Project Summary
In collaboration with DARE Technology, we developed Zappl - a robust, simple to use patch management and compliance monitoring system for Apple devices. This comprehensive solution emerged from a critical need in the enterprise Apple device management space, where existing solutions fell short in handling third-party application updates efficiently.
Our team architected and built a sophisticated web portal using React TypeScript and Supabase, creating a system that processes real-time compliance data from thousands of Apple devices while maintaining strict security protocols and an intuitive user experience.
Client Overview
DARE Technology stands at the forefront of Apple device management and security solutions. As a Jamf Elite Partner, they've built a reputation for delivering enterprise-grade solutions to organisations managing Apple device fleets. However, through extensive client feedback and market analysis, DARE identified a crucial gap in existing solutions: the ability to efficiently manage and monitor third-party application updates.
The development of Zappl represents DARE's commitment to addressing this challenge head-on, leveraging their deep understanding of enterprise Apple device management to create a solution that seamlessly integrates with existing workflows while providing powerful new capabilities.
Project Objectives
The project's scope encompassed several key objectives, each crucial to delivering a comprehensive solution:
1. Security First Architecture
Develop enterprise-grade security features including MFA, encrypted communications, and role-based access control
2. Real-Time Monitoring
Create a responsive system processing real-time compliance data from thousands of devices simultaneously
3. Automated Reporting & Interface
Implement comprehensive reporting capabilities with an intuitive interface that simplifies complex device management
Challenges
Complex Data Architecture
The core challenge lay in designing a system capable of processing and normalising data streams from thousands of Apple devices simultaneously. Each device reports detailed information about its hardware, installed applications, and compliance status through JSON payloads. Our team had to architect a system that could:
- Process high-frequency data updates without performance degradation
- Normalise application version data across diverse software packages
- Maintain data isolation in a multi-tenant environment while enabling efficient queries
- Handle complex compliance calculations in real-time
Security Implementation
DARE technology had created their own agent which would be installed on customers computers and automatically install patches and keep applications up to date, it would also need to send customers computer data to the Zappl database to be displayed in the portals dashboard.
Ensuring absolute security and integrity of customers data between these two separate systems created a notable security challenge. OpenKit identified this challenge prior to the projects start and conducted a thorough risk assessment of the proposed Zappl platform, presenting it to DARE technology to establish full transparency, and ensure the platform would be developed with a security by design architecture.
Original Proposed Flow:
- Admins create a new customer in Zappls admin portal
- A secure authentication token was provided to admins which would be used by the Zappl computer agent when sending data to Zappls server
- Each time data was received from a Zappl clients computer, via the agent, this authentication token would be used to verify that the sender of the data was the intended sender
This initial high level outline presented two security flaws. First, if the authentication token was accessed, data could be sent to the Zappl backend by a spoof of the original customer. Secondly, the data being sent from the agent to the Zappl server would not be encrypted, so could be intercepted on the client side.
MFA Flow
For the dashboard, security formed the cornerstone of Zappl's architecture. The challenge extended beyond basic authentication to encompass:
- Token Management: Creating a secure system for generating and managing customer-specific API tokens that authorise device communications while preventing cross-tenant data access.
- Multi-Factor Authentication: Implementing a robust MFA system that balanced security with usability, incorporating multiple authentication methods while maintaining a smooth user experience.
- Role-Based Access Control: Developing a granular permissions system that could handle complex organisational hierarchies and varying access levels across different features.
Our Approach
The initial phase focused on establishing a robust technical foundation. We selected Supabase as our backend platform, leveraging its real-time capabilities and built-in authentication features. Using our foundation we then developed an initial wireframe and UI mockup for our client to see how it would all map together visually.
Security Solution
Our approach was to develop a bespoke encryption system as an additional layer over HTTPS, which used an asymmetric public and private key system, combining specific hardware details from the agent, and specific user and the customer account data. This approach incorporated both local AES encryption and end to end RSA encryption to minimise the client payload size while maximising security.
Using this approach, end to end encryption was achieved, and data sent from customer devices could not be intercepted, and could only be validated and decrypted server side, ensuring that data was protected at source, in transit and at the server. This approach also ensured data integrity and authenticity was maintained on the Zappl database.
Design Process
The design process for Zappl's dashboard interface required careful consideration of both functionality and user experience. Working closely with DARE, we started by mapping out the core user journeys in Figma, focusing on the primary views for device management, application compliance, and reporting.
Our dashboard design followed a modular approach, creating a library of reusable components that maintained consistency across the platform. The interface features a clean, modern aesthetic with a focus on data visualisation - using donut charts for compliance metrics, progress bars for status indicators, and clear tabular layouts for device and application information.
Navigation and Information Hierarchy
A key consideration was information hierarchy - the top-level dashboard provides immediate visibility of critical metrics, while allowing users to drill down into detailed views for specific devices or applications. We used a blue-based color scheme to align with DARE's branding, incorporating clear visual indicators (green for compliant, red for non-compliant) to help users quickly identify status issues.
The navigation structure was carefully planned to minimise clicks and provide intuitive access to key features. Specific attention was paid to the responsive design elements, ensuring the dashboard remained functional and visually coherent.
