Author Archives: Tori Pazda

Endpoint Security and Response Power Apps vs. SharePoint Framework for Forms

Overview

As the capabilities in the Microsoft Power Platform have matured over the last couple of years, Thrive has spent considerable time delivering business process automation solutions using the tools in the platform. With Power Apps, Power Automate, and Power BI, the platform allows us to accelerate the digital transformation process for our customers using the low-code capabilities in the platform. However, when requirements get complicated, a better approach may be to build your form using the SharePoint Framework (SPFx). This is especially true if you are dealing with large amounts of data, fast load time of the form is critical, or the UI requirements are complicated. Using SPFx does require development experience, but with the right skills, you can quickly build out custom forms that can provide a better solution.

The table below provides a detailed comparison of building your form in Power Apps versus using the SharePoint framework. We have also provided a summary of our findings at the end of this post.

Detailed Comparison

Power Apps SharePoint Framework
List Thresholds
 Currently, when a list has threshold problems, there is no way to easily work around them in Power Apps. The Power Apps will immediately break if already published and will not allow you to publish or save it. All submissions will break. Structuring the data or applying filters makes it easy to work around List Thresholds and retain functionality.
Performance
 Even with small-scale forms and applications, the load times for Power Apps can be relatively lengthy. Performance is exponentially better than Power Apps. Small or large applications will load quickly and navigation in large applications is also extremely fast.
Simple Forms/Applications
 For forms that we just want to add a couple of easy conditionals, set up some formatting or styling, and so forth, Power Apps is probably the way to go. It requires little to no development knowledge and allows for further customizations by Power users. For simple forms or applications, we may want to stray away from an SPFx solution. The development overhead and time spent would most likely outweigh the benefits.
Large Forms/Applications
 Power Apps can get very bogged down by large applications that contain paged navigation, a lot of conditions, several lookups, etc. Maintaining connections between pages, altering conditions, implementing validation, etc. becomes very difficult. Large forms and applications can be constructed to be exactly what meets the needs of the business. Inline field validation, paged navigation, conditions, etc. can all be implemented with ease. Performance is also fantastic in any SPFx application.
Dev, Test, Prod
 Power Apps becomes tricky if you want to try to have a development stream. If you have a Power App that is integrated with a SharePoint list or library, it cannot be exported or migrated anywhere else. You would need to continuously rebuild the app from scratch and reconnect all data connections for this work. Canvas apps do allow for exports, but the amount of configuration required for each installation can be painstaking. Seeing as SPFx solutions are packages, they can be deployed at a tenant wide level or per site collection. This means you can easily spin up a development, test, and prod site collection and have a development stream that can publish updates to any one of these environments with ease without affecting anything you don’t want. Pipelines can be established to further simplify the development stream.
Migration
 As stated in the previous point, migration can be very difficult or even impossible with Power Apps. Given the nature of SPFx solutions, migrations can happen with little to no effort moving between site collections, environment, and tenants.
Validation/Conditionals
 Conditional and validation logic is certainly possible in Power Apps, but only to an extent. Certain fields do not have the innate ability to filter out things such as special characters and implementing logic to do so is tricky. In some cases, the logic may not even have the ability to be implemented. Conditionals are also implementable, but take time and can be very reliant on form loading factors. Rules were removed so there is no central location to manage all of your logic. Literally any form of conditional or validation is possible in SPFx. Real-time/async validation is implementable. Regex, string validation, number validation, etc. is all easily implementable and scalable. Conditional logic can easily hot-swap visible components to the user.
Data Connections
 While data connections to other applications in Office 365 are easy enough to set up, they cause some unintended side effects that may result in an undesirable user interface. For example, if you wanted to pre-populate a Manager field in Power Apps, you can do this by adding the Office 365 Users data connection. However, when you add this data connection, it will prompt the user to allow access to this when they load the Power App. This will occur each time they load it if their cache has been cleared and in other instances as well. While data connections require a bit more set up in SPFx, they can be tailored to do exactly what you need them to do. The sign-in prompt that was mentioned in the Power Apps version of this functionality is no longer an issue. Data connections will migrate with the application should you decide to move it. By default, connections to Teams, Graph, SharePoint, and more are relatively preconfigured for you when creating an application in SPFx.
Redirects
 Currently, redirecting applications on submission is not possible from Power Apps. This can cause a lot of headaches, particularly in SharePoint integrated Power Apps. Redirects are completely possible in all manners within SPFx.
SQL Connections
 Connections to SQL databases are available from in Power Apps. Depending on what needs to be done with them, you may or may not want to use SPFx (driven by the complexity of the app). SQL connections are also easily implementable in SPFx. They can integrate with non-standard SQL connections such as Azure Cosmos DB, AWS, Firebase, NoSQL DBs, etc.
Customizations
 Depending on what needs to be customized, you may or may not be able to complete the task in Power Apps. While they give you a wide range of customization options in Power Apps, you will still encounter some limitations in terms of styling, sizing, resolution, etc. There are essentially no limits to the customizations you can do in SPFx.
Responsiveness
 While Power Apps can and will work across platforms, it still has a wide range of issues with responsiveness across browser sides. One area of note is when using People Pickers, Date Picks, and Multiple-Choice fields. These components will often be inoperable on smaller devices. In addition, embedded Power Apps will often have scrolling issues where a user cannot scroll to the very bottom of the app on smaller devices. This is currently a known issue. SPFx applications can be made to be 100% responsive across devices. In addition, SPFx grants the ability to design per device or screen size. For example, you could create a design for phones, a design for tablets, and a design for PCs all in one application.
Data Load
 Data loading can be tricky in Power Apps. If you are trying to execute actions based on pre-loaded data, there is not much in terms of something asynchronous that will await the response. Many different issues can come up in things like conditions based on pre-loaded information as the information is not ready to be consumed. Data loading is no issue. Async/Await functionality is easily implementable to ensure that you have the information you need when you need it.

