Thursday, August 13, 2009

What is AJAX? Does Microsoft do AJAX?

Ajax is “Asynchronous JavaScript and XML”. If you’ve ever used Microsoft Outlook Web (OWA), then you’ve used AJAX. Microsoft wrote OWA with hidden embedded web requests, so OWA could get and display new mail without refreshing the page all the time. Within a few years, everyone was doing this in several different ways. Microsoft was a pioneer, but AJAX is not Microsoft technology.

JavaScript (the modest little webpage scripting language) was one surprising ingredient. JavaScript was combined with something we got from Web Services: XML. That’s right-- Microsoft’s hidden browser function was combined with JavaScript and with some of the fast, light, network-ready data formats that we all learned from web services and SOAP, to create AJAX. Like magic, XML was being sent into web pages, “from behind”, to display data and reformat pages. The best part? It’s fast.

Atlas” was Microsoft’s first AJAX toolkit, released in 2007. When Microsoft renamed it to “AJAX toolkit 1.0”, many Microsoft developers were unhappy because they lost the cool name. But Microsoft knew what they were doing, because we’ve already been asked by clients why our AJAX is working, even though they never installed Microsoft AJAX on their
server!

Unfortunately, Microsoft AJAX toolkit is not yet a tool of common choice, and many Microsoft.NET programmers compare the AJAX toolkit to early versions of FrontPage(they assume it will get much better before being replaced with something else entirely). As of right now, Microsoft AJAX Toolkit doesn’t easily stand up to such libraries as Prototype, Dojo, Scriptaculous, and General Interface, in the same manner that Front Page (which has now been replaced by SharePoint Designer) didn’t survive well in the market against Adobe Dreamweaver.

Before MS AJAX arrived, these other toolkits were listing clients on their websites from Gucci to NASA to Apple to ESPN to Sony, and even Microsoft! Developers who use only Microsoft tools may say AJAX is slow, because Microsoft AJAX can be slow. AJAX tools are already far more sophisticated than Web Service tools ever became, and the simple truth is that good web programming now requires qualified, experienced pros.

How does NSK do AJAX?

NSK uses an in-house AJAX library, which was specifically designed to do three things. It performs as well or better than equivalent Windows-based applications. It is learned easily by developers, so work for our clients can be done quickly and inexpensively. And our framework is useable on many browsers (in addition to Internet Explorer), and is 100% compatible with all current major server and development technologies, including Microsoft.NET. We’ve seen development turn-around as short as eight months, on financial industry projects of considerable complexity.

Written by Keith Mitchell, Senior Developer at NSKinc

Web 2.0, AJAX, XML, Thin Clients, and You

"Web 2.0 and AJAX have already changed web programming and business application development to the same extent that managed care has already changed the healthcare industry, and boxing gloves have already changed boxing."


Most web programmers learn quickly how to use a submit button, which allows a user to wait for the next web page to come back to them and tell them the results of their action. Most accomplished web programmers have learned how to display a table of data, and to sort the data by waiting for the page to refresh. Most accomplished web programmers have also explained to clients many times, that they can’t type into a dropdown list; they can only choose one of the values in the list, because “that’s the way the web thing works”.

Now, web programming isn’t so simple. Forms can be updated and data can be sorted, faster than you can read the confirmation messages. No one has to wait for pages to reload any more. New descriptions can be added to a list, and stored into a database, simply by typing them into a dropdown box. A web form can enter and correct data faster than a user can type.

The admission requirements for the web programmer club are getting higher. Microsoft and Adobe are writing tools to make these tasks easy, but these tools are still in their infancy.


Written by Keith Mitchell, Senior Developer at NSKinc

Thursday, August 6, 2009

201 CMR 17 Compliance Timeline

Compliance for 201 CMR 17.00 is going to take a little time... We have written out a guideline for your timeline!

August

-Designate an Information Security Officer - You will need to designate at least 1 person at your place of business who will maintain the comprehensive information security program. Finding that person now will help get the rest of the items in line for when they need to be done.