Development
At the heart of Zappl lies its intelligent device monitoring system. The platform seamlessly tracks and manages Apple devices across an organisation, providing real-time visibility into their compliance status. The dashboard presents key metrics at a glance, allowing IT administrators to quickly identify and address any compliance issues.
Core AI Implementation
We developed a custom Retrieval Augmented Generation (RAG) pipeline that significantly outperformed existing solutions in both speed and accuracy. Our multi-stage document processing system incorporated advanced OCR capabilities and was built on a scalable cloud infrastructure to ensure consistent performance under varying loads.
Security Implementation
We integrated enterprise-grade security measures, secure data handling protocols, and comprehensive audit logging capabilities. Zappl has robust access control systems to ensure sensitive information remained protected while maintaining ease of use for authorised users.
Key Features
1. Application Compliance
The application monitoring system stands as one of Zappl's most powerful features. IT teams can view all managed applications across their fleet, track version compliance in real-time, monitor update status and history, access detailed application metrics, and receive alerts for non-compliant applications.
This sophisticated system ensures that all applications across the organization remain up-to-date and secure.
2. Device Management
Every connected Apple device is monitored in real-time, tracking device compliance status with visual indicators, installed application inventory, system security settings, update status and history, and user activity logs.
The platform provides comprehensive visibility into device health and compliance, enabling IT administrators to quickly identify and address any issues.
3. Reporting System
Zappl's reporting capabilities transform complex device data into actionable insights. The system offers automated report generation and delivery, branded PDF outputs, compliance trend analysis, and comprehensive device and application statistics.
The reporting system can be scheduled to deliver regular updates, ensuring stakeholders always have access to the latest compliance information.
4. Alert System
The proactive alert system keeps IT teams informed of critical events through real-time compliance notifications, device status alerts, application update requirements, system security warnings, and custom alert thresholds.
This ensures that potential issues are identified and addressed before they become problems.
5. Admin Portal
The administrative interface provides comprehensive control through customer account creation and management, user role assignment and permissions, system-wide monitoring capabilities, bulk operations and policy management, and analytics and trend analysis.
The portal is designed to be both powerful and intuitive, making complex management tasks straightforward.
Key Successes
Cost Efficiency
Eliminated approximately £1,000 monthly in AWS egress fees, reduced operational overhead, and streamlined resource allocation.
Operational Excellence
Eliminated the need for daily manual software package updates, creating a fully automated system that saves countless hours of IT staff time while improving accuracy and reliability.
Customer Adoption
Over 100 customers successfully onboarded with high user satisfaction rates and minimal onboarding support required.
Platform Performance
99.9% system uptime with real-time monitoring of thousands of devices and millisecond response times.
Client Testimonials
"OpenKit delivered us a high-performance React application for Apple patch management, featuring large data ingestion and processing with enterprise-grade security. Their technical expertise was evident in every aspect - from an optimised frontend architecture to a robust backend with comprehensive API integration and documentation.
The team's design skills and development creativity were standout features of our collaboration, demonstrating a clear, thoughtful understanding of our project requirements through detailed design Figma mock-ups and technical architecture plans. OpenKit showcased their expertise in web development, implementing MFA authentication flows, efficient data management, and custom automated reporting. This expertise was reflected in their approach to technical challenges, particularly around data security and system scalability.
The resulting application excels in both performance and reliability, with comprehensive monitoring and an automated deployment pipeline ensuring system stability. Their implementation of CI/CD practices, thorough testing, and detailed documentation demonstrated a commitment to maintainable, production-ready code. Their decisions around technical architecture and security implementations have created a robust foundation for future scaling. OpenKit's team were engaged and responsive at all stages, making them an ideal partner for organisations requiring sophisticated web solutions."
"OpenKit transformed our business requirements into Zappl, an elegant web application that provides secure Apple patch management for our customers. Their process began with thorough discovery sessions, demonstrating a clear understanding of our business objectives and user needs. Their ability to grasp complex business logic quickly and translate it into actionable development plans set them apart from other development companies we have previously worked with.
The team's collaborative approach made complex technical decisions accessible, providing clear options and recommendations at each stage of the project. They maintained excellent communication throughout, ensuring all deliverables aligned with our business goals and user expectations. Their ability to balance technical solutions with business priorities while maintaining focus on the end user experience and operational efficiency was exceptional. The iterative development process allowed us to refine features based on evolving business needs. We particularly appreciated their proactive approach to identifying opportunities for operational improvements beyond our initial requirements.
The delivered solution has significantly improved our operational efficiency and user satisfaction. The intuitive interface and streamlined workflows have reduced our staff admin workload and increased user adoption, with 100+ customers already onboarded. Throughout the partnership, OpenKit consistently demonstrated their commitment to delivering business value, from initial planning through to final implementation. Their blend of technical capability and business acumen makes them a valuable partner for organisations seeking impactful digital solutions. We confidently recommend OpenKit for organisations seeking to implement enterprise-grade web solutions."
Next Steps
Building on Zappl's successful foundation, DARE and OpenKit are collaborating on an ambitious roadmap to further enhance the platform's capabilities. The next phase of development will focus on implementing advanced features such as expanding the platform's automation capabilities. These enhancements will continue to position Zappl as a leading solution in the Apple device management space, providing even greater value to organisations managing large Apple device fleets.
