Industry Insights from Our Experts

Monthly Archives: July 2013

LightSwitch Apps for SharePoint 2013 Rollup

Comments Off
Filed under Cloud Practice, LightSwitch, Productivity, SharePoint

Hey, I may be all about cloud computing these days, but my heart is still anchored in all that is LightSwitch. With the new Visual Studio 2013 Preview out, I’ve been a busy little beaver (okay, a busy big ol’ bear) with all that interesting LightSwitch stuff.


(image courtesy of Microsoft)

For what it’s worth, here is a bit of a web content rollup about creating LightSwitch applications in SharePoint (yes, most are from Microsoft):

Building Modern, HTML5-based Business Apps for SharePoint 2013 with Visual Studio LightSwitch

Building Modern, HTML5-based Business Apps for SharePoint 2013 with Visual Studio LightSwitch (same presentation, different presenter at TechEd 2013 Europe)

Walkthrough: Creating an App for SharePoint by Using LightSwitch

Walkthrough: Accessing a SharePoint Workflow from a LightSwitch Mobile App

Get Started Building SharePoint Apps in Minutes with LightSwitch

Sending Email from a LightSwitch SharePoint App using Exchange Online

Theming a LightSwitch SharePoint App with ThemeRoller (way cool!)

Publishing LightSwitch apps for SharePoint to the Catalog 

Survey App Tutorial: Developing a SharePoint Application Using LightSwitch

More to come I’m sure.

Hey, if you’re curious to learn more about LightSwitch, I’m your guy. Contact me and I’d more than happy to chat with you about how using LightSwitch can shave weeks, if not months, of your next line of business software project.


Paul P

Save an Image from the Database to the File System with LightSwitch

Comments Off
Filed under .NET, LightSwitch, SharePoint

I recently saw an forum posting where someone asked how to save a LightSwitch Image value to a desktop file. After some poking around the web, here is a solution that I found to achieve this…

The goal is this; provide functionality that allows a user to take an Image value stored in a LightSwitch table, and save that image as a file to the user’s computer.

Seems simple enough. I come from a Windows Forms, and ASP.Net development background, and not so much a Silverlight background. So, I was pleasantly perplexed (I like “P” words) when trying to take that image from the LightSwitch database stream it to a file on the file system.

The SilverLight Challenge

With that thinking in mind I attempted to tackle the problem via the Image class from the System.Drawing namespace in the System.Drawing.dll assembly. With that Image class I thought I could take that image data in my database, a byte array, and convert it to an image format that I can then save as a file. But guess what, that System.Drawing.dll assembly can’t be used in a  Silverlight project – well according to Visual Studio anyway.

So, now my dilemma is to figure out how to get that image data into some kind of image type object that I can then save to the file system. With an ever optimistic view on life, and a fundamental belief that anything is possible, I fired up the trusty search engines and started scouring the net for info. I knew there had to be an answer out there.

…and lookie what I found…

ImageTools to the rescue. ImageTools (http://imagetools.codeplex.com) is an open source project that produces a library of tools for working with images in Silverlight development.

Cool! Let’s give it a try then.

I downloaded the bits, opened my LightSwitch solution in File View, and referenced a few of the ImageTools assemblies into my LightSwitch Client project…

With that little bit of infrastructure set up, I created a little table titled ImageUpload. This table will hold the name of an image, and the image itself…

Next, I created a simple List Details screen, and added a Method data item named SaveImage to the screen…

With that method item added to my screen definition, I drag a drop the element onto the screen design…

Now I need to wire this method up to do what I want, which is save the image from the selected ImageUpload record to my computer’s file system. To do that, I right-click the newly added screen item, and select to Edit Execute Code…

