Category Archive: Association Management Solutions (AMS)

Most companies leverage a variety of software platforms to manage their businesses. For a small commercial business, this may be limited to one or two systems, like a CRM and marketing tool. While some associations manage to work solely within the confines of their AMS, most organizations also utilize multiple purpose-built solutions for specific needs (like an LMS, Event Management, CMS, etc.).

About a decade ago, the primary challenge for orgs using multiple systems was implementing single-sign-on (SSO) to allow members to login once and move between systems to complete tasks. That problem has largely been solved, especially with the advent of affordable identity providers (IdPs).

Now the challenge for most organizations who are using, or would like to use, disparate systems, is how to best integrate those systems and ensure that the connections are robust, reliable, and help the org best leverage the data stored in those systems.

Integration Options

There are two main methods of integration: point-to-point and iPaaS (Integration Platform as a Service). While point-to-point integration can work well for simple use cases, it is not a scalable solution for larger organizations. With point-to-point integrations, you often end up with a web of integrations among systems as seen in the “Point to Point” Model below. If you want to change out a single system in the future, you will have to rebuilt multiple integrations.

With an iPaaS, all of your integrations run through the integration platform, providing a much more scalable solution as seen in the “Hub and Spoke “ model below.

Benefits of iPaaS

Organizations of all sizes are leveraging best of breed solutions and will continue to do so in the future.  An iPaaS is a much better option for associations, and here are a few reasons why:

Flexibility: iPaaS offers flexibility in terms of integration capabilities. It can integrate with a wide range of systems, including cloud-based and on-premises applications. This means you can connect all of your business systems, regardless of their location or type, via a single platform.

Scalability: As your business grows, so does your need for integration. Point-to-point integrations can become cumbersome and expensive to maintain as the number of connections increases. iPaaS, on the other hand, is designed to scale with your business. It can handle a large number of integrations without any additional effort or cost on your part.

Engagement Data: More and more associations are seeing the benefits of measuring member engagement, but one hurdle in real effective metrics and analysis can be the number of systems in place where engagement data is gathered.  An iPaaS can be leveraged to propvide a consolidated data lake/warehouse that can provide a holistic view of your members via your preferred business intelligence tools.

Simplicity: iPaaS simplifies the integration process by providing a single platform for all of your integration needs. This eliminates the need for multiple point-to-point integrations, which can be complex and time-consuming to set up and maintain. With iPaaS, you can manage all of your integrations in one place, making it easy to add or remove connections as needed.

Stability: Many iPaaS solutions include out of the box integration points to connect with commonly used systems.  And for edge cases where there is not an existing connector, it is typically fairly straightforward to implement a new one.  By leveraging an IPaaS provider’s expertise in implementing and monitoring integrations, you can increase uptime and lower the risk of broken connections.

Cost-effectiveness: Point-to-point integrations can be expensive to set up and maintain. Each connection requires specialized expertise and resources, which can quickly add up in terms of time and money. iPaaS can often offer a more cost-effective solution, especially as long term goals are considered. It provides a single platform for all of your integration needs, eliminating the need for multiple point-to-point integrations and the associated maintenance costs.

Security: iPaaS offers a higher level of security compared to point-to-point integrations. It uses secure protocols and encryption to protect data as it is transferred between systems. This ensures that your sensitive business information is kept safe and secure.

In conclusion, as your association explores how to best integrate disparate systems, exploring an iPaaS should be part of the process.  Be sure to consider all costs and benefits associated with both approaches – you might just be surprised how affordable some solutions are and how much more you can do with your data.

Most people think of strategic planning as a marathon 8- or 10-hour or 2-day retreat. You process lots of information, discuss, debate and brainstorm. You have lunch brought in so you can work without a break. You fill flip chart after flip chart with ideas.

Then, around mid-afternoon, when it’s time to start making important decisions, you’ve hit cognitive load. You’re mentally and physically spent.

There Is A Better Way

​What if you took those grueling 8 or 10 or 12 hours and divided them into manageable 2- or 3-hour sessions, each of which has a contained set of goals and builds on the one before? What if you had time to reflect, think and process between sessions?

By holding shorter sessions via video conference over a period of time, we have found that organizations actually make progress more quickly and end up with better results. Doing one piece of the process at a time and giving participants a break between sessions can make your strategic planning more thoughtful, integrative and aligning. All of this is done virtually combining video conferencing with a collaborative tool to capture notes and ideas along the way.

There are many benefits to pacing strategic planning sessions and working virtually. Some of these include:

• Working with more clear and defined goals for each session groups go further faster.
• During the time between large group sessions, participants can fully flesh out their ideas on their own or with a few others, so each person’s perspectives will be part of the finished plan.
• Pacing also allows the strategic planning committee or other leadership groups to do refinement between the large group planning sessions.
• Groups reach alignment more easily and quickly because they’ve had the time and space to sift out the chaff and home in on what’s really important.
• It also is often easier for volunteers to fit into their busy schedules.
• AND so important to budget challenged nonprofit organizations – it saves all the cost of paying for everyone to travel to be together.

But What About Zoom Fatigue?

It seems like we are spending our lives on Zoom and other video conferencing systems these days. So the prospect of doing your whole strategic planning process online as well might fill you with dread. What differentiates a meeting you dread and one that gets you excited about the work you do? Think of all the bad meetings you have attended – whether in person or online what made those meetings boring and frustrating? Typically they are meetings with:

• Have no clear purpose, goal and agenda
• Without a clear purpose, a seemingly random group of people is brought together
• No one has taken any time to prepare for the meeting, including the person who is leading it
• The meeting is either way too short for the agenda assembled on the spot or way too long
• Conversations meander in unconnected directions
• No one knows what they are supposed to do after the meeting is over

A well facilitated online strategic planning process has the opportunity to be the opposite of what is on the list above.

• Clear goals for each meeting,
• One session building on the next,
• Each session is appropriately scoped to have enough time for in depth discussions,
• Notes are created in real time,
• You leave with clear next steps and follow through.

But to have this success and translate the process online effectively, you will need to do a few things.

Plan Ahead & Educate Yourself

You will need to plan what tools you are using. You will need to make sure everyone is able to access the documents you will be referring to during the meeting, the files or system you will be using to capture notes and brainstorms, etc. Also be sure to plan for a lower tech plan B. You need to familiarize with the systems you are using to run the meeting. Take some time to play with the system before you pull the group together. Consider testing some features with a colleague and see what you can “break.”

Match Your Tech Tools With Your Participants

You may be excited about trying out the online brainstorming tool you just heard about but make sure that what you choose matches the skills of your participants. You want people focused on their strategic conversation not struggling to make the tool work. So for some groups Zoom and a google doc, and the occasional Jamboard, will be a perfect match. For others, Zoom (or another video conferencing tool) plus an online brainstorming tool like Miro or Mural will work great.

