Month: May 2019

Categories
Blog

What Is Open Source Software?

Open Source Software

For today’s tech blog we’re going to discuss open source software. What is it, and how is it different from other types of software? In simple terms, open source software is a term for any program whose source code has been publicly released, allowing for others to modify it however they like.

Software Types

It’s easiest to understand open source software in the context of other types of software, so here’s a refresher in the other major types.

Licensed Software

Licensed software is any computer application that requires licensing to be used. This licensing can be as simple as purchasing a digital download code for a single computer, or it can be a complex, enterprise-wide licensing agreement. Nearly all licensed software must be purchased to be used legally. Microsoft Office has long been an example of licensed software.

Cloud or Subscription-Based Software

Technically a subset of licensed software, cloud or subscription-based software requires a recurring subscription-style payment. If your payment lapses, the software may become inoperable. Examples here include Adobe Creative Cloud and Microsoft’s newer offering, Office 365.

Freeware

Freeware is a broad term for software that’s distributed freely, with no expectation of payment for personal use. Install these at home as much as you like. Beware that some freeware is only free for personal use, though. If you want to use it in a corporate setting, you may need a license.

Open Source Software

Open source software takes the concept of freeware to the next level. To be considered open source, both the software and its source code must be freely available. Users are permitted (and even encouraged) to modify the source code to improve the software or to customize it for their own needs.

Open Source Certification

Open source as discussed above is a concept or philosophy. Developers who wish to release open source software with a sort of seal of approval can do so through the Open Source Initiative. This group offers a certification mark, Open Source (yes, it’s just the term we’ve been discussing, but with capital letters), which verifies that a piece of software meets certain qualifications.

To receive the Open Source designation, a piece of software must meet these two criteria.

  • The software is available to anyone else, restriction free.
  • The software’s source code is available for others to change and customize.

Additionally, provision is made so that the original creators can demand that future, customized versions of the software are clearly distinguished from the original, through naming or versioning.

Conclusion

By reading this tech blog post, you now understand what open source software is. If you’re wondering what it can do for your or your business, contact us today. We’re glad to help!

Categories
Blog

Did You Know That Java 8 Now Requires Licensing Fees?

JAVA Licensing Fees

Java and JavaScript still the most widely-used languages in business, outpacing C# and Python by a relatively large margin in a recent survey by Cloud Foundry. These flexible, cloud-native languages represent 57-58% of businesses that responded to the study, with Python only being used in about 25% of businesses. Java and JavaScript, along with C++, continued to show market growth through the end of 2018, unlike some other languages whose share continues to decline. With the strong user base and growth for Java, it’s not surprising that Oracle has decided to consolidate several different models into a more streamlined licensing agreement. While this has been discussed since mid-2018, as of January 2019 organizations that want to continue receiving support for Java may need to revise their licensing agreement to incorporate the paid model. See how this could impact your continued usage of a programming language that continues to gain importance in the business world.

Building Flexibility Into Business Systems

Being able to reference multiple languages helps businesses retain the flexibility and agility that they need to be relevant in today’s fast-paced business world. With startups claiming niche markets, established businesses and enterprises need access to well-known and widely used languages such as Java and C++. Even though Java has been around since “Green Team” developers at Sun Microsystems released it in 1995 after a multi-year marathon of programming, it is still revolutionizing the way we interact with digital devices. As the invisible force behind many of today’s most complex solutions, Java has been building flexibility into business systems since the mid-1990s. Java is a platform independent, meaning it can run a variety of different operating systems which creates a highly extensible base language.

Creating Cloud-Native Practices

Businesses are continually looking for ways to drive innovation as a way to differentiate from their competitors, and cloud-native languages such as Java will help drive these initiatives into the future. Says Cloud Foundry Foundation CTO Chip Childers: “Cloud-native practices enable developers within large companies to pick the language that best supports their functional needs—and our research shows that the most commonly chosen languages for cloud-native application development are Java and JavaScript”. While more than 25 languages were noted by respondent companies, the majority were only used by 1-2% of businesses, unlike Java which was prevalent in close to three-fourths of the organizations. It would not be surprising for there to be consolidation within the various platforms as organizations look to bring consistency to their overall development practices.

