Blog

integration and implementation of technology-focused business solutions

Everyone is vulnerable to security breaches

February 19th, 2019

We recently had a client who became the victim of a ransomware attack, specifically a Dharma variant called the .adobe variant. It attacked their file server and encrypted a portion of the files, which meant the company was unable to operate until it was resolved.

The hackers demanded $5,000 in ransom for the encryption key to unlock the data. That was a significant increase from one of our prior experiences with ransomware with a ransom request of $250. Thankfully, because our clients had the right plan in place for backup and recovery, we were able to resolve the situation quickly without paying the ransom. If you have the right backup systems in place, you can simply roll it back to before the ransomware infected the server.

The attack took place on a Sunday afternoon rather than mid-day of a workday, so their overall data loss was minimal. They did lose some productivity as we worked to get their systems fully functional again, but the downtime was pretty minimal overall because they were prepared for something like this to happen.

It wasn’t a sophisticated attack, but these attacks don’t have to be sophisticated to cause a lot of damage for businesses. Basically, hackers can buy an exploit kit with the code they need to launch the attack and then customize it a bit, or put their stamp on it, based on how they name the files.

When it comes to security breaches and cyber attacks, everyone is vulnerable. And I mean everyone. Yes, there are some things you can do to lessen the chances or lessen the impact, but no one is immune to cyber attacks regardless of what protocols they have in place. Many people don’t realize just how vulnerable they are.

At a recent conference we attended, one of the speakers asked anyone who had been impacted by a security breach or cyber attack to raise their hand. There were some people who didn’t raise their hands, and the speaker said that they’ve either been a victim and didn’t know it or would be before too long.

The sheer volume of attack attempts happening make it a numbers game so that it’s just a matter of time. The volume also makes it nearly impossible to stop. We can slow it down, but we can’t really stop it completely.

There are a couple of ways that small businesses are especially vulnerable, though the same issues can impact larger businesses as well. First, the use of single passwords to protect information. In lots of companies, there’s just one password standing between the hacker and the data they want to steal. Things like two-factor authentication can help, as can other methods for encryption keys and secure access.

The second vulnerability for a lot of businesses is the frequency of remote work. Anytime someone’s accessing your system from outside your system, there’s a risk there. Each time an employee logs in remotely, it’s creating another door into your system that hackers can try to break down. Most people view those actions as simple everyday activities they do in order to work, but it’s a risk to your company. I’m not saying don’t allow remote work, but rather be aware of the vulnerabilities it creates and have a plan to reduce that risk.

About 70% of all security issues come through email, so education can be key for your employees to understand the risks and to avoid clicking on any links without checking the sender and the link URL first. Online ads and websites are another potential point of access. When you go to a website, your computer starts downloading files associated with that website to your cache so you can view the site. If a virus sneaks through and your antivirus software doesn’t pick it up, that virus goes to work quickly.

Every company should have a plan in place to reduce their risk of cyber attacks and security breaches plus a recovery plan should one occur. The risk is simply too great to not have a plan in place before an issue arises.

Comments: None

Lessons learned from the Oklahoma Digital Government Summit

February 5th, 2019

We recently attended the Oklahoma Digital Government Summit, which we also sponsored. It was a great networking and learning event with IT professionals from state and local governments, education, and other organizations across the state. We enjoyed the opportunity to connect with some of our clients outside of the office and partners we work with regularly, as well as meet new people.

Not surprisingly, security was a hot topic at the event. It’s something we face every single day as IT professionals. Another great presentation was a keynote speaker talking about improving communications, which is also an important topic of discussion in the IT world.

Cyber security

The number of cyber security attacks continue to increase every year, and I don’t see that trend changing anytime soon. It’s all about the money for the people who orchestrate these attacks, and honestly no company is safe from cyber attacks. If you have customer data of any kind in your system, you’re a target.

