Tag Archive for: Cloud Security
The Horrors of Excel for Data Management
Locus has been preaching on the pitfalls of Excel for a long time. It’s no surprise that one of the worst imaginable errors in Excel that could’ve happened, did. Almost 16,000 COVID-19 cases in England went unreported because Public Health England hit the maximum row count in their version of Excel.
This is not the only example of Excel being misused or being the wrong tool entirely for the job. Excel is not in any way a data management system for complex or vital data. When it comes to sustainability reporting and environmental data management, the evils of the grid are a force to be reckoned with. We have highlighted a few examples that will have you shivering.
Case 1: The Evils of Autofill
Take a look at this harmless-looking chart. It shows monthly electricity consumption for a facility set to report:
| Month | Monthly Electricity Consumption (MWh) |
| January 2019 | 133,500 |
| February 2019 | 122,400 |
| March 2019 | 138,900 |
| April 2019 | 141,600 |
| May 2019 | 141,601 |
| June 2019 | 141,602 |
| July 2019 | 141,603 |
| August 2019 | 141,604 |
| September 2019 | 141,605 |
| October 2019 | 141,606 |
| November 2019 | 141,607 |
| December 2019 | 141,608 |
During review, the auditor notices a distinct trend from April to December, indicating false data overwritten by a stray double-click. Eventually, the auditor required re-entering all invoice data for dozens of facilities to correct the issue. Where the original data went and how autofill went astray remains a mystery.
Case 2: The Phantom File Editor
Imagine using a massive spreadsheet with lots of linked calculations for your annual sustainability report. One of the team engineers works on the file to input more data and get it ready for presentation. But in the final steps, they accidentally delete one of the formulas that sum up the indicators. The annual total looks great for the presentation since you’ve effectively removed a portion of your resource consumption, but afterwards you discover the conclusions were incorrectly calculated. How did that error get introduced? The spreadsheet has no auditing capabilities on the individual values, so you may never know.
Excel supports multiple users editing one document simultaneously, but not well. Multiple records are saved, edits are lost, and vital data vanishes, or at best is very hard to recover. The Track Changes feature is not infallible, and over reliance on it will cause hardship.
Case 3: Date of the Dead
Excel has a frustrating insistence of changing CAS numbers into dates, even if they are something like “7440-09-7″ turning into September 7, 7400. If you’re not explicit in your cell formatting, Excel isn’t happy leaving values as they are.
Case 4: Imposter Numerical Values
You meant to type 1.5, but you typed “1..5” or “.1.5”. Does Excel reject these imposter numbers or let you know of a potential error? No, it’s stored in Text format. This can throw off any averages or sums you may be tracking. This minor identity theft can cause a real headache.
Other Significant Cases:
Other data quality issues with using Excel include, but are not limited to:
- Locations with multiple variations of the same ID/name (e.g., MW-1, MW-01, MW 1, MW1, etc.)
- Use of multiple codes for the same entity (e.g., SW and SURFW for surface water samples)
- Loss of significant figures for numeric data
- Special characters (such as commas) that may cause cells to break unintentionally over rows when moving data into another application
- Bogus dates like “November 31” in columns that do not have date formats applied to them
- Loss of leading zeros associated with cost codes and projects numbers (e.g., “005241”) that have only numbers in them but must be stored as text fields
- The inability to enforce uniqueness, leading to duplicate entries
- Null values in key fields (because entries cannot be marked as required)
- Hidden rows and/or columns that can cause data to be shifted unintentionally or modified erroneously
- Inconsistent use of lab qualifiers— in some cases, these appear concatenated in the same Excel column (e.g., “10U, <5”) while in other cases they appear in separate columns
As you can see, the horrors of Excel are common, and terrifying. Without a proper system of record, auditing features, and the ability for data to vanish into the ephemera, Excel offers little in the way of data security and quality for organizations managing vital environmental and compliance data. Many are learning firsthand the superiority of database management systems over spreadsheets when it comes to managing data. Now is the time to examine the specific shortcomings of your current system and consider your options.
Infographic: 12 Ways SaaS Can Improve Your Environmental Data
Software as a service (SaaS) databases offer several unique features that allow you to manage your environmental data more thoroughly and efficiently. This infographic highlights twelve key features of SaaS databases for environmental software. 