Summary

Use Power Apps if…
  • You do not require storing more than 5,000 records
  • The speed of the forms is not a significant consideration
  • Your forms are relatively basic, without complex repeating sections or business logic
  • You do not need to promote the forms through Development, Test, and Production environments
  • You do not have complex conditional or validation logic
  • Your forms do not need to redirect to a custom location upon completion
  • Responsive design across numerous browser configurations is not critical
  • You have power users who can maintain and modify basic forms and functionality
Use SharePoint Framework if…
  • You need to store larger amounts of data
  • Fast form load and navigation time is critical
  • There is complex logic and/or UI design involved
  • You need to support a full Software Development Lifecycle or migrate the form to various locations
  • You want complete control over the responsive design to support various browser configurations
  • Having seamless integration into Teams and/or SharePoint is important
Security Driven SD-WAN: A Key Factor in Network Modernization

With many of us working from home during COVID-19, one unexpected benefit remote workers may be experiencing is better performance and faster response times to the business applications that are used daily to perform our jobs, such as email in Office 365 or GSuite, Salesforce, Dropbox and many other cloud-based applications. This improved performance may be a result of not traversing across a corporate network to get access to the internet to reach these cloud-based applications. You may have a more direct path to these applications from home than you have from your office, especially if you work at a remote branch office that is tied to a corporate network.

This unprecedented event has proven that the internet is clearly capable of providing enterprise level networking. Surely, each of us has experienced the occasional fuzzy video or audio drop, but by and large, the internet has held up well with the big spikes in network traffic since stay at home orders were put in place.

As organizations will look to cut costs with reduced budgets, Software Defined Wide Area Networking (SD-WAN) provides an opportunity to lower network costs while improving application and network performance for the branch offices to cloud-based applications you’re accessing from home today. SD-WAN enables you to augment or replace your traditional legacy WAN services with lower cost broadband internet services for direct access to cloud-based applications and ensures that performance is not sacrificed in doing so.

Security must still be a key consideration when implementing a SD-WAN solution as enabling direct internet access at branch offices opens the network to more entry points for potential threats. Combining network security and SD-WAN onto a single platform provides the ability to gain improved remote branch application performance while ensuring your critical assets and data are protected from outside threats. A combined Secure SD-WAN platform also reduces equipment costs and management complexity. Organizations with legacy MPLS network infrastructure should take a hard look at the performance and cost benefits a secure SD-WAN solution can provide as more and more applications move to the cloud and out of the corporate data center.

