All posts by Benjamin Brandall


How to Host a Website on Google Drive for Free

How to Host a Website on Google Drive for Free

We’re a big fan of cloud services on this blog, and Vinay has written on Process Street about Dropbox vs Google Drive in the past as well as a great guide on how to migrate to the cloud.

If you’re wondering how to host a website on Google Drive for free, well, I just did (and it took me 2 minutes!) so I’ll tell you all about it.

Even though the new Google Drive has made it harder to host websites, there’s still a pretty easy workaround I came across. It comes in the form of a Google Script written by an expert in the field, Amit Agarwal. First I’ll show you this way — the easy way — then I’ll explain how you can do it without the script.

Continue Reading

Business Process Reengineering: What to Do If Your Business Is Failing

Business Process Reengineering

What is business process reengineering?

Like most buzzwords, business process reengineering (BPR) is a dull way to describe an interesting topic. Put simply, it’s the act of rethinking the way you do the important things in your business. It’s when you say “this is so inefficient it’s killing us”, and sit down to strategize how you can improve your processes in a radical and fundamental way.

In this article, I’m going to run through some case studies and explain how Taco Bell, Ford, and Google have reengineered their business processes to create change for the better in their businesses and save them from death by inefficient process. And so can you.

You need to cut out the work that doesn’t add value,  but where do you even start when cutting down on the amount of processes you execute in your business? Let’s look a little deeper into the aims of BPR.

Continue Reading

4 Things SaaS Companies Need to Know About Regulatory Compliance

The following is a guest post submission from Nathan Sykes. Nathan is the founder of Finding an Outlet, a site dedicated to the latest in B2B IT news and trends. Follow him on Twitter @nathansykestech to read his latest articles.

regulatory compliance

As cloud-based solutions, like SaaS and remote technologies, become more prevalent than ever we’re starting to see regulators and auditors get more serious about IT governance standards. As standards become more stringent, companies become more aware of the requirements set upon them and, in turn, ask providers to help with IT audits.

As you might expect, this means the pressure gets offloaded onto SaaS providers, who don’t generally perform audits or mind regulatory requirements outside of their own responsibilities. But the landscape is changing rapidly, not just in regards to audits but additional regulatory and legal constraints too, right along with financial limitations and tax requirements.

What exactly is changing in the SaaS legal landscape, and what do you need to know about it?

Sales tax and nexus

In October 2017, the U.S. Supreme Court ruled in South Dakota v. Wayfair that internet-based and e-commerce retailers can be required, by law, to pay and collect sales tax in states even where they lack a physical presence. This completely uproots decades of legal precedence, not the least of which relates to the concept of nexus.

How nexus applies

Source

Nexus is essentially your physical influence or presence within a state. If you have “nexus” within a region, then you can be required by law to collect and pay sales taxes lest you incur fines and compounding interest. The idea is used to declare and determine where a business may have a physical presence even outside their home state.

Determining nexus has always been particularly tricky because each state varies regarding qualifications. What gives you nexus in one state may be completely different in another. And this supreme court ruling just made it even more difficult, especially for SaaS providers who operate and serve on a broad level outside of their home location(s).

As a result, South Dakota now has an economic nexus law — among 25 other states and counting — that increases the tax burdens of online businesses, SaaS and cloud service providers included. What this means is that general tax burdens will grow, and companies will need to expansively research tax burdens on a state-by-state basis with more scrutiny than ever before. This has happened before, further muddling the definition of nexus and sales tax when it comes to online services, so it’s not unreasonable to think it will be expanded even more in the future.

A major issue with these tighter laws is that they tend to have low limits: 200 total transactions — as opposed to customers outright — in a state will commonly develop nexus. But since SaaS providers deliver subscription-based pricing models and deal with multiple invoices per client, you can end up with nexus in a state faster.

This further facilitates the need to have an accountant or experienced professional deal with taxing and monetary collection policies. Don’t overlook this, especially if your business is spread across varying locations and your service coverage is far-reaching. You will need to identify and understand where sales tax is necessary, and failure to do so will lead to severe consequences not the least of which is heavy legal fines and court costs.

Provider-focused auditing

Security and data governance audits are less an optional state of checks and balances and more a legal and regulatory requirement these days. Therefore the onus has shifted to providers to help deal with and prepare for some of these experiences.

SaaS regulation barriers to cloud adoption
Source

Increasingly, SaaS clients require records on IT security audits, clear-cut data storage, handling and protection policies, performance standards, end even risk management or disaster recovery plans. In other words, you may be initially audited by clients — in a way — before any legal audits take place.

Common auditing concerns

More than proper planning and documentation, it helps to have these elements established long before your clients even ask, so that when the time comes, you can provide the necessary assurances.