September

Start Assessing Your Information:

-Identify the paper, electronic and other type records, including storage media, laptops and portable devices that contain personal information.**
-Check all anti-virus and security patches on all computer systems and servers -- make sure they are up to date.**

a. Check that you have reasonably up-to-date versions of
system security agent software (including malware
protection)**

-Identify what "personal information" moves around your business and out of your office including:**

a. healthcare/insurance information
b. benefits/401K information
c. Accounting/Tax information
d. Employment and Credit Applications
e. Checks and credit card information

-Identify persons who need to see the "personal information" and those who do not.
-Identify where encryption for personal information is needed.**
-Identify what third-party service providers your business may use that have access to personal information.
-Identify reasonably foreseeable internal and external risks to paper and electronic records containing personal information.**
-Identify any systems that are connected to the internet and make sure the firewall protection for files containing personal information are up-to-date.**

October

-Purchase any hardware or software upgrades that are needed**
-Get control of user IDS and other identifiers**
-Come up with a reasonably secure method of assigning/selecting passwords for users**
-Start developing your WISP (Written Information Security Program)
-Make sure that your WISP is applicable to all records containing personal information about a resident of the Commonwealth of Massachusetts

Make sure that you include:

-Administrative, technical and physical safeguards for Personal information protection
-Any identified and reasonably foreseeable internal and external risks to paper and electronic records
-Regular and ongoing employee training, and procedures for monitoring employee compliance
-Disciplinary measures for violators
-Policies and procedures for when and how records containing personal information should be kept, accessed or transported off your business premises
-Processes for blocking terminated employees physical and electronic access to personal information, including deactivating their passwords and user names
-Steps taken to verify third party service providers access
-The length of time that you are storing records containing personal information.
-Specifically the manner in which physical access to personal information records is to be restricted
-Whether you are storing your records and data in locked facilities, storage areas or containers and the security measures taken to keep these areas secure
-Actions and documenting that is taken in connection with any breach of security

November

-Install all hardware and software upgrades**
-Test policies that have been written
-Start Training Employees on new policies
-Finalize WISP

December

-Finish Training Employees
-Send out WISP Policy to all employees and get signatures from all that they understand and will comply

January 1, 2010 and beyond

-Continue monitoring your systems and procedures**
-Continue providing training to new and existing employees
-Update policies as required
-Assure all computers and servers remain up-to-date with patches and anti-virus software**

** NSK Inc can help you with any of these tasks, just let us know.

Written by Cathie Briggette

Tuesday, August 4, 2009

Linux, Apache Platforms

Linux/Apache as a platform has been doing web-based networking, backed by large-scale community development, for a long time. The most mature SPAM filters , email handlers, RSS tools, web data-miners, and web automation tools are Linux/Apache based. For those tasks, that’s what we may recommend. These services or components can be integrated easily with Microsoft Exchange and other Microsoft servers and systems.

Are we talking about “Open Systems” or “Open Software”?

No. We’re really trying to discuss the important business move toward open architectures. Enterprise or service architecture is not related to “open systems” or “open software”. For open systems, think “UNIX-like systems which have been standardized”. For open software, think free Linux software, free licensing, and community development.

Is Linux more “open” for business software architectures?

No. What matters are your software applications, not your systems. Linux is important, however, because most of the web runs on Apache web servers running on Linux, and the internet (worldwide) and intranet (corporate) ARE vital to open architectures.

Written by Keith Mitchell, Senior Developer at NSKinc

Open Architecture and Services

Service oriented architecture is a design of business systems where applications which store, manipulate, or use data, provide a mechanism or service to other applications in the system, for getting at that same data.

An open architecture is a business system where applications “expose” what they do, and the data they use, to other applications or network services.

Web Services started a lot of things (moderately well). A web service is a web page that another computer can go to, to get information. It’s that simple. By the time web services were popular in certain functions (weather info, product vending by middleware and B2B, and stock quotes), they had been very standardized and defined. That standard was clumsy to implement and was sometimes too slow for the speed of business. Much work went into creating lightweight wrappers for the data which was given out by web services, so that they would be fast. SOAP is a very lightweight data container for web services data.

What’s good about SOAP and web services? Data wrapped in a SOAP wrapper can move like a text file across networks, through firewalls, from a Windows machine into a Linux machine into a Mac, and then into a library mainframe. Data can be easily taken from one database and added into another, or made into a report. This was revolutionary several years ago. Web services tell other computers what they do (what “service” they provide) and what data to expect. However, the expected explosion of computer-consumed data didn’t happen with web services, except in some e-commerce and distributed corporate environments.

Why not? New and better ways are always being created for software
systems to become more open. This is a very important benefit to corporate software customers because new functionality can be added inexpensively, Have you noticed how quickly RSS newsfeeds became widespread? Compared to SOAP web services, RSS is very fast and easy to work with. Similarly, AJAX, without any SOAP wrappers at all, has been used to replace web services. RSS and AJAX are not just “Web 2.0”. They could be referred to as “Web Services 2.0”, as well.

Written by Keith Mitchell, Senior Developer at NSKinc