And in the code for the SaveImageToComputer_Execute() method, I apply the following (the whole class is shown here)…

using System;
using System.Linq;
using System.IO;
using System.IO.IsolatedStorage;
using System.Collections.Generic;
using System.Windows.Controls;
using System.Windows.Media.Imaging;
using Microsoft.LightSwitch;
using Microsoft.LightSwitch.Framework.Client;
using Microsoft.LightSwitch.Presentation;
using Microsoft.LightSwitch.Presentation.Extensions;
using Microsoft.LightSwitch.Threading;
using ImageTools;
using ImageTools.IO;
using ImageTools.IO.Png;
using ImageTools.IO.Jpeg;
using ImageTools.IO.Bmp;
using ImageTools.IO.Gif;
using ImageTools.Helpers;

namespace LightSwitchApplication
    public partial class ImageUploadsListDetail

        partial void SaveImageToComputer_Execute()

            // Write your code here.
            Dispatchers.Main.Invoke(() =
                string imageName = this.ImageUploads.SelectedItem.ImageName;

                // get the LightSwitch image value and save it to a memory stream. 
                MemoryStream stream = new MemoryStream(this.ImageUploads.SelectedItem.UploadImage);

                // add the stream to a BitmapImage object. 
                BitmapImage myImage = new BitmapImage();

                // create a WritableBitmap, because we can use with the ImageTools stuff,
                // and use the BitmapImage object.
                WriteableBitmap writableBitmap = new WriteableBitmap(myImage);
                ExtendedImage extendedImage = new ExtendedImage();
                extendedImage = writableBitmap.ToImage();

                // now instantiate a SaveFileDialog, and apply image file filters to it, 
                // as well as a default file name.
                SaveFileDialog dialog = new SaveFileDialog();
                dialog.Filter = "Png Image|*.png|JPeg Image|*.jpg|Bitmap Image|*.bmp";
                dialog.DefaultFileName = imageName;

                // show the dialog to the user.
                if (dialog.ShowDialog() == true)
                    // FileStream the file created by the user using the dialog.
                    using (Stream fileStream = dialog.OpenFile())
                        // instantiate an ImageTools ImageEncoder object.
                        IImageEncoder encoder = null;

                        // check which filter was selected by the user, then
                        // use the appropriate encoder for it.
                        switch (dialog.FilterIndex)
                            case 1: 
                                encoder = new PngEncoder();
                            case 2:
                                encoder = new JpegEncoder();
                            case 3:
                                encoder = new BmpEncoder();

                        // encode the image and place it in the file stream.
                        encoder.Encode(extendedImage, fileStream);

                        // write the file to the file system.

Note the using statements

The code is pretty self explanatory, so I am not going to waste time typing out what each line does. You can figure that part out.

Now, when I run the app, I am able to successfully save the image as a file on my computer, neat!


Okay, now the caveat!

This example works fine for a Desktop (out of browser)  based LightSwitch application. If you want to do the same for a web application (in browser) then you will need to do some tweaking. Remember, this is a Silverlight based application, which brings up some trust elevation issues that need dealing with. For more information on elevating trust for an in browser LightSwitch application, check out this great article by Jewel Lambert on how you might be able to achieve this – http://dotnetlore.com/how-to-use-previously-out-of-browser-only-features-in-lightswitch-for-in-browser-apps-with-vs-11-beta/

Now for lunch!

Let me know how it works out for you.


Article source: http://www.paulspatterson.com/technology/lightswitch/db-image-to-file-system/

Is Cloud-based Identity Management Right For You?

Comments Off
Filed under Cloud Practice

How many passwords does it take to screw in a light bulb? Or, how many passwords does it take to use all your cloud and on-premise services?

Yes, I too suffer from password sprawl. This is mostly due to how quickly I take to the latest and greatest cloud service offerings. I can easily put the blame on my need to vet and review new cloud related products and services, whereas in fact the blame is completely on me for being very curious about the latest in shiny and new technologies. The more I abstract the things I do with technology, the more identities I seem to need.

Traditional on premise IT infrastructures typically include identity management tools, such as Microsoft Active Directory. The huge growth in the use of devices, and how people are using those devices for both internal enterprise applications as well as consumer cloud services, is challenging the way enterprise manage IT.