Many of the presentations talked about how to prevent cyber attacks and the importance of having a process in place if an attack occurs. What steps will you take to secure your systems? If something happens, how will you notify your customers that their data has been compromised?

Because it was a government conference, there was lots of conversation about citizen expectations around data privacy and protection. In state and local governments, there’s not a significant return on investment for the systems themselves as there can be in the private sector. But there is a public return on investment and the morale factor to think about with citizens and their expectations.

Communications in IT

One of the keynote presentations centered around improving communications in IT. It wasn’t about talking to each other more, but rather about how to be more clear and concise in making your point, which can apply to sales, customer communication, or even interpersonal communication. One of the tips he mentioned was to know the key points you need to make in a meeting and ensure you have a plan for how you’ll get those points across in a concise way.

The conference didn’t include many sessions specifically about application development or software solutions, though we were certainly happy to talk about those topics with anyone interested. But mostly, there was lots of conversation about cyber security and data protection, which is important for government agencies and businesses of all sizes to be thinking about.

Overall, it was a great conference and a wonderful opportunity to network with state and local governments.

Comments: None

The end of Oracle Reports

January 22nd, 2019

For many years, Oracle Reports has been a go-to option for reporting data, particularly out of applications built with Oracle Forms. But since Oracle announced it will discontinue support for both resources, it’s time to start thinking about alternate options.

When Oracle Reports first came out, it was incredibly complex and pretty exciting. You could tell it was built by Oracle based on its structure and the complexity. And you could do so much with it! It was really amazing what you could do, but it was also challenging for a lot of people to learn because of the complexity.

One feature it offered was the ability to show or hide data on reports, and it was really the first tool to offer that based on user levels. With most reporting tools, you couldn’t hide anything based on the user. If someone had access to a report, they could view the entire report. It was pretty complex and sophisticated when Oracle Reports launched the user-level controls to show or hide report data.

Of course, over time the complexity frustrated many users, and they found easier systems to use. There were a lot of layers to things in Oracle Reports, and if you messed one thing up, it could mess up a lot of other things. The error messages weren’t exactly friendly or all that helpful either. So, over time, the software ran its course.

In contrast to the ongoing support currently available for Oracle Forms, Oracle dropped support for Reports pretty quickly unless you’re using a specific version alongside Forms. They’ve had some other reporting tools available through the years, but they’ve primarily left reporting to other vendors in the market.

If you’re still using Oracle Reports, it’s time to look at some of those other options and decide which one best fits your reporting needs and will best interface with your other systems.

Comments: None

Transitioning away from Oracle Forms

January 8th, 2019

Oracle Forms is a legacy product that’s nearly as old as Oracle itself. For decades, it was what you used to build software for data entry or data retrieval. In fact, it dates all the way back to the late ’80s and software applications that were character-based on green screen terminals. That approach was still used by an automative parts store up until pretty recently, in fact. And it’s still in use by many companies but in its more modern form as a web-based application.

In the late ’90s, Oracle started using their own Oracle Forms to develop off-the-shelf applications that they sold to the public, such as Oracle Financials and other business tools. They were the first ERP software vendor to provide a web-enabled version of their system, and Wall Street loved it. It took off like crazy, but then in recent years they began slowly migrating their own offerings away from Oracle Forms.

Back in 2017, they announced that Oracle Forms was coming to an end. They’re no longer going to provide new updates and will only release patches when necessary. Premier support is available through the end of 2020, and then an extended support cycle will be available for an additional fee through 2023.

When Oracle first announced this in 2017, it seemed like it was a long way off. But here we are in 2019, and 2020 is not that far away. That means companies need to start thinking about what they have in place and how they will make a transition in the future.

Many applications that are running on Oracle Forms will continue to function just fine for a few years. But if you upgrade to a new version of Windows or Linux, there’s no guarantee your application will be compatible. And if something stops working in your application, there may not be support to help fix it in the future.

