Posted by: Charles Maitland | Tuesday 8 February, 2011

Cover from view is NOT Cover from Fire

Why Role Based Forms Are NOT a Security Feature

After a hectic week in my new job I was wondering what would be a good post topic when the excellent @ccellar tweeted the following:

Keep in mind: Role-Based Forms are not a security feature. They are a tool to create a better User Experience

I was intrigued so I asked why and got the glaringly obvious answer back:

they don’t restrict access to the data. Think of the sdk, views or excel

It is so clear when someone says it but it is an important reminder that the UI is NOT a definitive guide to security.

The reference in the title is to my Police firearms training. You can have cover from view where the bad guy can’t see you or cover from fire where even if they shoot at you your cover will stop the round. Very different things!

This was a lesson that we took for granted in V4 when things like Field Level Security usually involved cunning JavaScript hacks. It was instinctive to know, and educate users, that this was ONLY a UI feature and that the underlying data was still visible but this is a clear reminder that even with all the underlying security features that we now have available we still need to remember the difference between what the user can see and what they have access to.

Advertisements
Posted by: Charles Maitland | Monday 31 January, 2011

Moving back to my roots.

Well today was my last working day at Vodafone and on the 1st of Feb 2011 I will be joining ConsultCRM as a Pre-Sales Consultant.

So why ConsultCRM?

Ever since the re-organisation at Vodafone-Aspective (more on that below) I have been chatting with other Microsoft Partners, both formally and more frequently informally. Quite apart from finding out if they had any openings and if they even liked me I was trying to get a feeling of how they were gearing up for the MSCRM 2011 release and the massive changes to the traditional business model for Microsoft Partners that was about to start.

Once I had got over the first 2 questions (frequently No on one or both counts Smile ) I was astonished at the number who hadn’t really, IMHO, got how the changes were going to impact on their business model. I even had one practice director tell me “We don’t see the 2011 release changing much. Companies will still need our services and online will be fine for the small end of the market but not our clients!”. Sorry, wrong answer!

When I spoke to ConsultCRM, it was immediately apparent that they had not only thought about the impact of having MSCRM online, the App store and the wealth of opportunities Dynamics CRM 2011 offers but they were also actively taking steps to take advantage of the new world of opportunities. They didn’t have every answer but it was clear from the conversations that they had considered the questions in some depth and were willing to flex to meet an unfolding market.

So why the move?

As many in the UK Dynamics CRM world know Vodafone bought a company called Aspective who were leaders in the CRM and Field Service Management fields. After the purchase Aspective went on to win the Global Dynamics Partner of the year award in 2009 and had built up one of the best teams in the UK.

Unfortunately, Vodafone, despite their global size, was not immune from the fiscal stress that every organisation has faced and needed to rationalise their operations. The result was a significant number of redundancies which included a number of very good people and this resulted in the dilution of a number of very strong teams. Don’t get me wrong, I understand what Vodafone did and why they did it but it was a very bleak time.

As part of this upheaval I transitioned into the Pre-Sales team in Vodafone who specialise in their secure connectivity and managed services portfolio. In this I was very fortunate to land in a very professional team who accepted a strange Microsoft Enterprise Applications geek and did everything they could to induct me into the world of mobile security, BES and smartphone security. However, my heart was still with MSCRM and as I learnt more about what was coming in 2011 and I played with the CTP builds I realised that I had to make the choice between the Vodafone world and the Microsoft World. I decided that the Microsoft CRM 2011 world was where my heart lay.

Conclusion

I would like to state on record my thanks to the Vodafone Pre-Sales team for all their support, assistance, training and understanding. It was a very informative and fun time.

I cant wait to being a productive contributor to ConsultCRM and the MSCRM world and not just a follower from the side-lines.

Here’s to a great 2011 and beyond.

