Hosting speed increases

linode-logo_standard_light_mediumThe nice folks at Linode, our hosting provider, have decided to give us (as well as their other customers) some additional capacity, on each of our servers!

Our largest server will get an additional 16GB of RAM (memory) and an additional 4 CPU cores. That’s a significant update that should make the system speedier for all.

We’re keen to take advantage of this, but it will need a short period of downtime to perform the upgrade, possibly a couple of hours. We’re provisionally scheduling that for this Sunday (27th May) at midnight. If there are any issues at all with that though, please email oliver@agilechilli.com and we’ll delay until a time suitable for all.

 

Advertisements

Introducing the chaser

We’ve been talking a lot about agileBase’s ‘chaser’ feature recently, giving examples of what it can do, but we’re aware not everyone may know precisely what it is!

It was developed for a particular purpose, but has turned into one of the most promising features generally that we’ve released over the past few of years. It has the potential to help people be more effective in a wide range of jobs, wherever they regularly need to ‘chase’ others for information.

Customers who’ve been trying it out say that it makes staff more effective at their jobs by ensuring documents and information required from third parties (such as suppliers) is obtained when needed, without requiring lots of manual checking, emailing and phoning.

In a nutshell, the system comprises three parts

1) checking when something’s due and emailing the person who needs to supply it

2) allowing the recipient to easily provide the data by following a link in the email to an online form. Documents can be uploaded and other information filled in

3) if no response is received, re-sending a number of times, finally escalating to someone else (usually someone internal)

chaser2

Examples

The first uses have been in our agile:SA Supplier Approval software. We have a few chasers, for example

  • non-conformances: whenever a non-conformance is raised against a supplier, whether as a result of an audit or ad hoc, the supplier will be chased if they don’t respond in a timely manner. Likewise, your staff can be chased if an internal non-conformance is not resolved
  • ingredient risk assessment: a member of staff must risk assess new ingredients
  • ingredient specification: a supplier will be chased for any missing specification documents
  • supplier audit questionnaires (SAQs): suppliers must respond to these and will be chased if they don’t

There are many more but hopefully you get the idea. The same principles can be applied whenever you need a third party to supply you with information or documents of a known type.

Technical setup

As an agileBase administrator, if you want to set up your own chaser, here’s how to do so. The process has been made as simple as possible so setup should be a breeze.

1) Create a view with a list of people (email addresses) to chase. In the view’s manage tab, under Send, choose ‘send email chasers’

2) The screen will show a list of fields you need, e.g. ‘to’ which is the email address of the recipient, ‘subject’ etc. Create all of these as calculations

3) The list will also include a couple of fields you’ll need to add to the table: count (a number) and last chased (a date). These will be used internally by the system

That will set up the system to send emails. Now make sure that only things you want to chase are chased, by adding any relevant filters to the view. e.g. to show anything out of date

That will be enough to get emails sending out. What about receiving the information back?

Simply add any fields you want the recipient to supply to the view, from the parent table. The system will automatically create a form containing these fields (excluding any of the chaser fields above such as ‘to’ and ‘subject’). When the recipient receives an email, it will have a link in it that takes them to this form.

If you want the content that the chaser sends out to be visible to users, add the chaser view into a form as a cross referenced field. It will show information such as the email to be sent, how many times the record’s been chased, when the last time was etc. If the record doesn’t need to be chased it will instead show the reasons why (the filters from the view).

Finally tick ‘enable this chaser’ at the bottom of the view’s Send section, in the manage tab. That’s it!

Please let us know what uses you find for the chaser, or of course if you come across any issues or can think of any further enhancements.

Chaser deliverability

The new chaser feature of agileBase is proving one of the most popular things we’ve ever launched! For users of our agile:SA product, chasers are set up for you to automatically email suppliers requesting new ingredient spec documents, non-conformance responses, certifications & accreditations, risk assessments etc. whenever they’re due.

chaser example

With the gradually increasing focus on compliance in the industry, this innovative feature helps you maintain the best quality and grades, whilst enabling your NPD teams to launch new recipes faster, due to slashed paperwork times.

Today we’re releasing an update giving you the ability to have these emails sent from your own domain name, should you wish to.

By default, emails come from @agilechilli.com, our domain name – we can’t send email from a customer domain name without agreement and setting it up securely. That process is now in place, allowing our software, with your permission, to send emails to your suppliers and other contacts from your own domain name. You can choose whichever email address you like for emails to come from, even different addresses for different types of chaser.

The system we use also brings enhanced deliverability – we use a service with enhanced reputation, monitoring and virus scanning, which receivers trust, lowering the probability your messages will disappear into spam bins. To ensure security, various technical measures like SSL, DKIM and domain validation are in place, as well as regular scanning by TrustWave.

The cost for this is just a one-off setup fee of £75, then £15 added to your monthly bill. That will allow up to 1000 messages per month to be sent. If you need more, 3000 can be sent for £25 per month.

To get this set up, please request this to support@agilechilli.com. We will need to liaise with you and/or your IT suppliers in order to configure your internet domain name to allow this service to run.

Sensitive data and personal data

If you store records of people you deal with in your agileBase instance, what is that data used for? Where did it come from? Who can see it? Why is it legitimate for you to process that data – which of the six lawful bases under the GDPR apply? Will the data be accessed outside of the country? How long will it be retained for once it’s no longer in use?

As you are no doubt aware, the General Data Protection Regulation will be applicable as of May 25th. Most companies using agileBase store some personal information so these questions and others are all things that need thought.

A lot of other data may also be commercially sensitive too (rather than personal data), requiring just as much careful thought into data protection.