Here are some things to consider for future and present audits:

  • Do you have a corporate security policy?
  • Is there a dedicated security team in place to handle events and failures?
  • Do you have a formal procedure for reporting a security violation or data breach?
  • Do you regularly conduct penetration testing or have a third-party handle the process? When was the last relevant test performed, and what were the results? What are you doing to remedy any flaws or vulnerabilities discovered?
  • Whether through external means or internal discovery, what are you doing to both identify and remediate vulnerabilities in your system and network?
  • How often are applications or software tools updated? What is the process for doing so and how does this affect security? What about customer or client downtime? How long will the update process take?
  • Do you have a process for announcing and sharing scheduled maintenance sessions?
  • Is there API access or external integration support? How does this relate to data security and protections?
  • Are all API units authenticated, data encrypted, and monitored?
  • How do you physically secure access to your data facilities or operations sites?
  • How do you comply with HIPAA/Sarbanes-Oxley/PCI DSS 3.0/ and other similar-level regulations? Do you have documentation to support this?
  • Are all your processes — including data backups — documented in full with details on how you handle operations?
  • How far does your disaster recovery plan extend? What will you do if your customers are affected by a breach? How will you continue to ensure their privacy and security?

Legally mandated data protections

GDPR or the General Data Protection Regulation in the European Union is designed to protect businesses from overreaching and provide more assurance for citizens in regards to personal data and privacy. For example, one new requirement from the law forces companies to offer a “forget me” option that allows European citizens to not only download and see any personal associated data collected about them but also delete it in full.

Since SaaS in the enterprise is not inherently a consumer-level business it’s easy to fall into the trap of thinking GDPR doesn’t apply. But it does, in some cases even on multiple levels. With some providers, for example, the protections may extend to customers, a customer’s customers and sometimes beyond. This means that even if your company or business doesn’t serve affected customers, but one of your clients or service users does, then you’re obligated to comply where applicable.

Under GDPR, the purpose, nature and storage duration of data must all be supplied and honored. That is, if you say you’re going to keep data for two years, then you should immediately purge it after said period. You must also define and adhere to the type of data being processed, while also considering the responsibilities, rights and requirements of customers — who generally serve as the source or inherent “owner” of specific data sets.

This extends to security protections, as well. Customers must be informed of a breach or security issues as soon as it a company is aware of it. Providers must ensure that protections are in place to prevent data breaches and fully secure customer information. Failure to do so will result in hefty fines.

Here’s a GDPR and protections checklist you can review to ensure ultimate compliance:

It’s important to understand, however, that no matter how comprehensive this checklist may seem, there’s much more that goes into ensuring compliance. Therefore, it’s crucial you do your due diligence to research and understand the new regulations and how they apply to your business and operations.

General data practices

Outside of the legal and regulatory space, there’s also the matter of protecting your data and digital assets internally.

Throughout most of your auditing and data protection strategies, you’re focused on external data channels that often stem from your customers and umbrella users. It’s easy to forget that you — as a business — have your own proprietary data and trade secrets that you need to handle properly.

Here are some questions you should be asking:

  • How often do you back up your sensitive data and where is it stored?
  • How often are backups completed? If there is a data breach, failure or complication what could be lost?
  • What security measures do you have in place to retain control of your systems and network?
  • How will service interruptions affect your customers, their data and their users?

Protecting data that belongs to your customers and clients is vital, but you need to protect the content that relates to your business or organization and its primary operations as well. If you offer a cloud-service application, for example, where is the source code housed and is it handled or edited in a way that won’t compromise the entire business?

The landscape is tumultuous; be ready to evolve

As is evident through many of the discussions in this guide, the world of cloud computing and SaaS is changing considerably, along with the rest of the enterprise market. There’s a general focus on network and user security, data protection, customer rights and moral responsibility in some cases in regards to products and service offerings. Sometimes, as is the case with GDPR, regulations extend beyond your direct clientele and stretch further down the chain to include anyone affected by internal data usage and collection.

That’s why compliance internally is crucial to the success and continued operations of your business. The last thing you need to deal with are repercussions handed down by government bodies, your customers or the community at large.

What is Task Management? 3 Proven Methods Explained

What is Task Management

The most productive people on Earth aren’t superheroes. They have the same amount of hours in their day as you do, and often find ways to work far fewer hours, too. How do they do it?

When I was struggling to stay on top of my new responsibilities, I was asking the same question. Over time, I discovered task management techniques, to-do list apps and how to stay off Twitter to focus on work that matters.

I’m writing this task management guide because I want to share with you what I’ve learned since being thrown from office grunt work to the hectic life of a startup employee.

