Take advantage of SharePoint Visio Services and other useful features of SharePoint 2010 hosting, SharePoint Foundation hosting or SharePoint Server 2010 – with shared or dedicated hosting by a SharePoint 2010 hosting provider.

Visio Services resolve the problems such as information overload. Visio Services help us by finding ways to share the complicated data with others through business diagramming. Visio Services provide network diagrams to display server farms and individual server health through colors of red when stopped and green when functioning normally. It also presents flow charts to view the representation of process flow as well as the ability to expose deeper information by drilling down into the details. Visio diagrams are connectable to a SharePoint list, Excel spreadsheet, or SQL Server database. Nonetheless, it cannot be used with SQL Server Analysis Services or Microsoft’s new PowerPivot. Visio Services can be used only when much of the data is already available. It only creates a diagram in Visio and connects it with the data. Visio Services allow you to take the data out of the table and create a visual image that has a much quicker and higher impact on the person consuming the information.

Features of Visio Services include the following:

o Ability to create multiple data sources on the same diagram
o Add web part
o Add Ribbon menu
o Shape templates easier to navigate
o Includes new containers to group shapes together
o Automatic refresh capability
o Custom data providers as .NET assemblies

So, for a quicker and higher visual impact, use SharePoint’s Visio Services!

It all started in March 2007 when i signed up for Globe Visibility after being launched a month back. At first it was awesome because there were probably a few of us at that time. The Connection was so fast, i downloaded every content i could think of and eventually forced me to buy 3 new external hard drives to store all of those files. Plus, the added convenience that you can log on to any Wiz Spot further added to my decision to avail of it.

But just like a marriage or courtship period, it has its honeymoon and stormy period. My connection problems started and gave me a head ache. They still billed me every month even if i cannot use their service. Every time i call a customer service rep, the replies are all the same. Number 1 is they are fixing something to improve the service. Man, it took them a very long time and i mean a very long time to figure it out. My guess is they did not anticipate that many people will avail of this product and the bandwidth allocation for this service diminished every time a new subscriber comes in.
I was getting hopeless. My projects and blogs were delayed.If not for the Unlimited WIZ access that comes with Visibility, i would have probably lost my mind. My expatriate friends have the same problems. we even joked about its name. Instead of being called Visibility, it should rather be Invisibility.

Moving on, in those agonizing months where i could not have a decent net connection, something happened. My connection was back to its usual speed and it was a welcome development. My sources told me that one of the reasons the problem persisted was due to the 3G signal and the cellular signals being bundled together. Because of this, both signals are stretched too thin because Makati ( the Philippines’ Central Business District) probably has one of the largest concentration of cellphone usage. My source further added that the turnaround that happened in February 2008 was due to the separation of those signals. Meaning 3G signals for internet connection got its own bandwidth while 3G signals for calls, text and value added services were also given their own.

After hearing her explanation, i felt relieved. But i could not figure out though why it took them 3/4 of a year to address this problem. Many precious hours wasted because of this. Well, I hope this wont happen again because i have plenty of stuff to write about. Globe’s mobile internet connection getting back on its feet and becoming visible again is truly a welcome development for us bloggers here in Philippines.

Firstly, you should check the security of the servers hosting the e-commerce site. A Web server needs to be hardened and securely maintained. For guidance, I recommend that you download the appropriate Security Configuration Guide from the U.S. National Security Agency Web site. The guides are free and cover most Web servers. You can also use the NIST (National Institute of Standards and Technology) Security Configuration Checklists Repository to find instructions and procedures on how to complete a secure configuration. The free Benchmark and Scoring Tools from the Center for Internet Security (CIS) also provides a quick and easy way to evaluate an e-commerce Web infrastructure and compare its level of security against minimum due-care security benchmarks.

Generally speaking, an e-commerce database needs to reside on a separate server, which also should be hardened and protected. Ensure that all database connections are secured and that the database table access control list is suitably configured for a publicly accessible database. Again, the CIS provides benchmarks and scoring tools for Oracle and SQL Server databases.

Once the servers are secure, check and review the security of the actual e-commerce application. The most common mistakes that make Web applications susceptible to attack are:
# Failing to constrain and validate input;
# Failing to encode output; and
# Trusting data retrieved from a database or cookie.