Educate Your Participants

You can try and avoid spending the first 10 minutes of the meeting getting everyone acquainted with the technology systems by creating a video or two that provides a quick overview. Loom is good for this and very easy to use. You might also give the group a small assignment that gets them into the tool you will use for note taking. Something as simple as asking them to open a google doc and write their name at the top of the document. Or, if you are using a more sophisticated tool such as Mural – have them do a check in process. This kick starts your check in at the beginning of the meeting and gives them the chance to play with the tool before the meeting without the same time pressure.

Distraction, Distraction, Distraction

It is hard enough to keep everyone on track when you are together in a room. Then add technology and distance. Your phone and email chirping in the background. Getting on Zoom and wondering whether your co-workers have pants on. Your kids or pets making a ruckus in the next room. Online meetings have to fight for people’s attention even more than in person.

Ask For Their Focus

When you meet online, everything else on the person’s computer or device is there to distract them. A simple step you can take at the beginning of each session is to ask them to close their extra tabs, email, notifications, etc. for the duration of the meeting. Remember to take breaks. Take a moment for everyone to get out of their chair and stretch.

Building Rapport Online

Over the past year and a half, there has been a lot written about the disadvantages of online meetings. Clearly you are missing out on a lot of body language and other non-verbal cues. If folks do not know how to turn off the self-view, it can be wearing and anxiety producing to stare at yourself for hours. Building rapport with people online is one of the things people often mention as a challenge in online meetings. Yet with some intention it is possible.

Connection Before Content

A good practice (whether in person or online) is to be sure to take a little bit of time at the beginning of the meeting to connect on a personal level before you jump into the meeting agenda. This could include a check in question such as an ice-breaker. Some people cringe when you mention icebreaker. Yet the question does not have to be “what Harry Potter character are you?” or “or [fill in the blank with a question you’ve been asked at beginning of a meeting that had nothing to do with the issues at hand]. It can be work-related.

With groups who do not know each other, making the question relatively safe is often a good place to start. What is the latest app you discovered and love? What is your superpower? What are you hoping we achieve today? If the group is large and you are afraid intros and icebreakers will take up a chunk of the meeting time, split people into smaller groups (2-4) and have them introduce themselves in their small group.

Creating Norms

If the group is going to be working together for a while, help them have a conversation about how they want to work together. What helps them work effectively in a group? What might get in the way working together online and remotely? How might they address those challenges? It may take a few rounds of brainstorming and refinement to come to a set of agreements that work for everyone. Yet having this list of agreements will help if the group runs into challenges.

Pause

Online it takes a little bit longer for people to jump into the conversation. They may hesitate wondering whether someone else is going to talk and not wanting to interrupt anyone. Rapport and trust will be lost if a person in the group does not feel like their voice is being heard. They may feel you are rushing through items without sufficient time for discussion.

A good practice as a meeting leader is to pose a question or discussion topic and then take a drink of water. Taking that drink will prevent you from continuing to talk and gives your meeting participants time to gather their thoughts and respond.

Pulse Checks

Do you really know whether everyone is with you and in agreement? During an online meeting it is even more important to check in more frequently with the group to make sure they understand:

• What part of the agenda you are
• what issue is being discussed
• what document you are referring to…
• whether they agree with the proposed next steps.

Don’t assume silence means agreement.

Once The Process Is Complete

A plan is just a plan – even when the document has strategic plan in the title. It’s not set in stone. It isn’t a tablet from on high. It’s a document that your group created itself and can tweak and adjust as you move forward.

The process of strategic planning itself brings clarity and alignment by creating an opportunity to talk and explore issues together. The less intensive pace of doing the process online brings greater opportunity for buy in, input and integration.

About Grace Social Sector & More Information

Carol Hamilton has more than 25 years of experience in the nonprofit and association sectors working with organizations with a range of missions. Carol trains frequently on leadership, strategy, organizational culture and design as well as innovation topics and is the host of the Mission: Impact podcast. She graduated from Swarthmore College and has her Masters in Organization Development from American University.

A strategic thinker, through her work with Grace Social Sector Consulting, Carol works with teams and organizations to envision and frame their future strategic direction. Practical in her approach, she helps organizations think through who is key to creating their future, how to gather insights from these stakeholders, consider the big picture, imagine new possibilities, come to agreement on their future goals and create an initial action plan to get started. She takes a human centered and appreciative approach in her work. She is also part of a consultant collective focused on diversity, equity and inclusion, All In Consulting.

You are live, have gone through the go live challenges, and have worked on the other phases whereby the implementation project can be closed. What now?

Here are a few items to consider:

Expand Training

Spend time developing training materials, and put a system in place for keeping the training materials up to date as business processes change. Contemplate what new staff members will use to learn the AMS. Consider not relying on tribal knowledge to take you forward.

Keep Up With Updates

In the technology sphere, things are always changing. Establish a team within the organization that will keep up with the testing and adoption of current versions of the AMS and software patches.

Associations that make the effort to keep up with this tend to get the best return on investment from their AMS.

Adopt New Features

Software continuously evolves. Seriously consider adopting new features that are relevant to your business. While this can be a mini project in itself, it is worth the effort to ensure all data resides in a centralized repository. Ultimately, this will give you the most value.

Engage in the Community

Contemplate engaging in your AMS’ user community to have a voice in the new features that the AMS should include in its product roadmap. Work with other associations like yourself to push for an agenda that considers the advancements of the platform.

Be a Reference

If you are happy with your AMS, consider posting positive reviews and being a reference for your AMS vendor. The same applies to your systems integrator as well. Collaboration always pays off in the long run.

Your organization has put countless hours of work and research into your new AMS, and now it is time to introduce it to members and stakeholders.

Go live day usually begins calm, but soon gets hectic and turns into a stressful few weeks. We warn our clients that AMS go lives are something that an association goes through once in 8 – 12 years, so approaching it with patience is crucial. The teams that have prepared rigorously obviously fare better. So, prepare, prepare, prepare!

If an established system is not devised, go live weeks will result in chaos, with people reporting issues to people who cannot bring it to a close. No forward momentum will only to lead to frustration and dissatisfaction with the new AMS platform.

Give It Time

Most go lives do not go exactly as planned. Our experience has led us to believe that a larger association can take up to 3 – 6 months before everything settles down, with the first 4 weeks being the toughest.

Setting the right expectations with the executive team and the entire staff helps tremendously. Sometimes letting the constituent base know in a limited fashion can be an option.

Acknowledge Fatigue

For most associations, the core team that is part of the implementation has a full time job in addition to the implementation. That is difficult to manage. It has worked well when executive management has appreciated the efforts of the core team in tangible ways. This tends to keep morale up.

Phase Slowly

We frequently see situations where certain items are pushed to be completed immediately after go live, since they could not be achieved during the execution phase. This approach needs to be thought through carefully.

