Posted by Linda Jonas on June 13, 2014
Every software service today needs a mobile app, right? But is it good enough to have an app just for the sake of having one?
We actually started working on a mobile version three years ago but decided to stop and focus solely on our core product first. Now we are ready to tackle mobile properly! We’ve written a new Small Improvements RESTful API which makes the transition to mobile easier, smoother, and sustainable for rapid co-development. iOS will be our first platform.
The use-case we are focusing on for the beta version is: Capturing and referring to ongoing feedback on the go. Say a manager goes into a meeting with his direct report and wants to see what was last discussed, or someone attending an outstanding presentation quickly wants to post public praise or take a private note. To support this, the beta version will focus on the messages feature as well as a offer full overview of colleagues and direct reports. Performance reviews, objectives and todos are displayed for reference.
The functionality is a streamlined version of the web application so anyone who has used SI will be familiar with the set up. A new addition to the four feature tabs is the ‘people’ tab. In here, you can search for colleagues, access your direct reports’ profile pages quickly, as well as check your todos.
The message feature is pretty much fully functioning with default posting categories, voting, and replying to messages. The reviews are currently limited to viewing only. We do not plan to support any of the administrative functions of SI in the mobile app.
Let us know your thoughts! There is no ETA yet, but if you have an iPhone and would like to take part in the beta testing, please get in touch. We want to make sure we deliver the right app that supports your most common needs.
Posted by Linda Jonas on May 19, 2014
We’re proud to announce our newest security feature: You can now connect your Small Improvements account to your mobile phone, and then when you log in with a new browser for the first time, you’ll be asked to produce the SMS token (or app-generated token) to prove that you actually have the phone. You only do this once per browser of course.
This little step increases security a lot: Imagine a hacker were able to obtain your password elsewhere (e.g. from a hacked online-service you used). Without 2-step verification, they can log into all of your accounts easily. But they can not log in to SI (nor other 2-step protected services) because they will have to enter the SMS token as well – but they don’t have your phone, so they can’t receive/generate the token.
Now, you don’t have to force all your SI end users to enable 2-step verification. But it would be a good idea to enable it for all your admin staff, and maybe for the CEO and CFO, because those users have access to a lot of confidential data and would make great targets for hackers.
You’ll find more about this feature in our documentation page.
Posted by Per Fragemann on May 5, 2014
We decided to entirely rewrite some of our administration screens. We started by creating new versions of the performance review and 360 review overview screens, and the results are impressive! We’ve been beta-testing the features with a few clients, and new evaluators since March have had access to the screens as well, so we’re now proud to announce their public availability.
The “classic” screens are still available, you’ll find a link in the top right corner. If you feel you’d like the old screens back until your current review cycle is over, please send us a mail. (We don’t really see any reason why you’d want the old screens back, but it’s possible)
A lot of the improvements are about speed and usability, so the video explains it best!
For those of you who are in a hurry, here are some screenshots!
We’ve moved all admin actions to the top left.
The cycle picker is now part of the header, groups all cycles and provides additional detail.
This is the best part of the new screens: A org chart view of your company helps you decide who should get reviewed within the current cycle. You can also switch to list view without losing your selection, and sort by name or hiring date:
We’ve also improved tons of smaller details, like the ability to sort by each column, a new distribution of ratings, and more accessible timeline view. But you’ll have to experience it! :) In case you run into any unexpected problems with the new screens, the old screens are still available, you can return to them by clicking the “return to old screen” link in the top right corner.
We have also started working on a new version of the user directory, and we’ll continue to iterate on the overview screens because we still have lots of plans. Let us know your thoughts!
Posted by Per Fragemann on April 12, 2014
A security error (nicknamed Heartbleed) in the SSL protocol has affected a large share of internet services and devices. Small Improvements runs on Google data centers that were vulnerable to the Heartbleed error. All SI systems have been patched by Google by Wednesday, and we have reissued all SSL certificates on Thursday. We’re not aware of any actual compromise or breach, but as a security measure we have reset all user passwords on Friday.