Java’s New Licensing Model

While Oracle’s July 2018 announcement caused many organizations to rethink their Java usage, it’s clear that the platform is still required for development. The particular version that was impacted is Java SE (Standard Edition), Java SE Advanced, Java SE Advanced Desktop and Java SE Suite. These licensing options will be consolidated down to two paid models starting in January 2019: Java SE Subscription and Java SE Desktop Subscription. Each version is a monthly subscription that includes public updates for Java SE 8 or later, with terms available from one to three years. This shift will impact all users of commercial-grade Java, although customers of older Java SE models will not be forced to make the switch. While moving to the new model is not mandatory for non-commercial use, business users will require a license according to Oracle’s new licensing policies.

Business users do have a few decisions to make as their model shifts:

  • Server-based deployments will use a processor-based metric such as CPUs to calculate license requirements, starting with an Oracle-licensed server and the number of cores and the processor core factor into the calculations
  • Desktop deployments use a Named User Plus-based metric to make the calculation of ongoing licensing costs

Businesses who opt out of the paid model, should not expect to receive additional Java SE critical updates after January 1, 2019, a situation which can easily place business operations at increased risk of breach or failure.

Review Use of Java in Your Business

If you have significant usage of Java SE in your business, it’s time to launch a full review to determine whether you need to upgrade or renew licensing agreements with Oracle. Determine whether your business is fully compliant with new Java SE requirements based on your current and estimated future usage on servers or desktops. You could find that it is more cost-effective to make a switch to the new Java SE licensing models based on your current business requirements and maintenance agreement. Reviewing future development needs is also an important part of your analysis. If you plan to reduce overall Java use in the next few years, that could dictate the term of the negotiated agreement. You could also look for ways to incorporate a sliding scale based on estimated future usage.

Even though the language is now more than two decades old, there is no indication that the usage of Java is declining in the near future. As long as this flexible platform provides the link between computers and other digital devices, developers will continue to use and value this agile platform for business development.

Categories
Blog

Are You Using Internet Explorer?

Internet Explorer Security

Do you still surf the Web with Internet Explorer?  If so, you’re not alone. Even after Microsoft came out with their new Edge browser in 2015, some people are still using Internet Explorer.

The Problem?

Security experts have found serious security flaws in Internet Explorer’s code. This means that if you use it, you’re opening yourself and your business up to hacking and computer viruses.

Another Problem?

Microsoft won’t be fixing this for the foreseeable future.

What Are These Flaws?

The most recent of these was found by an independent researcher named John Page. He published a proof of concept that demonstrates a flaw in the way that Internet Explorer handles MHT files. MHT is a Web page archive file format.

How Do These Flaws In Internet Explorer Create Security Issues?

If you use Windows 7, Windows 10, or Windows Server 2012 and it comes across an MHT file, it will try to open the file using Internet Explorer. This presents an easy opportunity for savvy hackers.  All they have to do is to use an MHT file containing a malicious virus and present it to you via a phishing email or other form of social engineering. Once you take the bait, the malicious virus gets into your computer/server.

Are We Safe If We Use Another Type Of Browser?

Not really. Any Windows-based system is still very much at risk from infected MHT files. This is because Internet Explorer 11 still ships with all Windows-based PCs. This includes computers that use Windows 10.

What Can We Do To Prevent Being Hacked Due To Internet Explorer Flaws?

One good thing is that Internet Explorer isn’t enabled on Windows 10 computers. For it to be enabled, you need to set it up yourself.

For now, this is the simple solution — Just don’t enable Internet Explorer. And to be completely sure, it’s best if you uninstall Internet Explorer from your Control Panel altogether.