Check out this great article by Quinton Wall, Director of Technical Platform Marketing at Salesforce.com.  The article talks to the issues about identity “sprawl” in the context of cloud computing. I especially like the recommendation that organizations should transform identity management from the traditional on-premise model to a cloud-based identity management model. Maybe there are alternatives that you can easily leverage today?

Moving to a cloud-based model is only part of the solution pie. There still needs to be the transformation of the organization’s governance model too.

What do you think? Are you in favor of, or skeptical of cloud-based identity management?



Creating a Governance Model for Public Cloud Security

Comments Off
Filed under Cloud Practice

(re-post from the blog of PaulSPatterson.com)

What does public cloud governance mean to you?

Their are obvious opportunities that the public cloud offers, and while the rewards far outweigh the risks, there are still risks. Applying governance to your cloud strategy will set you in a better position to realize value, within the levels of risk that you are willing to accept.

The flexibility of today’s cloud services, especially public cloud services, provides for very convenient and easy ways of “spinning up” services on demand. Just like the way grocery store candy and magazine stands serve customer impulse buying tendencies, so do the offerings of some public cloud services. It is very easy to provision a new service in the public cloud. With Windows Azure for example, I can fire up a full blown 8 server infrastructure, complete with networking and integrated services, in a matter of twenty minutes. That simple convenience makes it easy to cater to impulse tendencies.

Policies and procedures are meant to ensure that activities are executed in way that are in the best interest of the organization. Additional governance processes specifically for cloud services ensures that those services are used in a controlled way, so that the interests of the organization are maintained. Creating and deploying a cloud based server farm that includes virtual networking connected to your on-premise infrastructure, for example, presents risks. With a set of governed practices, that cloud based deployment will meet the expectations of the organization, and thus make your CIO sleep better at night.

Is governance for cloud services needed? Well, let’s try and answer the questions that help determine if your use of cloud services should be governed in some what or another.

What returns do you expect to receive from public cloud services? What opportunities will be lost of you don’t adopt a cloud strategy?

Again, the risk of using public cloud services are likely insignificant compared to the opportunities that will be lost.  Operational efficiencies. Improved customer service and satisfaction. Sales and revenue. There are plenty of opportunities in adopting a public cloud strategy. Planning and executing on a sound cloud strategy can enabled an organization to realize a return from new opportunities.

Policies and practices will typically guide how public cloud services will provide value.  Governed cloud services are expected meet organizational expectations, with goal being that the services used will return value and  realize new opportunities.

If you used a cloud service today, is there clear direction and does that direction align with strategic objectives?

Cloud services are not the means to an end. Cloud services are simply another mechanism for enabling and delivering business value. Your current internal data center, or your “private cloud”, was created for a reason; to deliver value to the organization.  Decisions on IT spending are ultimately measured against strategic objectives. The decisions made to use cloud services should be traced back to clearly defined, accepted, and measured organizational priorities.

Do you have a cloud strategy for your organization? If so, does that strategy include plans to meet enterprise goals and objectives?

Are you ready for the cloud? How do you feel when someone starts talking to you about public cloud services?

Some organizations are not ready for the public cloud, or cloud computing in general for that matter. There is a lot of publicized hype and marketing about cloud services. The cloud computing landscape can be confusing and intimidating at best. Being ready for the public cloud means being comfortable about what the public cloud offers, and what risks are, and are not.

An organizations’ readiness for public cloud services can be gauged by the following:

  • The amount of public cloud knowledge in the enterprise.
  • Organizational attitude towards the public cloud, and does the organizations’ culture support public cloud opportunities.
  • Existing strategies conflict with using public cloud services.
  • What does your gut say?

Determining an organizations readiness for adopting a Public Cloud strategy is critical in identifying adoption pressure points. Rather than brute force the implementation of a strategy, due diligence will hash out and prioritize the opportunities that will bring the organization to a state of Public Cloud readiness. Risks should be identified with existing organizational culture, knowledge, and policies and practices. A readiness assessment can then created and vetted.