To learn more about Managed Secure SD-WAN, CONTACT US TODAY!

Boston Buisness Journal – Here are all this year’s Fast 50 companies Enabling Remote Workforce and Business Operations to be Scalable During COVID-19 and Beyond.

As businesses and organizations around the world were forced to move their employees to work remotely, many were not truly prepared for what is required to make that transition while maintaining seamless operations.

As a result, businesses found themselves scrambling to get corporate laptops into the hands of key personnel, while others encountered supply chain issues that reduced stock at both large suppliers and local electronic chains. Each company, no matter what their size was faced with managing internal software and access requirements. But, how do you translate this at scale? How do you ensure that your employees can work anywhere, anytime, and on any platform available? The answer is simple, and it lies in a technology that has been around since the early 90’s and continues to evolve today. While there are many variations it is all fundamentally offshoots of remote desktop. Citrix, VDI, RDS, DaaS, are some of the current names with each product designed for different use cases and business needs.

Years ago, remote access was traditionally a very easy solve. Working from home was not a popular use case as it is today due to available consumer bandwidth options. Most commonly, users were granted access to corporate resources such as files and email via VPN (virtual private networking). More security-focused organizations provided employees with a corporate machine to access the VPN. However, this solution always had a fundamental flaw, those endpoints albeit secured with your corporate AV, were still living outside the perimeter of the network, and would then connect with full access to the network.

As the security landscape evolved to combat emerging threats from all angles, which specifically included remote workers; Solutions were born that allowed remote access to the corporate network without network level access. This meant that users could access all corporate resources but never actually be physically connected to the network. Additional controls put in place by an organization could further lock down and secure that access. While the organizations that still relied only on VPN access to the office, at the start of the quarantine were struggling to get laptops, configure VPN access points and buy additional licensing. Those that had already put in place a robust solution like Citrix, RDS, VDI or DaaS simply ensured that their end users knew how to access it. What makes this so much easier you ask? Well, it is because technologies like Citrix and RDS use the concept of shared application access. Take for example your accounting department who needs to run Great Plains while working remotely. Instead of loading Great Plains on each of those end users’ laptops, you would install it on the Citrix or RDS server and once any member of that accounting team logs in they would be able to access Great Plains as if they were sitting in their seats at the office. This also means that when it is time to upgrade the software, as the admin you simply perform the update once on the server, instead of multiple times for each remote employee. In the last 5-10 years this technology has evolved even more with the mainstream introduction of VDI (virtual desktop infrastructure). This concept took the idea of a windows machine and made it available as a virtual machine. This allowed admins the flexibility to deploy and scale machines on demand based on end user need. It allowed for controlled updates to the machines and operating system. Users can either use a pool of dedicated virtual desktops. If situations required it, they had the option of giving users their own dedicated desktops. Now imagine your users who already work in their VDI’s in the office are now asked to go into full remote work mode. Those same users simply go home and log into their VDI and it is like they were sitting at the office. In all these solutions there is a front-end server or appliance that handles load balancing of your connections as well as user authentication. Behind that is either your server farm that hosts the applications or a pool of desktops, making the solution highly resilient and redundant.

Solving the challenges of remote work environments are proving beneficial in other business operations. If added to your BCP/DR plan they ensure business continuity by allowing your operations to continue regardless of what happens in the office. Many of the VPN-only organizations currently allow their end users to VPN into the office and then use Microsoft RDP to access their office computers. In a perfect world this works, but it does not account for loss of power or catastrophic events that affect the office. It also does not account for simple things like computers that are simply powered off and cannot be accessed.

If you are an organization that is serious about proving the best level of remote access while securing the enterprise, Thrive is here to help. CONTACT US TODAY!

Power Automate – Avoiding “File Locked For Shared Use” Failing Your Workflow

In our workflows, we often need to perform file metadata updates, check-ins, moves, etc. If a file is locked and we do not account for it, it can fail our workflow entirely and prevent it from moving forward. 

Consider a common scenario of running an approval flow that updates a Status field or other fields based off of the stage of the workflow and end-user responses. Utilizing a “Do until” loop and configuring the “run after” settings of actions we can ensure metadata updates are performed before moving onto the next steps of the workflow.

