To reduce the chance on this occurring, the following suggestions and best practice to improve your web security:
Use HTTPS on your website
Benefits of using HTTPS. HTTPS is a way to encrypt information that you send between a browser and a web server. This protects your website’s users from "man-in-the-middle"” attacks, where someone steals the information being sent to a website, like information or logins details.
Configure you webserver with HTTPS
Get a certificate - A certificate is simply a paragraph of letters and numbers that only your site knows, like a really long password. When people visit your site via HTTPS that password is checked, and if it matches, it automatically verifies that your website is who you say it is – and it encrypts everything flowing to and from. If you don't have a certificate yet, you can get a free certificate in https://letsencrypt.org
IIS server - To learn more see https://support.microsoft.com/en-us/help/324069/how-to-set-up-an-https-service-in-iis
Apache server - To learn more see https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html
Correctly configure web security headers
HTTP Response headers are name-value pairs of strings sent back from a server with the content you requested. They are typically used to transfer technical information like how a browser should cache content, what type of content it is, the software running on the server and much, much more. Increasingly, HTTP Response headers have been used to transmit security policies to the browser. By passing security policies back to the client in this fashion, hosts can ensure a much safer browsing experience for their visitors and also reduce the risk for everyone involved. Let's take a look at some more security based headers.
To learn more see https://www.globaldots.com/8-http-security-headers-best-practices
Hardening you HTTP response headers
The first step in hardening your HTTP response headers is looking at the additional headers you can utilise to make your site more secure. Outlined below, these headers give the browser more information about how you want it to behave with regards to your site. They can be used to deliver security policies, set configuration options and disable features of the browser you don't want enabled for your site. Once you have setup each header, check it using SecurityHeaders.io.
The following are headers you can utilise to make your site more secure.
Content Security Policy
HTTP Strict Transport Security
HTTP Public Key Pinning
X-Frame-Options
X-Xss-Protection
X-Content-Type-Options
To learn more see https://scotthelme.co.uk/hardening-your-http-response-headers
Use strong and complex passwords
Consider a "pass phrase" rather than simply a password. Such a phrase should be relatively long – perhaps 20 characters or so and consist of seemingly random words strung together along with numbers, symbols and upper and lower case letters. Think of something that you can remember but others couldn’t guess that’s relatively long – perhaps 20 characters or so — using seemingly random words strung together along with numbers, symbols and upper and lower case letters.
Make the password at least 12 characters long. The longer the better. Longer passwords are harder for thieves to crack. Include numbers, capital letters and symbols. Consider using a $ instead of an S or a 1 instead of an L, or including an & or %. Don’t use dictionary words. If it’s in the dictionary, there is a chance someone will guess it. There’s even software that criminals use that can guess words used in dictionaries.
Keep your server up to date
Install latest service packs and security patches. Microsoft Update is the online extension of Windows that helps you keep your computer up-to-date. Microsoft Update includes updates from Windows Update and from Office Update, in addition to updates for other Microsoft products and for third-party device drivers. Use Microsoft Update to install updates for your computer’s operating system, software, and hardware.
To learn more see https://support.microsoft.com/en-us/help/311047/how-to-keep-your-windows-computer-up-to-date
Improve website performance
To learn more see https://scotthelme.co.uk/performance-cheat-sheet
Once done check your web security status on this website
see https://securityheaders.io
Job costing is an important part of running any business and can be crucial in a surveying business. Job costing has been described as one of the most critical functions of managing a surveying company. To run your surveying company profitably and successfully you must accurately project the costs involved for each project. Not only is it a federal requirement to do it accurately for any government project, but the ability to estimate costs accurately is how a surveying company chooses jobs that will generate a profit.
What is job costing though? For those who are unfamiliar with the term, Job Costing is all of the direct costs of a project, the appropriate share of overhead costs, and any other applicable indirect costs that can be legally billed to the client along with a small margin of profit. It is the process used to create a quote for the customer. This is a long way of saying that Job Costing is what the client is responsible for, and what it actually costs to do the job, and a bit added on for profit.