If there are minor adjustments that are required for the go live to occur, that is acceptable; however, major changes or additions are discouraged. The staff has just learned a new way of operating on a new AMS, and changing things on them usually results in anxiety or feelings that the implementation process will never end.

The end of Your AMS Journey is in sight – you have undergone testing and training, and are now ready to prep for launch. In fact, preparing for go live is something the team has to keep in mind throughout the entire project. Here are some important items to consider:

Constituent Communication

We recommend that the association begin informing their constituents of the new AMS at least 3 – 4 months before the desired go-live date. The first communication should inform them of the fact that in 3 – 4 months time, they will be a new system and state a few advantages they will directly benefit from. One month from go-live, a second communication should go out to give more details around the date, potential down time, specific benefits as well as drum up enthusiasm about the new system. A third communication should be sent out to state the exact dates and any additional information needed ahead of launch.

Data Freeze Date

As part of preparing for the go live, determine a date on which all transactions in the system will be halted. This means that there will be no new transactions in the legacy system after that time. All transactions that need to occur will be recorded manually to be applied into the new AMS when it comes online.

Final Data Conversion

The final data migration begins on the data freeze date, and is expected to go until all the data is migrated to the new AMS and has been validated. The cycle 1 data migration that occurred earlier would have provided guidance on how long this activity should have taken.

Portal User Accounts

As part of the final data migration, all portal user accounts need to be created. Additionally, passwords need to be set to what they were in the legacy system, or a communication must be sent out to constituents asking them to reset their passwords.

Go/No-Go Decision

Once all the data is migrated, auditing of the data is complete and is deemed ready to move forward, the go, no-go decision is taken. This decision relies heavily on what items have been reported that the association can live with, have work arounds for and can fix post go live and those that are go live blockers.

Contemplate a Soft Launch

Considering the new AMS will be new to staff and your constituents, if your situation allows, you can contemplate taking a longer time to turn on the constituent facing portal and give staff time to get acquainted first. This splits the stress that staff will have to face day one having to answer an irate constituent on the phone, while still not being totally confident of where in the new AMS to get the information.

Beginning February 1, 2022, Salesforce will require customers to enable Multi-Factor Authentication (MFA) in order to access Salesforce products. In our opinion, this is a good move by Salesforce. We always recommend our clients to enable MFA on any and all of their IT systems that will support it.

For those interested in the thought behind Salesforce’s move, “Everything Admins Need to Know About the MFA Requirement” is a good read on the topic.

Therefore, starting next February, you and your staff will need to use some sort of MFA to log in to Salesforce. Luckily, there are several ways to comply with this new requirement. Read on to see a few of the fusionSpan team’s favorite options for meeting this requirement.

Authenticator App

There are multiple authenticator Apps – by Salesforce Authenticator, Google and our favorite Authy. All of them are free and available for both iOS and Android. We like Authy, because it allows you to link multiple apps to a single account, which is helpful when switching devices, while Google/Salesforce have on purpose made switching devices a bit cumbersome.

Using an authenticator App is the most straightforward and convenient way to satisfy the MFA requirement. The drawback is that you will often be asking your staff to download an App on their personal mobile device.

Use An External Identity Provider

If you are an Office 365, Google Workspace or Okta customer, then these services already allow using their service as the identity provider (idP), which means that your users can login into Salesforce using their Office365, Google or Okta login credentials.

This is the approach we favor, it allows your users to:

• One set of credentials
• Allows them to login to Salesforce without having to login a second time, as most of your users are likely signed in to O365/Google.
• You can provision/de-provision users automatically when users are added/removed from O365/Google. Here is a quick guide on how this works with Office 365 and Google
• Best of all, if you use O365/Google then you satisfy MFA requirements already and don’t need an Authenticator App.

Use A Password Manager

If you want to keep login credentials in Salesforce, instead of using an Authenticator App, your users can also use password manager like 1Password (amongst others). 1Password is a very easy to use password manager that will remember all your passwords and allows for 1-click login to websites. 1Password can also be used for as an authenticator for sites with two-factor authentication.

Your organization has been hard at work throughout the implementation and data conversion phases of the project. The team has made great progress, but all the activity has been predominantly conducted by the core project team working on perfecting individual modules of the overall project. The testing that has occurred so far is unit/module level testing. It’s time now to take the next step.

User Acceptance Testing (UAT)

Once the build phase of the project is complete, all the bugs are fixed, and configuration settings corrected, it’s time to test the new Association Management System (AMS) with a system-wide lens in mind. This effort tries to ensure that when the various modules are working together, there is harmony and the desired results are obtained.

Standard Operating Procedures (SOPs)

As was suggested in previous steps, creating standard operating procedures all along the build phase is crucial to success in the UAT phase. We recommend that the core team start with the SOPs and run through them in detail as they test the entire AMS carefully.

Take UAT Seriously

Many clients find themselves with their backs against the wall with respect to time and budget when they arrive at UAT. They have spent too much time during the build phase, and have not left themselves enough time to conduct a good UAT. They tend to skip past UAT with the excuse that the unit level testing conducted during the build phase should suffice. Here are just two (amongst many) issues we have encountered:

Bad Data Conversion: While data conversion auditing and reconciliation are a good start, it is no substitute for actually testing the system with the data that has been imported. Many accounting errors have been discovered during UAT in our experience.

Load Testing: Many times, it is only during UAT that the system is tested with the full set of data. This tends to reveal performance issues that were not considered during the build phase. The first few days of the new AMS could be a disaster if the system grinds to a halt post go-live, with irate members on the phone requesting information or accessing the portal.

Fix Issues and Avoid Scope Creep

We recommend setting aside time to fix all the issues that arise during UAT. Since UAT involves a larger number of users, there is frequently the potential for new scope to arise. Beware not to get into the scope creep trap.

Training

Once UAT is complete and the system is stable, it’s time to get the entire staff that will be using the AMS trained and ready to go live. Here again, SOPs will be the key. Members of the core team should participate and be the champions who instill confidence and help with change management.

Data conversion, or data migration, is the task of bringing over relevant data from your legacy system to your new CRM. This is one of the most crucial steps for a successful AMS implementation. Bad data will result in a failed project, no matter how good the features are within your new platform.

As you continue your AMS implementation, here are a few considerations regarding the overall data conversion process.

Extract, Transform, Load

Get help if required. Most system integrators (SI) will not want to take on the responsibility of extracting data from your legacy system. This could be because they do not have experience with your legacy system or do not want to take on the responsibility of extraction. If you do not have internal staff who can pull data effectively, hire a vendor that is an expert in data extraction. Extracting data might also include transforming data into a format that the SI requires. This requires certain skills that less experienced teams may not possess.

