You’ve come up with a great idea for a software that can prove to be very beneficial to your business, but now what? What steps do you take to turn this idea into reality? What kind of information do software development companies look for? These are all very common concerns. The first step is mapping out a scope and putting it on paper. We have complied a list of questions that will further help you develop your idea and put you at a great start with your software development company.

First they’ll want to know a little bit of background about your business and get to the root for the need of this software.

1. What is your business about?
2. What are some of the challenges you are looking to address with this software?
3. What are some goals you want to achieve with this software?

Then they’ll want to get a little more into the processes and functionality of the software.

1. What will be the main functions? (It is extremely helpful to already have an idea of any specific workflows and use cases.)
2. Who will use this software? How many different types of user roles will there be?
3. Will there be any permission or data restrictions based on roles? For example maybe only an admin will have access to all data, but another role will have limited access.
4. Please describe how each user role will use the system.

And yes, sometimes they will have to get a bit technical.

1. Do you have a preferred programming language?
2. Would you like traditional hosting service or cloud hosting service?
3. Do you have a preference for hosting provider?
4. How many users do you expect?
5. Will the software deal with any confidential information?

Some of these questions can be intimidating. Don’t stress if you do not have the answer to all of them. It is definitely nice to have, but the right software company will work with you every step of the way to fill in the gaps. Take a peek at our complimentary consultation package and see how SunNet Solutions can help you turn your idea into reality!

What would you like SunNet Solutions to build for your business?

Submit a request at the left hand side of this page to get started today.
Contact us if you have any questions.

According a report from The Standish Group Chaos Report, only 29% of IT projects are successfully implemented. While the success rate of such projects seems daunting, embarking on a custom software project does not have to be scary and stressful. Having a mature creation process in place is an effective way to minimize the risk of failure. Furthermore, properly communicating this process to all parties involved in the project will put you at a great advantage. The right software vendor will be able to guide you and your team through the steps and expectations of the project cycle.

Here are a few steps we go through with our clients in many projects. By following this process, 98% of our projects are completed on time and within the budget.

1 We want to know your business

The beautiful aspect of custom software is that there is no need for your business to adapt to an existing application. Rather, the application tailor completely to your business needs. In order for us to make this happen, we seek to understand your business. What are the current processes? What are your areas of need? What works well? What is structure of your business? Understanding your business, especially the critical goals, will ensure you receive the best solution for your business.

2 Define the project scope

When software application designers understand your business inside-out, they will be able to work with you to design your desired application, making sure each function addresses any need or any weakness previously discussed. During this step, designers will seek to understand how you envision this application working. Not having of a concrete idea is not unusual. With the knowledge learned from step one, designers will be able to provide recommendations and options when defining the project work scope.

3 Provide mock ups and prototypes

A picture is often worth a thousand words. After a software application designer has defined all functions and has had the scope fleshed out, they will draw a mock up and prototypes. These allow you to get a good idea of the look and feel of the application. The prototypes even simulate the application functions to ensure the software development team have correctly captured the proper work flow. SunNet use this as a precaution before development in order to ensure our understanding is aligned with your business needs. In addition, clients can use this step to see improvements from their initial design.

4 Let’s start cooking

Once all the ingredients of the recipe have been defined, it is time to begin the application’s implementation. Depending on the project size, your software vendor may split the project into several milestones. SunNet strongly recommends this practice. Since 2008, when SunNet began to adopt and enhance the Agile development process, releasing projects to clients in several small deliverables. This allows clients the opportunity to not only review the progress, but also ensure the development is headed in the right direction and business needs are being met. Miscommunication can happen and it is better to catch them at an early stage as opposed to the end when a project is finalized.

5 Take it for a spin

Upon completion, the finalized project is released to clients for what we call the User Acceptance Testing (UAT) phase. During this phase, you as client will have the opportunity to review the application before signing off. If all looks good, the application will be set to go live.

Mistakes and miscommunication happen. That’s why it is always important to always have a process in place not only to prevent them from happening, but to minimize the harms in the event it does happen. The right project process leads to the best outcome, but is prepared for the worst.

What would you like SunNet Solutions to build for your business?

Submit a request at the left hand side of this page to get started today.
Contact us if you have any questions.

Cyber attacks are on the rise. According to the BDO Cyber Governance Survey, attacks grew significantly in 2018. How significantly? Ransomware attacks grew by 350% while spoofing attacks went up 250%.

It isn’t just the increase in attacks that’s a concern. It’s also what these attacks can cost a business. Reports from just this year show cyber attacks can cost companies an average of $1.67M, per attack.

