A collection of business news and technical articles, ideas, tips & advice relating to CRM strategies, applications and general observations.

New Release: Quick2List for KReports

Previously it was only possible to build a Target List in Sugar/SuiteCRM either from an SQL query or via Sugar Pro Reports. However if you don’t have Sugar Reports your only option was to get stuck into writing SQL. Our latest release of Quick2List now support KReports from SpiceCRM ( Users with KReports (v4.0+) can now pick one or more KReports and attach them to a Quick2List query instead of writing SQL code. Target Lists are now self maintained on a schedule. For more details or to buy Quick2List please go to SugarOutfiftters

FibreCRM’s servers protected against VENOM

A new security vulnerability called VENOM surfaced last week and cloud service providers such as ourselves have been working hard to address the issue.

VENOM, which stands for Visualized Environment Neglected Operations Manipulation (Quite a mouthful!) lies at the heart of any virtual server environment infrastructure. It starts from virtual machines, several of which can run on each physical server, and can allow access elsewhere on a server and potentially elsewhere in a given data center.

Here is a description of this issue from Jason Geffner, a researcher who discovered the bug:

This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems.

Rest assured that we have been working closely with our hosting provider and all our servers have been protected against the security vulnerability. domain now A Rated.

As part of the on-going support and service to our customers, FibreCRM continually monitors the security and performance of its systems.

Last week we renewed the SSL certificate for our domain where the hosted system environments reside, this certificate is one of the best on the market and supplied by Globalsign.

Our servers are running the latest supported versions of SSL/TLS and any outdated/unsupported versions are disabled to help defend against potential security threats. You may have heard of the Heartbleed Bug or POODLE both of which affect the usage of outdated versions of SSL and were addressed within hours of the threat being made public.

Due to our constant review of security I am pleased to announce that the domain is now ‘A Rated’ by Globalsign and Qualsys.

qualsys_demo_fibrecrm globalsign_demo_fibrecrm