Most systems integrators will help with the loading of the data if it is provided to them in the format they desire. However, we have also had some clients take on data conversion themselves – and succeed at it! The key to remember here is the competency of the people executing the conversion process as a whole.

How many data cycles?

We recommend a minimum of at least 2 data cycles. The first data cycle is used to get the methodology established and the second is the final data cycle. Taking the time to iron out the problems in the first cycle will be the key to having a quick and clean final data cycle.

Reconciliation

During the running of your first data cycle, confirm you have the requisite auditing capabilities in place to ensure that you are comfortable the new system represents your information accurately. Since the structure of your legacy system could be vastly different from the new AMS, finding good auditing methods during your first data cycle is important.

One simple tactic is to rely on a set of similar reports in both systems. Another is to write automated check routines that compare data. Again, a topic for its own blog.

Well, it’s time to begin! In Your AMS Journey, Implementation is the execution phase of the whole endeavor. In Step 6 you defined the scope of your project, and the System Implementer (SI) will now begin to bring your vision to life.

The key is structure, accountability and discipline. While the earlier stages of the project have been planning, this is the building phase. Imagine looking at your brand new house coming to shape one brick at a time.

Structure

Most system integrators use an Agile delivery model. They tend to configure/develop for a sprint (usually 2 – 3 weeks) and demonstrate their work at the end of it. This model of delivery has proven to be the most successful since it allows you to provide feedback along the way, protecting your investment. It is recommended that you take these demo sessions very seriously and provide the SI the feedback they need. Fixing issues discovered early is far easier and cheaper than when they are caught later on in the process.

Unit Level Testing

As you receive these sprint level demonstrations from the SI, devise a plan with them to conduct unit level testing along the way. For example, when your membership module is being set up: the first sprint was dedicated to the basic setup of your memberships purely with out of the box features, and the next sprint is dedicated to develop some customizations around the special pricing you need.

At the end of the first sprint, you should consider having your membership staff look at what has been set up and get some hands-on experience. At the end of the second sprint, your membership staff should begin some unit level testing of the features developed. As stated earlier, this gives you the opportunity to provide feedback and impact the course of the work quicker.

Standard Operating Procedures (SOP)

As you go through the implementation phase of your project, we recommend that you build out your SOPs along the way, rather than at the end. This has been proven key to the success of many projects. The point to keep in mind here is that the SOP will serve as your final User Acceptance Testing (UAT) phase, in addition to the test cases that the SI will provide you.

We have had clients overlook this, come to the UAT phase, and have nothing to use as a basis for their UAT. As go live approaches, the tension in a project increases, and the SOP task is frequently overlooked in lieu of all the other items that need immediate attention. Many times, clients fail to realize that the SOP is what their new staff members will use to learn the system.

Accountability and Discipline is Vital

Please ensure you keep yourself and your core team members accountable to the commitment of time and attention towards this project. It is during implementation that the ball gets dropped. There is high enthusiasm during the discovery and planning phase since time is explicitly allocated for those activities.

During the implementation, tasks like answering SI questions on time, conducting unit testing, attending status meetings are more are frequently overlooked for more pressing daily tasks that need to be completed. We have seen projects slip off the rails during the implementation phase more than once.

Sponsor Meetings

We recommend that monthly sponsor meetings be held between the client sponsor of the project and the SI sponsor. This can be the checkpoint where the project can be course corrected if required. While the project teams are hard at work in the trenches, the client sponsor hears feedback from the rest of the organization in addition to the project team. This insight can sometimes vary from what the project team perceives as the state of the project, giving the client sponsor an early opportunity to take corrective action internally as well as with the SI (if required).

Start The Data Conversion Early

Your efforts to evaluate your existing data for its cleanliness should have begun before the start of the project. If not, this is more or less the last chance. Contemplate a data governance project if one is required. If you need external help with data extraction, it’s time to get those vendors identified and contracted. More about this in the data conversion blog next!

Set Up a Payment Gateway Early

The selection and basic setup of your payment gateway needs to be completed as soon as implementation begins. Many may argue the timing is too early, but our experience has been that the legal paperwork involved with the providers and the pace at which these providers operate is in months.

Go lives have been held up in the past purely because the payment gateway was set up thwarting the possibility to support online transactions. Further complication is added if you are transferring from one gateway provider to another especially if you have periodic scheduled payments. Again, a topic for a blog post of its own!

NetForum Enterprise is a feature-rich association management system (AMS), but most associations will inevitably find themselves needing to customize. That’s fine – NetForum allows customizations. The challenge comes in down the road when you’re looking to upgrade and the customization does not support new functionality available in the new release or worse breaks down completely. Implementing customizations that leverage baseline may reduce your heartburn during future upgrades enhancements. Here are a few customization trade-offs to consider.

User Control vs Design Form with Form Extension

Capturing data in NetForum is critical, and forms are key to any data entry. To create the most simplified NetForum eWeb customer experience, you may need to customize your form’s format and fields. A coded user control overrides default form builder limitations and allows for maximum control. But, everything is written in code, so adding an additional field to the form is not a drag and drop situation. Someone will have to dig into the code.

Alternatively, consider using a design form with a form extension. This allows for a portion of the form to get customized within the form extension, but still have the flexibility to add fields using the Toolkit form designer. If you later decide to add an additional column to the form, simply drag and drop and you’re done!

Baseline Scheduled Task Framework

If you’re building out any customizations that either update data within NetForum or push data out to a third-party system, building out a scheduled task may be needed. This is completely normal. The problem arises when the scheduled task is not built within NetForum’s baseline scheduled task framework. Within the scheduled task framework, any Admin user can go into the admin module and review existing tasks, see when it last ran, and see how often it will run going forward. While not working within the framework may be fine for now, it is likely to cause future problems. Building the task in the baseline framework would allow you and your staff to better troubleshoot the scheduled task should problems arise. Think of it as process documentation: you don’t need to spend the extra effort upfront for the system to work, but three years from now you’ll thank yourself that you did.

Facade Objects to Enforce Business Rules vs Form Extensions/Data Objects/Direct SQL

NetForum provides a layer of facade objects where business rules can be enforced, allowing for a great deal of control and customization. The challenge is the rules around those objects is more specific to NetForum. It may be tempting to simply build logic directly into the SQL database. However, the SQL may not follow other business logic stored in the facade object. In fact, it may directly contradict baseline’s or other custom business logic. Implementing a business rule in Form Extensions causes a similar issue in that the business rule is only enforced on that particular Form. When a second form is used, or the functionality is exposed through the API (xWeb), the rule is ignored. So While direct SQL and Form Extensions can work for basic items, updating the facade object and, following OOP’s inheritance best practices is generally a better approach in the long run.