Furthermore, breaches disrupt regular business operations and may even require additional resources time to address and resolve the vulnerabilities. An attack can negatively impact your reputation and erode the trust your customers have placed in you.

Worse yet, a breach may only show you a single vulnerability in your application. There may be more yet to be discovered.

As with many things, an ounce of prevention is worth a pound of cure. An application security scan can identify where potential vulnerabilities exist in your web application. If you’re unfamiliar with the kinds of attacks your business may be facing, it’s time to understand the threats that are out there and what they could mean to your business.

Cross-Site Scripting (XXS)

Savvy technology users know to avoid suspicious sites. But trusted sites can also be a problem. With Cross-site scripting, hackers place – or “inject” – malicious scripts into trusted websites. The scripts then run in the browser of a site visitor and can access cookies, session tokens, and other sensitive information that a user might have saved for that website.

Cross-Site Request Forgery (CSRF)

A Cross-Site Request Forgery – also known as a CSRF or XSRF – harms both the business and the user. The attack typically comes via social engineering, such as in an email, that appears legitimately from the business and gives the user a link to click. Because the user logs in to the site, the forged server request can end up creating unauthorized bank transfers, can change passwords, and even steal session cookies.

Information Disclosure

Companies who have not created a custom error page for their website may be giving away more information than they intend. The default error page may report the application code as part of the error, allowing hackers to dig into the application for vulnerabilities.

SSL Protocol Version

Secure Socket Layer, or SSL, protocols are meant to help secure applications. But using an old or outdated version can leave you open to man-in-the-middle attacks. Companies should always be using the newest SSL versions and should disable SSLv3 services.

Secure Cookie Usage

Any cookies your site uses should be secure and HTTPOnly. Without this, cookies can be hijacked and copied, allowing attackers to steal the information stored in the cookie and impersonate the user on the site. Hackers can also access the information stored in the cookie if it isn’t encrypted and use that information in a number of ways.

Sensitive Fields and Autocomplete

Filling out forms on the web and in apps can be tedious, especially on smaller devices. Using auto-complete is common, but when it’s used on fields with sensitive information – like on login pages – existing data can be shown to the end user.

Clickjacking Vulnerability

Clickjacking is a particularly insidious attack. It tricks a user into thinking that they are clicking on something useful, when in reality they may be leaking confidential information to attackers. This threat can also be used to take control of the user’s computer.

Database Security

When using a database for your applications, companies should observe security best practices for database access and logins. Far too many businesses, however, still rely on the SA or root accounts for the database, or simply don’t disable these accounts. This can leave your data open to attackers who use these powerful accounts to gain access and steal information.

Web.config Encryption and Decryption

Your web.config file is just that – a file that shows the configuration of your web server, including web application paths and database access. This file should always be encrypted to prevent hackers from exploiting the information and stealing data – like customer information – or taking down your entire site.

File Upload Vulnerabilities

Allowing a file upload capability in your applications may be a nice or even a necessary feature. Without restrictions on what can be uploaded, however, attackers can add any kind of file to the receiving system, including an executable (exe) file. Once done, this file can install a virus or copy your data.

Website Path and Build Hygiene Issues

Building a web application can be a hectic time, with testing and go-live deadlines. However, it’s important to follow best practices during development to prevent vulnerabilities. When backup files and data is left in public web folders, anyone can access the information. With a copy of your backups, a hacker can take their time finding and testing vulnerabilities.

The best way to prevent becoming a victim of these attacks is by regularly scanning to see what vulnerabilities exist in your applications. An application scan will not only identify vulnerabilities but also give your IT vendor a place to start to secure your applications. For a free security scan of your applications, contact SunNet today.

What would you like SunNet Solutions to build for your business?

Submit a request at the left hand side of this page to get started today.
Contact us if you have any questions.

Many businesses believe that once their application is developed and deployed, it only needs to be touched if they desire new features. This view, however, doesn’t take into account the many facets of application maintenance, and how it can help improve the user experience or even prevent a data breach.

The world of technology is rapidly changing. So even if your application doesn’t need new features, it may still need changes and updates to keep it current, working well, and secure.

Why Applications Need Maintenance

Application maintenance is about fixing issues with your application. But the reasons to have an application reviewed and updated go beyond bug fixes.

Today’s users are incredibly technically savvy. Many people have grown up as digital natives – individuals who don’t remember a time when they didn’t have access to the internet, a tablet, or a smartphone. Because of this, applications need to stay current with the features that users – even users internal to your business – expect to ensure the best experience when using the application.

