BTerrell Group Blog

Info Info

Recent Posts

Super Powers of the Cloud: The Security of Concur’s Cloud

Posted by Info Info on Wed, Jun 11, 2014

by Concur

 

This entry is part 4 of 4 in the series Super Powers of The Cloud. Previous entries can be found here.

Mobile app security is a concern for most app users, especially with the seemingly daily news stories of data breaches striking large companies. And it’s not just large companies being affected. For every security breach story that breaks, many more go untold. Symantec reports that companies with fewer than 250 employees were the focus of 31 percent of all cyber attacks in 2012, up sharply from 18 percent in 2011. 

It’s understandable for app users to feel unsure about the security of mobile apps, especially if these mobile apps require them to input sensitive information. And let’s face it; no one wants to feel vulnerable.

Like superheroes need capes and armor, app developers and app users need to know their environment is secure before they can wholeheartedly focus on doing superhuman work. Security is the platform upon which all productivity and collaborative benefits of apps can spring forward. Without security, all the perceived benefits of mobile apps can quickly become a mirage.

For example, Starbucks recently promised to tighten security on its IOS app because of a multitude of mobile app breaches. Because the app contained security flaws – including a lack of encryption, no password protection, and a clear-text data file that is easily exposed – the convenience benefits can be easily offset by security concerns, rendering the app useless for many users.   

Concur’s investment in security

Perhaps a more concerning trend than the amount of apps being hacked is the amount of companies who don’t seem to care about security.

This certainly is not the case at Concur, where mobile app security is a top priority. The Concur Trust Platform with PCI Compliance, ISO and SSAE 16 certifications are combined with data encryption and remote wipe capabilities, ensuring a secure solution for all users. And for those who argue that traditional, paper-based expense tracking is more secure, how is carrying around a stack of receipts and paperwork more secure than a locked, password-protected phone?

Concur’s mobile app security does not allow sensitive credit card data to be stored on the mobile device when transactions are conducted. What this means is that the most sensitive client information (e.g. credit card info) is housed only in Concur’s secure data center, not on the mobile device. Whether clients use Concur’s web-based service or mobile app, they can rest assured their information is safe.

If you’re considering mobile app usage to increase capabilities, productivity and employee satisfaction at your business – but are concerned about mobile app security implications – rest assured that Concur’s top priority has been, and will continue to be, the security of our users.

Expenses affect every part of your company. Learn why more organizations are leveraging Concur’s automated expense tracking solutions to not only address mobile app security, but financial security as a whole. Don’t wait, fix it.

Tags: security, expense tracking, cloud, concur

What Defines a Cloud Solution?

Posted by Info Info on Wed, Jun 04, 2014

by Docassist

The cloud is a hot topic in technology discussions and many software companies claim to be providing cloud solutions. But what really defines a cloud solution and does it matter if an application fits that definition?

In Cloud Computing magazine (Q2 – 2013), Matt Wallach, co-founder of Veeva Systems, defines a cloud solution as one that gives a customer “scalability, flexibility, and cost efficiency… built on a multitenant platform.”

 

What is multitenant?

“Multitenancy is the architectural model that allows vendors to serve all their customers from a single, shared instance of the application,” says Wallach.6 4image4 resized 600

There are hundreds of alleged “cloud” products out there built to be on-premise/single-tenant applications. “Whether users access software through a private cloud or through the corporate server network on-premise, it’s still traditional, single-tenant client/server software (with traditional client/server limitations),” explains Wallach. “Multitenancy is the magic that makes cloud computing truly special, a disruptive technology,” he concludes. 

So why choose a solution like Docassist? Docassist was originally developed as a multi-tenant cloud application. It is optimized for the cloud and many of its strengths and capabilities come from being a true cloud application.

“It is sometimes frustrating when we read or hear about some competitors with non-cloud solutions claiming to be on the cloud,” Stan Santiago, CTO of Docassist. “It is challenging to take any on-premise solution and truly move it to the cloud, so many companies resort to halfway measures that are not truly cloud solutions.”

BTerrell Group is hosting a webinar, Q&A with a CTO: Everything You Want to Know about Documents in the Cloud, on June 18th at 1:00 pm CT so you can get all of your questions about the cloud answered from the source. Attendance is limited!

 

Tags: cloud software, cloud computing, docAssist

Creating IT Process Standards

Posted by Info Info on Thu, May 29, 2014

by Chris Karnes

As new employees join the company and other employees leave, do you have processes in place for enabling access for onboarding employees and denying access for exiting employees? Are there multiple logins and systems (Office 365, domain login, phone systems, office printers, etc.) that your new employee needs in their daily functions? Most of us rely on the IT department to do this. But, what happens if you have a single IT employee, and that’s the employee that just left? Do you have the processes documented so that you can disable and/or remove the various user accounts for the former employee and create the new accounts for any incoming employee? Improving and creating processes are critical for completing things efficiently, as well as tightening the security surrounding your business files.

Onboarding a New Employee

describe the imageDocument your processes, and review them periodically so they are updated as your technology changes. Your documentation can be as simple as a Word document with the first page listing what every new user would need. The following pages detail how to setup each account using screenshots and a brief explanation of the requirements. If your business has domain access for networked servers, Office 365 with email, Intacct, Sage CRM, a VoIP phone system, and a Multifunction Office printer with the ability to email scanned items, each system needs to be set up for everything to work correctly. The scanner won’t email if you don’t set up the Office 365 account since the user won’t have a valid email address, and the employee can’t log into their computer if you haven’t set up their domain access.