Small Improvements is hosted on a service called “Google App Engine”, and unfortunately Google App Engine was affected by the co-called Heartbleed bug. On Wednesday Google issued a statement that all systems had been secured. We had taken a look on Tuesday when we first learned about the problem, and didn’t find the SI infrastructure to be vulnerable then already.
It was good news that our service was patched early on. But we still had to wait until Google officially announced that we’re safe before we could replace our SSL certificates, so that’s why it took until Thursday.
Having been vulnerable doesn’t necessarily mean that anyone actually stole any data from the SI systems. But due to the nature of Heartbleed it’s impossible to know. This applies to all the thousands of services affected by Heartbleed by the way. We believe it’s unlikely that someone singled out Small Improvements specifically, but it’s entirely possible that some attackers started harvesting data from the internet in general, and that these people are now sifting through whatever they could grab.
A key concern in data breaches are passwords and confidential data in general. We always store passwords in an encrypted form (using bcrypt) and all textual content it stored using AES-256, so it’s unlikely that anyone would be able to decode this data even if extracted from our servers. But due to the widespread nature of Heartbleed, and the fact that many people use the same passwords across websites, we feel that there is a significant risk of passwords stolen elsewhere being tried out on Small Improvements accounts some time in the future. SI admins have access to a lot of confidential data, but even non-admins store quite sensitive data in SI, and we don’t want any of it to get exposed.
We first intended to prompt our users to change passwords on their own. But people have other work to do, might be on vacation or simply not read our mail. So we then decided to clear all SI passwords at once on behalf of users. Passwords can be reset using the “forgot password” feature via an email. So while this bulk reset is slightly inconvenient for end users, it removes chances of a future hacking attempt.
We have taken security matters very seriously at SI right form the start of our company. We’re continuously adding internal security improvements, and have also shipped a couple of customer-facing security improvements recently. Our latest development is a 2-step verification feature (also known as 2-factor auth, or mobile token auth). This has been in private beta for a month, and it’s now entering public beta. We’d like to encourage you to try out the feature (and enable it at least for administrators). Also, you can use IP range restrictions to limit access to SI to your company VPN. And you should consider increasing the minimum password length for users so far that they are forced to use a password manager (and thus have no reason to reuse passwords across sites at all anymore).
In other news, we’ve also increased some internal security triggers to be a bit more “trigger-happy”. For instance, even a minor update of your browser (as per your user agent) will now require a user to re-login. We have plenty of plans for additional internal and external improvements, and we’re very open for your suggestions too!
Although many vendors try to use very evasive language to play down the vulnerablity (“all patched, all is good”), we believe this bug should be taken very seriously by everyone. Many of your passwords, both for business and for private use, may have been compromised, and get used against you either now or some time in the future. You should reset all your passwords, starting with your most important services. We recommend keeping your very most important password in your head, and for all the non-critical passwords download a password manager today. It will allow you to use a new password on each service you use, limiting any future hacking impact as well.
Details at CERT: http://www.kb.cert.org/vuls/id/720951
The Heartbleed bug website: http://heartbleed.com/
A statement from OpenSSL: https://www.openssl.org/news/secadv_20140407.txt
Heartbleed Bug explained as a cartoon: http://xkcd.com/1354/
Posted by Per Fragemann on April 11, 2014
It’s been a year since our last Meet & Mingle in Sydney so it is time to reconnect over drinks! Join us for evening of networking, exchanging ideas and meeting Small Improvements’ newest Sydney-sider Chris. Drinks on us!
The event will be on Wednesday April 2nd.
If you are an existing client and have not replied to my email yet, please get in touch to not miss the opportunity of meeting up with fellow awesome HR leaders in your hood. Should you be new to Small Improvements and interested plus happen to be in town, please reach out to Linda.
Looking forward to a great evening with you!
Posted by Linda Jonas on March 23, 2014
Previously, I played the part of PM-D…Performance Management Doctor (The Diagnosis). I talked about the symptoms of an unhealthy performance management process based on feedback from the Impact99 HR Summit Toronto. I had a closer look at the pain points that people described and realized that they, and the remedies, followed a path from start to finish.