An application should be designed so that all data is assumed to be from an untrusted source. All data, whether it is supplied by customers or read from a cookie or database, needs to be validated for type, length, format and range. Any data that isn’t well-formed and correct should be rejected. Many applications sanitize input by filtering out known unsafe characters. This filtering, however, is not a best practice since malicious users can usually find an alternative means of bypassing the validation process. Instead, write applications to check for known secure, safe input. The validation needs to take place on a trusted server, not on the client. Only once this verification has taken place should data be passed on to your scripts and database.

When data is requested from a database, use parameterized queries and stored procedures to help prevent SQL injection attacks. To ensure that special HTML characters are displayed correctly, the data that is sent back to the client needs to be encoded. Web pages should set the correct character encoding. Finally, if an application does run into a problem, it should handle any errors without divulging system information to the user. Attackers can use overly verbose error messages to learn about the inner workings of an application.

Once you have ensured that your application correctly handles incoming and outgoing data, you should run a penetration test. By simulating an attack, you can evaluate whether the site has any potential vulnerabilities resulting from poor or improper system configuration, hardware or software flaws or weaknesses in the perimeter defenses protecting the site. There are several tools that can automate this task. I would also recommend that you read the Open Source Security Testing Methodology Manual. The guide provides a recognized methodology for performing security tests and measuring the results.

Source: searchsecurity.techtarget.com

CONTENTS OF THE GUIDE, INCLUDE:
* Introduction
o What is Mozilla
o Mozilla Philosophy (standards compliant, etc)
* General Cross Browser Coding Tips
o Browser Detection the Right Way (capabilities VS browser specific checks)
o Abstracting Out Browser Differences
* DHTML
o DOM Differences
+ document.all/global namespace VS document.getElementById
+ Document Fragments
+ Table of mappings from IE -> Standards/Mozilla (innerhtml)
o JavaScript Differences
+ getYear() VS getFullYear
+ execution – adding code to the end won’t mean everything else has completed – use onload handlers
+ window.open is async!
o CSS
+ Units matter
+ Image spacing
o Events
+ IE event model VS Netscape/W3C model
+ Table of mappings
* Rich Text Editing
o Differences between Designmode in IE and Mozilla
* XML
o whitespace differences in XML
+ nodeType == 3 for text nodes
o XML Data Islands
o XSLT
+ XSLT JS Interface
o XML Web Services
+ XMLHttpRequest
+ SOAP
+ WSDL (?)
* Quirks VS Standard Modes
o Doctypes
* Furthur reading
o Books
o Mozilla.org
o DevEdge

Read more: nexgenmedia.net

Organizations of all sizes use Web applications to deliver services and expand business processes. However, hackers are always searching for weaknesses within these online applications, as they can represent a gateway into valuable back-end databases. With the advent of Web 2.0 features, including blogs, wikis, RSS and other advanced Internet technologies, Web applications are powerful, complex and constantly changing, increasing the likelihood of new vulnerabilities within an application.

To help developers track down and find potential security holes, there are a host of tools available called Web application vulnerability scanners. Their aim is to automate and speed up a process that, when performed manually, is a long and painstaking one. By crawling through a Web site and injecting various attack scenarios, scanners compare an application’s responses against a database of security vulnerability signatures.

Despite their usefulness, Web application vulnerability scanners have not become a must-have for every development team, largely because of cost. Yet there are several good open source scanners available for free. In this tip, we’ll examine a few other reasons for the holdup in Web application vulnerability scanner adoption.

Continue reading here: searchsecurity.techtarget.com

Everyone in IT understands that there are disasters and then there are disasters. Regardless of the scale of any interruption in operations, disaster recovery plans generally comprise details describing how IT will accomplish the two most important tasks they will face in the event of a disaster: business continuity contingencies and the recovery of lost data. While being �down� and �disconnected� from the rest of the world can be financially devastating, losing the data upon which the business relies is equivalent to a monarch losing the crown jewels. Now that�s a disaster, no matter what the underlying cause.

Before Web 2.0 made its way onto the corporate stage, a backup � or two � kept us convinced that, should we lose data for some reason, we could always get it back and, more important, get it back in such a state that we�d have lost nothing more than time. With Web 2.0, however, that task has become a bit trickier. There�s more data, more often, that needs to be backed up and replicated, and only so many hours in the day (the dreaded maintenance window) in which we can accomplish this important task.