One of the major things to take into account as you begin to build the job cost for any project is deciding how many workers you need. This determination is based on the scope of services that are within the bid itself. There is a huge difference between a simple survey of one plot of flat land, and a job that includes hundreds of acres on difficult terrain. Knowing what the scope of work is will let a company determine how many people are needed to accomplish it in the given time frame.
Once you have figured out the number of people needed, and the level of certifications they must hold, you can then make your staff hour estimate to be included in the cost of the job. This will be compared at the end of the contract to the actual ledger time that you record with an accounting system. There should not be any radical difference between these two numbers, and the more accurate the projection is, the more reliable your company will seem to be.
With the number of workers required being determined the job costing can begin. Begin by calculating the direct costs involved. This is going to be a fairly simple calculation of the total of all of the wages for the personnel necessary to complete the task, multiplied by how many hours that the job is estimated to take.
The rest of the direct costs to consider are things such as travel expenses, and any materials or supplies that must be purchased to complete the project. Direct costs should not be equipment that is basic to surveying however. The cost of new equipment is not something that you can generally pass along to the client without additional negotiation. Much the same as a mechanic can’t pass along the cost of his tools to you just to fix your vehicle.
With the direct costs determined you then consider and add up the indirect costs of the project. Indirect costs are those expenses that are only in part determined by the project. This is comprised of things such as management wages, marketing costs, and office rental fees. A better way to say this is that you are allowed to bill a certain amount for Overhead.
Normally the overhead is determined by looking at the operating costs of your business for the same period in previous years. The usual calculation is to divide the total of indirect costs for that period by the direct costs. This will give you a percentage. Once this is calculated the direct labor costs are multiplied by this number, with the result being the overhead to be added to the overall cost.
There are some costs that you are not allowed to include in your overhead. These things include costs such as interest on loans, entertainment, country club fees. For more information you are highly encouraged to seek expert help. While some costs may appear to be actual business costs.
With the actual cost of the job now known, you get to add an amount for profit. This profit margin is normally allowed to be between 6% to 15% of the total fee. Your profit margin must be within this range to be allowed for most government contracts, and as such sets the norm for others.
To calculate your job cost correctly you need some sort of accounting system to give you actual historical information. The system could be extremely informal if your company is small and easily managed. Or it could be a complex software management system. Whichever system is decided upon it must be useable by the company, and accurate with the information it is tasked to retain. It is very rare in today’s high tech world to continue doing this using general accounting methods or pen and paper.
There are few requirements for any sort of cost accounting system. One is that it must ensure you keep direct costs separated from indirect costs. The accounting system must also separate costs by each job. For the system to be of any good in job costing, the accounting system must provide the ability to generate reports based on the information that is recorded and maintained.
Those most successful at job costing remember that everything included is a variable and rarely set in stone. Job costing is equal parts science and art. There are certain mathematical formulae that are used, but you must also be able to look at past jobs, and have the ability to project the work force needed to accomplish future jobs. All these things must be done well in order to create an accurate job cost.
When you are performing a job costing you must always keep in mind what your ultimate goal is. It is not enough to just plug numbers in to a formula. You must do your best to create the most accurate job cost to ensure maximum profit and to give the client with the impression that you are simply out for more money.
When performing job costing the accounting system is often of prime importance. The system must be something that supports your endeavors. To be supportive the system should be something that is useable by everyone involved. A system that is overly complex can result in the data not being recorded correctly, as workers just go through the motions.
Technology can be an incredible asset, but only if it is doing what you intend. Carefully select the system that best fits how your company functions. Remember that if you are going to begin using any new system to take the time to know it and to fully explain it to others who may use it.
In the end profit is dependent on this job costing endeavor. If you don’t take the time to record accurately, calculate accurately, and include all the necessary information, your proposal may end up costing your company money. Job costing is a vital component of surveying and something that can be helped with the right accounting system
Workflow management is one of the buzzwords that float around in business these days. The idea behind workflow management is that by using appropriate software a business can increase productivity. The increase of productivity is the result of less delays in the series of steps that are needed to accomplish a task. While most buzzwords are something to avoid, workflow management is something every company should be interested in.
Various approaches have been used to try to improve workflow, beginning with Gantt’s and including Six Sigma, Total Quality Management, and Theory of Constraint. Each of these approaches have proven successful in different situations. Workflow management has been widely recognized as a way to improve the quality of products, reduce overhead, and increase profits.