How does it work?

The basic premise is to create a variable to store the state, then use a Do Until loop to keep trying to update the item. If the update fails, execute a Delay and try again. If it succeeds, update the variable to exit the loop. The Run After conditions need to be set on both the Delay and the Set Variable. The Delay will run when the Update fails or is timed out, while the Set variable will run if the delay is skipped.

1. Initialize a Boolean variable and set it to False.

Update Metadata

2. Create a Do Until loop to run until the variable ‘UpdateMetadata’ = True.

The Change limits configuration controls how long the Do Until loop runs, or how many times it tries before moving onto next workflow actions. I set timeout to PT720H, which is 30 days using the ISO-8601 duration notation, and leave count empty so it retries unlimited times. 

Place your “Update item” or other action susceptible blockage within the Do Until. After the Update item, add a Delay action to configure how long you wish to wait between retries. 

After the Delay, add a Set variable to flip the marker variable to True, indicating the update was successful and the loop can stop.

Creating a Do Until Loop

3. Configure run settings on ‘Delay’ and ‘Set Variable’.

If the Update is successful, the “has failed” and “has timed out” options will instruct the workflow to skip the Delay action and move onto the Set Variable. 

Setting “is skipped” on Set Variable means it will only run if Delay didn’t, which would indicate a successful update.

Delay Run Time

Set Variable Run Time

Conclusion

In a shared environment, there is a good chance you will try to update a file while it is in use by others. When it’s a human being performing the update, the consequences are usually minimal — we just wait a few minutes and try again. When a workflow is blocked, it can cause downstream issues and leave data and files in an unexpected state. By adding some protection and retry logic around the updates, we can help ensure they are completed successfully before moving on to other tasks.

Cloud First with COVID-19 – The right business strategy

Like many of you, I have had some time in recent weeks to reflect on my role and how we as a NextGen managed services and security provider are helping during this pandemic. Much of my daily life before COVID-19 was convincing businesses that a cloud first strategy was the right choice, not only from a security and cost perspective, but primarily due to how the workforce has changed.

Before the pandemic, most of us relied on a platform that allowed us to work from any place at any time with flexibility during our busy lives on the go. Even with all the convenience provided by the cloud, most businesses that we spoke to still had a negative impression of moving “everything” to the cloud.

Here’s what they had to say:

  • The cloud is too expensive.
  • I have better security at my office.
  • I cannot run 100 % of my applications.
  • I don’t trust the cloud.
  • I can get another few years out of my server that lives in the closet down the hall.

In August of 2019, we convinced a client of ours to move the cloud. We advised them to take a leap and move everything to a modern cloud platform that would support their goals of a cloud first strategy and a true mobile workforce. A few benefits that they were looking to gain were:

  • Better and more turnkey remote access, no clunky VPN’s
  • Higher security
  • Operate more efficiently
  • The ability to scale quickly
  • Access to 100 % of the firm’s data. (files, folders, network drives, and all applications)

They decided to move their entire organization to the cloud and by November of 2019 this firm was up and running.  I spoke with our client last week (April 2020) and he mentioned something to me that I had to share.

“Thrive and the NextGen cloud platform might be one of the single best decisions that we ever made as a firm!  100 % of our firm is now able to work in the cloud from anywhere. Had it not been for this move during this COVID-19 pandemic, we simply would not have been able to work in this manner. Our firm would be in a much different place.” ~ Michael Cohen, Managing Director – Glass Jacobson

Stories like these not only point out how a good cloud first strategy helps our client’s business during normal times, but really shines during times like these.  As a NextGen MSP and MSSP, I know that we have armed our clients with a robust cloud computing platform that is helping their business every day and enabling them to keep their virtual doors open and employees productive from anywhere.

For more information on Thrive’s Cloud Solutions, CONTACT US TODAY!

SEC Sweep Exam Priorities – Business Continuity

Watch the Full Webinar Presentation!

 

Marc Capobianco, EVP of FinTech at Thrive, John Stiles, Founder & CEO of C/Bridge Strategic Advisors and Michael Dale, CFO at Eastward Capital Partners discuss how financial firms need to review and update their business continuity plans to comply with regulators expectations.

