Providing an expert third-party code review for COVID Comply
After launch and experiencing a rapid growth in users, COVID Comply’s director signed up for a reinteractive App Review to get an independent, third-party review of the app’s code as part of a standard risk assessment.
The great thing about working with reinteractive is you get to work directly with the developers, which is a huge plus. As a technical founder, I find proxying through a project manager adds unnecessary layers of complexity and creates opportunity for human error.
In early 2020, COVID-19 reached Australian shores. Shortly thereafter contact tracing became a
necessity for many businesses to continue operating.
With new requirements implemented by Australian State Governments for a wide variety of businesses,
organisations, and associations to capture contact details for customers, including location data
and health questionnaire results for staff; the ability to easily implement a single secure solution
was imperative.
Seeing the need for a comprehensive, advanced, feature-rich, contact tracing solution, fully compliant
with the Australian
Privacy Principles, Ben Richardson created COVID Comply. Ben knew that while simple
contact tracing apps are easy to build, with a lot of solutions available in the market, it is
critically important that businesses select a provider with customer data privacy and security at the
core of their software development process.
COVID Comply is an industry leader for contact tracing apps. The portal is automatically configured to
meet government requirements for each location's address along with a host of other customisable features
to suit individual business needs.
Ben engaged reinteractive to do an App Review of COVID Comply, which is delivered by a senior Ruby on
Rails developer. He was familiar with reinteractive’s development and App Review services, having hired
us for previous projects.
COVID Comply launched 5 months ago and we have had a million check-ins to date and are
currently servicing 50,000 check-ins a day, for more than 2,500 businesses, with more signing up daily.
I wanted an independent, expert third-party review of the app’s code to ensure it was maintaining the
highest possible security of personal data.
I had very specific questions and parts of the code I wanted reviewed. I didn’t want a business-oriented
report back. I wanted a clear technical-oriented report, such as ‘these are problems found and this is how
to solve them.’ I got exactly that, which was perfect. The developer skipped all the fluffy stuff and went
straight into the technical detail.
A senior Ruby on Rails developer goes through your application looking at how easy it is to get up and
running, the test coverage, documentation, and any security issues. The report you receive contains
recommendations on any major issues discovered. We even include a summary of the good parts we find as
well! The developer then goes through the report with you, answering any questions.
Many developers are cautious of third party code reviews initialised by business owners.
There also are many business owners who don’t completely trust their developers and want third
party validation. I believe third party code reviews should be part of standard risk assessment
that both developers and business owners proactively seek on a regular basis. Bringing in a third
party with a lot of collective intelligence and experience to sanity check the direction in which
the codebase is headed makes a lot of sense. You can never be too cautious when it comes to
collecting and protecting personal data.
“The great thing about working with reinteractive is you get to work directly with
the developers, which is a huge plus. As a technical founder, I find proxying through
a project manager adds unnecessary layers of complexity and creates opportunity for
human error.
“The experience of interacting with the developer who did the App Review was great.
They were straight to the point. There was one critical aspect that I wanted immediate
feedback on which was prioritised and delivered before the full code review report. After
the review was finished, I still had some followup questions about some remediation actions
and the developer continued to support a couple of queries beyond project completion.
Overall, as a founder of a product that is evolving rapidly, the way reinteractive tailor
their engagement to suit my circumstances is second to none.”
— Ben Richardson, Founder & Director, COVID Comply
Helping COVID Comply grow
Following the Application Review, Ben made the decision to move COVID Comply to
reinteractive's OpsCare managed hosting.
OpsCare managed hosting for Ruby on Rails applications provides scheduled or load based
scaling and includes around the clock monitoring and support.
Partnering with Businest to build their bespoke accounting application
Working with the founder of Businest, Rhondalyn Korolak, we created an award-winning financial management and cash-flow prediction web application.
reinteractive is the biggest Ruby on Rails development house in the country and has a fantastic reputation in the market, so we were confident that the right number of resources could be assigned to the project. We were very impressed with the level of dedication and care on the project, with development hitting the ground running.
We build stable, well-tested software, built with Ruby on Rails and Javascript. reinteractive provides a complete solution from project scoping, to UX, design, web and mobile development, through to hosting and maintenance. All driven by our seamless, agile project management processes.
We are experts at large, complex and customised solutions. Bring us your ideas, wish list, integration problem or technical need and we will solve it.
We will protect, monitor and scale your Ruby on Rails website or app 24/7. Hosted on AWS or Heroku. We wear the pagers, so you can concentrate on growing your business.
We have in-depth experience in utilising the Salesforce® API and the Heroku platform that allows us to build custom applications that sync with Salesforce, allowing you to leverage the full power of the Salesforce Cloud.
storeConnect is our 100% customisable, fully integrated Salesforce ecommerce solution based on Heroku. Your online store is managed from Sales Cloud® with all customer, product & order data sync'd with Salesforce, creating a smart, custom online shopping experience.
Old data may be valuable but can often clutter up your Salesforce org. As your business grows its customer base, storage of data that you don’t regularly use can become costly. We help minimize your Salesforce data usage, utilising the Salesforce Heroku® platform. Old Salesforce and customer data can be stored in an economical, yet accessible database, that can be pulled into Salesforce only when you need it.
Salesforce offers fantastic services for its customers. But if there are issues with its implementation, it can cause problems. Our clients use the reinteractive Salesforce Audit Service for many reasons. Sometimes it is to check in the development practices of their current development team, to find areas of weakness or as a compliance point for due diligence and audit purposes. Whatever the reason, we will find out the nitty gritty details of your Salesforce org and highlight areas to be changed.
IoT is the way forward for many businesses. We help you navigate building your IoT app that maximises productivity but also economises data storage and smartly analyses the data coming in, aggregating what you need into workable metrics and synchronising with Salesforce.
We will protect, monitor and scale your Ruby on Rails website or app 24/7. Hosted on AWS or Heroku. We wear the pagers, so you can concentrate on growing your business.
We have in-depth experience in utilising the Salesforce® API and the Heroku platform that allows us to build custom applications that sync with Salesforce, allowing you to leverage the full power of the Salesforce Cloud.
storeConnect is our 100% customisable, fully integrated Salesforce ecommerce solution based on Heroku. Your online store is managed from Sales Cloud® with all customer, product & order data sync'd with Salesforce, creating a smart, custom online shopping experience.
Old data may be valuable but can often clutter up your Salesforce org. As your business grows its customer base, storage of data that you don’t regularly use can become costly. We help minimize your Salesforce data usage, utilising the Salesforce Heroku® platform. Old Salesforce and customer data can be stored in an economical, yet accessible database, that can be pulled into Salesforce only when you need it.
Salesforce offers fantastic services for its customers. But if there are issues with its implementation, it can cause problems. Our clients use the reinteractive Salesforce Audit Service for many reasons. Sometimes it is to check in the development practices of their current development team, to find areas of weakness or as a compliance point for due diligence and audit purposes. Whatever the reason, we will find out the nitty gritty details of your Salesforce org and highlight areas to be changed.
IoT is the way forward for many businesses. We help you navigate building your IoT app that maximises productivity but also economises data storage and smartly analyses the data coming in, aggregating what you need into workable metrics and synchronising with Salesforce.