Category: Business

Of interest to business enterprises.

Posted on

Adding Up SaaS Applications

Incorporating SaaS applications into an enterprise’s business processes can offer a number of advantages, including:

  • focusing internal resources on core strategic strengths instead of infrastructure services
  • being able to pick the best fit from a variety of mature low-risk best-of-breed applications
  • lowered internal IT hardware and support costs
  • well-defined costs

But as always, nothing comes for free and the cost of individual applications adds up quickly. For example, assuming a sales and development SME on a growth track with 100 employees, including a 10-person sales team, a couple senior admin/HR roles, consolidated project management across the organization and a product engineering team who working with part numbers and bills of materials, and using the following SaaS applications:

  • Taleo Recruit for talent recruiting – $500/month (Taleo Business Edition Recruit module, 5 users)
  • Saba People Cloud for basic talent management – $500/month (based on competitor Kapta pricing of $5/person/month)
  • Salesforce for customer relationship management – $1250/month (Enterprise version, 10 users)
  • KnowledgeTree for document management (engineering, legal, administration, etc.) – $2000/month (100 users)
  • Basecamp for project management – $99/month (100 projects, 40 GB storage)
  • Aligni for engineering to manage parts and bills of materials – $199/month (< 10,000 parts)

The total is $4,548/month, and doesn’t include an ERP system for managing financials – which could add another $3,330/month (for either a basic system with limited extensibilty, or the base price for an extensible system before add-ons and customization).

Now, I’m not saying this isn’t money well spent, and for many organizations it is. But bear in mind it’s cash off the bottom line and attention (a rare and precious commodity) taken away from something else in order to learn something new. Carefully consider the complete value – and the complete cost – before signing up for another monthly payment on a credit card, because that’s the easy part.

Posted on

SourceForge, Encryption, and U.S. Export Control Restrictions

I was registering the Adapto project on SourceForge today, and when I got to the Export Control question, ended up spending more than few minutes researching U.S. export regulations relating to software and cryptography. Be warned though, I am not a lawyer and the following is not legal advice. I urge you to consult a professional for advice specific to your situation.

SourceForge is operated by Geeknet, Inc., a publicly traded US-based company. When someone outside the U.S. downloads code from a SourceForge project, SourceForge is actually exporting the code from the U.S.

Export of software including cryptography functions from the U.S. is controlled by the Bureau of Industry and Security (BIS) according to the Export Administration Regulations (EAR) and the Commerce Control List (CCL). This includes software that only calls encryption functions in an external library, such as the PHP openssl_public_encrypt and openssl_public_decrypt functions.

In 2010, the BIS amended the EAR by excluding software products where the use of encryption is ancillary to its primary function and the primary function is not information security or the sending, receiving or storing of information, where the cryptographic functionality is limited to supporting the primary function of the software product, and when details will be provided upon request to a U.S. authority (see EAR Controls for Items that Use Encryption on the U.S. BIS website).

Adapto is a small PHP framework targeted at creating data management applications with minimal code. Although Adapto includes cryptographic functions (implemented through PHP library functions), they are provided only for potential use by an application program and are not used in the normal operation of the framework. They are also not used in the tutorial demo application included with Adapto, and so it appears export of Adapto from the U.S. is not controlled.

Since Adapto does incorporate encryption, it has been noted in the SourceForge project Metadata, but since it is not controlled based on the above analysis, the project does not require reporting to the U.S. government as noted by SourceForge.

 

Posted on

Continuous Learning and Innovation

It’s amazing how one thing leads to another. Recently I was finally annoyed enough by my laptops not automatically synchronizing Firefox bookmarks that I had to do something about it. I regularly use two Linux Mint laptops, a Windows 7 laptop, and a WinXP laptop, and was manually synchronizing bookmarks periodically, but what I really wanted was something automatic, real-time, secure and painless. My Google fu told me the Firefox SyncPlaces plug-in might be just what I needed, and I liked that it used my server for storing its synchronisation data.

First, I configured SyncPlaces to use ftp for uploading bookmark data to my server (which is good, because my day job’s firewall only allows http and ftp access). I happened to be at a McDonald’s having lunch, where WiFi is free but ssh is not allowed. However, I have Webmin installed and was able to start the ftp daemon with a quick “/etc/rc.d/ftpd onestart” using the Webmin’s Command Shell module. Once that was done, I cleaned up the bookmarks on the Linux Mint T61 ThinkPad I was using and uploaded them, later synchronising Firefox on my Win7 HP dv9000. So far so good. Now, why didn’t I do this sooner?

This morning, thinking I had better enable ftpd in rc.conf before the system was rebooted  and I had to troubleshoot why ftp no longer worked. I tried using Webmin’s File Manager module to edit rc.conf but instead of seeing my server’s file system I only saw the error “This module requires Java to function, but your browser does not support Java”.  What?!? Firefox doesn’t support Java?!?

Turning again to Google, I found Ubuntu (on which Linux Mint is based) had recently removed Java and the Java Firefox plugin from its repositories and had switched to OpenJDK and the IcedTea browser plugin. The problem was that out-of-the box Linux Mint didn’t include IcedTea! After installing “IcedTea-Web Plugin” using Linux Mint’s Software Manager, the Webmin File Manager module again worked and I was able to add ftpd to rc.conf. Whew!

Why do I put myself through this? It’s because the learning experiences provided help me to stay current with changes in technology. Abstracting a problem and its solution may aid the the growth of a new technology, but abstraction also makes it easy to lose connection with underlying technical aspects. When that happens, the ability to innovate is lost – along with any opportunity to add real value.

Posted on

Maestro Business Opportunities

Where are the opportunities for Maestro? The greatest opportunities are in Small-to-Medium Enterprises (SMEs).

Small to Medium Enterprises (SMEs)

A small-to-medium enterprise (or SME) typically has less than 250 users, occupies a common physical office, and has an entry-to-mid-tier ERP system for managing operations and financial reporting. It may have a well-defined IT infrastructure, often from a single vendor (e.g., Microsoft DNS/DHCP/domain controller, an Exchange mail server, a SharePoint knowledge server, MS-SQL database Server, etc.), or an ad hoc structure with peer-peer networking providing shared access to resources such as shared data and printers. 

However, a SME often doesn’t have formal processes for document vaulting, non-conformance and issue management, change management/version control, and product data management. Also the ERP system may be perceived primarily as a financial system since it often is controlled by the Finance department, and is not available to engineering staff or provide traceability for serialized raw material or finished goods. Although SME’s may be certified to a QMS  (e.g. ISO 9001), operationally they are often dependent on people-driven document-oriented processes. If electronic documents are used, they are often stored either where they cannot be accessed by all users, or in an uncontrolled network share. 

An SME can also be distributed, where employees do not share a common physical office. In this case, it will typically not have formal resources for sharing information, and will rely on email or ad hoc cloud storage (e.g. Dropbox, OneDrive or iCloud).

Maestro

Maestro can be used to consolidate existing systems, regardless of whether the SME is centralized or distributed. It can be hosted on a user workstation, on a dedicated server on the local network, or with a cloud hosting provider. Internal hosting may be preferred for its perceived security advantages, but hybrid and cloud architectures can be just as secure – if not more so, since the same security policies will apply regardless of whether the user is connected through the internal network or the internet.