What else?

Some resource that I have found of interest (so far)…

Hey, this is just one of many topics I am discovering  in my never ending public cloud security journey. I likely just touched the surface on this particular topic and if you have any insight, opinions, or whatever, please let me know. The more discussion the better.


Organizations Struggle with SharePoint Data Security Governance

Comments Off
Filed under Cloud Practice, SharePoint

(re-post from the blog of PaulSPatterson.com)

This article is not quite specific to my cloud security bandwagon context, however I was just reading an interesting report from Aberdeen Group. The report, titled SharePoint Collaboration Secure and Mobile, talks to a couple of SharePoint data security concerns that I found interesting. Most notably, how organizations are not performing well at data governance with their SharePoint environments.

Data Security and the Cloud Sprawl

Keeping track of corporate data is harder today than it ever has been. Introduce the use of cloud services for data management, and now your looking at whole different dimension end-points to worry about.  Adding the elastic and organic nature of the cloud, specifically in how cloud services are used to host data, seems to only compound security and privacy concerns.

And it’s tough to keep up. As quickly as we move to adjust and implement governance models, a new way of doing something in the cloud is made available. SharePoint is arguably the most commonly used collaboration software used today. Consider the massive amount of documents, lists, and knowledge that is managed by today’s enterprise SharePoint environments, and the number of users that have access to those environments. Those same users are also accessing elastic cloud services and social networks that when combined, represent a sprawl of new risks that are sometimes impossible to map and keep track of.

SharePoint Concerns

Coming back to SharePoint, Aberdeen presents some points about what organizations are performing well at with SharePoint, and what they are not doing well at. Two pieces of insight are presented in the report; how well are organizations doing when they use complementary security technologies for SharePoint, and how they are struggling with SharePoint data governance.

The use of complementary security technologies seems to be what most are doing well at. Measurements of security-related incidents, non-compliance incidents, and human related errors, were each used to determine how organizations fared.  Strategies such as; disk encryption, data classification, data loss prevention, and rights management are used. According to the report, best-in-class users of SharePoint are leaders in the use of disk encryption and data classification, while the lagging performers seem to have more issues due to data loss, and rights management security.

Clearly understanding expectations of how data is accessed and used seems to be a challenge for most organizations using SharePoint. SharePoint empowers users with the ability to do a lot of things, including the ability to define very granular security permissions. Without a clear and defined expectation of what users should or should not do, users can wreak havoc with the data. Organizations, according to the report, are struggling with data governance.

What Can Be Done?

As per the report, there are some steps that can be taken to mitigate a more secure SharePoint environment.

  • Data Classification. Taking an inward-out strategy by putting controls on the data. The idea that information about the data follows the data wherever it goes, even it happens to go outside of the SharePoint environment – such as into the cloud sprawl.
  • Prioritize Security Objectives. Create, or apply existing, data security and compliance protocols to SharePoint data.
  • Policies and Procedures. Especially important for publicly traded companies, data in SharePoint needs to meet legislated compliance regulations, as well as organizations guidelines.
  • Knowledge and Training. Teach users how to do things right the first time.
  • Best Practices. Using security best practices will scaffold the privacy and protection of the data.
  • Complementary Tools. There are many complementary data protection tools for SharePoint. Use them.

I can see much of the above being applied to pretty much any other internal, and external cloud-based, environment. What attracted me to this report were data security concerns, and how poorly many organizations are doing with data governance.

Do you see any of this being a concern? How about in your own organization?

Canadian Legislation and Cloud Security

Comments Off
Filed under Cloud Practice

(…re-post from PaulSPatterson.com)

If you’re a Canadian based enterprise looking into cloud services, you need to understand that Canada has it’s own domestic security policies that, essentially, mirror those of the United States. You’ve likely heard of the United States’ Patriot Act. Canada has it’s own version of the Patriot Act called the Anti-Terrorism Act (Bill C-36), which amended the Canadian Security Intelligence Service Act (CSIS Act) as well as the National Defense Act.

