Online team meeting to cover security, adilas API sockets, black box code, and upcoming white label options. We started out with a number of reports by the different guys.

/////////////////// here are some of the quick reports by the developers:

- Eric - Fixing custom carts and working on the pricing engines. Lots of custom one-off's. Working on loyalty points and special tracking accounts.

- Russell - News and updates - new API socket feeds and such. WordPress site and other look and feel things.

- Wayne - Refactoring code, testing based design, and underlying framework. QuickBooks integration stuff - imports and exports. As a side note, Bryan has had many customers asking about similar type features. Wayne is also working on other database stuff and migration.

- Bryan - White label stuff for outside parties. Tons of custom projects.

- Calvin - Hybrid API to Windows desktop app. Custom PDF labels and printing.

- Alan - Helping Steve with Metrc API stuff. Working on tons of tax and in-line discounts. Helping Brandon with other projects.

- Danny - Generating sales - Props to the developers who are creating the functionality. He pitches the idea that the developers are accessible. Custom labels.

- Shawn - Helping with payroll, federal withholdings, state withholdings, and county level withholdings.

- Brandon - Helping the developers and doing small projects. Merging code and maintenance stuff.

- Steve - Grateful for the help with the Metrc API stuff. Working on phases and sub locations. Steering the ship. New approval levels on other state traceability systems.

//////////////////// meeting notes:

- Talking about the Adilas API and system - dealing with security. Facebook was brought before the senate due to a breach. They allowed an outside company to come in and develop an app for Facebook (basically a 3rd party solution). The problem was... what does that outside service actually do and have access to? The app ended up doing some internal data mining and then sold that data.

- We want our users to be successful - we want to enable them but we also need to protect them.

- Small switch in the sales focus. The older model was one-by-one and dealing with reps and consultants. We are seeing more of a switch to bigger companies that virtually take over the sales force and are wanting to sell our product more as a white label type application. Lots of mixing and blending of products and services. They are allowed to provide all of the supporting services that support our product.

- Ideas from the group about security:

- Russell said, bold it or make it red and let them know what they are exposing (meaning the API sockets). Allow the agreements between the parties... we are part of it, but we let them create the relationships between themselves.

- Steve said, we don't want to make our users work harder... to turn things on, but we do want to make sure that the clients know what they are getting in to. Example of what happened with back in 2015 with Hypur and Emerald Fields (two of our clients). Basically, the 3rd party solution (Hypur) got turned on and then it kept growing (what Hypur was doing and/or requiring) and eventually was trying to get at more sensitive sales and inventory level stuff. Eventually the client was super upset due to the lack of disclosure of what was going on and what was open/available to the outside party.

- We are seeing that most of these 3rd parties and white label people tend to expand what they are asking for. Bryan is seeing that more and more auditing type levels are wanted by these 3rd parties. We have also had a number of questions about different server levels and certifications. Our clients want to make sure that their data is safe and secure.

- Russell brought up the point and the difference between a couple of if statements on a page vs a full on white label type solution. We need to develop and standardize that white label type path. They need to pay for it and also be able to help maintain it (meaning the white label company). Taking things clear out to a white label theme (actual files and folders). White labeling is basically bulk black boxing but you can still use any of the classic pieces. We drew some small diagrams and talked about possible options.

- Shawn chimed in and started talking about building a city. Basically, kinda like urban sprawl or older parts of a bigger city - no plan, no alleys, buildings touch other buildings, and not a well planned layout.

- We need to stay on top of things. Keeping code and the database structure up to date. If we do this... it will help us be more efficient and save us time.

- Eric chimed in and said "process" is the solution vs simple communication only. Basically, as we are growing, we need to get to a more standardized process of development. We have a huge landscape to consider. Lots of moving pieces. Ultimately we need to adopt a process oriented approach. Wayne agrees. Different levels within software development. From critical and saving lives to making sure that we have solid code and pieces. It gets into speed and flexibility against slow and more stable type processes. Maturity in software development is sometimes measured in how well you implement internal processes. Eric thinks this is the next step we need to take as a company.

- Danny has been threatened... :) He was talking about levels that people rely on our solution and how all of that plays in and such.

- Small little analogy of the little red hen... everybody wants it but they may or may not want to participate. In real life, things cost money and take time to get done.

- From Brandon - Let's make this thing what we want it to be!

- Any core elements need to be merged into the master branch. This is required.

- Steve was saying... be on the lookout for companies and what they are wanting. That could help us know how to play with them... Maybe look deeper than the current project. We really need to protect our client's data. He was talking about the adilas market (adilas world) and also the 3rd party solutions page. We need to point outside parties to come through the main monitored pathways. We need to keep those sections updated and let the clients know what is being opened/exposed. Very important.

- The value of oversight and/or having someone to help watch them and help them out. This seems to be new trend. If that is the case, we need to make sure that they know what is going on and what is opened and what is closed (talking about data).

- Brandon will write up some super basic pieces of what our current rules and processes are.

- Alan pitched the idea... Local, live, and then into production - talking about a testing server that will be coming this year.

We ended the meeting and allowed people to jump off the meeting. We basically said we would be doing this again (meaning a team meeting) and would get them some info and instructions.

/////////////////////// after the meeting

- Alan and Steve were talking about breaking up code into logical pieces and making the road map more object oriented. Basically, organizing the use and flow of data - making the map for others to follow. Currently, we are just using Brandon's memory to help guide people to the right spot. We need a better road map that others can follow.

- They got into some technical conversations about threads, processes, RAM memory, read/write times, etc.

- Part of our process needs to be setting up and monitoring the servers (actual eyes and reports or dashboards). We need more information, stats, what pages are being used, what processes are running, and what data is being accessed and how often?

- We talked about caching, traffic, threads, database transactions, data mining, and changing from transactional data to more of an aggregated type model (summing up things and organizing things for reporting features). We need to keep allowing day to day operations but also need to optimize things for reports, exports, and other bulk reporting features.

- Alan and Steve were talking about the challenges of using outside API's and syncing up data between systems. Lots of options, but also lots of moving pieces.

- On the API sockets... We need to provide good samples of how to call things and also good response type data. It is really nice if we can format things as well. It just makes it easier for our guys and also outside developers.