Traditionally, most organizations fail to communicate the true purpose and expectations of the performance review process. Therefore, most employees consider it to be a negative experience; waiting to hear about how they have not achieved the expected level of performance. By default, most people see the process as merely a means to an end…that end being salary increases or promotions. What do you consider to be the purpose of the process? What are your expectations? Have you clearly communicated those expectations to your entire organization? If your people expect one thing but receive another, there is a disconnect that undermines the process.
So, let’s ask ourselves what connects people to the process? Is your process one that is typically pushed from the top down? Even if it isn’t, is there a perception that it is? For example, what would your employees say if you asked them “who owns the performance process, who benefits from it and how?” Would they see themselves in the process? Would they see themselves as the owners, the drivers, the ultimate beneficiaries? If everyone takes ownership of the process – exec’s, HR, managers & employees – then it will cease to be a process that people “have to do” and will become something that people are motivated to do because it’s their own! It becomes part of the culture.
Transparency, reciprocal trust, collaboration and alignment result from ongoing discussions and will also draw people into the process. Discussions about the organizational vision results in productivity and pride in one’s work. Communicating expectations assists in setting reasonable objectives. Someone who is enrolled in the business, who has clear objectives, and understands their contribution is someone who is eager to set their goals and measure their results in a performance review. If the performance process relies on open discussions so that nobody is left in the dark, and there are no surprises at review meetings.
As I mentioned in Feedback: The Guidance System for Performance, more frequent performance check-ins are a much better use of time and effort than the traditional “year-end review” meeting. People perform on a daily basis, so why wait until the end of the year to discuss accomplishments and challenges. There’s no better time for improvement than the present. Organizations and individuals can become more agile by making small adjustments in their performance as they go along…not 10 months from now!
OK…you’ve just had your performance check-in with your manager. You’ve discussed your accomplishments, areas for improvement and set your objectives going forward. Now what? You have to keep them connected to the process; you need to follow-up. This shows integrity – aligning one’s actions with their words – and reinforces the trust you created through ongoing dialogue. If a need for more training was requested by the employee or manager, it would be a colossal fail if nothing was provided. If an employee has set an objective and doesn’t formalize it and provide updates…#fail again.
Expectations, ownership, discussions, check-ins and follow-up. Combine all these things and you have a process that is productive and meaningful. People within an organization want to know that their performance process actually means something, individually and for the bigger picture. Especially the younger generation. Organizations need to realize that this generation will expect meaningful work, which includes ongoing feedback and discussions. They will want to know how they are performing and how they can continue to perform at their highest level.
Wrap all this up in a simple process where individuals and teams are aligned with organizational goals, and people will be confident that they are part of something bigger. Best of all, you can elevate the level of overall engagement. A great performance process shows that the organization’s leaders actually care about their people. Recent studies (like the 2013 Spring report from Globoforce) have shown that leaders recognize engagement as one of the top challenges within their organization.
We are constantly looking for ways to improve the way we manage our performance. We look for new and innovative tools and methods to increase engagement and productivity. Sometimes the best thing for our organization is right under our noses. Try writing your own prescription.
Posted by Tim Baker, CHRP on January 20, 2014
While the Australian Open is on and Melbourne is hit by a heat wave, there is no better way for HR folks to relax then to escape into a cool environment and meet & mingle! Don’t get me wrong, I love Tennis and am looking forward to being in the Rod Laver arena myself next week. But on Tuesday January 21st from 5pm onwards, Small Improvements will serve drinks! Advantage you :)
Come and join our famous Meet & Mingle event, where clients and prospects get to geek out about performance management and simply hang out together! It’s a casual event without an agenda. So if you are free and keen, drop Linda a line for more details.
Posted by Linda Jonas on January 15, 2014
A sampling of “patients” at Impact99 HR Summit 2013 Toronto described several symptoms of an ailing performance management process. There appears to be a deficiency of several important elements for a healthy process, such as results, expectations, meaning and consistency.