Charlie

Posted by: Charles Maitland | Tuesday 23 November, 2010

Windows Home Server may just have shot itself, terminally

It was just announced on the Windows Home Server Blog that the next version of this software will not include the technology called “Drive Extender”. This was the key and unique feature of Windows Home Server that allowed users to add hard discs to their server, either internally or via USB.

The beauty of this solution was that users can add any drive and Windows would add it to the array of drives and use it to ensure that data was spread across as may physical drives as practicable.

This meant that you could have a 500Gb internal drive and, as I have, 2 external drives of 250Gb and the data storage and replication would just work.

So this new announcement means that all that technology is being ditched and Microsoft are going back to RAID technology.

Now the key thing about RAID in this type of environment is that it is NOT a consumer friendly environment. In fact the Windows Home Server Team went out of their way to say so here http://blogs.technet.com/b/homeserver/archive/2008/08/11/why-raid-is-not-a-consumer-technology.aspx

So let me dissect what I think this announcement says. NB Emphasis and comments are mine and mine alone:

When we first started designing Windows Home Sever code name “Vail” one of our initial focuses was to continue to provide effortless support for multiple internal and external hard drives. Drive Extender provided the ability to take the small hard drives many small businesses and households may have acquired, and pool them together in a simple volume.

In other words any old drive from any old supplier would work to extend the capability of the server.

During our current testing period for our Windows Home Server code name “Vail” product, we have received feedback from partners and customers about how they use storage today and how they plan to use it moving forward. Today large hard drives of over 1TB are reasonably priced, and freely available.

Again from any old supplier with no margin to the WHS supplier.

We are also seeing further expansion of hard drive sizes at a fast rate, where 2Tb drives and more are becoming easy accessible to small businesses. 

And this is relevant how?

Since customers looking to buy Windows Home Server solutons from OEM’s will now have the ability to include larger drives, this will reduce the need for Drive Extender functionality.

Ah – So now we start to get to the hub of the matter. OEM’s can supply the drives.

When weighing up the future direction storage in the consumer and SMB market, the team felt the Drive Extender technology was not meeting our customer needs.

Strange- every comment and review I have ever read says it is exactly meeting users needs.

Therefore, moving forward we have decided to remove the Drive Extender technology from Windows Home Server Code Name “Vail” (and Windows Small Business Server 2011 Essentials and Windows Storage Server 2008 R2 Essentials) which are currently in beta.

While this removes the integrated ability for storage pooling of multiple hard drives and automated data duplication, we are continuing to work closely with our OEM partners to implement storage management and protection solutions, as well as other software solutions.

And here we have the final confession. This is designed to meet the needs of the OEM’s. Now they can ship their WHS boxes as well as their after market “approved” solutions. Now can you guess where the margin is?

This will provide customers greater choice

So greater choice is now the OEM way as opposed to the old way where I could choose what  disc. Sorry what is your definition of choice?

as well as a seamless experience that will meet their storage needs.

As in the seamless way that Disc Extender offered?

Customers will also have access to the in-built storage solutions Windows Server 2008 R2 provides for data protection.

As we always had, but now we have to use the “approved approach”

We are also still delivering core features such as automated Server and PC backup, easy sharing of folders and files, Remote Web Access and simplified management without any expected changes.

Target product availability is still H1 2011, and we expect to deliver a new beta without drive extender for Windows Home Server Code Name “Vail” early in the New Year.

Posted by: Charles Maitland | Tuesday 9 February, 2010

Server Rooms The old and the new

I know I haven’t been updating recently but there has been loads of stuff going on in the background that I will be boring everyone to tears with soon.

Today I was in a super high tech data centre that also had loads of very complex looking mobile phone infrastructure in it. Loads of blinking lights.

One thing that struck me was that much like every server room or data centre there is ALWAYS some old decrepit piece of kit sitting in the corner. Server room

This rig had an electrical safety sticker marked 1992 on it!  

In fairness it had been moved out of the corner and made it to within 3 meters of the door so in another 5 years or so it may make it to the skip.