We’ve already been talking with many of our clients about next steps for their applications. There are lots of options out there, including Oracle Application Express, as well as applications based in .net, php, and java. But the first step in the process is to truly understand what you have currently.

For one client, we started to explore their existing application and map out the various pieces involved, and it was much larger than anyone at the company realized. It’s going to be a lengthy process to migrate it over to another system, but they also know it’s something they need to start sooner rather than later. The older a system gets and the less it’s supported, the more risk there is when you think about it suddenly not working.

If you have applications running on Oracle Forms, there’s no need to panic, but it is time to start talking about a transition plan.

Comments: None

Integrating data to avoid silos

December 18th, 2018

Data silos are a significant challenge for many businesses. You might have time tracking software in one system, payroll in another, invoices in another, production numbers in another, and so on. It can get pretty messy pretty fast with that many different systems in play.

In some ways, cloud computing has made this even worse. There are lots of different cloud vendors to meet the needs of companies in any of these areas. Some will say they can do it all, while others specialize in one specific area. But even among those who say they can do it all, can they really?

When companies are evaluating systems and tools, it’s important to really think about how things go together. If you’re evaluating time tracking software, will it integrate with your payroll software for hourly employees? If it doesn’t, how much time will it take you to manually transfer data between two systems?

While there may not be one single system that fits everything you need, it’s important to realize if you’re headed down the path of multiple data silos. If you don’t want to head down that path, then expect to invest a little more money in a tool that can help prevent those frustrations.

With small businesses, there’s typically a price point issue with some of the higher-level systems as well. You might not need the full functionality of that tool, and it’s not exactly in your budget. But there isn’t a mid-range tool that has what you need within budget, so you end up with a handful of different tools.

In just about every software tool out there, there’s some way to get data in or data out. That’s often where we come in. While we’re a software development company, we’re also a systems integration company. We can help companies pull the data from different systems into one place so it becomes actionable data. We can also help them evaluate new data systems they might be adding to the mix.

If you find yourself dreading the routine of maintaining, downloading, and importing to keep data in sync, there’s a better way. That could mean a more comprehensive system that does multiple things in one place or a custom data integration so that different systems share data automatically.

Data is powerful for companies, but you can’t unlock that power if your data exists in silos. You need the ability to view your data across systems, which is why data integration matters.

Comments: None

Are your software tools slowing you down?

December 4th, 2018

When it comes to businesses of any size, a lot of us are trapped in a never-ending state of using the wrong tools to accomplish a task. Maybe we think it’s working okay, or maybe we’re comfortable because it’s the software system we know best. And maybe there are workaround procedures in place to help it work as it should.

But there’s a better way with better software tools.

In some companies, the software systems are so old it’s like the treasured stuffed animal that’s been passed down in three generations of a family. It’s pretty dirty and maybe a bit threadbare. But everyone loves it, so when the next hole appears, someone patches it so the stuffing somehow manages to stay inside.

I’ve seen many software systems that looked much the same. Holes, patches, and workarounds to keep it limping along. But software isn’t a stuffed animal that comes with three generations of memories. It’s a tool meant to help you work more efficiently. And if it’s not doing that, it’s definitely time to move on.

Many times, companies are trying to use Microsoft Excel for far more than it was intended to do. There are multiple copies of a spreadsheet floating around, and nobody quite knows which one is the most recent version. Or maybe there’s one copy on a shared drive, but it gets corrupted when three people try to access it at once.

The other issue is when spreadsheets are accessed by multiple people and somebody changes a calculation along the way. There could be hundreds of calculations, and maybe there are some macros in place too. If even one of those gets accidentally changed, you could be looking at completely inaccurate numbers. There’s a better way!

The same is true for companies using Microsoft Access for far more than it was intended to do. While it’s a little bit better in terms of avoiding multiple versions of a spreadsheet, it’s still not the most robust system available.

A lot of times, people are simply working with the tools they have available or the tools they know. They might not realize what other options exist, or they might not have support from their internal IT team to put something new in place.

