Posted on Leave a comment

A Cyber-security Assessment is Essential for Small and Mid-Sized Law Firms

As law firms continue to maintain highly sensitive client data with notoriously weak safeguards to protect it, they are increasingly coveted targets for hackers. Small and mid-sized NY law firms are especially susceptible and should, therefore, conduct regular vulnerability assessments to establish and maintain a baseline of their threat landscape. An outside firm such as NYC based Partners in Regulatory Compliance can help expose actual weaknesses that an experienced attacker could leverage to penetrate the firm’s system. Further, it’s CISO-as-a-Serviceallows firms to split their investment between leadership and IT infrastructure, independently monitor attacks or breaches that impact their networks, and enhance their approach to information governance and cybersecurity hygiene.

While law firms are not required to have flawless security practices, they need industry standard protocols maintained by a minimal level of expertise and sufficiently advanced tools they can supplement with outside support, beyond perimeter protection technology, generic anti-virus software, updated security tools, prompt patching, operating system upgrades, and routine backups.

It is critical for legal teams to collaborate with organizations that understand the nuances of working with personal health information or restricted financial details and the heightened regulatory requirements associated with each. A vulnerability assessment can ensure the maximum level of compliance.Partners in Regulatory Compliance provides cybersecurity for law firms in NYC and the greater NY Tri-state area. For more information contact them at (646)863-9050 or https://www.piregcompliance.com

Posted on

Road to DevOps

Medullus Road To DevOps

What this series of blogs on Medullus DevOps are about!

The road to DevOps has been paved with challenges – some technical, some educational …. But mostly cultural.

For us being spread across multiple locations (NY, NJ, NC, India) accentuated this challenge – But then again you know the saying … ‘Where there is a will’ – we would like to be on it ;)!

We will outline a series of posts of our transition to DevOps – Why we did it, the challenges we faced, the improvements we had to make, the results we achieved and above all how YOU can benefit from our journey! So read on ….

It starts with collaboration and culture change

If you look up DevOps you will get a bunch of materials on tools, automation and other technical posts – few underline the importance of human relations …. The ‘cultural’ aspects of DevOps.

How can you expect DEVelopment and OPerationS to work together if they do not know each other?

You cannot – coz you can automate the hell out of a process but you still need humans to design, monitor and better them.

a family that eats together stays together – ever thought about why?  There could be many answers … one of them is engaging in discussions …. Asking questions!

A key attribute missing in most developers!

A real-life example: U/X and QA in silos

DevOps Silos

A few years back we did a project where our U/X guru outlined a dashboard with a series of data grids. In the user story he specified the URLs for the grid that can be used during development. The screens were built the demos looked cool with awesome drag and drop features to group and sort the data in the grid.

It was a new application so we did not require any data to be moved – the application went live and week 1 was a big success!!

Week 2 – the dashboard started taking longer to load – things that were thrown around were … network issues, internet speed, server problems. It took a day for ‘Client Side Grid’ to pop up in the discussions. Volume testing was not done (Hey it was 2009! And what did we know about DevOps back then!)

Automated performance (Volume) testing would have caught the issue – but had the developer asked ‘how many records are we expecting for the grid?‘ the issue wouldn’t have occurred.

Now it is in our standard training document to ask the data set size question whenever we need to make a choice of using a server side vs client side controls. Over the years we saw the importance of lazy loading, pagination and various other techniques to improve performance – we share these with our new and existing team members via our training docs, new things go up as Lab topics’ queue and the outcome is demo-ed by a developer during our monthly company huddle.

It is not easy for an introvert person from another continent asking a question to a client facing profile — but it IS important! We found it the developers’ way — Error 408!!

DevOps 408 Error

A quick fix to get started?

While we do not prescribe anyone to change their personality, a successful DevOps transformation do need all team members to ask questions, engage in discussions …. Maybe a meal together but at least some FaceTime with each other. The culture aspect of DevOps can be mitigated by these and then some …

Stay tuned for more on our DevOps journey together!

 

 


Blog post by: Sam Banerjee. Reach Sam @ sam@medullus.com

Sam ensures Medullus’s drumbeat of execution is in rhythm (heads Operations!) – an IT professional with a myriad of experience across various platforms and domains with significant knowledge in the design, implementation and testing of various systems for organizations as ADP, Bristol-Myers Squibb & Ross Stores. With a Masters in Computer Science from SUNY, Sam leads the Tech innovations within Medullus (Artificial Intelligence, BlockChain, Mobility, BI).

