B2BGateway to attend Exact Live 2016 in Utrecht

B2BGateway, the leading, global EDI and automated supply chain solution provider will be attending this years Exact Live tradeshow in Utrecht, The Netherlands from November 8-9.

Exact Live 2016 is a two day event which will take place this year in Utrecht. Day one is focused on bringing the eco-system of Exact, its partners and third party add-on providers together to discuss overall solutions and to provide 'one stop' seamless solutions to the end user. Day two opens up the event to Exact clients and prospects who can hear from many great speakers as well as learn about new updates and 3rd party software providers who can enhance the users existing system, depending on their unique requirements.

B2BGateway provides cloud based, fully integrated EDI solutions for Exact Online users which remove the need to re-key data when exchanging standard business documents such as purchase orders, invoices, shipping notices, inventory updates, etc., with trading partners. Roger Leyden, Director of Global Business Development at B2BGateway will be attending Exact Live 2016 in Utrecht. If you would like to meet with Roger during the event, please email Sales@B2BGateway.Net  

A baby stroller manufacturer rolls faster with electronic orders

By Phil Burgert on B2BeCommerce.com

Maclaren, a pioneer in strollers, is using a mobile app to check EDI orders as it also takes orders via its e-commerce site.

Maclaren is a manufacturer known for introducing 50 years ago lightweight, easy-to-use “umbrella” baby strollers made with aviation-grade aluminum. It’s continuing try new things today, including a more flexible means of managing its electronic orders from all sizes of customers.

Maclaren sells to retailers ranging from large corporations like Target Corp. and Amazon.com Inc. to smaller regional store chains and individual “mom-and-pop” stores. While the Targets and Amazons prefer to place most if not all of their orders via electronic data interchange, or EDI, many of the smaller merchants aren’t set up to exchange EDI documents and prefer to order via Maclaren’s e-commerce site, MaclarenBaby.com, which also takes orders from consumers.

In early 2015, Maclaren deployed NetSuite Inc.’s SuiteCommerce software suite, which includes Maclaren’s e-commerce platform and its enterprise resource planning, or ERP, business software applications for managing inventory, customer orders and financial records. As Maclaren receives e-commerce orders from customers across eight countries, it automatically updates data across the SuiteCommerce ERP applications.

But it can be difficult to monitor the flow of EDI orders, checking for transmission problems and ensuring enough inventory is on hand to fulfill the orders. Following the SuiteCommerce deployment, Maclaren worked with B2BGateway to also integrate its EDI orders with the SuiteCommerce ERP system, relieving the manufacturer of manually entering EDI order data into its ERP applications.

This summer, Maclaren took things up another notch by deploying B2BGateways’ EDI Connect App, a mobile app that lets Maclaren executives check EDI orders from anywhere, ensuring EDI documents are transmitting properly and that orders are fulfilled. EDI documents include customer purchase orders and Maclaren’s invoices and ship notices. Maclaren’s EDI customers also include retailers like Bed Bath & Beyond, John Lewis and Saks.

“We have an EDI team and they use the app to work with EDI transactions coming and going,” says James Ramsey, global head of technology for Maclaren, a unit of United Kingdom-based holding company Dory Ventures.

“All of our larger customers prefer to work through EDI so they don’t have to use our B2B e-commerce site and everything can be done through EDI with those customers,” he says. “That’s why we’re working with B2BGateway. They’ve been a great partner in getting EDI set up with all of these big accounts, which takes a lot of the load off our account executives and sales team for everything that comes in and goes back out again.”

Ramsey says considerable volume goes through EDI at Maclaren, and that that having the integration with SuiteCommerce and the mobile app make it far easier to keep it running smoothly. “The misconception with EDI is people think once it is put in place it just runs and everything is good in the world. But it never gets done, there’s always some issue that comes up,” he says.

Louisa Gooding, director of sales and strategic relationships at B2BGateway, says B2BGateway is continuing to add more of Maclaren’s trading partners into its EDI system. “We’re in the process of adding 40 more online trading partner relationships between now and December.”
Gooding described the B2BGateway EDI Connect App as primarily a reporting app. Ramsey, she says, “needs it because he wants to have a quick place to see what’s going on.”

Ramsey says he has been able to use the app to catch up on the status of trading partners while walking into the office or to get complete overviews of a day’s EDI transactions while watching his son’s soccer games.

B2BGateway launched the app last year on iOS platforms and added Android platforms earlier this year.

For further information on the B2BGateway EDI Connect App please visit www.B2BGateway.Net or email Sales@B2BGateway.Net

Safety in the Cloud!

 

By Steve Kohler, VP Systems Development at B2BGateway

When our Director of Sales and Marketing asked me how one goes about Securing the Cloud, I thought it was an interesting subject, for certainly that depends on who you ask, what we mean by security, not to mention what you mean by “Cloud”.  In today’s rapidly evolving IT environment, Cloud security is something we should all be concerned with.  Organizations need to make sure their customer data is safe in the cloud, and end users (consumers) should be aware of what the cloud is and how it affects the assets they wish to protect.