This infographic was created based on a four part series of blog posts on the same topic, which can be read here.
An EHS&S Look Into the Tech Used in the Iowa Caucuses
The Importance of User Implementation and Quality Assurance from an EHS&S Software Provider
After reading about the IowaReporterApp used during the 2020 Iowa caucuses, it struck me how remarkably similar it is in intended function to the EHS&S software developed by my employer, Locus Technologies. Both their application and Locus’ mobile technology collect large quantities of sensitive data from several remote users at multiple facilities, allowing for instant calculation and reporting. What surprised me though, is just how vastly different their user implementation and data management methodology was from what is standard operating procedure at Locus.
In this blog, I will highlight some of the pitfalls of the IowaReporterApp, and compare it to Locus’ EHS&S software. Note, this article is not a political critique, but is an examination of data collection and data quality methods used during the caucuses.
Implementation
Users were introduced to the IowaReporterApp just days before the caucuses and received no app-specific training. Many users were downloading the application on the night of the caucuses.
The Iowa caucuses have been held biennially for almost a half-century as the first major contest of the primaries. The date of the caucuses was a surprise to no one. As a result, app development deadlines should have given enough time for user implementation, through one-on-one training or presentations with appropriate support staff. If app deadlines were not met, there should have been a fallback to redundant reporting systems, like in the case of Nevada, who were also planning to use the app but have opted out after the debacle in Iowa.
When Locus introduces new users to our software, we take implementation seriously. Our customer support team is composed of domain experts who have actively built and used Locus software. We know the deadlines and the problems users typically face during the implementation process. From one-on-one and on-site training to quick turnaround, our support team does everything they can to ensure that users are comfortable with our product as soon as possible.
Untested Software/Quality Assurance
User implementation deadlines are all the more important given that the software had no real-world use to this point. While it is not advisable to go live with untested software, at the very least, having users stress test a product before field-use could have staved off a few issues.
This is something we see frequently with newer products and newer companies. Locus has over 20 years of experience creating EHS&S software used by U.S. government organizations and Fortune 500 companies. Our quality assurance team rigorously tests any update we bring to customers and doesn’t rush changes to sell a platform update, since every user is always on the same version of Locus software.
Data Redundancy
No one can question that Excel or Google Spreadsheets can perform math correctly, but what is frequently overlooked or not even considered, are the macros, custom functions, and calculations that are often added to spreadsheets when deployed for managing data and other tasks. If one fails, there need to be backups for reporting and storing data.
When the untested application predictably failed, users flocked to the phone lines as a redundancy. Manual data collection on such a scale created confusion and could not carry the load, and had no way of accounting for errors in data entry. At Locus, we understand the importance of EHS&S data, and maintain backups and full audit trails for all critical data, with quick restoration available so you can keep going if anything should happen.
Security
The IowaReporterApp was not released in time to get approval in Apple’s app store, and it was sent out through beta testing platforms which required suspension of smartphone security settings.
ProPublica, a nonprofit organization who produces public interest investigative journalism, did a report on the security of the IowaReporterApp after the Iowa Caucuses. Shockingly, they found security problems to be “elementary” and that the app was so insecure that vote totals, passwords, and other sensitive information could have been intercepted or changed. Luckily, there seems to be no evidence of hacking or tampering with results.
Locus understands the need for security with sensitive data, and hosts our entire infrastructure in the most secure and reliable cloud, Amazon Web Services. AWS has an unmatched portfolio of cloud services that Locus fully utilizes to the benefit of their customers.
Summary
Overall, I think that the mishaps related to the IowaReporterApp show just how easy it is for a data collection and management application to fail if not properly implemented and ran by those with years of practical expertise. Subverted data quality will always be extremely costly to your organization, both financially and otherwise, and should be avoided unequivocally.
Locus Technologies was founded in 1997. Locus’ environmental data management software currently handles over a half billion sensitive records taken from over one million unique locations and is used hundreds of organizations including the government agencies and Fortune 500 companies. Aaron Edwards received his bachelor’s degree in Political Science from UNC Asheville and is Marketing Associate for Locus Technologies. He is an active voter, and is unaffiliated with any political party.