Static ASPX page vs. baseline ASPX page

As more associations look to better leverage eWeb, there are increasing requests to customize the site. The current baseline eWeb does come with its limitations – forms only have a single column, baseline menu isn’t truly responsive (although this can be fixed). However, the eWeb baseline feature set has continued to grow over time. While building a static ASPX page feels like an easy improvement to eWeb, you may be sacrificing the ability to leverage future functionality at the expense of current convenience. New features that get added to NetForum won’t be available on the static page. Instead, try to leverage the baseline page, along with other customization tools, knowing it will provide more longevity for the site.

“Leveraging” bugs

This sounds strange, but over the years I have seen a few occasions where customizations or “cool tricks” were implemented that leverage either existing “bugs” in NetForum or perhaps an unknown vulnerability. At the moment, the customization works and delivers the functionality your organization needs. Inevitably, after the issue is fixed in a service pack or a new release, these customizations stop working. It might be alright to leverage “unintended features” as a stopgap, but be prepared to re-implement the customization sooner rather than later.

Unfortunately, it’s not always easy to distinguish an “unintended feature” from an unknown system issue – so perhaps the best advice here is to ask “Does this look right?” or “Would there be a reason for this variable to have a different value in a future release?” – when in doubt avoid it.

With the discovery stage complete, you and your staff let out a sigh of relief. The team is happy the implementation is moving along, and members are eagerly anticipating all of the features they expect the new AMS will bring to make their lives easier.

What’s In and What’s Out

As you review the requirements within the discovery documents, you need to decide what is critical to the business. Therefore, the team must evaluate what is in scope and what can be set aside, at least for the moment. Contemplate some of the following as you endeavor to make the decision:

Phasing

It is very common to break the project down into many phases, so you get the project off the ground and a portion implemented quickly while you build other phases as time passes. Let’s discuss some advantages and challenges to consider:

Advantages

• The Board: It took time for the Board to approve the new AMS budget, and now they are impatient and eager to see the results.
• Quick win: The phase 1 budget is obviously lower than the entire project budget, so value can be delivered to the association quicker while the future phases are scheduled. This can sometimes even allow teams to budget across multiple years.
• Iterative learning: Phases provide the association with an opportunity to learn from mistakes and adapt quickly.
• Enthusiasm: Having a good phase 1 implementation creates excitement for the staff around the prospect of a new platform and keeps them engaged and enthusiastic.

Challenges to Manage

• Implementation Fatigue: An AMS implementation takes a lot of effort by the staff to support and keep the daily responsibilities on track. It is common for teams to feel fatigued at the end of phase 1 and need to take a breath. This could impact future phases, resulting in delays.
• Evaluate business-critical functions: Sometimes, in a rush to phase, the necessary due diligence is not done towards ensuring that all the parts of the business have a viable way to operate day 1 within the platform. This includes ensuring that the new AMS supports any dependent functionality that was supported by the legacy AMS.
• Budget: While budget management is crucial in all implementations, managing it well is even more important in a phased project since you want to ensure that future phases are adequately funded.
• Costs more, takes longer: While it may be counterintuitive for some, a phased implementation will cost more than a one time big bang implementation. Every stop and start in an implementation results in repeated tasks, such as user acceptance testing, training, and go-lives.

While the challenges may be daunting, it is still preferable to phase projects, as the advantages overshadow the challenges that could be easily managed with a well-prepared team.

By this stage of Your AMS Journey, you have made all the crucial decisions regarding choosing a new product and implementation partner. With your platform and partner selected, now it is time to roll up your sleeves and get to work. To begin, you will engage in a discovery.

Clients are often unable to understand the need for a detailed discovery. Organizations will believe that their conversations with a salesperson, or even the RFP responses, should be adequate for the project to begin. Unfortunately, that is not usually the case.

The discovery is an opportunity for the implementation teams of both the client representatives and the Systems Integrator (SI) to learn about the tactics needed to implement the AMS and see what is needed to bring the vision to reality.

In the previous post, I mentioned concentrating on the ‘what.’ This is the time to get into the ‘how.’ Here are some items to think about as your begin the discovery phase:

The point of a discovery session is to highlight what you have, what your organization wants, and what you need to move forward. Remember, the discovery is an opportunity for the implementation team of both the client representatives and the systems integrator to learn about the tactics needed to implement your new AMS platform.

Do not hesitate to reach out to fusionSpan for additional resources, and stay tuned for the upcoming blogs as we jump further into the implementation process!

You made your product selection, and are excitedly looking forward to implementing your new AMS platform. Now comes the decision to select an implementation partner.

Look carefully at who you plan to use to implement your chosen product. You want a team that understands your business, knows how to integrate all the best of breed systems that you plan to use, and is experienced. The implementation team from the product company could be a great fit, but evaluate if they possess the experience to be your comprehensive systems integration partner.

Far too often, we see associations make the product selection and expect the implementation partner to take them to the finish line. That can be a recipe for failure. Here are some areas that need consideration as you get ready:

Assemble Your Implementation Team

• The Project Manager (PM): Identify a project manager for the new AMS implementation. Implementing an AMS can be time-consuming, requiring a lot of coordination, organization, and communication, and might require up to 20 – 24 hours a week on average. This time commitment will be higher in the beginning with discovery, will be slightly lower during the build/execution phase of the project, ramp back up at user acceptance testing, and go live. Frequently we see associations assigning people to the role who are unfamiliar with project management, are unaware of what an implementation requires, and, more importantly, already have a full-time job. If you find yourself in such a predicament, we recommend hiring a part-time external project manager to help. The expense will pay for itself ten-fold with a successful implementation.
• The Project Sponsor (PS): Identify a project sponsor for the implementation. This person is usually someone from the executive team who keeps a finger on the pulse of the project and is responsible for the project’s success. The PS usually meets with the implementation partner’s PS monthly and ensures that the project is on track. The sponsor check-ins are usually held independent of the project manager’s check-in and gives the sponsors a chance to discuss items that either side sees and that the PMs are unable to handle. This is also an escalation point for the PMs and the members of the core team on either side as it relates to the project progression.
• The Core Team (CT): Behind every successful implementation is a great core team. Your core team should consist of staff members from every department that will be using the AMS or will be impacted by its implementation. Having a mix of a power user (staff person) and a manager (decision maker) per department represented is crucial to success. Having only the staff person will result in the system being designed for today while having only the manager will result in the system being designed for tomorrow disregarding the nuances of today. Lastly, select people who will want to own their piece of the implementation and will be your champions across the organization. This will have a direct impact on adoption.

Develop a Timeline and Mutual Processes

• Kickoff: Have a formal kickoff meeting with all of the staff that will be using the system and the systems integrator. This meeting should have Association leadership in attendance and the Executive Director laying out how the AMS will tie into the strategic vision. This helps clarify to staff the importance of the project and also ensures their participation and commitment.
• Communication: While there are many aspects of a project that will be discussed during the kickoff, we would like to highlight the importance of communication. Ensure you use a collaborative tool for all communications between the members of the teams. We have seen teams use emails and it has been disastrous as information is frequently lost, especially if there is a change in resource.

