Many apologies for missing last Friday’s “fun links.”  I was stuffing my face with birthday cake, but now I’m back older and wiser!  Without further ado…

We have several accomplished athletes in the office, but none that could pull off this amazing catch!  It’s the best example of homerun thievery I’ve ever seen.  $10 says his teammates now call him Spiderman. 

Speaking of dollars, here’s a hilarious website that allows you to generate online ransom notes.  After a week of cat-sitting, I sent one to my mother-in-law and she showed up at “an undisclosed location” with a bottle of wine and two bags of peanut M&M’s.  Pinot Noir and chocolate for a cat… I’ll make that trade any day!

Five Books is a really neat website that asks popular authors for their five recommendations of other books within their genre.  The website goes by the slogan, “The Best Five Books on Everything” and you can literally sift through hundreds of intriguing topics.  From “chick lit,” to classical music, to historical fiction, there’s something for everybody!

When I was eight, I won an Apple 2C Plus in a coloring contest.  My favorite thing to do on that archaic machine was to play Oregon Trail.  Who didn’t love that game?  The guys from Half Day Today! whet our appetites with a faux movie trailer for the beloved computer classic. 

Have a great weekend!

We’ve had some crazy weather in Minnesota lately.  If it’s not beastly humid, we have flash floods closing down streets left and right.  Imagine our surprise when we came to work Friday morning to witness a large swimming pool inhabiting most of our parking lot.  Some RJS’ers seized the opportunity to have an impromptu pool party…

Jordan and crew enjoying morning coffee in Lake RJS.

Cathy gets a “kick” out of all the water.

The U.S.S. RJS takes her maiden voyage.

Microsoft just released a new series of patches that close 34 security holes in Windows, Internet Explorer, Microsoft Office, Silverlight, Microsoft XML Core Services and Server Message Block.

Microsoft labeled eight of the fourteen bulletins as “critical” and the remaining six are “important.”  These updates close remote execution holes in the above listed products and should be applied sooner than later.  To date, there is no evidence that any of the security holes are currently being exploited, but with all things security, it is just a matter of time before it happens.  The sooner you patch, the better!

The bulletins for August 2010 can be found here:  http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx

Adobe has also release a critical update to Flash Player. 

When installing anything from Adobe, always be patient and allow the page to fully load before clicking on the “I agree” button, as the added freebie of the month that Adobe is promoting will be installed.  Adobe has these freebies checked to install by default, so be sure to uncheck the box prior to installing the Adobe product.  You may need to refresh the page to view the freebie they’re offering.

The latest version of Flash Player can be found here:  http://get.adobe.com/flashplayer.

.

On Monday, we took a look at how a basic data capture process could automate your accounts payable process.  Today we will look at an advanced approach for more complex AP departments. 

Advanced data capture
What really makes AP processing challenging for larger companies is the quantity and variety of invoices that must be processed. If you receive invoices from 50 different vendors, you will likely get 50 different invoice designs with key data fields located in 50 different spots. You can imagine the data entry nightmare that creates.

There are a variety of solutions in the marketplace that can almost fully automated data entry and image capture process. RJS offers two:

FastDoc – FastDoc dynamically identifies each scanned document based on a template found in its “fingerprint” database. When a document is first entered into the system, it is assigned a template or fingerprint that the software recognizes each time a new document is scanned. This allows the software to automatically extract data from the mapped fields and enter that data into your business applications and/or document management system. The only manual intervention required is the initial key verification for the batch. Once verified, the indexing process is automated.

Taskmaster – This solution takes automated scanning to a new level of sophistication. Taskmaster differs from FastDoc in its ability to add business logic and processing rules to scanning document batches. The software automatically recognizes documents that have been processed in the past, applies the template fingerprints automatically and extracts and enters that data into business systems like FastDoc. Where it differs is that it doesn’t require any manual intervention unless a business rule that is configured for that template is violated.  Taskmaster also automates the extraction of line item detail from documents such as AP invoices, making it a truly unique solution.

Workflow and storage
Once you’ve captured, indexed and entered invoice information into your business systems, it’s time to move the documents through your AP process so checks can be cut and vendors can get paid. It’s also critical to have some place to digitally store and later easily find all those files once the process is complete.

The best way to move documents through simple workflows is by using basic routing tools like those found in WebDocs. Simple linear workflows can be created to move documents from one queue to the next where an approval, rejection or some other action can take place. A move advanced method of moving work through an AP process would be using a business process management solution like Enterprise Workflow.

Enterprise Workflow allows users to create simple or complex workflows across multiple departments. It utilizes advanced business rules to allow for various approval stages, three-way matching and more. It also provides instant visibility to where documents are in a process, and creates audit trails of all work for compliance purposes.

As you can see, automating AP processing is a tricky task. However, if you employ tools like advanced data capture, document management and routing tools, you can significantly enhance the speed and efficiency of a key business process and reap a variety of cost-saving benefits. If you’d like to learn more about how your company can improve the bottom line by automating AP workflow, give us a jingle!

Went yesterday morning to our offsite data center to install additional disk drives into an IBM iSeries server we use for offsite data replication for a customer. 