Posted on Leave a comment

To App or not to App

Technical solutions for business problems are like ordering coffee in Starbucks – tall / Grande / Venti / Trenta, black / regular / fat-free / 1% / 2%, Sugar / sugar-free (I’ve always wondered why it is ‘free’ it is not free of ‘sugar’ neither is it free of cost !! but I digress ……

Technical solutions for business problems are like ordering coffee in Starbucks –

  • tall / Grande / Venti / Trenta,
  • black / regular / fat-free / 1% / 2%,
  • Sugar / sugar-free (I’ve always wondered why it is ‘free’ it is not free of ‘sugar’ neither is it free of cost !! but I digress …

the point here is  Options !! – As you can read in our previous blog post (https://medullus.com/questions-to-ask-before-developing-an-application/)

In today’s blog post we outline the decision to App or not to App –

Early this year we were tasked to develop a solution for a logistics vendor which was facing challenges in proving the conditions of pallets during delivery at the time each vehicle leaves the warehouse.

Their first attempt with another software vendor was via an app that would click pictures and upload them tagged with each item in their ERP.

The challenge they faced was the syncing was taking too long and in certain devices it would lock up and hang the process. Also, the devices in use were not standard – some were using Samsung tabs running on different Android versions others in the main location were on iPad(s) running on iOS.

At this point we were called up to ‘rescue’ them and deliver a packaged solution to the initial problem.

Our first approach was to see if we can salvage and reuse any of the existing efforts. To this end we asked 2 vital questions ….. One of which should have been asked at the initial decision point.

  • Why did they go the app route?
  • Will / Can a network connection be present in the warehouses at all times?

In response to the first question they envisioned a scalable app upon which more functionalities can be added in time.

The simple answer to the second question was ‘YES’ (and a high speed one too!)

With these we went back to drawing board and see if we can introduce asynchronous programming in the sync routine in order to free up the device forms while the sync was in progress (keep an eye out for our upcoming blog on Asynchronous programming!)

Though the async calls resolved the app hang issues they were still unable to roll out A single type of hardware to all the users in all their warehouses.

Even though the app was not hanging during the sync routine … the sync was taking a looooooong time! After further analysis we found the bottleneck to be at the database connection point of the ERP.

At this point we went ahead with a responsive web application having its own database as a solution … this would make it a device-agnostic approach.

Technology Used

  • HTML 5
  • MVC 4
  • ENTITY FRAMEWORK 5.0.0
  • BOOTSTRAP 3.2.0
  • JAVASCRIPT
  • SQL SERVER 2008R2 and above

 

The front end was developed in HTML5 using Bootstrap framework (https://getbootstrap.com/). The application will read from the ERP database (via a web service) in real-time and the uploaded pictures will be synced back using a database job that will run on the background every 4 hours (the closest dispatch location from any warehouse was 6 hours out and it took around 30 mins for the largest batch to sync … hence 4 hours was a good frequency level).

While some Android devices had the option to reduce image resolution the IOS devices lacked that feature in it’s kernel and it could not be achieved without using any third party solutions. In order to overcome this burden we wrote a compression engine which reduced the image size during upload to dB.

The code snippet of Image Handling and Save to SQL Server are shown below
note** – the error handling routines are omitted for ease of understanding!

Getting Images from Device Camera:

blog-app-getting

Cropping larger size Images:

blog-cropping

Saving Images to SQL Server:

blog-saving

END RESULT:

blog-app

 

Note: This app is flexible to any device that support HTML5

 


Sam Banerjee

samSam brings years of Business Intelligence and Software System Analysis experience to Medullus Systems. Prior to being a partner/co-founder at Medullus Sam lead several scale projects in the BI world in big name corporations like Bristol Myers, Frasenius, and ADP Payroll. Sam brings new ideas to improve BI in companies, products and projects. Sam is a certified Microsoft BI Developer and holds a Master in Computer Sciences. When asked about himself, Sam says “If you can’t measure it, you can’t manage it. For this reason alone, cutting edge software, that fits your business, needs to be on your radar screen and my cell phone number on your speed dial!” On his personal life Sam is a proud husband and father to 2 boys and enjoys his “cutting edge” drum-set, rock-shows and the New York Giants.

Posted on Leave a comment

Leverage the power of stored procedures

Abstract When tasked to develop an application we believe there are three options and you can pick any two ! Do it right Do it quick Do it cheap Option 1 should be a default but ‘right’ is a relative term!  And depending on experience if not chosen then it always has repercussions on maintenance.…

Abstract

When tasked to develop an application we believe there are three options and you can pick any two !

  1. Do it right
  2. Do it quick
  3. Do it cheap

Option 1 should be a default but ‘right’ is a relative term!  And depending on experience if not chosen then it always has repercussions on maintenance.

In this post I will demonstrate one way of doing it right. Occasionally I will refer to an application that my company recently and successfully developed using this approach, along with the reasons why it was successful.