Manage Your Data Wisely

• Data Governance: The implementation of a new AMS could be the best opportunity to visit your association’s data governance. Contemplate bringing in a consultant to help if you should need to.
• Clean data: As you contemplate the many aspects of data governance, begin thinking of how you are going to get clean data into the new AMS. We recommend not trying to use the new AMS for cleansing the data, even if it professes to have great capabilities for it. Rest assured that once you are in the midst of the implementation, adding data cleansing to the mix will prove detrimental.

Know What It Will Take

We often see associations overlook what a new AMS implementation truly takes in terms of the association staff’s time. Ensure that you talk through your staff’s time commitment with your chosen implementation partner to consider what it will really take to implement a new AMS.

For more resources surrounding an AMS Selection and Implementation Journey of your own, don’t hesitate to reach out to our talented team at fusionSPAN today!

Choosing the Right Product Partner

Here are some of the key factors you might want to consider as you evaluate platforms during Your AMS Journey:

Your Size and Growth

We often come across associations that have purchased a 16 wheeler, when what they really needed was just a SUV. If you are a small association that has a concise set of features and processes you need to operate well, then going for an extremely flexible and innovative platform might be overkill.

However, are you looking to grow substantially in the future, and do you envision your members doing the same? If so, you need a cloud based, highly flexible product on an innovative platform.

Place of Birth

What we mean here is, was the product “born in the cloud”? It’s obvious we want a product that lives in the cloud, but was it architected for the cloud from its inception. This becomes a crucial factor as you grow.

We tend to come across legacy products that were built before the cloud, but have added a web use interface and claim that they are a cloud platform. Unfortunately, that is not true, as the core architecture was never designed with the needs of the cloud in place.

Platform Compatibility

AMS platforms are great in the sense that your tool is built on top of a stable, innovative, foundational layer. The platform will continue to evolve, and the AMS automatically benefits from the underlying technological innovation. As an example, if the platform began to support artificial intelligence and blockchain, the AMS would be able take advantage of it. Non-platform products would have to integrate or build support for these independently. At some point, your organization will find non-platform products too difficult to keep up with evolving needs.

Features & Technology

We frequently see associations making decisions purely on features, while not fully understanding the ramifications of the technologies the product is built on. Most legacy systems that have been around a long time have solid features, but are poor at integrating, not born in the cloud, and are hard to customize. Furthermore, some of them are not built on a stable platform.

In-house Technical Competence & Budget

Lastly, it is key to make your product decision based on the technical competence you have on staff and the potential budget you are willing to allocate to IT.

We come across organizations that purchase larger complicated systems, when they clearly did not need it. This in turn leads to poor implementation and adoption, and adds problems instead of solving them. A simpler, fully partner managed, easy to use system will be more beneficial in the long term.

As an organization that specializes in AMS support and implementation, we typically step in after the selection of an Association Management System has already been made by your organization. Our first step is to ask the AMS partner or association for their Request For Proposal, but a surprising number of clients never issue one.

What is a Request For Proposal?

A Request For Proposal (RFP) is a document used when an association is seeking support or consultation on a tool, product, or service for their organization to leverage. The RFP is designed to outline the requirements for a specific project, and is used to solicit bids from vendors for the association to consider during the process.

While there are a variety of ways to format the proposal, they typically take time and resources to create. Make sure this is a project your association is fully committed to doing before beginning the RFP process.

Here are some things to consider as you create an Request For Proposal for your AMS Journey:

There are a variety of resources and templates online for your association to use when creating a RFP. Make sure to highlight your organization information and required details for this implementation, as well as budget info, deadlines, and any questions you will have for potential vendors. Remember, the idea of this proposal is to specify your needs to help find the best fit for your association.

Stay tuned for Step 3 of Your AMS Journey: Selection to Adoption, where we discuss choosing the right Product Partner for your association. In the meantime, don’t hesitate to reach out to fusionSPAN with any of your AMS implementation needs!

Contact Us

Welcome to Your AMS Journey: Selection to Adoption, a blog series presented by fusionSpan. Throughout our work providing consulting, implementation, and support services to non-profits and associations, we have seen our share of successes and challenges that the entire selection and implementation process involves when adopting a new Association Management System (AMS).

In this series, we will shed light on the various steps of the AMS journey your association will face through twelve blog articles, with each one offering specific insight as you move throughout your AMS selection and implementation process. Let’s start at the beginning!

What Is An AMS?

First off, an Association Management System, commonly called an AMS for short, has become an essential tool for membership based organizations to leverage when maintaining a database of member information. In fact, almost all non-profits and associations today use membership management software in some capacity for their organization.

Within the AMS, associations are able to process membership dues renewals, event registration, email marketing and more. Although these platforms are not an all-in-one tool, an AMS allows you to deliver more value to your members in an efficient manner, with seemingly increasingly capabilities. There are a variety of systems and features at different price points, so make sure to evaluate more than just one platform when implementing a new AMS.

Step 1 of Your AMS Journey: Ask “Why?”

As we work with associations during implementation of their chosen AMS, we like to ask them the simple question “Why? Why did you as an organization believe you needed a change from your existing system?”

We hear a lot of reasons: technical, infrastructure, database architecture, reporting, lack of features in a particular area, and many more. Sometimes we hear the strategic vision of the organization is focused on digital transformation, and adopting a new AMS is the logical next step in that process.

As you contemplate identifying and implementing an AMS, here are some topics to consider:

While this is by no means an exhaustive list, these topics will be a great starting point for your non-profit or association to consider while selecting a new platform. Stay tuned for Step 2 of Your AMS Journey: Selection to Adoption, where we will demonstrate the value of a Request For Proposal (RFP) during your AMS selection!

In the meantime, if you have any questions about this article or your AMS journey in general, we would be more than happy to help you along the way!

Contact Us

In our latest Non-Profit Tech Podcast, fusionSpan’s Justin Burniske talks content creation with Hilary Marsh, Chief Strategist of the Content Company and returning guest Elizabeth Weaver Engel, Chief Strategist of Spark Consulting, LLC. Associations are content machines, and we are all looking for ways to reduce the load on staff through effective content curation. Tune in as the group discusses the Whitepaper titled “Cut Through the Clutter: Content Curation, Associations’ Secret Weapon Against Information Overload” written by both Elizabeth and Hilary, and also cover strategies and platforms to use while curating content for your association.