The Anti-Terrorism Act is legislation created in response to the September 11, 2001 attacks in the US. This act amends existing legislation to give Canadian security agencies additional powers to respond to terrorism threats. In effect, the act offers more security and surveillance powers to agencies, when required.  Some of the provisions of act expired in March of 2007, which were not renewed as a result of a House of Commons vote a month earlier.

In 2012, Bill S-7 was introduced in  the Senate. Bill S-7, also known as the “Combating Terrorism Act” sought to restore the expired C-36 provisions, as well as amend new crimes to the bill. The recent bombings in Boston escalated the agenda of S-7, which resulted in a vote in April which saw the bill passed into legislation.

The Anti-Terrorism Act is similar in context to the Patriot Act in the US. What is somewhat different is that Bill C-36 also considers other concerns. Consider the United States Foreign Intelligence Service Court (FISC), which is responsible for issuing surveillance warrants to the likes of the FBI and NSA – basically allowing foreign spies to be spied on. Bill C-36 provides amendments to the CSIS Act that essentially offers the same powers to Canada’s own domestic security and intelligence communities. Considering that Canada is known as a world leader in communications research and technology…

Understanding that these laws are created in the spirit of preventing terrorism, and not meant to be an over arching mechanism to keep tabs on everyone and everything. The immediate thought of a Hollywood type spy movie plot is an unfortunate, and a sensational, scenario that many in the real world immediately think about when first we talk about security and privacy in the cloud. We have the oversight, and general understanding of what the difference is between right and wrong, to mitigate the risks that the legislation is not being used for what it is intended to be used for.

What to know more about Canadian privacy legislation, and then some? Check out this massive list of resources compiled by David T.S. Fraser here…

Also, his blog post by Shaun Calderwood from Perpetual West is another terrific resource for all things cloud security and privacy in Canada.

What are your thoughts on domestic cloud security and privacy concerns?

Geeks and Repetitive Tasks

Comments Off
Filed under Corporate Culture, Developing Teams

Canadian Cloud Law

Comments Off
Filed under Cloud Practice

(re-post from the blog of PaulSPatterson.com)

One of my favorite sites these days is David T.S. Fraser’s Canadian Cloud Law Blog (www.cloudlawyer.ca). I can easily answer objections related to using cloud services; especially from people here in Canada. However, I am just one person, and having resources such as David’s blog certainly helps add credibility to the objection handling in my cloud context conversations.

If you are a Canadian organization, or doing business with a Canadian organization, then I encourage you to visit David’s blog. If anything, browse through the Cloud Computing Privacy FAQ on the site. The information on the FAQ is fantastic, and is a great reference point for further cloud privacy conversations.

Remember, using the cloud is not an all-or-nothing proposition. There are private and hybrid cloud opportunities that will address privacy concerns, while still offering real value to the organization. Canadian enterprises specifically can take advantage of these types of integrated cloud scenarios to benefit in ways that will offer a great return.

Data is just a part of the overall solution. Keeping data on-premise while leveraging public cloud services to offload processing, for example, is one scenario that has been proven to be successful. Keeping the data private and within the organizational boundaries keeps data concerns private. Leveraging the elastic nature of cloud services to take care of “spinning up” services when needed takes the load of otherwise important internal IT infrastructure. Data doesn’t need to be stored externally, and when the data is used it is compressed and encrypted for use by external services but not stored externally.

There are plenty of options and opportunities for Canadian enterprises to leverage the cloud. Feel free to send me a note, or contact me directly, with whatever questions or conversations you have. I love talking about this stuff.

Curious to know more about what the cloud means to Canadian organizations? I’d be more than happy to chat about it.


Copyright 2018 by Quercus Solutions