What's Happening at Evergreen?

I hope that you and your team are doing well. In this update I'll be covering the following topics:

Security improvements

As you may be aware from recent news, data breaches are becoming more and more common. So at Evergreen we are committed to making sure all our customers' systems are up-to-date and robust.

To achieve this we're implementing significant improvements this year. These measures are designed not only to protect your data from external threats but also to better protect the security of your entire team.

The repercussions of a data breach can be substantial. Therefore we're making sure we've got the right level of security in place for the data you are storing.

We'll be in touch shortly, if we haven't already, to discuss one or more of these enhancements:

  • Implementation of long, strongly encrypted passwords
  • Automatic password expiry after a set duration
  • Session timeout after a period of inactivity
  • IP address locking for added security layers
  • Multi-Factor Authentication (MFA) via text, email, Google Authenticator, or MS365
  • Seamless integration with Google and MS Outlook sign-in for added convenience
  • Utilisation of passkeys for enhanced authentication

It's also worth checking that your company insurance covers cyber attacks and data breaches. Please contact us if you are unsure of how many high-risk personal records you hold in your system.

 

Version changes

As you may be aware, your system uses a well-supported programming language called PHP. Over the last 18 months we have moved it to our new platform, with PHP upgraded to version 8.3 and improvements made to the database server as well.

This version of PHP is actively supported until the end of 2025 and will still receive security support until the end of 2026. However we will be looking at any changes when they occur and whether we need to make any tweaks to the underlying code.

We see these upgrades as a very important part of keeping the users of your system and their data safe and secure.

 

Upgrade package

Following from above, every 12 to 24 months we need to make a step change up the version numbers. 

This has plenty of upsides, but the noticeable downsides are that the costs and timings of these updates are unpredictable and there is a risk that new problems are introduced as so much changes each time.

Due to advances in our inhouse technology we’re now able to offer a smoother and less risky path for the upgrades and for you to pay for the changes in a more manageable and predictable way.

We have put together an upgrade package for our customers using the Laravel framework along with PHP. Laravel is now releasing a version every year and actively supporting them for 2 years.

Rather than us waiting until the 2 years is nearly up, we can offer a packaged upgrade which means it will be updated alongside other monthly changes. This will mean you’ll get security and feature updates more quickly and smoothly.

With the Upgrade Package Without the Upgrade Package
Simple monthly cost Unknown cost every couple of years
Quicker updates Updates are more ad hoc
Testing little and often will reduce major bugs More to test and therefore it's easier for potential problems to be missed

 

Supplier and other costs

We have all seen our costs increase over the last few years and our hosting provider has followed suit by raising their prices by 20% at the end of November 2022.

We also experienced significant pressure on salaries for our experienced developers as the marketplace for software development is still very strong.

And of course there was general price inflation throughout the rest of society causing other suppliers to increase their prices.

We did our best to shield you and our other clients from the worst of these rises through 2023 but there still may be slight rises in our own fees through 2024 to compensate.

 

New improvements and offerings

We've been completing some interesting projects recently and some parts could be of benefit to your business. We've listed a few below, but if you have an idea about something else then please feel free to contact us.

  • Office 365

We're integrating an increasing number of systems with Office 365 products, this can be two-way integration with Outlook, Calendars or even Sharepoint. It means that your system can send/receive emails, create calendar items, and a lot more.

  • Software that works online and offline

As you know our core service is creating online web-based applications. You can access your system in a web browser on your workstation, laptop and mobile device. However, these applications rely on an internet connection to reach the database server.

Increasingly our customers are asking for applications that can also work offline as well as online. It’s strange to think that in 2024 there isn’t a wifi or 4G (or 5G!) connection everywhere you go, but it does happen, especially when you’re in a remote location, in a basement or just somewhere where you can’t access the local wifi network.

So, in these situations we build web apps that can be used where there is no internet, and then automatically synchronise when a connection becomes available. 

  • Big changes in the Telephone market

In 2025 all ISDN and PSTN telephony services will be switched off. This basically means the old analog service is going away. I'm sure you're aware of this and have plans in place, or like the vast majority of UK businesses, you've already switched to a digital or VOIP (Voice-Over-IP) system.

We have partnered with a local telecoms company, Bytes Digital, to help make this process easy for those that haven't made the switch yet.  Even better, their VOIP system can easily integrate with your bespoke software system.

 

What happens next?

We will contact you about your system to talk through potential security improvements on your system and your own Security Policies for your staff.

There are good standards to check your policy against, Cyber Essentials and Cyber Essentials Plus. You don't have to pay another company to take you through the questions, but it can be useful to use their advice.

Here's the link to the Gov website: https://www.ncsc.gov.uk/cyberessentials/overview

Even just reviewing the "getting ready" section is a handy guide for things to get right within your organisation: https://getreadyforcyberessentials.iasme.co.uk/questions/

 

Any questions or thoughts?

Please call me or Andy Pegg on 01454 269087 for a chat.

 

Yours faithfully,

Managing Director
Evergreen