This is something we help a lot of small businesses with. It’s pretty easy and affordable to transition to better systems, and it can save you a lot of time and hassle in the long run. Upgrading to a better system can also put the data at your fingertips, whether that’s on your phone or from any other device wherever you are.

The data in enterprise data systems also has a better chance of being backed up regularly than individual spreadsheets on an employee’s desktop. And when it comes to data of any kind, regular backups are critical.

There are certainly still some tasks where a basic spreadsheet is sufficient. But as businesses grow, it’s helpful to step back and ask if the systems you’re using are really the most efficient and effective systems or if it’s time to upgrade.

Comments: None

Three hurdles in software testing

November 20th, 2018

We work with a variety of clients on software development projects-some that are relatively simple and some that are more complex. In all of those projects, there are multiple phases with the final phase being testing by our team and by the users.

Testing is a really important step, but unfortunately it’s one that a lot of clients want to skim over quickly. Sometimes they’re anxious to have their new software up and running and other times they have a lot of other things going on and struggle to find time to do the necessary testing. But regardless of the reasons, user testing isn’t a step that you should ever skip.

Here are three hurdles we often encounter with user testing of software development projects.

Not wanting to wait until it’s finished

If we’re doing software development for a client, it’s usually because they have some problem that the software we’re developing will solve. That problem might be causing them some overall headaches, which means they’re anxious to get the new software in place and start using it. That’s when clients want to rush through the testing phase (or skip it entirely) and start using the software before it’s really finished.

The problem with that? The software might not do what you actually want it to do because it hasn’t been tested. That could mean it creates even more problems than it solves, and that’s not good.

Struggling to think outside the box

Sometimes we run into the problem of users not being sure how to test the software. Maybe there’s some bad data that got imported so one of the numbers doesn’t look quite right for an order total or something like that. But that doesn’t mean you can’t still test what happens if you input a new order. Did a new purchase add to the total? Did it add the right amount?

There’s a lot you can do to test a software even if the data’s not perfectly accurate yet. Bad data doesn’t typically break the software. If bad data should break it, then that’s part of what you’re testing.

Getting bogged down by little things

This somewhat relates to the outside the box thinking mentioned above, but we’ve seen a lot of scenarios where users get distracted by little things and forget to look at the big things. Maybe they’re thrown off by a field label or some of the colors used, and then they can’t see past that to really evaluate whether the software works.

Yes, the field label needs to be correct and the colors should make sense, but it’s important to recognize minor issues versus major issues in the testing phase. One of the big questions to ask during user testing is, “If the software went live today, what’s happening that would stop you from using it?”

Testing is a necessity in software development. There’s no avoiding it. If you skip testing before go live, you’re going to pay for it later in software fixes. But if you see testing as an opportunity, it can help you get the tool you need to solve a problem rather than create one.

Comments: None

Three keys to managing flexible work schedules

November 6th, 2018

At LSG Solutions, we have long embraced flexible schedules and remote work for our employees. Laptops, cell phones, and other technology makes it possible for employees to work from just about anywhere as long as they have wifi access. And more and more employees are expecting flexibility in their work hours and the option of working remotely when needed.

Here are a few things we’ve learned through the years about successfully managing flexible work schedules and remote work.

Hire people you trust

When I tell people that our employees work remotely sometimes, people often ask if we’ve run into any problems with that. And we really haven’t except for one specific situation where there were some other issues going on as well.

We hire people we trust to get the job done, whether they’re in the office or not when working. If an issue does arise with an employee not getting the job done, we address that just as we would any other issue by discussing it, giving them an opportunity to improve, and then taking action if needed.

Set expectations

Most of our team has a pretty regular schedule in the office, so we know when people will be coming and going. But things come up, of course. Maybe a kid is sick or there’s some other personal issue going on that means an employee needs to be home one day instead of in the office. When that sort of thing happens, our employees know to alert us to their change in schedule. We’ve set the expectations around communicating about schedules, and our employees follow that.