Business Requirement

Most forecasting applications (like MRP or Asset Management) has an inadvertent need of creating orders … it could be either Sales Orders, Purchase Orders or Work Orders.

These orders are based on a group of setting. The screenshot below outlines the settings for a healthcare asset management product

blog-Leverage1

 

Some of the underlying requirements (asked during the design and analysis sessions) were

  • Settings will be added or updated frequently
  • Settings will be different for different entities (departments)
  • Business logic around each settings may be updated from time to time till
  • Performance needs to be optimized since real time orders are required.

Technical Solution (Database Only)

Given the requirements we encapsulated the entire business logic using stored procedures … instead of using In-Line SQL or LINQ. While Linq does have some advantages such as abstraction and support across multiple databases we went with the stored procedure route for

  • Ease of deployment – the code does not need to be compiled (and deployed) anytime a business logic needs a change (a key requirement).
  • Network traffic – sprocs need only serialize sproc-name and argument data over the wire while LINQ sends the entire query. This can get really bad if the queries are very complex… which is usually the case a continuously moving requirement as such.
  • Performance – using sprocs we can optimize the queries using HINTS, indices and other techniques to speed up the transactions. While this can be done in-line sql – testing each time will require a code compilation.
  • Maintenance – a set of stored procedures is a very easy way to inventory exactly what queries may be running on the system. Using in-line queries one needs to run a trace of that covers an entire business cycle, or parse through all of the application code.
  • Troubleshooting – error logging (in database tables) allows us to pin point the source of any issues and updating the logic is only a matter of updating the stored procedures instead of … well you get the picture J
  • Below depicts the database objects
    • Table for storing the settings

blog-Leverage2

  • Log table

blog-Leverage3

  • Stored Procedure – where all the business logic is written – currently at version 66 !

blog-Leverage4

Conclusion:

As you can see the sproc is under continual revisions. The decision to implement the solution using a sproc for business logic was the key. The sprints in agile process were quick and easy to roll-out.

Yes there are various ways to hold your nose … I’ve demonstrated a few below

blog-Leverage

 


Sam Banerjee

samSam brings years of Business Intelligence and Software System Analysis experience to Medullus Systems. Prior to being a partner/co-founder at Medullus Sam lead several scale projects in the BI world in big name corporations like Bristol Myers, Frasenius, and ADP Payroll. Sam brings new ideas to improve BI in companies, products and projects. Sam is a certified Microsoft BI Developer and holds a Master in Computer Sciences. When asked about himself, Sam says “If you can’t measure it, you can’t manage it. For this reason alone, cutting edge software, that fits your business, needs to be on your radar screen and my cell phone number on your speed dial!” On his personal life Sam is a proud husband and father to 2 boys and enjoys his “cutting edge” drum-set, rock-shows and the New York Giants.

Posted on Leave a comment

Questions to ask BEFORE developing an application

Desktop or Web Application ? To App or Not to App ? Platform (Windows, Linux etc…) Technology (Microsoft, Open Source, etc…) As you might know these are the pre-requisites before any sort of development can begin. Each option has its pros and cons and the correct answers depend on various factors. In this post I’m…

  1. Desktop or Web Application ?
  2. To App or Not to App ?
  3. Platform (Windows, Linux etc…)
  4. Technology (Microsoft, Open Source, etc…)

As you might know these are the pre-requisites before any sort of development can begin. Each option has its pros and cons and the correct answers depend on various factors. In this post I’m outlining how we collaborate with our clients to get the right answers.

Desktop or Web Application … Or Hybrid

Simply speaking, a desktop application is a computer program that runs locally on a computer device, such as desktop or laptop computer, in contrast to a web application, which is delivered to a local device over the Internet from a remote server.

Desktop applications have traditionally been limited by the hardware on which they are run. They must be developed for and installed on a particular operating system, and may have strict hardware requirements that must be met to ensure that they function correctly.

Web Applications are more device-agnostic. In order to use a web application the two essentials are (1) Web Browser (2) Internet connection.

While web applications boast of high availability it is not always desirable. Allowing users to access applications via web only does pose a security risks and given the recent attacks on corporations and government websites the best security protocols are not good enough.

In order to combat security and ease of development we often advice clients to go with a hybrid system where the client is furnished as a desktop application whereas the database is on the cloud.