If you would like to learn more about content creation, you can contact Hilary and Elizabeth by visiting their respective company websites:

• Hilary Marsh: contentcompany.biz
• Elizabeth Weaver Engle: getmespark.com

To learn more about Hilary’s content strategy community, visit: content-startegy.com

“Cut Through The Clutter” Whitepaper: https://bit.ly/34P5THr

Tune in as Justin, Hilary and Elizabeth discuss opportunities while working remotely ([skipto time=”4:12″]), analytics surrounding content platforms ([skipto time=”19:15″]), resources for content curation ([skipto time=”43:20″]) and more! Don’t forget to subscribe to the Non-Profit Tech Podcast on your preferred podcast platform, and happy listening!

Listen on YouTube: https://fspan.link/vbsh7

Keep your eyes open for our follow up article on who you can begin to see the journey for your customers unfold and better determine how much you can ask for and when.

While certain departments may require people to perform more then the minimum, having a minimum in place both helps new staff understand what they need to be able to do, and since the training is centralized the trainer knows at a minimum what they need to get training on to be successful in their role.

Give them documentation

While trainings are great, new hires are generally drinking from a fire hose of information. Having a clear set of organization specific documentation for them to reference after training is often very helpful – especially if they are the kind of people who learn best by reading. And, since the organization now has a delegated business owner for the system, there is a clear owner responsible for documentation. If they are feeling overwhelmed by the task of creating documentation, a great way to go about writing it up is each time staff ask a question, instead of just sending an email response, write up a document that can be sent over, and then save the document in a central repository for others to reference.

Schedule a follow-up

Because of the fire hose of information in the first training, having a follow-up a month or so after the initial training can often be more productive than the initial training. This gives the new staff member a chance to ask follow up with some actual context around what they are doing. Don’t wait to schedule the follow-up – put it on the calendar at the initial meeting, and let them know it will be a chance for them to ask follow-up. That way over the next month, as they come across oddities within the system or processes that don’t make sense, they will have an incentive to capture and report those since they know that follow-up is coming.

Conclusion

Most organizations spend too much time implementing customer databases, and not enough time helping their staff understand how to leverage the system. Having a clear onboarding process in place can help remedy that issue, while also allowing the organization to take a more unified approach to data. Hopefully having these guideposts will help in developing an onboarding approach for new employees.

Roses are red,
Violets are blue,
We love Salesforce reports
And we hope you do too!

Salesforce provides standard report types which can be used to build reports summarizing and analyzing your organization’s data. Salesforce reports are a powerful tool that helps you and your organization’s staff proactively respond to your organization’s trends and activities.

Hint: If your organization is new to Salesforce, check out our blog post “Common Issues for Organizations New to Salesforce (And How to Avoid Them!)“.  If you have any additional questions about report-building, contact our talented Salesforce Customer Success team!

Questions to Ask Before Creating a Salesforce Report

Before creating a report, work with staff requesting the report in gathering report requirements. Consider asking the following questions and use the answers to build your report criteria.

1. What question is being answered by building this report?
2. What is the intended business use for the report?
3. What information is needed?

Once you have your report criteria, you are ready to start building the report!

How to Create a Salesforce Report

In this blog post, we will build a report to pull all active users in your organization who logged in this month.

Note: In this example, we will be using Salesforce Classic. Almost all of these steps can be used to build a report in Salesforce Lightning.

Step 1: Navigate to the Reports Object
Click on the Reports object from the navigation bar

Note: If you cannot find Reports on the nav bar, you can also find it under the All Tabs section by clicking on the + icon

Step 2: Create a New Report
Click on New Report.

Select your report type and click Create. In this example, we are pulling a report on our organization’s Salesforce logged-in users. Expand the Administrative Reports section and select Users.

When you click Create after choosing the report type, you will see your preview report screen.

1. Fields: Shows the list of fields available for your report. You can drag the fields on the preview (3) section.
2. Filters: Create filters to meet your report requirements.
3. Preview: Preview your report’s data.

Based on our Logged-In Active User Report requirements, build the report using the following filters:

1. View: Active Users
2. Date Field: Last Login
3. Range: This Month

Additional filters can be created by clicking the Add button. Additional fields can be added to the report by dragging fields from Fields into the Preview section.

Step 3 – Run Report and Save
Report Previews only display 50 rows of results. To view and export the full report, click Run Report. You can also Save the report for future use.

Congratulations! You now have a report to monitor all active users who logged in this month.

There’s so much more you can do with reports, like grouping the records using bucket fields, create a formula field, add cross filters linking the objects, add a chart to your report, choose from the report formats available etc.

One of the biggest challenges with association management system (AMS) implementations is that organizations often confuse processes in their old system with their business requirements. When this happens, organizations request customizations to make the new system function like the old system. [Read one of our related blog posts: Enterprise AMS: When is a customization right for you?] Wasn’t the original goal of selecting and implementing a new AMS to improve—not maintain—your business processes?

Understandably, it’s hard for people to separate what they do (process in the current system) vs. why they do it (business requirements), and that’s generally not something a vendor is going to be able to separate out for clients. It’s the difference between accounting claiming they need a report with 12 specific columns run every month (process in the current system), vs. knowing that the reason they need that report is to follow up on open A/R once a month (business requirements). If the client doesn’t explain the why and instead focuses on the what, the vendor will likely build a report when an automation process may be more efficient.

Business Process Discovery Planning

This all leads into a business process discovery prior to implementing a new system. This makes a lot of sense, since a business process discovery can also help define what you will need in a new system. But how do you prevent the business process discovery from becoming current system processes? Staff will struggle to separate the two.

One more costly option is hire a consultant, who can offer a fresh perspective during your business process discovery. Alternatively, if money is an issue, consider replacing a consultant with other staff.  Staff, if strategically selected from across your organization, may be able to bring a similar fresh perspective, if they are far enough removed from the day-to-day of other departments.

Business Process Discovery Steps

Now you have a discovery team identified, have them go through the following steps:

1. Have staff identify all the current system processes they complete that require the AMS.
2. Explain the business process that each system process supports. Business processes should be described in such a manner that anyone can understand them. Note that in some cases, multiple steps may relate to the same business process. Generating renewals and dropping expired members could both be related to 12-month membership terms.
3. Once finished, trade off their document with at least two people from other departments to review.
4. The reviewers are responsible for ensuring the business requirements are clear. If the business requirements are not instantly understandable by the reviewer, then the requirements will need to be further clarified. For instance, the reason all memberships are issued as proforma is because the organization uses cash-based accounting.
5. Go through a couple rounds of edits until everyone is satisfied that the business requirements are no longer reliant on the current system.

Post-discovery

Once the business requirements are solidified, that document should serve as the foundation for all future decisions. When reviewing new potential AMS systems, ensure that all the business processes are supported. Once implementation begins, ensure processes in the new system are identified to support the business process. Staff should ensure they focus on business processes, and because the business process document was a collaborative effort, staff should feel comfortable calling out when they hear someone describing the old system processes instead of business processes. Granted, there are cases where the old process and new process will be very similar, but as long as the business process was the catalyst for the new system process, that’s not a bad thing.

