2
Key issues facing small web-based business technology Security Do people have access to seeing and/or altering important data that they should not? Are you at risk for common attacks, such as SQL injection, Cross-site scripting(XSS), Denial-of-service, request forgery, etc? Can people sniff out traffic on your site, stealing important information from your users, such as their passwords? The most common cause of this is fielding sensitive requests such as login form submissions over plain HTTP rather than using HTTPS. Another is taking credit card information directly into your server, even over HTTPS. Even in applications with fairly strong architecture, I spot many of these security risks within a few minutes of beginning a code review and can fix most of them with just a few hours of work. Bugs Do unexpected things happen from time to time, resulting in phone calls from confused or upset customers at times when you would rather your application be quietly earning money for you? Confusing features/workflow Are there places in your app where the user experience design either makes it difficult to sell your product or service or stands in the way of the customer accomplishing what they want to after a purchase? As engineers and the founders who designed and implemented the process, we know very well how to get around in our software, so we mistakenly assume that others will intuitively go in all the right directions as well. I can remove my engineer hat and stand in the shoes of your users to ensure that their experience results in their happiness and in fewer phone calls to the customer support department that may actually be you! Generally the founders I work with enjoy the time we spend together overhauling clunky app workflow. Code that requires maintenance and updating Today’s web applications are built largely on the backbone of the open source community. Gems are constantly changing, patching security holes, adding capabilities, and deprecating older versions. While this doesn’t pose as serious or immediate a threat to your business as some of the things mentioned above, it is important to stay on top of updates. Many things that you will be adding in the future will not work with older versions, and you can find yourself in a Catch-22 that can set back development or force downtime on your production server while dependency conflicts are resolved. If you’re wanting to situate your business for growth, you’ll need to be able to attract good engineers. In today’s competitive hiring environment, the good engineers want to work with thriving technologies and can be difficult to attract into an outdated ecosystem.

SummaryOfServices

Embed Size (px)

Citation preview

Page 1: SummaryOfServices

Key issues facing small web-based business technology

Security• Do people have access to seeing and/or altering important data that they should not?• Are you at risk for common attacks, such as SQL injection, Cross-site scripting(XSS),

Denial-of-service, request forgery, etc?• Can people sniff out traffic on your site, stealing important information from your users, such

as their passwords? The most common cause of this is fielding sensitive requests such as login form submissions over plain HTTP rather than using HTTPS. Another is taking credit card information directly into your server, even over HTTPS.

Even in applications with fairly strong architecture, I spot many of these security risks within a few minutes of beginning a code review and can fix most of them with just a few hours of work.

BugsDo unexpected things happen from time to time, resulting in phone calls from confused or upset customers at times when you would rather your application be quietly earning money for you?

Confusing features/workflow• Are there places in your app where the user experience design either makes it difficult to sell

your product or service or stands in the way of the customer accomplishing what they want to after a purchase?

As engineers and the founders who designed and implemented the process, we know very well how to get around in our software, so we mistakenly assume that others will intuitively go in all the right directions as well. I can remove my engineer hat and stand in the shoes of your users to ensure that their experience results in their happiness and in fewer phone calls to the customer support department that may actually be you! Generally the founders I work with enjoy the time we spend together overhauling clunky app workflow.

Code that requires maintenance and updatingToday’s web applications are built largely on the backbone of the open source community. Gems are constantly changing, patching security holes, adding capabilities, and deprecating older versions. While this doesn’t pose as serious or immediate a threat to your business as some of the things mentioned above, it is important to stay on top of updates. Many things that you will be adding in the future will not work with older versions, and you can find yourself in a Catch-22 that can set back development or force downtime on your production server while dependency conflicts are resolved.

If you’re wanting to situate your business for growth, you’ll need to be able to attract good engineers. In today’s competitive hiring environment, the good engineers want to work with thriving technologies and can be difficult to attract into an outdated ecosystem.

Page 2: SummaryOfServices

Long-running processes being performed in the wrong part of the application or in the wrong way

Certain processes, such as report-building and data processing, don’t need to run during the web requests that trigger them. Others are simply not well-written and consume too many resources for what it is they’re trying to accomplish.I can set these up to perform when server load is low and in a way that leaves your production server free to serve all of your users.

Mobile issuesDoes your software work as well on mobile as it does on a desktop? It’s important for search engine rankings, and then more obviously it’s one of the main ways that people are getting on the web. I can make sure you’re effectively using frameworks like Bootstrap for CSS responsiveness and ReactJS to promote snappiness even when connections to the internet are spotty.

Inefficient processIf you’re more or less happy with your current development team (or person), I can introduce simple tools that will help you communicate more efficiently and get things from idea to execution without so much effort on your part.

References and contact information for some of my past and present clients are available upon request.