With so many logins and setup for one new user, you need a standard for creating usernames. Three of the most commonly used standards are first initial last name, first name last initial, and firstname.lastname. Use the same user name standard across as many accounts as possible to avoid having an employee email address of john.smith@xyz.com while his domain login is jsmith@xyz.com. That gets confusing, time consuming, leads to failed logins (and accidently lock someone out of their account), and leads to mistakes, such as John giving a prospective client the wrong email address. Software such as Intacct and Sage CRM may be administered by multiple or different people who specialize in that specific software. They must be aware of the company username standards. My personal favorite is firstname.lastname. You occasionally may have two people with similar first and last names, but most of the time there will be a slight difference in spelling between them, for example John Smith and Jon Smith. If two people have the exact same spelling, include a middle initial for the newest employee (jon.z.smith).

Deleting Access for Exiting Employees

You also want to create and document a standard for how to deny access for employees leaving the company. Do you want to disable, delete, archive, forward, or monitor the email account? If that employee had several projects in progress and the departure was sudden, you may not want to delete or disable the account, as any client attempting to email your company have their email denied. You want to reset the password and either forward the emails to another employee or manager to review, or add that mailbox to an employee’s mailbox until you communicate the new contact to clients. Same goes with the phone extension. You need to document how to forward the extension to another employee’s extension, while taking the physical phone offline. This will help ensure that you do not accidently drop the ball while transitioning as you always have someone monitoring any incoming contacts from clients. Then document how to delete or disable the employees’ domain account and remove them from the multifunction office printer.

 

If you don’t know what the processes are, or if they are documented, get with your IT department and ensure these are set up so that those with administrative access can properly handle adding new users and removing former employees. If they are not, make sure to create these processes and document them. 

Tags: security, IT process, Information Manager

How Cloud Business Apps Give You Super Powers

Posted by Info Info on Wed, May 14, 2014

describe the image

by Concur

This entry is part 3 of 3 in the series Super Powers of The Cloud. You may read the first installment here and the second installment here.

Okay, so cloud business apps won’t give you super powers, at least not yet. But when you go from expense tracking the old-school way to a do-anything-from-anywhere situation, you sure feel super about your new powers.
Apparently there are plenty of employees who feel super these days. According to CDW’s 2013 State of the Cloud Report, 73% of IT staff say employees’ personal use of the cloud has influenced enterprise adoption of cloud computing.

If you haven’t yet gone skyward to the cloud, then it’s time to stop being a mere mortal and gain these “super powers” by using cloud-based mobile business apps:

The power of flight
An app like TripIt can make you feel like you have a jetpack with a “carefree” setting. Simply forward your travel confirmation emails to plans@tripit.com and TripIt automatically creates an itinerary for your trip.

You can send TripIt confirmation emails for more than 3,000 travel booking sites, including airlines, hotels, rental car companies, railways and airport shuttles. TripIt also supports many travel agencies, cruise lines and business travel sites, and even syncs with activity planning sites like Evite, OpenTable, Fandago and StubHub.

Here are a few more things you can do with TripIt:

  • Link your email, and TripIt will automatically import travel plans from your inbox to your itinerary. No need to forward confirmation emails.
  • Set your travel plans to sync automatically with your online or mobile calendar.
  • Share travel details with family, friends and colleagues by simply clicking the “Share” button on your itinerary.
  • Access your itinerary from all your devices whenever you want.


The power of omnipotence
An app like Concur for Mobile can make you feel like you can be everywhere at once (and you can also avoid being anywhere, like back at the office, filling out an expense report form). Concur for mobile complements the web-based solution and lets you manage everything related to expense tracking from anywhere you want. Here are just a few things you can do with Concur for Mobile:

  • Do away with paper by capturing receipts with your smartphone and uploading IRS compliant images directly to expense reports.
  • Approve or reject expense reports immediately via manager access.
  • Add car mileage to your expense report.
  • Match invoices with purchase numbers, track progress of submitted invoices and expedite invoice approval on the go.
  • Use e-receipts to capture electronic transaction data directly from airlines, hotels and car-rental companies. The line-item details automatically upload to your expense report.
  • Import credit card charges which are automatically assigned to the appropriate expense report.
  • Use the automatic payment capability to quickly and easily reimburse your valued employees

describe the image 


The power of protection
The Concur and TripIt apps are built with world-class security. The Concur Trust Platform with PCI compliance, ISO and SSAE 16 certifications are combined with data encryption and remote wipe capabilities, ensuring a secure solution. Your personal data and credit card details are never stored on your mobile device and stay secure in Concur’s world-class data center.
Expense reporting affects every part of your business. Learn how super life at your company will be when you stop waiting and call upon your power to fix it.

As a Concur partner, BTerrell Group is able to extend a 10% savings on any Concur solution you implement.  Please contact your BTerrell representative for details.

Join us on May 21st at 1:00 pm CT for this informative webinar: Fix Expense Reporting and Boost the Bottom Line, featuring Concur.



Tags: app, cloud software, cloud