Posted by Tim Baker, CHRP on January 9, 2014
We’ll be phasing out support for Internet Explorer 8 over the next couple of months, so here’s what you need to know:
IE8 got released in March 2009. By Internet standards that’s very old. It was the first decent browser by Microsoft in a long time, but even back then it was not a great browser. And compared to today’s versions of Chrome, Firefox and even IE 10 it’s slow, and it’s a pain to develop software for it. This frequently slows us down at Small Improvements. The tools we use to build SI are dropping IE8 support, making it even harder to continue supporting it.
So starting in January, we’ll phase out support for IE8 gradually, and we’ll make IE9 the minimum Internet Explorer for Small Improvements. This won’t happen in a big bang. We’re aware that many of our customers are in the middle of their review cycles, and we won’t slam the door shut on them just like that. Instead, we’re starting to ship new admin features that require IE9 now, and we’ll keep alternatives open for a few more months. Once we drop these alternatives, administrators and middle managers will have to use newer browsers, but end users can still work on IE8 for a limited time.
For example, we have been re-implementing several administration/middle-managers screens using new technology, and these new screens will not work in IE8 anymore. We’ll ship three of these new overview screens in January. We’ll keep the current (“old”) admin screens alive for another few months, so you can opt to not use the new improved screens for now. But this option will go away around April 2014.
End user screens are next. We’ll re-implement the messaging and the objectives screens in spring, and we’ll roll these out around June 2014. That’s the time when even your end users will need to have a more modern browser to access SI for messaging and objective-setting. We expect to have reimplemented most remaining end user features (reviews and 360s) by Septemer, and that’s when IE8 simply stops working entirely with SI.
So in summary, dropping IE8 won’t happen over night, but in case you still use IE8, now is the time to consider how to get your admins, then your managers, and then your end users to using modern and secure browsers. It’s not that hard really. Even if you’re stuck on Windows XP for now and cannot install IE9, there’s always Firefox and Chrome that work just fine on XP.
Posted by Per Fragemann on January 9, 2014
Customer testimonials offer a great insight into what actual user think about a product. We are very proud of our customer success stories that serve as little case studies. And now we are are adding videos!
As part of a 7 week trip around North America, we visited lots of customers and asked how they are going with Small Improvements. Not only did we get invaluable feedback, but while at it, we also pointed a camera or two at them. We’re so pleased with our ‘home made’ videos, that we are now filming customers in Australia. Maybe Europe is next and I’m certainly not opposed to the idea of flying to all 6 continents that we have clients on ;)
Check out the first video below plus follow our testimonial overview page for plenty more to come! We’re currently busy editing so are looking forward to your thoughts!
Posted by Linda Jonas on January 7, 2014
The Small Improvements application was unavailable for roughly 8 hours on Thursday Dec 5, starting at 3pm PST and recovering at about 11pm PST. We’re very sorry about this. Here’s what happened and what we’ll do about it.
Starting at roughly 3pm PST many of our clients encountered our general error screen, or a timeout, or were able to log in but then ran into errors while using SI. While some managed to get some work done intermittently, we’d consider that the application was unusable for about 8 hours. This was a very painful experience, especially since many of our customers had a Friday deadline, and many end users tried logging in but couldn’t complete their work.
Posted by Per Fragemann on December 6, 2013
Working remotely comes with advantages and disadvantages. For a small team of 10 people to cover 200 clients on 6 continents, being distributed in over 3 continents is awesome! The Internet makes it possible to collaborate from 5 cities but time zones and the lack of face to face connections bring challenges. Hence, Small Improvements flew the crew together and brought the development team from Berlin as well as customer success and marketing people from Sydney, San Francisco and Toronto to meet their colleague in New York. Many have worked virtually for several months, yet never got to hang out in person. Read the full post »
Posted by Linda Jonas on November 12, 2013
On October 23rd, in Toronto, we asked attendees of Impact99 HR Summit to tell us their pain points about their performance management process.
“In just a few words, describe the biggest pain point in your current performance review process. If you could have just one wish, what would you improve?”
We had a number of responses and there were similarities in what people are saying. In a future post, we will look at the commonalities and themes from the responses.
Posted by Tim Baker, CHRP on October 23, 2013