Dutch State Treasury Agency

increases security and efficiency with regular patch upgrades

SkySparc’s ‘as-a-Service’ model smooths upgrade journey


As an extensive WSS user, DSTA wished to minimize the cost, risk and time inherently involved in upgrading at irregular, long intervals, starting with its upgrade to version 7.4.57. “Rather than exposing our operations to the pain and uncertainty of a major upgrade project every four to five years, we wanted to explore the possibility of adopting a continual cycle that would enable us upgrade smoothly, without adverse impact on users,” says DSTA’s Johan Kreszner.

Although patch upgrades are a necessary ‘fact of life’ that keep complex systems secure and current, they rarely add significant functionality benefit to end-users, akin to an annual car service. As such, they are typically resisted until deemed absolutely necessary. Like many other organizations, DSTA’s prior experience was negative, discouraging regular upgrades. The testing process was highly manual, unstructured and involved many ‘one time use’ deal cases. Similarly, deployment involved much trial and error and as a result was both time consuming and resource intensive.

A key driver of DSTA’s interest in a continual patch upgrade cycle was security. The increasingly fast-paced evolution of cyber-security threats, the increasing importance of effective audit and reporting processes, and exponential growth of new technology innovation all dictate that mission-critical systems in a state treasury must abide by essential maintenance processes, to ensure compatibility with the latest and thus most secure versions of applications and systems such as MS Windows and MSSQL. “We live in a world where cyber-crime is increasing. Security concerns and requirements led us to a strategy of upgrading every year,” says DSTA’s Dennis Hooft.

SkySparc’s consultants were really able to shine a light on the details of the upgrade process through their testing expertise and methodology.

Johan Kreszner, DSTA


DSTA’s vision could only be realized through a highly automated and standardized – and therefore highly repeatable – patch upgrade process. “You cannot predict every element of the upgrade process, but you can be prepared to encounter the unknown,” explains Kreszner.

DSTA had recently entered into a four-year support partnership with SkySparc, so naturally sought to leverage the firm’s upgrade track record. SkySparc had developed and honed its streamlined methodology during more than a decade’s upgrade experience as well as continually refining OmniFi’s testing capabilities. To further reduce client impact, SkySparc was looking to introduce a Patch Upgrade As-A-Service model, using a dedicated teamto consolidate and enhance best practice.By taking a more centralized andautomated approach, SkySparc aimed toaccelerate the development of its extensivetest library and further refine its patchupgrade methodology, thus improvingefficiency and reducing project risksand costs. Two key changes from DSTA’sprevious ‘old school’ upgrade process were the introduction of automated testing, including unit testing, and scripted deployment. Pre-testing and unit testing via OmniFi increase exponentially the number of scenarios that can be tested and eliminate most errors well before user acceptance testing by business users. Scripted deployment of WSS – as opposed to customizing the system for multiple environments – also eliminates the vast majority of manual actions. In addition, use of SkySparc provided third-party independent quality assurance of the upgrade process.

SkySparc worked in partnership with DSTA IT staff throughout the process, leveraging OmniFi ‘s testing functionality, building and deploying test scenarios, and supporting pre-testing, unit testing, user acceptance testing and the ‘go-live’ stage. According to Kreszner, “SkySparc’s consultants were really able to shine a light on the details of the upgrade process through their testing expertise and methodology. Each stage was far simpler than previously: at the ‘go live’ stage our internal team had relatively little to do!”

The project was a great success because of the combination of strong individual skills with hard work and commitment within a team structure.

Johan Kreszner and Dennis Hooft, DSTA


As a result of this new approach, DSTA has successfully ‘flattened’ the steep, uncertain climb of a major upgrade every four to five years, replacing it with a more predictable and less intensive annual path to regular upgrades. From initiating the project to successful migration to a rolling patch upgrade process took five months; Kreszner now believes their next patch upgrade will take “as little as six weeks”. “By looking at patching as a continuous process, you’ll learn to align all the test and deployment scripts needed for the patch upgrade with changes made to your WSS. It creates an awareness that you need to keep up-to-date ‘as a whole’, rather than narrowing your view down to a single change or enhancement,” says Kreszner. By leveraging the expertise and resources of a dedicated, centralized upgrade team and the highly automated, standardized and re-usable processes on OmniFi, SkySparc was able to devise a patch upgrade methodology that has had a low impact on end-users and offers a high degree of oversight over the testing process. DSTA benefitted from fast and accurate deployment and will be able to re-use test cases in future upgrades.