Recognize the need for face-to-face communication

While our employees do sometimes work remotely, we don’t have any employees who are full-time remote. Everyone is in the office for scheduled hours every week. Yes, technology allows for a lot of communication, but face-to-face communication is still critical.

We can’t sit behind computers and communicate solely via instant messenger all day and be effective. At some point, conversations need to be had in person. We work more effectively as a team when we’re able to talk and collaborate in the office, so we make sure there’s an emphasis on that while still balancing the flexibility our employees need.

Offering a flexible schedule has been extremely successful for our company through the years. It’s not about the five o’clock whistle for our team-it’s about getting the job done. Everyone’s putting in the time and effort needed to accomplish our goals even if they’re sometimes working different hours.

Comments: None

Be genuine to develop trust with customers

October 16th, 2018

LSG Solutions has been helping customers with their information technology needs for many years, and we have a lot of clients who’ve been with us for many years as well. We’re intentional about our relationships with our clients, and we’re proud of the longevity of our client base.

It’s a good reminder that it’s easier to sustain a business with engaged customers than it is to have high turnover rates and a complicated sales process to get new clients. It might surprise some people to learn that we don’t have a sales team at LSG Solutions. There have been times that we did have a sales team, but we haven’t in recent history.

We focus on growing our business by developing long-term relationships and trust with the people we meet. Being genuine goes a long way in today’s business world, and we’ve always been genuine. Many of our clients are making decisions about IT products and strategies that involve a significant investment, and it’s critical that they trust us to guide them in the right direction.

In the IT world, people don’t trust you if you’re doing it wrong. We work hard for our clients and deliver IT solutions that work for their needs, and they trust us because we consistently deliver. We have a culture of continual learning because the IT world is constantly changing. We have to keep up with what’s going on in order to advise our clients on the best solutions for them.

The entire team at LSG Solutions is committed to delivering the best IT solutions we can for every single customer. They’re passionate about information technology, and they understand the purpose of what we’re trying to do. And that translates into what they do for the customer.

I like to say that we have a virtual salesperson named trust. Because that’s really how we sell our services. Our clients trust us, and they refer us to people who trust them to give a good recommendation.

If you’re looking for an IT consultant you can trust, let’s chat.

Comments: None

Using compartments in Oracle Cloud

October 2nd, 2018

Cloud computing has come a long way in recent years, but we still sometimes run into issues where different clients have different versions of the same cloud software. And different versions mean different features. It’s like going to a grocery store chain in Oklahoma City and then talking to friends in Denver who shop at the same chain. For some reason, they have a wider selection of products than we do. And the same thing sometimes applies to cloud-based software.

Regardless of what versions or what features they have, though, we’re helping a lot of clients who are moving to cloud-based software and database systems. And there are a lot of benefits to software in the cloud.

But as with any other software, it’s important to know where you’re going before you begin so you set things up correctly from the start. And when new features get released, it’s important to integrate them into your setup if they can add value for you.

One such features is compartments in Oracle Cloud. In the early versions of Oracle Cloud, there wasn’t a good way to separate different teams and what they had access to on the admin level. You still had user access and admin access of course, but not a lot of control to segregate things at the admin level. It was pretty wide open! And it was weird.

Now you have the option of compartments, which allows you to set different levels of access for what different administrators or users see. Some of our clients use compartments to show different views to specific departments or divisions in the company, and others use it to secure certain resources for limited access.

Compartments are a good example of thinking about where you’re going before you begin. Even if your initial setup with Oracle Cloud only includes one division and one system, you need a plan for what happens when you start to grow and need to add a division. If you have a compartment strategy from the beginning, it’s much easier to adapt that system as you grow!

Comments: None

CONTACT

501 E. 15th St., Suite 200B
Edmond, OK 73013
(405)285-2500
info@lsgsolutions.com