Infographic: 6 Benefits of EHS on AWS
In this infographic, we have outlined a few of the ways EHS programs benefit from having an AWS-hosted solution. Locus customers recently received these benefits as a result of moving our entire infrastructure to Amazon Web Services—the world’s leading cloud. Learn more about the move to AWS.
Tag Archive for: Cloud Security
Locus Technologies Leads Industry in Safeguarding Customer Data with Renewal of SOC 1 and 2 Examinations
SAN FRANCISCO, Calif., Dec. 20, 2023 — Locus Technologies, (Locus), a trailblazer in cloud computing enterprise software for environmental, energy, air, ESG (Environmental, Social, and Governance), sustainability, water, and compliance management, proudly announces the successful completion of the System and Organization Controls (SOC) 1SM and 2SM examinations. These examinations reaffirm Locus’s unwavering dedication to maintaining exceptional standards in financial reporting management and overall system integrity, setting it apart from its competitors.
Conducted by A-Lign, a respected CPA firm, the comprehensive examination has once again validated Locus Technologies’ unparalleled commitment to stringent industry standards. The resulting CPA report attests to the company’s relentless focus on robust controls and procedures, ensuring the security, availability, processing integrity, confidentiality, and privacy of its Software as a Service (SaaS) system, placing it at the forefront of data protection in the industry.
Neno Duplan, Founder and CEO at Locus Technologies, expressed pride in the company’s continued strides in data security, stating, ‘Our successful compliance renewal further solidifies our position as an industry leader, showcasing our commitment to safeguarding our clients’ invaluable data. In our 27-year history as SaaS company we had no breaches of customer data’.
Locus’ consistent possession of these certifications since 2012 signifies the company’s steadfast dedication to excellence and its role as a standard-bearer for EHS Compliance and ESG software in providing a secure, dependable, and market-tested SaaS platform.
The recent examination by A-Lign not only reaffirms Locus Technologies’ position along with its Amazon Web Services (AWS) partner as an industry leader in cloud-based enterprise software but also underscores the company’s proactive approach to ensuring the highest levels of service quality and data protection for its global clientele, positioning it far ahead of its competitors.
Customers can remain assured of Locus’ unwavering commitment to delivering superior SaaS solutions and maintaining the security and reliability of customer data. For a company to receive SOC certification, it must have sufficient policies and strategies that satisfactorily protect customer’s data. SOC 1and SOC 2 certifications all require a service organization to display controls regulating their interaction with customers and customer data.
Locus leads the industry in providing cloud computing enterprise software for environmental, energy, air, ESG, sustainability, water, and compliance management. The company’s dedication to technological advancement and unparalleled data security ensures it delivers cutting-edge solutions that surpass industry standards and positions it as an industry leader in setting new benchmarks for safeguarding customer data.
About Locus Technologies
Locus gives businesses the power to be green on demand and has pioneered web-based environmental software suites. Locus software enables companies to organize and validate all critical environmental information in a single system, which includes analytical data for water, air, soil, greenhouse gases, sustainability, compliance, and environmental content. Locus software is delivered through Cloud computing (SaaS), so there is no hardware to procure, no hefty up-front license fee, and no complex set-ups. Locus also offers services to help implement and maintain environmental programs using our unique technologies.
For further information regarding Locus Technologies and its commitment to excellence in SaaS solutions, please visit www.locustec.com or email info@locustec.com.
Locus Technologies goes all-in on AWS
SAN FRANCISCO, Calif., 23 July 2019 — Locus Technologies (Locus), the market leader in multi-tenant SaaS water quality, environmental compliance, and sustainability management, today announced that it is going all-in on Amazon Web Services, Inc. (AWS), moving its entire infrastructure to the world’s leading cloud. By moving its flagship product EIM (Environmental Information Management) to AWS this month, Locus will complete its transition to AWS. Locus previously moved its Locus Platform (LP) to AWS in 2018.
EIM is the world’s leading water quality management software used by many Fortune 500 companies, water utilities, and the US Government since 1999. Among its many features, EIM delivers real-time tools to ensure that water utilities deliver clean water to consumers’ taps and don’t discharge contaminated wastewater above allowable limits to groundwater or surface water bodies like streams, lakes, or oceans.