Given the pros and cons of each application type we analyze the requirements with the clients asking them the following questions

  • How many users will be using the application?If the application has a high number of users then web application is preferable since the application needs to be tested on a handful of modern browsers in contrast to determining each users’ machine configuration (memory, disk space etc…).
  • Once completely developed, how often will changes be rolled out?If frequent changes need to be made live quick then once again web takes precedence over desktop application since deploying the changes to a server is quicker than deploying the changes to everyone’s desktop
  • In the rare event of an internet outage will the un-availability of the application be business critical?Before they say ‘OFFCOURSE’ to this answer we clarify situations and run thru scenarios. Recently we developed a Point Of Sale application for a hardware chain and one of their requirement was to be in business even without internet. In this scenario 100% web reliance is not feasible. We went the desktop route to enable off-line operations.

Even though web-application is out first preference it is not always the best option for the client. Determining the requirements and analyzing various scenarios enable us to decide which route to take.

In the upcoming posts I will dwell into platform, technology and other important considerations that enable the foundations of any custom developed application to be bullet-proof!

 


Sam Banerjee

samSam brings years of Business Intelligence and Software System Analysis experience to Medullus Systems. Prior to being a partner/co-founder at Medullus Sam lead several scale projects in the BI world in big name corporations like Bristol Myers, Frasenius, and ADP Payroll. Sam brings new ideas to improve BI in companies, products and projects. Sam is a certified Microsoft BI Developer and holds a Master in Computer Sciences. When asked about himself, Sam says “If you can’t measure it, you can’t manage it. For this reason alone, cutting edge software, that fits your business, needs to be on your radar screen and my cell phone number on your speed dial!” On his personal life Sam is a proud husband and father to 2 boys and enjoys his “cutting edge” drum-set, rock-shows and the New York Giants.

Posted on Leave a comment

Outsourcing your software development projects – why and to whom?

In today’s world where business needs are changing at a very fast pace and technology is evolving at an even more faster pace, it is difficult to keep investing in in-house technological resources. A software development outsourcing company could be of great help for the business. Companies have always analyzed make or buy decisions and there is…

In today’s world where business needs are changing at a very fast pace and technology is evolving at an even more faster pace, it is difficult to keep investing in in-house technological resources. A software development outsourcing company could be of great help for the business. Companies have always analyzed make or buy decisions and there is no time like the present to think about whether you develop software in-house or outsource your projects to the right technology partner.

Here are some advantages:

  • By outsourcing software development, companies able to concentrate on their core business.
  • You have greater access to a much larger talent pool.
  • If outsourcing is coupled with “well-managed” off-shoring, there could be significant cost advantages.
  • IT is no longer an expense that carries on, it is projectized – you expense out projects, which are temporary.
  • The right partner will be a solutions provider and not a coding factory (unless all you need is that!) – they can provide good consultation, out of the box solutions – sometimes all you need is a right business decision from someone looking from outside in.
  • Your projects will be delivered with cutting-edge technology – you now have that choice.

Here are some disadvantages:

  • You lose some control of your projects. But outsourcing companies, with good project management methodologies and transparency into their process and teams, will close a lot of that gap.
  • It may be expensive in the short term depending on your schedule baselines.
  • You are not growing in-house talents if that is something you feel is needed for the longer term.
  • You may be giving out company secrets, so always have a proper, legally created NDA (legalzoom.com is a good source)

So who is the right Outsourcing company for your business?

  1. The clearer your scope statement and requirements, the better value you will get from outsourcing. A good partner will help you build that scope.
  2. Pair companies against each other. You should shortlist at least 3 companies.
  3. Choose a company that has a clear message on what they can offer – value, price, experience etc.
  4. The outsourcing company must have a good development environment of their own. You can even ask them to demo that in an online session.
  5. Make sure you have a well-written contract or ask them to provide examples of previous contracts.
  6. Check references – call a few of them and see what other customers have to say about them. Always ask about the 1 thing the company can improve – almost every reference will say at least 1 thing!
  7. Finally go with your gut!

Outsourcing has turned out to be the most effective business trend of this era. It is about increasing workforce flexibility and using highly qualified experts. Where do you start? You can call us to have a dialog – we are here to help. If we cannot provide you with a solution or you feel we are not a right fit for you, we may be able to point you to a another direction!

 


Sam Banerjee

samSam brings years of Business Intelligence and Software System Analysis experience to Medullus Systems. Prior to being a partner/co-founder at Medullus Sam lead several scale projects in the BI world in big name corporations like Bristol Myers, Frasenius, and ADP Payroll. Sam brings new ideas to improve BI in companies, products and projects. Sam is a certified Microsoft BI Developer and holds a Master in Computer Sciences. When asked about himself, Sam says “If you can’t measure it, you can’t manage it. For this reason alone, cutting edge software, that fits your business, needs to be on your radar screen and my cell phone number on your speed dial!” On his personal life Sam is a proud husband and father to 2 boys and enjoys his “cutting edge” drum-set, rock-shows and the New York Giants.