Over the next few chapters, I’ll be writing a huge guide to task management that will help you write your to-do list, stay on top of your workload and get more done.

Continue Reading

Ahrefs vs Moz: The Ultimate SEO Tool Showdown

Moz vs Ahrefs

Looking at the pricing pages and marketing material for complex SaaS products can be confusing enough, but comparing two similar products is a real pain on paper.

Which do you choose?

Ahrefs and Moz pricing pages

From just this information, the list of features, and outdated reviews, it’s impossible to make a decision, especially with a very specific set of requirements.

After checking out the features of the major SEO tools, we decided to try Moz and Ahrefs in parallel, getting trials of both on the comparable Medium and Standard plans.

What are our SEO requirements?

Process Street is a young, content-focused startup. Thanks to our content marketing, we’ve been able to grow the company through PR efforts, blog content and guest posts — all without breaking the bank. Finding a powerful tool to analyze just how successful these efforts have been is top priority, to make it less hit-and-miss and shape our SEO strategy in the future.

Here’s what we need from a tool:

Continue Reading

How to Write a Proposal and Get What You Want

how to write a proposal

A proposal has a lot of different purposes, but there’s only one good way to write one: the way that pulls together all of the information in a concise and persuasive way and helps you get what you want … whether that’s a whole new software system, or just a tweak to your marketing strategy.

This article isn’t about a business proposal — also known as a quote — but instead about the document required when formally pitching an idea for action and execution by managers or department heads.

Continue Reading

Weekly Review Checklist: An Insanely Productive Week in 14 Steps

Weekly Review

It’s easy to wake up, check the tasks marked for today and get stuck in with your most urgent and important duty. What’s harder is taking a big picture look at your task list. Who can be bothered with that? Surely that’s an hour you’ll never get back?

Nope!

You’ve got a bunch of tasks marked for later, or pending someone else’s actions. So, when’s ‘someday’? What’s waiting the next action?

You can be so focused on putting out fires and setting priorities that you leave half of your tasks sitting somewhere out of sight, which is the sort of behavior that stops you from hitting your goals and finally getting round to the work that matters.

With a little help from GTD, and inspiration from a number of task management systems, I’ve put together a quick, actionable guide on carrying out a weekly review on your productivity. Do this every week, and you’re sure to stay on top of your game.

Continue Reading

The Checklist Manifesto Review

The Checklist Manifesto Review Header

A book about disasters, human error and a simple tool that could well be the answer

Surely we don’t need any more bureaucracy, do we? Writer and surgeon Atul Gawande says yes, in fact we do. Box-checking and form-filling are often seen as the direct opposites of efficiency, but how many skyscrapers just tumble down out of the blue? Not very many, and The Checklist Manifesto explains why. It all comes down to recognizing that checklists are a powerful weapon in the fight against human error. In a series of anecdotes/case studies spanning from Gawande’s familiar operating theater to the secretive world of venture capitalism, the author makes rock-solid arguments in quick succession about why we all need more checklists in our lives. But not just any old checklists

Continue Reading

How to Build a Customer Feedback Analysis Process (with AI!)

The following is a guest post submission from Federico Pascual, co-founder and COO of MonkeyLearn.

Customer feedback doesn’t just come in through your site’s contact form – it’s everywhere.

You only have to search the Twitter handle of any product with more than a few hundred users to see that customers love to offer their opinion – positive and negative. It’s useful to be monitoring this and learning from it, but casually collecting feedback on an ad-hoc basis isn’t enough.

Startups thrive on feedback as their ‘North star’, and are constantly evolving based on what their customers request, break, and complain about. Enterprises also can’t overlook the fact that customers are what make any company tick, and must struggle harder than startups to stay relevant and innovate.

So, if you’re just collecting feedback ‘as and when’ it comes in, you’re missing out on data that’s just as important as page views or engagement. It’s like deciding not to bother setting up Google Analytics on your homepage, or not properly configuring your CRM; in the end, you’re deciding to not benefit from data that will have a transformative effect on your product strategy.

With a dataset of feedback – whether that’s from customer reviews, support tickets, or social media – you can dig into the words your customers are using to describe certain parts of your product and get insights into what they like, and what they don’t like. In this post, I’m going to show you how.

Continue Reading

How to Make a To-Do List to Power up Your Productivity

Make a To-do List

In the last chapter, I showed you how to get tasks out of your head and into your notebook.

In this post I’m going to answer some questions you might be having about what to do next, and show you how to make a to-do list even when you’re short on time.

  • Where do I put my tasks?
  • How do I break them down?
  • How do I word them?
  • What resources do I need to keep alongside them?

Read on to find out the answers.

Continue Reading

Get a free Process Street account
and take control of your workflows today.

No Credit Card Required