Error Tuesday: Workflow errors & EXEC wfDeployClrAssemblies

There are many issues that can occur with workflow within Microsoft Dynamics GP. The first step should always be to run the following script on your database (After a backup).

EXEC wfDeployClrAssemblies

If this does not resolve your issue, then I would recommend checking your setup. Sometimes a manager will be removed or an email changed.  I had one instance where workflow was being used and the email server was changed and this caused an error that the script would not resolve.

If you ran the script and went through the setup steps to verify that all setup is correct, then I would open a case with Microsoft.

Advertisements

IT Friday: Top 3 Reasons You Need to use a Phishing Simulators

Despite all your network protections, all it takes is one click from your end user to open your network.

Imagine, it is three o’clock on a Friday afternoon. Joe opened his email to check the responses from his clients. He sees an email from FedX saying his tracking number is available. Perplexed, Joe opens the e-mail to find what it is about. He wasn’t expecting something from a client. He opens the tracking PDF and sees a generic looking document that doesn’t appear like anything he is working on. Rolling his eyes, after confirming it has nothing to do with his job, he closes it and then deletes it.

After a relaxing weekend. Joe comes into the office and logs into his computer. He goes to open his sales document to be told that it is in an unrecognizable format. Document after document after document produces the same result.   After a 1/2 hour of frustration he finally reaches out to his IT.

His computer and shared drives were encrypted by CryptoLocker.

I would request a raise of hands if this has happened to your company but in this day and age, it probable that your company already has dealt with this horrible virus.

What can we do to protect ourselves?

Typically, a good firewall and anti-virus are recommended. These are the first line of defense against any intruders trying to brute force their way onto your network. Scammers are getting clever and going to old reliable tactics.  Spamming your inboxes with fake messages that launch viruses directly on your end user’s PC. Even a properly setup spam filter will miss a few of the items coming into your network. Which leads us to the last line of your networks defense.

Often the last line of defense against viruses are your users. Users can be tricky. Many end users are savvy and are able to keep up with technological advancements. Others don’t know the first thing about a computer except to turn them on and complete their daily work functions.  With various degrees of technological know-how, they are your last line of defense and it’s your responsibility to verify all of them are trained to not click on that one suspicious email.  If they do click on it, then to reach out to your IT ASAP to immediately start cleaning the PC.

How to provide effective training?

Knowing that it only takes one user, there is a better way to train all employees to reduce the risk of your company becoming a statistic. People learn best by doing. If you want to learn anything then active learning is best. You can send lists to your employees until you are blue in the face and all they will accomplish is a passive understanding. There are several options out there. The one that I have used in the past is knowbe4.   Knowbe4 is only one example of a phishing simulator.  Here are some more:

These types of services allow you to send test emails mimicking phishing emails.  They can be used in conjunction with training and a way to train how well your team is listening and applying what they learned.  If your team is struggling with one concept you can use the simulators to nudge them to remember.  The benefit is that you can train your users in a safe, secure method.  It also allows you to see the likelihood of someone in your network clicking on something they should not.  This is by providing proactive training instead of reactive training.

To summarize the article above:

1. Scammers are not going anywhere.
2. Firewalls, antivirus, and spam filters cannot catch everything and your users will be your last/first line of defense.
3. People learn best by doing.  Using the simulators will only allow your users to train in a safe way while expanding their security awareness knowledge.

Security Mishap Friday: Hackable Passwords Part I

Password security is something everyone always hears about.  Make sure that you have a strong password.  Weak passwords are hackable.  What I find that is not mentioned enough is what constitutes as a strong password is constantly increasing as hackers get better.  15 years ago they recommended adding uppercases to lowercases.  10 year ago they recommended adding numbers.  5-10 years ago they also recommended adding in symbols.  The definition of a strong password keeps shifting.

This is typically not a problem if you keep up with the latest requirements/recommendations for passwords.  Additionally, humans seem to be psychologically wired to make passwords easier to remember.  This is typically by using words that have some meaning to them.

My favorite exercise is to make a sentence that means something to you.  With the sentence, you would then take the first and/or second letters of the words.  Capitalize some, replace some with numbers or symbols.

If you are not that creative and don’t want to remember the password.  You are in luck!  There are solutions for these two issues.  First, there are password generators that will create a password for you.  The two I like to use the most are LastPass Password Generator and Norton Password Generator.

The next problem comes from remembering the passwords.  It is not recommended to reuse passwords, because once they crack one then they will crack all of your accounts.  Creative companies have created an automatic solution for this.  Dashlane and Last Pass 4.0 Premium are two password vault solutions that store your passwords in an encrypted vault.  These two options are nice as they both offer a cloud solution that you can access your passwords anywhere on any device.

Top 5 SQL Tips for Microsoft Dynamic GP

  1. Think necessity – Only look for the information you really need. The fewer rows that you pull in the quicker your query will be.
  2. Keep it simple stupid (KISS) – When you attempt to get fancy with the queries, it can have consequences. Meaning that the queries can take longer and pull unnecessary data.  Overcomplicating a query can cause unintended headaches that are avoidable.
  3. Select before a change – Select statement before you change it to a delete or update statement
  4. Measure twice, cut once when restoring a backup – Setup the restore and then go through the screens to verify that you have the correct databases, MDF and LDF selected.
  5. Always make a backup – Before you start troubleshooting an issue ALWAYS make a backup. Even if you do not anticipate making changes, make the backup.  For example, when I accidently dropped a table from the database while troubleshooting, anticipated hours of hardship were avoided by backing up the database before I started making changes.