John Page reported the issue to Microsoft on March 27, 2019, and received the following reply from them:

“We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed the case.”

Unfortunately, it looks like, for the foreseeable future, that Microsoft won’t be providing a fix regarding the flaws with Internet Explorer. As we said above, the answer, for now, is for you and your staff to uninstall Internet Explorer from your computers.

Categories
Blog

Can You Legally and Ethically Monitor Your Employee’s Online Activities?

Monitor Employees Online

Monitoring employee behavior is nothing new, as supervisors have been stalking their staff for generations. What has changed is the degree to which employee behavior is transparent in the workplace, with sophisticated monitoring solutions in play one could argue that nothing is truly sacred when it comes to being monitored by your business. It is standard practice for all phone conversations to be recorded in a customer service setting, but this is expanding dramatically into detailed tracking of websites that are visited and even emails that are being sent and received. Employees may not often think about the fact that personal emails that are being checked on business-issued phones or laptops are fair game for tracking — but they are. Whether this tracking is meant to identify underperformers or to protect the IP and sensitive data of the organization, there are laws in place to protect both the employer and the employee.

What Are You Trying to Accomplish With Monitoring?

When you are considering monitoring your staff members or contractors, the most important question to ask yourself if what you’re trying to accomplish. Do you have some underperformers, and are trying to gather information about their work habits? Do you suspect corporate espionage? Do you simply want to protect your organization from the productivity drains that occur when staff members spend an inordinate amount of time on social media? Understanding the business driver will help you more fully define the legal reason for gathering this type of information from your employees. You might even have someone who seems to be absent — even though they are technically “at work” every day. Monitoring of their access badge would fall under these same rules for electronic monitoring. As you’re defining your monitoring program, also look at the success metrics. Are you attempting to reduce the time spent on social media? If so, you also need to have in place a way to communicate that employee behavior is outside the expected norms.

Employee Notification of Online Activity Tracking is Crucial

The majority of employees are simply going about their daily work, unconcerned that their employer could be potentially tapping into conversations on email or their phones. These individuals probably have nothing to hide, because they are being good stewards of time and resources and only doing a little light shopping at lunch, for instance. Others might be extremely concerned and secretive about their online behavior, going so far as to surf in incognito mode or clear out browser activities when they close down for the day — never realizing that these steps probably don’t make a bit of difference in whether their employer can still see their activities. If your organization plans to do any kind of monitoring at all, it should be detailed for employees as they are onboarded. A safer practice would include asking employees to sign the most recent version of the policy on an annual basis to indicate that they understand and agree with the monitoring that is being done.

Handling Second-Party Notifications of Recorded Activities

In many states, there are legal standards that require that both parties to a conversation must be notified and agree that the tracking may take place before the activity is deemed legal. There are some workarounds such as a conspicuous posting on your website or an email signature that warns all parties that continuing the conversation with a staff member is considered their agreement to recording the messages. However, this remains a legal challenge in many states. As the government begins to look more deeply at personally identifiable information (PII) and exactly who has access to that data, you might run into additional legal challenges due to the various data breach notification statutes that are currently in place in 48 states.

IoT in the Workforce

Perhaps on of the most controversial conversation around employee monitoring is around connected devices, such as wearables. These items can be capturing data that is extremely personal to the employee, much of which would be considered protected health information (PHI), including things such as heart rate, miles walked, calories consumed and more. Mobile phones that are provided by the company could easily contain apps that would record the information. If you’ve installed keystroke logging on these phones, are you capturing more personal information than you intended?

While you may feel as though you can list the key legal concerns with employee monitoring, the best course of action is to engage an attorney to ensure that you are staying clear of any legal implications of your actions. This is especially true before you take action based on your monitoring findings, such as a formal employee write-up or termination. While triggers can be written to turn monitoring into an effective tool to ward off data loss, there are still plenty of pitfalls to consider before creating a widespread online activity monitoring program.

Skip to content