NetSuite adds ERP support for iPhone

NetSuite on Wednesday plans to unveil a new native application for the iPhone and iPod Touch that lets users of its on-demand ERP (enterprise resource planning) suite tap a number of key capabilities while on the go. A calendar feature allows users to accept or decline events and denote completed tasks. Capabilities include a dashboards for viewing company KPIs (key performance indicators), graphs, scorecards, reports and other data. Salespeople can tap various data, such as contacts, opportunities, cases and orders.

NetSuite customers hailed the new application, but said there is room for improvement. The application also provides features like "click-to-call" from NetSuite records that include a phone number. WhippleHill Communications, a Bedford, New Hampshire company that develops portal and content management systems for schools, switched to NetSuite after using QuickBooks, homegrown applications and Microsoft CRM (customer relationship management) software, according to company president and founder Travis Warren. "We were excited about NetSuite but not thrilled with their mobile option. However, in recent years, WhippleHill employees have been switching to iPhones. It didn't run well on our BlackBerries," he said. Apple's moves to ensure iPhone compatibility with Microsoft Exchange only boosted the 85-person company's enthusiasm for the device further, he added.

I get it all in one glance." While he could always log into NetSuite and get the same information, it's much less cumbersome to use the iPhone, which "is always on," versus booting up a laptop and plugging in a Wi-Fi card, he said. Warren, a beta tester on the iPhone app, is using it to gain quick and easy views into his company's performance, he said. "I can see how much cash we have, our sales, tickets opened today. Warren also appreciates the fact that the iPhone app preserves the hierarchy and structure of his core NetSuite account, with no need for separate configuration. "If I have five KPIs [set up] in NetSuite, I have the same ones on the phone." But the initial application has its shortcomings, chiefly that users can't write back much information into the NetSuite system. Kugler also wants access to more granular data. "I think it would be helpful to be able to get snapshots of a particular inventory item, vendor or customer history (sales, units sold, profit, days behind, YTD info, etc.) at a glance," he said. NetSuite customer Brad Kugler, CEO of Distribution Video and Audio, a Palm Harbor, Florida video distributor, has also been using the iPhone application and is hoping NetSuite will expand such capabilities. "Being able to enter simple lead and customer info would be helpful," he said in an e-mail.

NetSuite's goals for the app's first installment was to provide executives with a "360 degree view" of their business, said Malin Huffman, principal product manager. The company plans to boost write-back capabilities over time, he added. "It's definitely in our road map for the future." NetSuite is making the initial iPhone application available for free. "Down the road, it's hard to say what other apps and versions [will be developed], and if a different model makes sense," Huffman said. "With this, we want to get people engaged." The application is available in English at first, but NetSuite is planning to add additional language support as well, according to Huffman.

Tibco brings DIY BI report generation to BPM

Tibco will offer on Wednesday do-it-yourself capabilities for generating business intelligence reports on business processes to users of its BPM (business process management) software. With this information, users can fine-tune their applications. [ Discover what's new in business applications with InfoWorld's Technology: Applications newsletter and Killer Apps blog. ] Previously, users have had to specifically request business intelligence information on BPM from IT personnel. "The cool thing about this technology is unlike existing business integration products or BPM, this product will allow business users to directly manipulate and analyze the BPM data or the process data that's out there," said Rourke McNamara, Tibco director of product marketing. Built as an add-on to Tibco iProcess Suite for BPM, the company's Tibco iProcess Spotfire software enables users themselves to build personalized, real-time process reports. Management of business processes enables users to make businesses more efficient, he stressed.

Customized templates display reports and analyses. Featured in Spotfire are personalized reporting and analytics, as opposed to using static dashboards to display business processes. Contextual process performance data is generated that can be combined with business data from other applications, enabling process performance to be assessed in a full business context, Tibco said. While BPM is used for a wide variety of tasks, McNamara mentioned insurance claims management as an example of a use. Users can build reports on such activities as bottleneck data, process cycle time, and how quickly business participants are working. "This allows the business users to optimize those processes based on how they're being used today," McNamara said.

Tibco's iProcess software represents a convergence of BPM, business intelligence, and business rules engines, said analyst Boris Evelson, of Forrester. Another shortcoming is the lack of common metadata and metadata standards to bridge the gap between data, process and rules data, he said. This convergence, he said, was "necessary to optimize enterprise operations and create actionable insight into data and processes in order to make better strategic, tactical, and operational decisions." But the merging of the three technologies represents an immature market, which has mostly been addressed by systems integrators cobbling together bits and pieces of components from multiple vendors, Evelson said. Tibco's iProcess Spotfire software is built as a Windows client package, although a Web client is available with abbreviated capabilities, called Spotfire Web Player. The company also will roll out iProcess Workspace Lite, an HTML workspace client focused on core activities for executing business processes.

Also being offered in the Tibco BPM space Wendesday is Business Studio 3.2, which is a user interface adding capabilities for visually defining an organization's structure and relationships between different organizational components. A simple user interface in Workspace Lite enables the product to be used more easily by those with impaired vision and/or fine motor control difficulties, Tibco said. This story, "Tibco brings DIY BI report generation to BPM," was originally published at InfoWorld.com. Tibco would not disclose pricing information for the three products. Follow the latest developments in enterprise applications at InfoWorld.com.