EIM generates big data, and with over 500 million analytical records at over 1.3 million locations worldwide, it is one of the largest centralized, multi-tenant water quality management SaaS systems in the world. With anticipated growth in double digits stemming from the addition of streaming data from sensors and many IoT monitoring devices, Locus needed to have a highly scalable architecture for its software hosting. The unmatched performance and scalability of AWS’s offerings are just the right match for powering Locus’ SaaS.
Because of the scope of its applications, Locus is expecting to leverage the breadth and depth of AWS’s services (including its database systems, serverless architecture, IoT streaming, blockchain, machine learning, and analytics) to automate and enhance the on-demand EHS compliance, sustainability, facility, water, energy, and GHG management tools that Locus’ software provides to its customers.
Running on AWS’s fault-tolerant and highly performant infrastructure will help support Locus’s everyday business, and will scale easily for peak periods, where reporting demand such as GHG calculation engine or significant emissions incidents like spills can skyrocket scalability demand.
By leveraging Amazon CloudFront, Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Kubernetes Service (Amazon EKS) and AWS Lambda, Locus is migrating to a microservices architecture to create more than 150 microservices that independently scale workloads while reducing complexity in the cloud, thereby enhancing every element of the customer cloud experience. Locus built a data lake on Amazon Simple Storage Service (Amazon S3) and will leverage Amazon Redshift to analyze the vast amount of data it is storing in the cloud, delivering insights and predictive analytics that uncover chemicals trending patterns and predict future emissions releases at various locations.
Locus intends to leverage AWS IoT services and Amazon Managed Blockchain by building a new native integration to help businesses generate value from the millions of events generated by connected devices such as real-time environmental monitoring sensors and environmental treatment systems controls. AWS IoT is a set of cloud services that let connected devices easily and securely interact with cloud applications like EIM and Locus Platform and other devices. Locus IoT Cloud on AWS allows customers to experience real-time emissions monitoring and management across all their connected sensors and devices. And for customers who want to allow multiple parties to transact (e.g. GHG trading) without a trusted central authority, AWS provides a fully managed, scalable blockchain service. Amazon Managed Blockchain is a fully managed service makes it easy to setup, deploy, and manage scalable blockchain networks that Locus intends to use for emissions management and trading.
For example, a water utility company that maintains thousands of IoT-enabled sensors for water flow, pressure, pH, or other water quality measuring devices across their dispersed facilities and pipeline networks will be able to use Locus IoT on AWS to ingest and manage the data generated by those sensors and devices, and interpret it in real time. By combining water sensor data with regulatory databases, water utility companies will be able to automatically create an emergency shutdown if chemical or other exceedances or device faults are detected and as such, will be better prepared to serve their customers and environment.
By combining the powerful, actionable intelligence in EIM and rapid responsiveness through Locus Platform with the scalability and fast-query performance of AWS, customers will be able to analyze large datasets seamlessly on arrival in real time. This will allow Locus’ customers to explore information quickly, find insights, and take actions from a greater variety and volume of data—all without investing the significant time and resources required to administer a self-managed on-premises data warehouse.
“After 22 years in business, and after evaluating AWS for a year with our Locus Platform, we decided to switch and continue all our business on AWS. We are taking advantage of their extensive computing power, depth and breadth of services and expertise to develop an effective cloud infrastructure to support our growing business and goal of saving the planet Earth by providing and managing factual information on emissions management, all the while reducing operational costs of Locus’ customers,” said Neno Duplan CEO of Locus. “By operating on AWS, we can scale and innovate quickly to provide new features and improvements to our services – such as blockchain-based emissions management – and deliver exceptional scalability for our enterprise customers. With AWS, we don’t have to focus on the undifferentiated heavy lifting of managing our infrastructure, and can concentrate instead on developing and improving apps and services.”
“By organizing and analyzing environmental, sustainability, and water quality information in the cloud, Locus is helping organizations to understand the impact of climate change on drinking water,” said Mike Clayville, Vice President, Worldwide Commercial Sales at AWS. “AWS’s unmatched portfolio of cloud services, proven operational expertise, and unmatched reliability will help Locus to further automate environmental compliance for companies ranging from local water utilities to multinational manufacturing corporations, to federal government research agencies. ”By choosing to go all-in on AWS, Locus is able to innovate and expand globally, developing new solutions that will leverage comprehensive analytics and machine learning services to gain deeper insights and forecast sustainability metrics that will help deliver clean drinking water to consumers around the world.”