Ironically, as we start installing the 4 new drives into the IBM box, I notice that two of the servers in the same rack have a dead drive each.

I was handed a laptop last night with a dead drive as well. 

4 new drives and 3 dead ones in my hands….

So where’s the 4th dead drive going to turn up to restore balance to the universe?

Mental note: check on backups.  I know that 4th drive is around here somewhere!

Where’s my laptop??!!

.

Last week, Sophos published its 2010 Mid-Year Security Threat Report.  Sophos partnered the announcement with a webinar presentation of the report that was fantastically informative, yet quite scary.   

One of the central themes of the report that we found particularly fascinating was the question of nations being allowed to spy by hacking and installing malware on networks of foreign companies.  56% of those surveyed felt it was okay to attack foreign networks in hopes of disrupting communications and economies during wartime.   

As Sophos wiz, Graham Cluley wrote on his blog…

“In the early days, virus-writing was a hobbyist activity – largely confined to young men in their back bedrooms with too much time on their hands and not enough Vitamin D. More recently many of us have lived with the scourge of financially-motivated malware, designed to steal information and money from its victims.

The money motive isn’t going to disappear anytime soon. But I do believe that more evidence is emerging of people using malware and hacking for economic, political and even military ends.

We highly recommend taking a peak at the threat report.  It also contains some great information on various forms of malware that is hitting social networks are a record pace.  Cybercrime is changing… arm yourself with the knowledge to stay one step ahead of the game.  To download the report, click here.

.

Efficiently managing the processing of Accounts Payable documents is often one of the biggest challenges a business can face. Not only do vendor invoices come in via a variety of methods, including paper, fax and email, but invoices vary in design, layout and content, which makes processing them quickly and routing them efficiently though a workflow a tremendous burden.

Fortunately, there are solutions that incorporate intelligent scanning technology, workflow routing and document management software which can almost entirely automate invoice processing. This is important because when AP documents are processed accurately and quickly, payments are made on time, discounts are received, customer service is enhanced, and cash flow and working capital are improved.

Basic data capture

When talking about automating AP processing, what we’re really talking about is digitizing paper documents, indexing the information contained in those documents and getting that information into accounting systems and document management applications so those invoices can be processed, paid and securely stored for future access.

Digitizing documents is as simple as scanning, right? Not really. Scanning only captures the document in its electronic form. Data still needs to be extracted from those documents and entered into business systems. It seems somewhat prehistoric, but many businesses still do this manually by double entering the data. Once the data is keyed into the company’s financial application, it’s entered again in a document management system. Errors are almost unavoidable, and, for companies with large volumes of invoices, the process can be almost glacially slow.

“Integrated Scanning” partially solves this problem and works well for companies that process smaller batches of invoices from just a few vendors. The idea behind integrated scanning is that once a document is digitized, the values only need to be keyed in once. A clerk enters the information into their financial application and the keys are “passed” into a document management system as part of an integration tool.

RJS Software Systems provides an excellent tool for this with our Scan Workstation software. Combined with our WebDocs document management system, it provides a great basic AP automation solution. Not only does it integrate directly into key business applications, but it also allows for linear routing to expedite workflow and provides secure document storage and advanced document search capabilities.

However, if your company is larger and has a more complex AP process with dozens of vendors and invoice types, we’d recommend a solution with intelligent data capture that includes automated data-entry, document matching capabilities and advanced workflow routing.

On Wednesday, we’ll look at advanced data capture for more sophisticated AP processes, as well as our method to automate your workflow…

Or do they?

The bad guys have the luxury of a lot of time on their hands to run tools against an operating system or program of their choosing to find something they can exploit.  

The security industry for the most part does not enjoy the luxury of time. It’s largely reactionary by nature, it’s almost a wait and see what happens affair.  When a malware attack pops up, much akin to a zombie horror movie, it’s a frenzied rush to close the hole in the defenses before the nasties come pouring through.  Everyone attempts to be proactive, but in the end, the best laid plans very rarely survive first encounter with the enemy, never the less, we still plan and prepare. 

The best approach is to do your best to secure your perimeter and use the best tools available to you.  The bad guys may be one step ahead, but there is one asset you own that trumps anything they might bring to the table.  Try and guess what it is? 

Last year I went onsite to a company that called us out of the blue who had been hit really hard by a virus their current AV solution and IT staff was helpless against.  I was the 12th call they placed, the previous 11 had come and gone and failed to figure out what was going on.  In fact, 30 minutes after I had arrived on site, a young man from Geek Squad walked in; the customer was that desperate to figure out what was going on.

One of their staff handed me a flash drive to examine, Sophos identified the two viruses it contained, one was an auto-run based infector and the second was hiding inside the recycle bin (which their AV solution was actively ignoring).

My first plan of action in these massive outbreak situations is to build a clean server for the customer isolated from their infected network and install the 30-day trial of Sophos Enterprise Console and Control.

