Lets assume that we are going build a product to Visualize Retail Transactions with Real-time Notifications.
We have an ambitious goal of building a SaaS platform on Cloud.
Don’t miss the podcast on ~Characteristics and Practices of Successful Entrepreneurs ~ https://overcast.fm/+BmGWkIxxU/6:05
Initial goal is to host the software in local data center and then eventually open it up to the outside world.
Before even we build actual software we need build a marketing website as the gateway to the software.
We install the Drupal LAMP stack provided by Bitnami.
Once the Drupal Web Content is setup, we have to setup Google Analytics, perform Search Engine Optimization.
Static content now up and running ! Great, its time to build the dynamic page to capture user info and automatically feed the user info to Marketing Automation api.
Looks like now its time to setup the Development Stack.
Excitement building up ! Hurrah LAMJ (Linux, Apache, MySQL, Java) stack up and running in Centos Boxes !
The initial User Registration form is created using Spring-MVC, Spring-Webflow and MySQL.
We design our first set of Rest API.
> Resource /user/rgn/
> Method POST
> Required Headers Accept : “text/plain” , Content-Type : “text/xml”
For a small startup Firebase offers the tools and infrastructure you need to build better apps and grow successful businesses. Few cool Websitebuilder Apps are http://www.wix.com/freesitebuilder/ and https://thegrid.io/
Build a Mobile-ready Frontend using https://facebook.github.io/react-native/
Audit-Log and Process-Flow Log with metadata
JMeter post-deployment Web App Tests
Concurrency Testing is a Must ! Setup Jmeter to post variable data through multiple sessions to the same website.
VisualVM and IBM Memory Analyzer Tool.
Once the site is made public for users to register and play with trial versions; now its time to worry about the performance and secure authentication.
Security ! Lets make it a top-priority item !
Ensure the password is encrypted using the strongest cryptographic function (e.g. scrypt).
Guideline to implement secure password policy.
Check software security vulnerability using Fortify and Burp.
Third party API Integration
Its important to implement SSO SAML for easy access to partner APIs / Websites (e.g. Salesforce )
More interesting things can be slowly implemented once our product gains some momentum !
Enable SSL over http, Plan for Load Balancer, Backup and Failover .
Proactive diagnosis of issues that user may experience by plugging in diagnostic apis (like perf4j) in backend.
Collect metrics about usage of product and its modules by users.
Collect Performance Metrics both on backend (jmeter, perf4j) and frontend (googlepageload test)
Chalk out plan for multi-layer caching based on user experience for example where data access need to be immediate and where it can be deferred.
Memcached is a free solution for distributed servers and Ehcache can easily integrated in local box.
Data Retention Policy
Data Encryption and Data Governance policy
As your product comes out of stealth mode a legitimate request from user community would be to enforce access control on vizualization dashboard and resources.
Tune parameters to improve movement of data