Data exports

This week’s update is relevant in a couple of ways. Firstly, additional measures are in place to protect against or mitigate the unauthorised mass downloading or exporting of data, working in concert with the existing safeguards. Remember that the export option is only available if

  1. the user is a member of a role which has ‘allow exports’ ticked (off by default)
  2. the view has ‘allow users to export’ ticked (on by default, can be disabled in the view’s manage tab)

Now, even if an export is allowed, an administrator can choose to get notifications whenever an export over a certain size occurs. This option is triggered if the administrator ticks one of two boxes in a table’s ‘manage’ tab:

  • this table contains personal data
  • this table contains commercially sensitive data

personal and commercially sensitive data

When either of those are chosen, the admin will be prompted to choose a number (defaulting to 100). Any exports containing at least this number of records will prompt an automated email, which they can use when checking if the export is for a valid reason.

When managing one of these tables, the administrator is also shown which roles have the ‘allow exports’ option and whether any views are set up to transfer data to third party systems using the API.

Data protections and the GDPR

If the admin selects ‘this table contains personal data’, then a further section of notes is displayed, prompting consideration of various data protection questions pertinent to the GDPR. There are even some boxes where you can record your thoughts about each issue, current situation, future plans or whatever else is useful to you.

Please bear in mind that this is not a tool to manage your company’s evidencing of compliance with the GDPR. Hopefully though it will be of some practical help, particularly prompting you to think about data privacy and protection from the moment that a table is first created. For a system such as agileBase, where agility is a key feature, allowing systems to be built and evolved rapidly, it’s important not to overlook that!

If you need some help checking preparations for the GDPR, there’s some really good background information on the Information Commissioner’s Office website and there’s a fully indexed, searchable version of the entire regulation at https://gdpr-info.eu.

 

 

 

Text message number change

A quick  update – customers may notice that the number that two factor authentication codes come from has changed. That’s because the old number only had capabilities to send within the UK, the new number can send worldwide, which is necessary for some of our customers.

The new number is +447400094002, you may like to add that to your phone’s contact list so it appears with a friendly name when you receive a message.

We encourage everyone to enable two factor authentication – it makes your account more secure. To do so, simple click your user icon at the top right of the page, select ‘edit profile’ then type in your phone number. Note landlines won’t work, it has to be a mobile  phone that can receive SMS text messages.

phone number entry

agileBase automatically checks whether your password has been leaked

login

One of these days, we won’t need to remember passwords, everyone be able to quickly and easily log in to services with biometrics (e.g. face recognition, voice recognition, even heart rate recognition), USB keys or perhaps chips in our phones/watches/jewellery or embedded under our skin!

Until then, we have to manage our passwords. The problems are many – these days, short or simple passwords don’t cut it. They’ll be easily ‘brute-forced’ by attackers, trying millions of passwords per second. So, we have to remember a long and complex password. However, not just one, these days a typical person will log in to at least dozens of websites, apps and services. Using the same password for all of them is a bad idea.

Currently, the best solution is to use a password manager. We use 1Password here at agileChilli but there are others available.

One thing you may or may not know is that if a service’s passwords (or password ‘hashes’) are stolen, they will often be published on the internet by hackers for everyone to see. That’s what happened recently to companies like Adobe and LinkedIn. In other words, if you use a password for services A, B, C and D and user details are hacked for service A, someone can often look up those details and use the same ones to log in under your name, to B, C and D too!

Luckily, hackers aren’t the only ones who can look up lists of stolen credentials. Troy Hunt, a Microsoft Regional Director and MVP, has performed a great public service by creating an easy to use tool for checking a password against a massive list of previous data breaches.

We have now integrated with that service (which you can try yourself manually at https://haveibeenpwned.com/Passwords). Whenever you try to set a password in agileBase, it will first look it up to see if it’s previously occurred in a data breach and if so, it won’t let you use that one. That either means your password has been previously stolen, or you’re using the same password as someone else who’s had it stolen, in which case it probably isn’t a very good one. Either way, you definitely shouldn’t use it and if you use that password for any other services, you should  change it immediately.

By the way, when checking, the password you type isn’t actually sent to the third party service in ‘plain text’, it’s all managed securely. 1Password were one of the first organisations to take advantage of the new version of the service a couple of days ago. If you’d like more information on how it works, their blog post is a good read.

Now we’re pleased to follow suit and announce our integration with this valuable service.

HTTPS everywhere

Whilst we’re on the subject of data security, another recent update has been to our public website, www.agilechilli.com. SSL encryption is now used for the whole site.

SSL has always been used for the agileBase platform itself, not just while sending your login credentials, but for all data transferred during use. However, the entire public website (our product info, case studies, pricing etc.) is now encrypted too. For some information on why this is a good idea, please take a look at https://doesmysiteneedhttps.com/

Thank you to CloudFlare for making this a really easy thing to set up.  If your own company’s website doesn’t yet use SSL (HTTPS), then we encourage you to suggest it to your web or IT staff.

Reporting file storage

A quick tip for people uploading files to agileBase – if you hover over a filename or icon, the file size will be displayed. The size shown is a total that includes all previous versions, if you’ve uploaded multiple versions over time.

There’s also a new ‘hidden’ field available that can be added to views, ‘storage used (MB)’ which shows the total size of all files uploaded to a particular record. Using that, the total storage used for all files can be displayed. Plus any of the standard agileBase features such as filtering and charting can be used to break down or analyse usage.

doc sizes

Thanks to Britannia Windows and Foodcase International who both (independently) suggested this feature.