Contact Us

Join Our Conversation

blog-header

MCFTech Takes Security Practices to the Next Level

Service Organization Control (SOC) logoThere is a linear relationship between increasing cloud consumption and the necessity for security. “The cloud”, which can mean many things, provides unparallelled flexibility and scalability for a business. At MCFTech, the cloud has created a scenario where more of each incremental hour of work drives value add, rather than worrying about things like dual power supplies on a server, or health of a hard drive. Leveraging cloud Infrastructure as a Service (IaaS) providers such as Amazon Web Services (AWS) and Microsoft Azure means they manage the physical layer. Each of them are much more capable at addressing physical hardware, redundancy, and security than most organizations. While Azure and AWS are managing that physical security (badge access, biometrics, etc.), the rest is left up to the end consumer or business.

The same concept extends to cloud platform providers such as Intuit QuickBase, or other hosted applications/services such as Google Apps, Dropbox, or Office365. In these types of platforms, the service provider is managing the servers (potentially hardware and virtual), the patching, updates, encryption, etc.

In Platform as a Service/ Software as a Service (PaaS/SaaS) and IaaS, the barrier to entry for “the cloud” is relatively low. This sometimes causes people to think “they are secure” inherently when it actually increases the need to treat security at the other layers seriously. A bank may have a very secure vault but the security on the vault is rendered useless if the branch manager does not treat the combination and/or keys with high levels of confidentiality and security.

The same can be said for the cloud.

Now that these awesome and powerful tools are available to an organization, who governs the access? Who ensures permissions are appropriately handled? In the case of managing virtual servers instead of physical, are patches up to date? Are information security resources monitored for vulnerabilities such as Heartbleed and Poodle and are those vulnerabilities quickly addressed?

These are things that MCFTech has recognized as extremely important for the security of both ourselves and our clients which is why we obtained third party validation of our practices via a SOC 2 report. SOC 2 is a widely accepted audit standard which checks an organization’s commitment to the following areas: security, availability, processing integrity, and confidentiality. We are happy to report the auditors found no exceptions in our processes and procedures during their audit. We are committed to security in multiple ways. Some of those include code vulnerability testing, thorough processes and procedures, and routinely investing in R&D with new technologies to stay on the cutting edge.

To find out more about how MCFTech protects your business data, contact us today!

QuickBase & SharePoint Head-to-Head

Most enterprises support a variety of platform technologies to solve a range of IT System needs. Microsoft SharePoint and Intuit QuickBase are deployed in various capacities in the majority of Fortune 100 companies. Each of these toolkits provide very different capabilities for solving sometimes relatively similar challenges. The wise business leader will understand the strengths of each technology and when to best deploy.
[Read more…]

Business Success: How Quickly We Forget

Have you thought of starting a business? Chances are you’ve picked up a help book somewhere along the line, you’ll recognise the type… “Business for Dummies”, “The Entrepreneur’s Manual”, “The Salesman’s Bible”, that sort of thing. Now, if you’ve gone the whole hog and actually started a company, these books are probably languishing in a dusty corner of the house. Their usefulness confined to those times when this precise thought floats through your mind: “you know what, that’ll do”. [Read more…]

Lifehacking Quickbase: Productivity Hacks and Shortcuts

Given that we live in a TLDR world, I thought it’d be nice to write an easy to skim list of how-to’s. These are tips that can make the QuickBase experience a bit more manageable, either as a user or a developer.
[Read more…]

A Disney Inspiration: Small Business Leadership vs. Management

With a three year-old and a two year-old, I find myself reliving the numerous Disney movies that most of us grew up with. Whilst having the theme songs from movies such as Cinderella and Snow White stuck in my head, I couldn’t help but ponder the following line from one of my little girl’s favorites… [Read more…]

Project Management, Lessons from the Trenches: Honest Relationships

When I’m assigned a project for a new client, it’s pretty obvious where the start is, go introduce myself to the client, explain to them what I’m there to do and start an ‘honest relationship’ with them. [Read more…]

Enterprise Content Management vs. Data Driven Platforms vs. Business Process Management Systems

When evaluating technical options for solving complex information and business process needs it’s important to understand the underlying strengths and assumptions of various types of systems.

Business Process Evaluation / Score

We see the available tools fitting into three main categories though many existing technologies cross boundaries and support more than one capability:

Enterprise Content Management (ECM)

ECM focuses on storage, security and lifecycle of document files primarily. ECM systems tend to best support document-based processes where records of activities are stored as files and are often handled both physically and electronically. Alfresco, OpenText and Sharepoint are all examples of ECM with varying capabilities.

Data Driven Platforms (DDP)

DDP is a class of application focused on managing relational data through the management of web-based forms, reports and highly granular security. DDP applications tend to focus on higher volumes of activity and records stored as data. Intuit QuickBase, Intalio|Create and Microsoft Dynamics are leading players on DDP.

Business Process Management Systems (BPMS)

BPMS manage work through orchestration of human and machine activities according to a standards-based system (BPMN 2.0). BPMS have traditionally focused on driving consistent execution of work and track completion of activities as the primary focus and may be workflow systems as opposed to strictly standards-compliant. Intalio|BPMS, Lombardi and K2 are examples of these tools.

How do I know what system type is right for me?

Most enterprise technologies today provide capabilities across the spectrum but focus on one strength with less capability in others. For example, Sharepoint is undeniably strong at document handling while providing an acceptable degree of workflow and very limited data-driven capability without a high degree of customization. On the other hand, Intalio|Create offers a best in class data management capability with a strong BPMS engine but relatively limited features for ECM.

These key scenarios might help determine a starting point for evaluation.

ECM

DDP

BPMS

My operation uses paper or document forms and routes them to get the job done

Top Choice

Second Choice

Third Choice

We’re tracking of a lot of data on spreadsheets today

Third Choice

Top Choice

Second Choice

Most important is that we follow a structured set of steps, get signoffs and know where we are at in the process

Second Choice

Third Choice

Top Choice

Each of the technical options outlined in the above diagram have their strengths and weaknesses. Many of the technologies we work with today are crossing boundaries and are suitable solutions for a variety of complex business processes. To find out more about how to solve your unique business needs, contact MCFTech today.

Audio Management and Quality in a Virtual Organization

Getting on a meeting or phone call and having a conversation … such a simple thing, right? Well, even the simplest things can have a pretty big impact. What if all of your workers are remote… working from home with the regular interferences that come along with that? Barking dogs, screaming kids, vacuuming, etc. Now the issues become even more prevalent. What about using a headset with your computer, hopping on a Lync or Fuze meeting, and not knowing which one of your microphones is set as your default audio device? Just another set of challenges for, what seems to be, such a simple topic. [Read more…]

Managing Project Cutovers Effectively

The development is all done; Systems Integration Testing (SIT) and User Acceptance Testing (UAT) have been completed successfully. Your developers can now breathe easy. You have put in a great amount of rigor to make sure all the milestones were completed successfully and with Quality. The job’s as good as done. Just the project cutover is left. That’s pretty straightforward. How bad can it be, now that everything else is completed!? [Read more…]

Keeping the Scope Creep at Bay

Technology moves at a fast pace, but will never be able to keep up with the human mind. After all, even technology takes a break once in a while. It comes as no surprise that timelines, scope, and other such project attributes often expand and even contract from time to time. So the challenge, of course, becomes how can we communicate difficult topics while maintaining cohesion within the project team? And what can we do to plan ahead to avoid potential pitfalls? [Read more…]