Our Thinking

Automated Testing: Five important concepts to help make your testing efforts more effective

Posted by Tapas Sahoo on Oct 10, 2017 4:42:16 PM

Test automation has been adopted and used effectively in the IT industry for over a decade now. One of the core objectives of using test automation - along with conventional testing - is to repeatedly test certain actions, logics, and business functionalities with the end goal of increasing the effectiveness, efficiency, and coverage of the software in test.

Read More

Topics: Automated Testing

The Lowdown on Security Policies - Part Two

Posted by Steve Levinson on Sep 28, 2017 3:29:23 PM

In Part One of my blog series aimed at breaking down each section of Online’s security policy, we looked at some general best practices surrounding the development of a security policy. This included answering the question of “why develop a security policy?” and went into detail about developing the scope of content contained within. Now let’s take a look at the roles needed to implement an effective policy.

The intercom at the airport speaks the truth as it periodically repeats the mantra “Security is Everyone’s Responsibility”. If security is everyone’s responsibility then even the best written security policy is nearly worthless if it doesn’t include a section pertaining to roles and responsibilities.

Read More

Online Security Integration Framework – Part One: Identify

Posted by Jon Fraser on Sep 14, 2017 3:21:55 PM

There has been a lot of discussion about the need to have an end-to-end plan to manage your security threats and vulnerabilities. It is easy to agree that our plans need to start at identification and continue through to remediation and we might quickly agree that the first step is to effectively identify the threats. What is far more difficult, is determining how these threats and vulnerabilities are identified; unfortunately, in the increasingly complex enterprise environments of today, this task can be incredibly difficult and in some cases, nearly impossible.

Read More

The Case of the Unfortunately Titled Spambot "Onliner" and the Real Onliners Fighting It

Posted by Steve Levinson on Sep 1, 2017 11:56:21 AM

Earlier this week a new spambot emerged, targeting no less than 711 million email addresses. Basically, the spambot delivers malware called Ursnif into the victim's inbox and is capable of stealing personal information such as login details, passwords, and credit card data.

The name of this spambot, “onliner”, is a touch disappointing, a bit ironic, and of course has no relation to us whatsoever. At Online, our team (our employees) are known as Onliners.

Read More

Topics: Security

Changes to Industry Certification Requirements for QSAs

Posted by Steve Levinson on Aug 29, 2017 4:25:01 PM

The PCI Security Standards Council sent out a communication to all Qualified Security Assessors (QSAs) this past week saying they are raising the number of industry certification requirements for QSAs from one certification to two (effective 2019). While I have been in strong favor of almost everything that the council has done to evolve the PCI standard and program, I have concerns with this change for QSAs and what they will mean to our clients. 

Read More

Topics: Security

The Lowdown on Security Policies – Part One

Posted by Steve Levinson on Aug 22, 2017 4:58:12 PM

Online infuses the right amount of security into everything we do – I like to refer to this approach as our “special sauce.” Security is not just important to our Risk, Security, and Privacy (RSP) practice (which lives, breathes, eats, and sleeps security), it’s important to our entire company. We have built security in to our development processes, our service management practice, our customer/digital experience offerings, our internet of things (IOT) offerings, and our cloud-based (AAS) service offerings. 

Read More

Topics: Security

Five Myths about Test Automation

Posted by Tapas Sahoo on Aug 11, 2017 3:35:26 PM

Test automation has been adopted and used effectively in the IT industry for over a decade now. Some of the core objectives of using test automation, along with conventional testing, is to repeatedly test certain actions, logics, and business functionalities with the end goal of increasing the effectiveness, efficiency, and coverage of the software in test. However, as the use of test automation has become more and more extensive over the last decade, some myths associated with automation testing have arisen and are in need of addressing. Online’s team of QA experts have banded together to dispel some of these myths and to ensure that anyone looking to utilize test automation knows that it is about far more than just looking for software defects.

Read More

Topics: Quality Assurance

Why Can’t We All Just Get Along?

Posted by Jon Fraser on Aug 3, 2017 4:00:50 PM

One of my favourite cult classic movies was an obscure, but star studded picture called Mars Attacks. In the movie, Jack Nicholson plays the President of the United States trying to make peace with the vicious Martians. In his final scene, he makes an impassioned speech to the Martian leader with his final line being “why can’t we all just get along?” The Martian leader’s response was a tear and an “Ack-Ack,” followed by killing President Jack.

This scene is all too often paralleled in real life, with the opposing roles played by Security and IT. While they may not vaporize each other, they do operate under diametrically opposed missions. Security’s job is to keep the company safe – full stop. If they had their way, access to systems would be very tightly controlled and an almost weekly patching routine would be implemented, slowing the enterprise to a crawl. IT on the other hand is tasked with keeping the company up and running. They view patching as a necessary evil that consumes precious time and resources that they could focus on more innovative projects.

Read More

Topics: Security, Service Management

OCM = A Project That is Six Times More Successful

Posted by Kim Gandier on Jul 27, 2017 2:41:35 PM

We’ve all seen the multiplying factor used in advertisements. It’s a strategic way of highlighting a data point to attract attention by saying that something is [blank] times more [blank] than another. For example, a simple Google search resulted in numerous six times factor results. I’ll share a few of the more obvious ones for fun:

Read More

Topics: Change Management

Employer Recognition - Why Does it Matter?

Posted by Ria Neuendorff on Jul 20, 2017 10:48:18 AM

A lot has been said and written about the importance of “Employee Recognition,” but we don’t hear too much on the topic of “Employer Recognition.”

Eleven years ago, we learned of an Employer Recognition program called Best Workplaces in Canada. An organization called Great Place to Work evaluates companies on five disciplines – Pride, Camaraderie, Credibility, Respect, and Fairness – and creates Top 50 lists (by country and company size). What appealed to us about this program was that 67% of a company’s overall score is determined by the company’s employees through an anonymous survey. 

Read More

Topics: Leadership

Our Thinking - The Online Blog is a source for insights, resources, best practices, and other useful content from our multi-disciplinary team of Onliners.

Subscribe to Blog Updates