While we have pointed out that bug fixes aren’t the only reason for maintenance, they are still an important reason. Correcting issues that may keep your application from functioning properly or prevent your users from completing tasks is a critical reason your application may need to be reviewed and updated.

Going hand in hand with corrective work on your application is preventative maintenance. Various preventative activities – from database cleanup to security scans – can prevent costly downtime, protect important data, and increase the effectiveness of your application.

Lastly, improving your application for usability, maintainability, and performance is important. A new look or user flow may improve the application while increasing the performance and speed could mean better ROI on your application. Additionally, periodically the languages and framework that applications are built on are updated. By having your application updated to the newest version, you may increase performance and security all at once.

Do I Need Application Maintenance?

The reality is, every application, no matter how simple or complex, will eventually need some maintenance.

Basic websites with simplistic functionality may seem immune to needing a tune-up, but when web server software moves to a new version or security holes are discovered, even the most feature limited site will need review and updating.

For more advanced websites and applications, including mobile apps, it’s critical to ensure that the site is meeting your users’ needs with features and functionality, that bug fixes are implemented and tested completely, and that the application is secure. Performance is especially important for web and mobile applications. For instance, studies have shown that mobile users will abandon a site that takes more than 3 seconds to load.

For internal business applications, regular review and maintenance can mean the difference between team efficiencies and significant downtime. Databases with old or unused data can slow down queries and reports, while security issues could result in breaches, malware, or ransomware attacks on vulnerable systems.

Even when your application is running well, it should never be assumed it is immune to needing some sort of maintenance plan in place. No matter the complexity of your application, application maintenance will keep your users happy, your systems running smoothly, and your data secure. Feel free to contact us to learn more about the different types of maintenance tasks and which best cover your application.

What would you like SunNet Solutions to build for your business?

Submit a request at the left hand side of this page to get started today.
Contact us if you have any questions.

The intent of the internet was to democratize information, making news, data, and vast amounts of knowledge available to everyone, everywhere.

For the most part, the spirit of that intent was achieved. People across the globe have access to books, art, and information in an amount never before experienced in human history. Unfortunately, the early days of the web didn’t plan well for certain potential user groups – namely those with disabilities.

Movement toward a more accessible web experience is being made, though. Websites for governmental agencies and business that work with the government are required to be compliant with ADA guidelines for the web thanks to Section 508 of the Rehabilitation Act.

While there are currently no specific guidelines or set requirements for other commercial business, it’s clear that the Department of Justice and many courts in the United States see it as the responsibility of a business to make their site usable by the one in four people identified as disabled.

With an average of more than three lawsuits a day related to ADA compliance being filed, companies need to start taking the accessibility of their websites seriously, even if they don’t fall under the Section 508 compliance rules.

What is an Accessibility Scan?

Having your websites and applications scanned is nothing new. Companies regularly have their sites checked by professionals for functionality and security. But an accessibility scan may be something new to you.

An accessibility scan checks your website for adherence to the most commonly defined and acknowledged standards that make a site usable for visitors with disabilities. Currently, there are no minimum guidelines set for what a website must have to be considered accessible. However, the World Wide Web Consortium’s (W3C) Web Content Accessibility Guidelines (WCAG) are widely accepted as the bar that sites should strive for.

There are a number of automated scanners available for organizations that want to get a handle on the amount of work their site might need. Like most scanning and testing, though, automated scanners can only do so much. Most automated scanners will also only tell you what is wrong, not what needs to be fixed or how to do it.

There is a much wider audience with disabilities looking to use the web than companies realize, and with the increasing threat of lawsuits, organizations should consider taking the step beyond a simple automated scan.

A comprehensive scan involves both automated and manual review of a website, as well as a thorough understanding and actionable list of items that must be changed to meet the WCAG standards. While a full scan might seem overwhelming, the result is a prioritized list that can be worked on over time, showing progress and a commitment toward greater accessibility.

Having a web presence that is informative and easy to use is crucial in today’s digital-first world. But it’s important to consider your potential audience – including those who may have alternative needs and means of accessing the web. Knowing what adjustments to make – thanks to a comprehensive accessibility scan – simplifies the process of updating your site to include everyone.

Looking to validate – or update – your site to improve its accessibility? SunNet offers free consultations so you’ll understand exactly what a complete accessibility scan will mean for your organization.

What would you like SunNet Solutions to build for your business?

Submit a request at the left hand side of this page to get started today.
Contact us if you have any questions.