The goal of accomplishing workflow management can seem overwhelming for a business that is just beginning the task. Most traditional approaches are geared toward very large organizations. Approaches such as Sigma Six, Total Quality Management are exceptional, but they also require a lot of study and time away from the actual job to master. For the smaller company this time is normally just not something that is available. Nor is the ability to have one person dedicated to workflow management an option.
For those companies that do not have the size or the structure to give much time to developing workflow management in house the best option is to purchase software that addresses this requirement. The use of workflow management software enables a company to acquire the benefits of a better workflow throughout the organization, while not needing to start from scratch. The proper software can give a company the benefits of management, without the loss of time spent developing them on their own.
Managing workflow is an important concept in the workplace. Modern businesses can often gain large rewards by finding and using the right software. When the various processes involved in a business can be automated, they can be made faster and more responsive. Workflow management is something that must be addressed to ensure the highest level of productivity and best profits.
The main issue for these companies is applicability of the software that they choose. Where the right fit of software to company can have many benefits, the wrong fit can create chaos. It is vital to a company to find software that fits their structure and organization as is. When a software package is chosen due to it being part of a trend, or without investigation into how it works, a company is often left trying to hastily go back to their original methods.
A business must be careful not to select software that was not intended for their specific needs. This is especially true the more technical or specialized the business is. Broad based solutions do not work well with specialized tasks and workflows. For these situations, such as surveyors, there needs to be a focus on the normal tasks and jobs that occur.
Considering the application of a Workflow Management System is something that requires an in depth study of the current workflow. Only after seeing where there are problems, or constraints, as they can be called, can a Workflow Management System be used to address them. Applying a solution without research leads only to more disarray as workflow that was without any constraint is disrupted.
Additionally there is a very vital component that business leaders must keep in mind, employee buy in. Total Quality Management proposes the idea that without worker buy in to a new idea that the idea is doomed for failure. The best laid plans, the best software on the market, are all for nothing if the individuals who must use it do not buy in to the concept.
Employee buy in is an important step in workflow management. This is true of either management through software, or process improvement. Without this buy in an organization is just creating paper, or buying software that will never be used to its full potential. A business does well when it includes the “rank and file” in decisions that affect workflow.
Most high level managers are focused on results, not the actual day to day processes involved. When someone who is not conversant in the day to day operation begins to change workflow, it often results in a loss of productivity. What looks right on a higher level, may often be more labor intensive at the working level.
To truly make work flow smoother, and more responsive the company is better served by asking those who do the work what they feel should be changed. After collecting all of these suggestions a business can then find the right method, or software to address these changes. This information gathering step yields dividends far greater than any loss of time.
Looking closer at what workflow management can do for a company we find several benefits. Workflow management can impact the productivity of employees, the amount of information obtained as work is done, and of course the overall profitability of a company. These benefits are obtained through the clarification of processes, and finding ways to increase the speed they occur in, and simplifying them to reduce administrative time.
Employee productivity is increased with Workflow Management through making tasks easier to both record, and hand off to the next worker. Examining the processes involved, and then applying necessary changes to improve them gives each individual worker more time to complete the tasks at hand. Many of the workflows involve the sharing of information, the easier it is to record, and share this information the more productive an employee can be doing the actual work.
Information is the life blood of any business. Management needs to know certain pieces of information as work progresses. Often this requires workers to take time away from the jobs they must do, to record this information. Workflow Management can ease this burden, the right software can simplify record keeping. Workflow Management software that fits a business should not be overly distracting from the task at hand, and allow the worker freedom to do what they are specialized in, not attempting to create something to do this task.
The goal of workflow management is to get the employee back to working on what is important, in a manner that supports the goals of the business. Software can assist in this goal by giving the employee a quick, easy, and readily available method for record keeping that is consistent throughout the business. Each process can be made easier through the application of the correct technology, resulting in greater employee productivity.
As we have seen, workflow management can be a complex and overwhelming topic. However, if done correctly, workflow management can make a business faster, and more profitable. The goals of the company must be supported by any system, and the employees must buy in to its use. When all of these things come together, a company will see growth in both productivity and profit.