The Impact of URL Shorteners on File Sharing Security

Convenience has a price. URL shorteners make it easier to tweet and share links, but at what cost?

This post will examine a recent study that highlights the risks of URL shorteners with regards to your file sharing security. Keep reading to see the impact.

Continue reading “The Impact of URL Shorteners on File Sharing Security”

Ripping Off the Girl Scouts: 8 Steps for Evaluating Technology

Until recently, I had no idea what a Thin Mint was. It’s kind of amazing that these delectable little cookies have escaped my grasp in the thirty-odd years I’ve been aware that cookies actually exist.

I have first cousins in Canada. Like all relatives that you like, but are too far away to easily visit, our primary form of communication is social media. Recently, my cousin posted a picture that referenced Thin Mints, which is what prompted me to inquire about what exactly this is. Her words, verbatim from Facebook, were simply this: “As in the Thin Mint Girl Guide Cookies. C’mon! You haven’t had them!?” My immediate, and rather American-centric response, was: “Girl Guide?”

Apparently Canada has their own version of the ever-ubiquitous American organization known as the Girl Scouts, called the Girl Guides, and their structure is a duplicate of the US version. They have virtually the same graduation structure in their hierarchy, wear almost identical uniforms and, of course, sell cookies. Walk into any supermarket in the USA at the beginning of the year and you’re sure to be accosted by girls selling boxes of sugary heaven. They’re essentially legal dealers and we embrace the sugar addiction because it’s for a good cause. Canada is apparently no different, though I have to imagine the process of selling cookies is probably politer (sorry Canada but some stereotypes really are true, eh?).

This revelation left me wondering, what else in my world adheres to the Girl Scout/Girl Guide premise where we have two organizations that are essentially the same in rules and behavior but not quite the same. The answer was crystal clear to me…EVERYTHING in the tech world!

Continue reading “Ripping Off the Girl Scouts: 8 Steps for Evaluating Technology”

Polymorphic Python

Here at SmartFile, on the engineering side of life, we get to use a lot of awesome techniques in order to keep development fast and on-track (see the Open-Closed Principle). By using simple patterns, we are able to protect our application from design problems such as rigidity, fragility, immobility and viscosity; thus, leaving our future selves in a much, much happier state.

Continue reading “Polymorphic Python”

How the Mortgage Industry Puts Borrowers at Risk

A little over 2 years ago, HALOCK Security Labs surveyed 63 American mortgage lenders and discovered an alarming trend. 70% of mortgage lenders were compromising sensitive financial information through risky sharing practices.

Many of the lenders, both small and some of the largest in the nation, were using an unsecured email account to send files, a direct violation of the FTC Safeguards Rule that states emails can be sent only if they are encrypted. The majority (70%) of lenders were told to fax documents and 40% were advised to mail documents to applicants. Only 12% of lenders offered a secure portal, arguably the safest way to transmit sensitive documents.

It’s no wonder loan officers are at a loss on how to quickly and safely share documents. They are encouraged both from the business and borrower side to speed up the application process, yet they are told to rely on the antiquated methods of fax and mail. Most businesses have fax machines, sure, but many applicants likely have to search for one. And while it’s a federal offense to access a mailbox that does not belong to you, newer generations see these quaint side-of-the-road boxes about as secure as a flyer stapled to a telephone pole. Add to that the work it takes lenders to scan, collate and store these documents and you have a tediously slow process.

Continue reading “How the Mortgage Industry Puts Borrowers at Risk”

The State of Agile Today

It’s been 15 years since the Agile Manifesto was created and the software development methodology is still one of the most practiced around the world.

With the release of the 10th Annual State of Agile™ Report from VersionOne®, we can get a good sense of where Agile teams and the businesses who use them stand in 2016. This is a survey of global scale, as indicated by the demographics at the end of this post, so it definitely applies wherever you are.

Continue reading “The State of Agile Today”

Yeah, but the Ice Cream Sucks: 6 Solutions for Overcoming the Security Issues in Popular Apps, Tools and Websites

A few years ago, my girlfriend and I went to a local rib joint for dinner. This restaurant is consistently rated as one of the best rib places in the region and has won award after award for their truly excellent food. Their walls are littered with autographs of famous people who have dined there and loved the food, including known food critics.

A couple, obviously on a date, sits down next to us and it becomes apparent that the woman is new to the awesomeness of this place. The woman says, “I hear this place is amazing,” to which her date replies, “Yeah, but the ice cream sucks.”

This has stuck with me since the night it happened. It’s like entering the Sistine Chapel knowing you’re going to see a masterpiece on the ceiling and thinking the drapes covering the windows are hideous. This pessimism may not be the right attitude for a five-star meal, but it is absolutely correct for IT security.

Too often we see truly excellent apps, tools and websites that are beautifully designed and easy to use become littered with security holes and privacy concerns that force us to recommend avoidance to our customers and clients.

Continue reading “Yeah, but the Ice Cream Sucks: 6 Solutions for Overcoming the Security Issues in Popular Apps, Tools and Websites”

Dockerizing a Python Flask Application

Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server. This guarantees that it will always run the same, regardless of the environment it is running in.

– from What Is Docker?

If you are new to Docker, this guide will show you how to create a basic Docker container. Continue reading “Dockerizing a Python Flask Application”

SmartFile’s Hiring Developers and Engineers

SmartFile is looking for talented engineers, both software and operations, to come work on our secure file management platform. We will consider both local and national talent (with relocation available) for our open positions. You can check out the job listings and skillsets here. However, we think the right person will want to know more than just the bullet points of their future position at SmartFile.

Continue reading “SmartFile’s Hiring Developers and Engineers”