Introduction

Appit, our Software as a Service (SaaS) cloud offering, can significantly reduce the total cost of ownership of both infrastructure and application software. If customization to the service is not handled properly, it can result in ad-hoc and manual service consumption practices, which could eliminate the benefits of the SaaS approach. SourceCode Technology Holdings, Inc. in general does not allow any customization without prior approval and at the sole discretion of the Appit Operations management team.

Definition

A customization is any added functionality and configuration to a product that is not included in the base (out of the box) installation of that product.

Prioritizing Product Cases

While we will make every effort to address all customer cases in a timely manner, it should be understood that customization cases may be assigned a lower priority than production or installation cases involving base code.

Getting Customization Assistance

The Customer Support Center is available to give general suggestions and assist in troubleshooting point-specific cases. Customer Support can also direct customers to white papers focused on architecture and other resources available on our Web site. For tracking purposes, all customization requests should be done via Support Tickets. The corresponding Support Tickets will be routed to the Appit Operations team for approval and possible implementation.

Identifying Customizations

Customers should maintain records and be able to identify all customizations that were requested and applied to their environments. Customers should keep a centralized file detailing changes that have been made, when they were made and what functionality was changed. This will help the customer and Appit support engineers in identifying whether a problem is with the base product or with a customization. This list of customizations will also aid in the migration or upgrade process to future product versions. Serious consideration is given to all customizations since it will require additional work during future migration or upgrade processes for new product versions.

Customizations involving specific User/Service Accounts

Some customizations may involve User/Service Accounts needed from the customer. In these cases, the expectation would be for the customer to provide SourceCode with a dedicated User/Service Account which is not used by/for anything else. Please note that the same customization on different environments will need its own dedicated User/Service Account per environment. SourceCode will have full control over changing the password for this account, but will notify the customer when such a change occurs. If secrets such as password need to be exchanged, we propose one of the below methods.

Methods of transmitting sensitive data between parties

The following methods may be used to transmit data between Customers and K2:

  • Azure Key Vault
  • Azure Blob Shared Access Signature with expiry time
  • AWS Key Management Service
  • Email encrypted file with separate physical delivery of Private Key
  • Online Password management repositories (e.g., LastPass Enterprise, Thycotic Secret Server Online, ManageEngine Password Manager Pro)