In this particular situation, we were just another nobody to enter the office with a whole slew of ideas that were likely to fail in the customer’s eyes, they had seen it with the previous 11 contestants, so there was very little in the way of trust other than the fact that my laptop was the only device that had found both of the infectors on the flash drive.  The poor guy from Geek Squad openly admitted this was all way over his head as he ran a few of the utilities he had on his stack of CDs. Fortunately the customer was willing to try what I had suggested regarding setting up a clean server. 

Once the server was finished we connected it to the network and pushed out the endpoint client.  On this particular call, we were able to retake ground fairly quickly once the console was deployed and some 12 hours later, we were mopping up the final remnants of the outbreak at this location. 

Then came the hard part, this company had a warehouse a state away that was where the infection was first introduced.  We packed up the car and made the road trip to the remote location and setup shop for what I thought was only going to be an 8-hour trip.  Much like the intrepid adventurers from Gilligan’s Island, it turned very ugly, very quickly.  First of all, despite the victories at the corporate headquarters, trust was still an issue with the customer, this location was a 24/7 shipping shop and they were unwilling to close down the connection to the outside world as they still had requirements to ship.  I started out by cataloging all PC locations and setup a default admin password.

Then the Trojan warriors leapt out and started attacking. 

We noticed 3 new viruses had been introduced to the mix to combat our remote deployment, one of these had a bit torrent client built into it that was causing major network congestion to the point that remote deployment was no longer an option.  We circled the wagons and took a more hands-on approach and paid each workstation a personal visit and installed the initial remedy via flash drive. 

The very next day a new virus shows up that immediately infects the endpoint installation files as we copied them to the desktop, a nasty bug called ‘Virut.’   This forced us to use the one advantage we had over our enemy; physical control of the hardware.   Workstations were removed from the LAN, booted from a BartPE CD and Virut was removed using Sophos from the boot disk.  Once Virut was gone, we were safe to continue copying the installer to the desktop and manually installed the endpoint.  Once the workstation was deemed clean, it was then re-added to the LAN and employees could pick up right where they left off.

It was at this point that it became quite apparent that the new strains of viruses that we were encountering were a result of direct human intervention, and my first gut instinct of shutting down external access had been the right one.  Finally with the evidence on the table, the customer allowed us to cut external access to prevent any further incursions until everything was clean.  The tables were turned and we had played our trump card.  No matter what they threw at us, we had the upper hand all long.

It’s good to have the upper hand.

As many of you know, RJS Software Systems is a platinum partner with Sophos. What this means is we sell a lot of Sophos products, namely the endpoint security solutions.

Over the course of the past two years I’ve come up with a very down-and-dirty approach to demoing the Sophos Enterprise Console and endpoint component from a raw performance approach that seals the deal with the technical participants (the folks that tell the folks holding the checkbook what to buy).

My portion of the demo is usually very technical with specific focus on the working features of the Sophos products and the end-user experience. The selling point for me personally is that unlike other network security products, Sophos is not a process memory hog and does not bog down a computer so it interferes with the end-user’s productivity.

To highlight this point, I usually start off my demo talking briefly about the physical stats of my desktop PC: a 3 Ghz Pentium 4 with 2 GB of RAM – a system that is definitely past its prime. I pop open task manager to take a look at the current running processes and point out the current memory size of SAVSERVICE.EXE running in its on-access state for later comparison to a full-blown Sophos system scan.

I switch back and forth periodically to the CPU performance tab so the participants can see what is happening with the CPU demand. Once we establish the base statistics, I open up the scan options, show everyone the settings and fire off a full system scan. Now keep in mind, I’m hosting a web meeting via GoToMeeting on my screen and have music playing on Windows Media Player, emails open with Outlook 2007, three or four Internet Explorer and/or FireFox browser sessions, a green screen or two for our iSeries servers and a remote desktop session to our Sophos Enterprise Console server all running in the background. This is pretty much the same state I normally work in when I’m not running live demos for customers. It’s not horribly taxing but still a good mix of applications all running concurrently.

This is where the full Sophos system scan begins. We first see the process memory size and CPU demands spike for a second or two as I switch applications, but then those resource demands normalize. I leave these up in the background and continue with the demo of the Enterprise Console features while the scan runs,  switching back periodically to check out the CPU tab for its current demand and look at the process footprint. This is a subtle and powerful message for the tech savvy participants as they’re seeing first hand a full system scan with the Sophos Endpoint Security engine and that it’s having nearly zero impact on the running demo.

“Tech” definitely sells.

.

We’re kicking off August with a webinar and tradeshow appearance this week… click on the links for more information!

August 4th – 6th: Catch us on the exhibit floor or on the links at the Minnesota Medical Group Management Association (MMGMA) Conference in Alexandria, Minnesota. Our Security Sales Engineer, Adam, will be showcasing our Sophos security suite that offers maximum network protection for the healthcare industry.

August 5th (11am CST): Looking for a nifty software application that allows you to capture and apply digital signatures to virtually any business document?  Attend our SignHere Digital Signature Capture Webinar and learn how your organization can go paperless while attaching digital signatures to invoices, bills of lading, HR records and other documents generated from your ERP system, IBM i spool files, Windows applications and more.