The National Institute of Standards and Technology defines cloud computing as:
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

The NIST also defines five essential characteristics that compose the Cloud model, three separate service models, and four deployment models.  The essential characteristics are On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, and Measured service.  While the use of virtualization is not a specific requirement for the Cloud, it typically plays a key role in facilitating cloud offerings.  Multi-tenancy is another aspect of the cloud that is often treated as an integral component, although not part of the formal definition.

The Service Models

Software as a Service (SaaS). - Provides consumers with access to some service or application running on a cloud infrastructure.  The customer does not manage or control the underlying infrastructure such as network, servers, operating systems, or storage.  The customer has the ability to manage customized settings within the application only.

Platform as a Service (PaaS). – Consumers are granted access to an application hosting environment where they have the ability to deploy custom applications they create/acquire using tools/platforms supported by the provider. The customer does not manage or control the underlying infrastructure such as servers, operating systems, network, or storage, but has control over the deployed applications and custom settings within those applications.

Infrastructure as a Service (IaaS).  The consumer is able to provision processing, storage, networks, and other fundamental computing resources.  This allows the customer the ability to deploy custom software such as operating systems and applications.  The customer does not manage or control the underlying infrastructure but can have access to networking interfaces such as firewalls.

The Deployment Models

Private cloud - The cloud infrastructure is provisioned for exclusive use by a single organization.  It may be owned, managed, and operated by the organization or a third party, and it may exist on or off premises.

Community cloud - is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns. It may be owned, managed, and operated by one or more of the organizations in the community or a third party, and it may exist on or off premises.

Public cloud - is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.

Hybrid cloud - is composed of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability.

When we discuss security, we are usually concerned with Logical security and Physical security. 

Logical security protects data by utilizing software safeguards such as authentication methods, authorization, and ensuring user permission levels.  Common examples of this layer are:

·         A username and password combination that was assigned to access a network or shared resource.

·         Token based authentication - a user is able to generate a token such as a cryptographic hash that identifies the user and no password is actually shared as part of the authentication scheme. 

·         Two-way authentication - In addition to providing credentials or a token, the user must respond to a challenge presented by the system before gaining access to resources.  An example would be for the system to present a security question when the user is logging in from a new device or network.

Physical security is responsible for securing access to the infrastructure, datacenters, buildings, and other assets such as employees.  In addition to protecting against unauthorized access or damage by individuals, physical security should also address withstanding natural disasters, climate control and preventing accidental damage.

As you move down the cloud stack, the consumer becomes more responsible for implementing and managing security measures.  For example, an IaaS provider will secure the infrastructure, but it is up to the consumer to implement proper security measures in the operating systems and software they choose to host on the providers system.  At the top of the stack, Saas providers are responsible for the most as they must secure the infrastructure, as well as their networks and applications and provide strong logical security measures to protect customer data.  Regulatory compliance also comes into play, especially when dealing with credit card, healthcare, and financial data (PCI, HIPAA, SOX).

When assets or infrastructure are moved off premise into the cloud, the consumer must make sure that their Cloud Service Provider has adequate Physical controls in place, as well as logical controls to mitigate potential threats that might emerge.  Monitoring of Logs for example, becomes difficult if not impossible when using a Saas provider since the server logs will most likely not be available to the consumer, and contain information for multiple customers. 

Some potential threats present in a cloud environment not found in a traditional datacenter have to do with Virtualization and Multi-Tenancy.  Resource pooling on a virtual machine host increases the risk for noisy neighbors and resource contention.  A guest OS handling high I/O and CPU workload for one Customer could result in poor performance for other guest OS’s, creating a denial of service scenario for the affected Customers.  Attacks against the hypervisor are also on the rise, if a guest OS maliciously attacks and compromises the Host, the other resident guests are now at risk of being compromised.  It is critical to make sure the Cloud Service Provider has adequate security zones (virtual networks, vlans) configured per Tenant and that they adhere to best practices when updating their virtual infrastructure to ensure a secure environment. 

As companies move their data to the cloud to take advantage of the time and cost savings, a comprehensive risk assessment should be made on the assets being moved so that proper Monitoring and Incident response plans can be crafted to deal with potential breaches.  Encryption of data at Rest (at the cloud provider site) and in Motion (data travelling to and from the CSP) are also key elements that can increase a Secure Posture when dealing with a Cloud Provider.  SLA’s should address what logs consumers will have access to in the event of a compromise, as well as detail specific counter measures being taken to mitigate threats to the data.  Cloud offerings hold tremendous reward for Companies in terms of reducing overall expenditures and time savings , but there is also risk as control over assets is passed on to another organization and out of immediate physical control.  Proper vetting of Service providers and adherence to Industry standards are crucial to maximize return.

To learn more about B2BGateway’s cloud based EDI solutions, and how we protect your data in the cloud please call +1 401 491 9595 / +353 61 708533 or email Sales@B2BGateway.Net