Discussion Topics:  

  • Does the firm have policies, procedures, guidance or other information tailored to address the continuity of business operations during a pandemic?
  • Has your firm activated its BCP in response to COVID-19?
  • Does your firm’s BCP address the resiliency practices of third-party vendors, service providers and partners?
  • How has your firm addressed cybersecurity policies and procedures regarding employee remote access?
  • Does your firm have any specific limitations in its ability to operate critical systems and operations during the pandemic?

Fill out the form to get instant access to our on-demand webinar.

Trusted Advisors – Beyond Service Understanding and into Deal Positioning

As 2019 ended and 2020 began, the nationwide Channel continued its tremendous growth. Partners are more established than ever in their roles as trusted advisors and are increasingly adept at uncovering cyber security, Cloud, and a variety of other Managed IT opportunities.  A greater overall focus on partner education has been a key contributor to this success with Master Agencies at the forefront — coming up with increasingly engaging and effective ways to prepare partners to win deals. However, as a supplier, it is important to note that the education cannot end there.

While partners receive enhanced educational benefits from an industry and general service perspective, one thing I have noticed is the push for suppliers to not only educate partners on their assorted services and products, but to go a step beyond. Yes, understanding the product suite is vital, but the true value is in understanding HOW to sell these services to your existing account base once you learn them. This is not a one size fits all approach and must be addressed uniquely. Thrive is making a push to provide more education to our partners beyond what we offer and how we differentiate in the marketplace. We aim to dive deeper into how to take this knowledge and position it through the right line of conversation with the goal being to find direct opportunity alignment.

A big piece of this additional education is helping our partners identify key market trends and build business cases around them, specifically as they relate to Thrive and our strengths. For example, organizations with a new IT Director or C-Level executive have proven to be the perfect candidates for a Network Health Assessment; a commissionable engagement run by our consulting team that helps businesses drive value by understanding where they need to invest from an IT perspective. In a broader example, we have seen more and more first time SIEM adopters. With our partners asking the right questions, a need was identified for smaller SIEM/SOC deals with under 100 devices that had previously not been a focus of ours. Partners now know to leverage Thrive on these opportunities as we have a strong SIEM offering.

While this is already about a paragraph too long, I think it’s important to emphasize the main takeaway here. Partners are becoming more educated and bringing better opportunities to the table. There needs to be a push to go beyond the ABCs of our services as suppliers and continue to build the deal positioning aspect.  This requires a tailored approach that focuses directly on what we do best and helping partners leverage that.

We don’t expect to be picked for every given opportunity, but want to make sure that when we are, everyone wins.

For more information on Thrive’s Channel Program, CONTACT US TODAY!

Phish Out of Water — Remote Workers Email Security

The last few weeks have been a big change for everyone.  Many people are working from home, and some of those people have children at home with them.  Right now, my kids are wandering the house looking for breakfast and prepping for Zoom meetings with their teachers.  While I have seen many acts of kindness and compassion during this time, I have also seen attackers take advantage of distracted workers who are trying to balance home and work life.

We have seen an increase in phishing emails that are shockingly good.  They are playing on the fears of people working from home.  For example, a receptionist who gets an email from the CEO asking to buy gift cards for everyone as a morale booster, might think this sounds great.  In the past they would walk down to the CEO’s office and probably ask a question or two.  But in today’s climate, without the easy access to the CEO, they might just buy the gift cards and send the information back via email, never realizing this was a phishing scam.

In this time of change, communication via Teams, Slack, etc. is essential to keep the ability to “pop” into someone’s office to ask a question.  It is also imperative to implement or continue security awareness training — provide people the tools to be able to spot malicious emails and routinely phish your employees.  If someone fails, that is a good thing.  You can help that person before a hacker gets them to click on a link.  Make it mandatory that they make time to take the trainings. Phishing and training together can really improve your security.

People are the weakest link in the security chain. Thrive’s Anti-Phishing and Security Awareness Training ensures your employees understand the mechanisms of spam, phishing, spear phishing, malware, ransomware and social engineering.

For more information, CONTACT US today!