Posted by: Charles Maitland | Tuesday 2 February, 2010

Panorama and Microsoft Dynamics

It seems that Panorama are looking to move into the Microsoft Dynamics space for BI.

This Link is to a webinar that quote:

The RSC Group has recently formed a strategic alliance with Panorama Software, a market leader in Business Intelligence solutions. By integrating our solutions, you can now extend your Dynamics solutions to drive Corporate Performance Measurement with a true pervasive BI suite, leveraging Panorama & Microsoft technologies you already own.

Now I can see this playing out in the Dynamics CRM space but I would be VERY interested to see the reality of how they cope with the Dynamics NAV and GP space. My experience is that the ERP Dynamics world is a whole world of pain. That’s why true specialists like PrecisionPoint have come into play.

Posted by: Charles Maitland | Tuesday 2 February, 2010

BIDS Helper

Some time ago when I was more actively engaged in the BI space I was following the development by some very smart BI gurus of the BIDS Helper project.

http://bidshelper.codeplex.com/

Thanks to Vidas Matelis (@VidasM) I have re-discovered it and wow has it come a long way!

The only thing I wish it had, and which I was building till job changes shut the door, is a toolset for managing Users and their permissions. Maybe I can dig my old code out of the closet and resurrect it.

Posted by: Charles Maitland | Wednesday 20 January, 2010

MSCRM – Export – Edit – Import – Beware

Well Phil Richardson has departed back to his home shores.

In this post announcing his move he dropped into the final paragraph this statement:

Don’t use this feature. It’s really bad and bad things will happen to you, your CRM system and your family. It was removed from CRM 4.0 for a good reason (trust me – I was there – it’s really bad).

The link is to a post by Eyal Vardi where he shows how you can export data using the Excel export capabilities, edit it and then re-import it.

Now Phil does not elaborate on why he has such an aversion to this method but off the top of my head I can think of the following possible reasons:

  • De-Duping: If the MSCRM de-dupe engine kicks in then all manner of chaos could ensue.
  • Business rule violation.
  • Unexpected workflow triggering
  • Changes to ownership

These are just my first guesses as to the potential pitfalls. If you have some more then please add them in the comments.

So if you can accurately map ALL the consequences and are happy to fly by the seat of your pants then the technique may be of use otherwise look elsewhere.

Posted by: Charles Maitland | Monday 18 January, 2010

Workflow in .Net 4 – start your engines for MSCRM 5

I have started to look in more detail at the upcoming version of CRM Version 5. One of the feature that has been publicly announced is that it will support .NET 4.

I was therefore intrigued to read this post by Bruce Kyle on the high level workflow capabilities of workflow in .NET 4.

If this is the underlying engine for Microsoft CRM going forward then this is another example of how we need to be tooling ourselves and our organisations up in advance of the sea change that this release is going to unleash.

Posted by: Charles Maitland | Monday 18 January, 2010

Windows Live Skydrive in Windows 7 – To Mesh or Not to Mesh?

I was pointed to this post by Mike Plate on how you can access your Windows Live Skydrive directly from Windows 7 by Jamie Thomson.

I have tried it and I can confirm that it does indeed work for me.

Now I can really leverage this online space.

As an addition, because you can now map this as a drive you should also be able to use the new 2.1 version of SyncToy to keep folders online. N.B. I haven’t had a go at this yet as I am downloading and installing the new, and supposedly much better 2.1 version of SyncToy.

My remaining question is how does this all fit into the Mesh strategy? Seems like multiple teams in Microsoft are working in parallel again!

Posted by: Charles Maitland | Monday 18 January, 2010

Sorry for the delay

Ok – I know I should be posting more but a combination of Christmas, real life and working on stuff I cant talk about has taken my eye off the ball.

I hope that this post will mark the re-focusing of my attention.

« Newer Posts - Older Posts »

Categories