Microsoft issues security advisory on IE exploit, patch in works

Microsoft Monday night issued a security advisory that provides customers with guidance and workarounds for dealing with a zero-day exploit aimed at Internet Explorer and said a patch is forthcoming. 15 secrets of next-generation browsers Earlier in the day, the company said it was investigating the incident which emerged over the weekend when someone published the exploit code to the Bugtraq mailing list. There have not been any active exploits reported so far. By Monday night, Microsoft switched gears and issued the advisory.

Microsoft's Security Response Center posted a blog entry last night saying it was working on a patch. "Our teams are currently working to develop an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution. Vulnerabilities that allow remote code execution generally result in patches rated as critical by Microsoft. That may include releasing the update out of band." Microsoft released Security Advisory 977981, which includes workarounds for an issue that exposes a flaw in Cascading Style Sheets that could allow for remote code execution. The advisory confirmed the vulnerability affects IE 6 on Windows 2000 Service Pack 4, and IE 6 and IE 7 on supported editions of XP, Vista, Windows Server 2003 and Windows Server 2008. Microsoft said users running IE 7 on Vista can configure the browser to run in Protected Mode to limit the impact of the vulnerability. The "High" setting will disable JavaScript, which currently is the only confirmed attack mode. It also recommended setting the Internet zone security setting to "High" to protect against the exploit.

Microsoft said IE 5.01 Service Pack 4 and IE 8 on all supported versions of Windows are not affected. SSIRP is a four-step process Microsoft has developed to deal with malicious threats. Microsoft activated its Software Security Incident Response Process (SSIRP) and said the investigation into the vulnerability is ongoing. Issuing the security advisory is Step 3, called assess and stabilize, where "the engineering team investigates and develops the solution, while the communications team reaches out to provide guidance to customers and partners." Step 4 is the resolution stage where "the Microsoft Security Response Center provides tools and solutions." While Microsoft did not say specifically that it planned to issue a patch, it did say in an e-mail to media that "the company recommends customers review and implement the workarounds outlined in the advisory until a comprehensive security update is released." Microsoft also is recommending users upgrade their earlier versions of IE to more recent versions that are not susceptible to the attack, which can give a hacker control of the targeted machine. Right now, it is a potential threat. Earlier in the day, security experts at Symantec's Security Response division said the published IE exploit code does not work reliably but that a better written version is likely on the way. "The exploit code is not very good," said Ben Greenbaum, senior research manager with Symantec Security Response. "So it is going to have to be fine tuned before it is a real threat.

But it is just a matter of time before somebody finds a far more reliable method for exploiting this." He says if users disable JavaScript in IE they would be protected against the exploit, however, the action also would break some functionality on Web sites. He says Symantec already has various protections out that would foil an attack by this exploit, and that others are also in the works. Greenbaum did note that JavaScript may not be the only attack vector, but right now it is the only one that has been disclosed publicly. For the attack to be carried out a user only has to be directed to a malicious Web page or visit a legitimate Web page that has been compromised with the exploit code. Just last month, Microsoft issued a patch rated critical to close a vulnerability in IE first disclosed at the Black Hat conference in July. IE has become a popular attack target for hackers.

In addition to IE, Firefox also can be vulnerable to the exploit when it is running the Windows Presentation Foundation plug-in, which gets installed via .Net Framework Service Pack 1. Follow John on Twitter.

Apple TV software 3.0 on its way with iTunes LP

It's been some time since the Apple TV has received much attention from Apple, and no, dropping the 40GB model and the price on the 160GB model doesn't count. When I checked for iPhone OS app updates and Season Pass downloads this morning, the iTunes Store prompted me with a new TOS agreement. But just in time for the holidays, a new iTunes Store Terms of Service agreement may have let the cat out of the bag. Admittedly, I wasn't interesting in reading such a scorcher from beginning to end, but Apple fortunately highlights the major changes above the agreement.

The second is a bit more interesting, especially for owners or soon-to-be-owners of an Apple TV: The Terms of Sale have been revised to clarify that you can now use iTunes LPs and iTunes Extras on Apple TV with software version 3.0 or higher. There are two TOS changes of note this time around, the first being a clarification of how and when film rentals can be moved between devices. The Apple TV is at software version 2.4 right now and, so far, a version 3.0 upgrade has yet to hit the wire. The arrival of iTunes Extras and LPs on Apple TV is pretty interesting by itself. Apple's support document that lists Apple TV software versions and changes has also not been updated yet. But since the iTunes LP format is based on Web technologies, this also means that Apple would have to add some version of WebKit-the Web rendering engine that powers Safari and an increasing number of other browsers-to Apple TV. Put two and two together, and one could quickly begin wandering down speculative roads that other web-powered services, such as Hulu and Netflix, may either be on their way from Apple, or easy to enable with third-party utilities.

But since it is the holiday season, we certainly hope that an upgrade as large as a 3.0, whenever it arrives, will bring at least a few other features and fixes as well. Still, we've been expecting a software upgrade for the Apple TV for a while now, and support for iTunes Extras and LPs-new features and formats that are simply begging to be displayed on an HDTV-is a great place to start.