Read more here…f5.com

This document examines the architecture behind the early access version of the Adventure Builder Sample Application, which focuses on using the latest Java 2 Platform, Enterprise Edition (J2EE�) 1.4 technologies. For recommendations and guidelines on architecting and designing enterprise applications, see Designing Enterprise Applications With the J2EE Platform, Second Edition. For recommendations and guidelines on architecting and designing Web services, see Designing Web Services with the J2EE Platform.

The Adventure Builder application will consist of four application modules: a Web customer application, and three applications for fulfilling an order. This document covers only the Web application. It illustrates how Web-only developers can benefit from the J2EE technologies and demonstrates Web tier design strategies and patterns.

One interesting point to note is that the Web customer application is a Web-only application and does not have an Enterprise JavaBeans tier (EJB� tier). We chose a Web-centric design primarily so that we could provide guidelines for applications that do not have an EJB tier. Using the J2EE platform, a Web application can be designed in two ways: EJB-centric or Web-centric. The Java Pet Store Application illustrates how to write a Web application in an EJB-centric manner. It is an MVC-based application that makes a heavy use of local enterprise beans to implement the model and the controller. The Adventure Builder application illustrates the other option: how to write a Web application in a Web-centric manner. EJB technology is a key technology in the J2EE platform, but not all J2EE applications need to use it. A Web-only application is a valid J2EE application as well. Also note that other applications in the Adventure Builder enterprise, such as the order fulfillment application, follow an EJB-centric design and illustrate guidelines for applications using EJB technology.

Learn more: java.sun.com

“Attacks will become more sophisticated by combining several services in order to heighten infection ratios and decrease the detection rate, while providing more robust and scalable attack frameworks,” Yuval Ben-Itzhak, chief technology officer, Finjan, said in a news release. “The focus will be on trojan technology as it enables maximum flexibility in terms of command and control. This adds another potentially malicious element to the ‘legitimate’ web traffic that needs to be examined by security solutions.”

In short, before installing the app or widget that your friend sent you, confirm if it came from them. If it didn’t, kindly delete it immediately. If it did come from them, research on the app or widget from previous users.

Source

For quite some time now, i am using SE’s P1i. Performance wise, I am content with it’s QWERTY keypad and I’d say going back to a mobile phone that doesn’t have a QWERTY keypad is something I wont do. But ever since my brother brought an iPhone and spent a lot of time to play with it, my views shifted.

When i first tried it, it really took me quite some time to used to it. I made plenty of errors with the iPhone and is largely due to its predictive text input. The touchscreen pad is very small and it is very hard to hit it compared to the physical keypad of my P1i. The good thing about it though is you can fix it with just a software upgrade versus replacing hardware for the physical keypad.

The virtual keyboards advantage is that it disappears when you don’t need it, thus giving you more leeway to use iPhone screen. In most cases, if it conks out, upgrading the software always fixes the bugs.

On the other hand, physical keypad’s advantage is its perceptive feedback. You can feel the keys even without looking. Of course, its very useful when you are driving. You can actually type and send a message without looking at my P1i and that is something I can’t do with the iPhone.

I guess everyone agrees with me that the iPhone needs improvement especially wioth its tochscreen keypad. In hindsight, I think that virtual keys are the way of the future but somehow an iPhone with real keypads could be interesting too.

Interested in a quick checklist for testing a web application? The following 10 steps cover the most critical items that I have found important in making sure a web application is ready to be deployed. Depending on size, complexity, and corporate policies, modify the following steps to meet your specific testing needs.

Step 1 – Objectives
Make sure to establish your testing objectives up front and make sure they are measurable. It will make your life a lot easier by having written objectives that your whole team can understand and rally around. In addition to documenting your objectives, make sure your objectives are prioritized. Ask yourself questions like “What is most important: minimal defects or time-to-market?”

Here are two examples of how to determine priorities:

If you are building a medical web application that will assist in diagnosing illnesses, and someone could potentially die based on how correctly the application functions, you may want to make testing the correctness of the business functionality a higher priority than testing for navigational consistency throughout the application.

If you are testing an application that will be used to solicit external funding, you may want to put testing the aspects of the application that impact the visual appeal as the highest testing priority.

Your web application doesn’t have to be perfect; it just needs to meet your intended customer’s requirements and expectations.

Learn more: adminitrack.com