilities, as well as ensured compliance with General Data Protection Regulation (GDPR), System and Organization Controls (SOC) Type 2, and ISO 27001:2013 standards.
- Now when the app is resilient to high loads, users can easily download large documentation volumes (>1,500 files) without hitting timeout errors.
Based in Norway, the customer offers a web platform and a mobile app for managing corporate documentation. In 2017, the company was acquired by a leading software provider serving a million users in Europe and Latin America.
The provider had an iOS-based app enabling 40,000 users in 6 countries to easily manage, share, and collaborate (edit, submit notes, etc.) over corporate documents. In 2021, the number of active users has reached 115,000+ across 5,000 companies. Since the app was built upon an outdated technology stack, performance was slow under existing workloads, accompanied by unexpected crashes and security vulnerabilities. Furthermore, the technical debt prevented from updating to the latest iOS version.
Relying on Altoros, the company wanted to fix these urgent issues by migrating to a modern stack, while accelerating the onboarding of expert-level talent with necessary skills under tight deadlines.
Under the project, the team at Altoros had to address the following issues:
- As the app stored sensitive corporate information, it was necessary to ensure compliance with security standards (e.g., GDPR, SOC, and ISO). However, outdated security frameworks and libraries did not allow for proper data encryption.
- The system crashed and hit timeout errors when a user tried to download large documentation volumes (>1,500 files).
- Since the app was running in production, ensuring zero downtime during replatforming was crucial.
Stage 1. In just a week after onboarding, engineers at Altoros evaluated the existing architecture and prioritized the backlog of tasks to migrate the app to the Swift-based stack. To avoid downtime in production, the developers started with business-critical issues, moving onto those of less severity. For instance, a higher priority was given to updating the SQLite database and fixing issues from the Firebase Crashlytics reports to eliminate systematic app crashes, as well as removing unsupported dependencies affecting performance.
Stage 2. To encrypt sensitive data, as well as comply with the GDPR, SOC Type 2, and ISO 27001:2013 standards, the team at Altoros upgraded the security frameworks and libraries in place (e.g., SFHFKeychainUtils and SecureNSUserDefaults), rectifying emerging issues.
Stage 3. To prevent the app from crashing when downloading large volumes of documents, the engineers implemented a few measures. In the first place, developers at Altoros enabled the system to put requests in a queue, processing them in a sequence. Then, the team limited the number of parallel requests to six by using Querer, thus, cutting server response times.
Stage 4. The developers at Altoros also assisted the customer’s in-house team in tweaking an Azure DevOps–based continuous integration / delivery pipeline. Finally, the QA engineers performed unit testing with XCTest.
active daily users
Partnering with Altoros, the customer migrated its mobile app for corporate document management—serving 115,000+ daily users across 5,000 organizations—to a modern technology stack without downtime, optimizing performance, ensuring high crash-free rate (from 95% to 99.5%), and achieving ease of maintenance. Thanks to the upgraded security frameworks and libraries, the company complies with the GDPR, SOC Type 2, and ISO standards. With the app’s resiliency to high loads, users can download large documentation volumes (>1,500 files) without hitting timeout errors.
Frameworks and tools
CocoaPods, Reachability, SFHFKeychainUtils, PureLayout, SecureNSUserDefaults, Queuer, Wootric, PromonShield, Firebase Crashlytics, Azure DevOps