Conclusion

While a business process discovery can be a time consuming exercise, the activity is far less painful than implementing a new AMS that does not accommodate an organization’s business processes. Additionally, by having staff from across the organization collaborating on processes, departments can better understand how their actions in the AMS impact others. Ideally, that collaborative spirit will carry on well beyond the AMS implementation, ensuring the long-term success of the system.

We’ve all gone through change —sometimes good, sometimes bad—but worst of all is the unknown. The transition of your Salesforce organization from Salesforce Classic to Lightning Experience (LEX) can seem like a daunting change with a lot of unknown, but there’s a lot to be excited about.

You would be relieved to hear that transitioning to Lightning is primarily a change in User Interface (UI) and should have no effect on your data or any business processes.

1. Reports

One of the most used changes has been made to Reports and Dashboards. The Lightning Experience brings more actions within easy reaches, such as being able to edit, run, and export reports all from the Reports home page. Dashboards in LEX are as customizable as ever, allowing you to bring life to your home page with graphs, charts, and metrics that all are dynamically adjusted to match the size and shape you want. While reports are editable in both Lightning and Classic, once Dashboards are transitioned to Lightning, that they are no longer editable in Classic.

2. JavaScript buttons

Do you have any JavaScript buttons in your Salesforce organization’s page layouts? Unfortunately (or fortunately!), you will have to say goodbye to these and embrace Lightning. Lightning actions provide you with most of the use cases of JavaScript buttons such as updating a record, sending an email, or even launching a flow. There’s even a tool that you can use to scan your org’s JavaScript buttons and will convert them to Lightning actions for you.

For more customized actions, you can create a Lightning action that launches a custom VisualForce page or Lightning component with embedded JavaScript.

3. Global Search

Do you have a couple accounts in your org that are the same name but can’t find out which one you need? Maybe knowing the location gives you enough information to know the difference. While you could already modify search result layouts in Classic, Lightning allows you to customize and add additional information to the global search bar’s preview and find what you’re looking for even faster. You can make specific customizations to each object’s Search Results. For example, you can display an Account’s location while Contacts can have their Title appear.

Think you’re ready to make the leap? Contact our team and we will assess your org’s Lightning Readiness and create a Lightning Migration Plan!

What Is a Salesforce Group?

If you’re reading this, you are somewhat familiar with Salesforce and maybe even its groups construct. Essentially, a group is a group of users with the same level of access to specific records within the organization. Salesforce offers some great explanations on groups.

Here’s an example: Say there is a marketing department Company Inc., that has just started using Salesforce. Company Inc. can establish a unique set of rules for each department that would later be applied to their respective groups in Salesforce.

Imagine that within Company Inc.’s marketing department, a subgroup has been asked to work on a new marketing strategy, that requires information that normally only the accounting department has access to. It would be inefficient for the marketing department to go through someone in the accounting department every time someone needs information. Adding the marketing team members to the accounting department group, however, would be a serious internal security flaw. Here the need arises to give some, but not all, members of the marketing department access to only some, but not all, accounting information.

This problem can be solved by constructing a new group that has specific permissions to marketing and accounting information. The small subgroup of marketing team members would remain part of the marketing department’s Salesforce group, they just now have more access as long as this newly created group is active and the staff member is a member of said group.

The Who

Groups are defined through roles and group member types. Roles are essentially the specific job title: “CEO,” “Vice President of Internal Affairs,” etc. Roles are a subtype of group member type and will always be positions within the company. Group member types denote the relationship to the company, similar to roles, but do not necessarily come from within the company. For example, customer portal users and partner users are group member types for which permissions can be set, but they are not working members of the organization and do not contribute to the company hierarchy.

Be conservative with assigning permissions when setting up a group: group members should access the data necessary to perform their job functions, but no more than that.

The What

The best way to figure out how to assign permission is in a top-down fashion. Should the President of the organization have access to employee salary information? If yes, then should the Vice President have access to this information and so on and so forth. As soon as we find a level that should not have access, we can safely assume that their subordinates also do not need that level of access and move on to the next object permission, saving us a little time for each object. The most important thing to take away here is that the level of access of each person should be determined before assigning permissions. This will keep the rest of the process simple and straightforward.

The next thing to consider is whether permission for a certain task should be permanent or temporary. If the changes are permanent, it may be better to alter permissions in the role or profile. If the changes are temporary, it may be better to create a new permission set or group. In order to experience the true power of Salesforce, roles, profiles, and permission sets should be used in tandem with groups so that every single employee has exactly the level of information they need.

Roles, Profiles, and Permission Sets

Let’s expand on the Company Inc. example further: Sharon, a member of the marketing team, needs even more access to accounting information than the rest of her group? It would still be insecure to simply put Sharon into the accounting group. If a new group was made every time someone in the organization needed unique permissions, the groups would eventually become far too unmanageable. This is where roles, profiles, and permission sets come into play.

The Salesforce Admin can create a unique role for Sharon to access the specific accounting records that she needs. By default, Sharon’s permissions from her role trickle up to her superiors. Sharon’s permissions are based on the role or group that grants a higher level of access

By editing a profile, the level of access can be determined by each individual field. If Sharon’s profile also needs to be configured to only view certain fields of a record while others remain hidden, Sharon’s profile can be altered.

Permission sets should be used If permissions need to be granted to up to a select few individuals for a limited time on a field by field basis. Permission sets are defined once, and can then be applied to user profiles individually. Permission sets are part of one’s profile but do not alter the base settings of their profile. It is more of an addendum, like a sticky note with extra permissions on it that you attach to a notebook page of permissions. This makes granting temporary access very easy. Permission sets can be activated and deactivated so there is no need to remember someone’s permission settings before granting more permissions either. One can simply remove a permission set from an individual’s profile, like pulling a sticky note off of the notebook, to remove individual access while keeping the permission set active. Alternatively, one can also delete the permission set in general, removing the access from everyone with that permission set in their profile. Let’s talk about some criteria for creating groups.

Now You Know How; Here’s How to Well

And now for the main event! Now that you know a little about groups in Salesforce, we can finally get to some good practices to ensure that your data is as secure as possible.

1. Audit regularly: Change is a natural part of growth, and organizations are no exception. It makes sense that as your organization changes, so will the privileges that should be available. Auditing the privileges of all members of the organization is crucial to maintaining the integrity of the data of your organization. It will prevent privileges from accumulating on old accounts and users, and may even reduce some redundancies of your groups and permissions sets because there will be at least one person with detailed knowledge about the hierarchical structure of your organization.

2. Use the principle of least-permissions: As stated before, groups should only be able to see as little information as necessary in order to still complete their work. This ensures that all unnecessary data, regardless of content, is safely protected from any possible internal threats. Assign divisions that will need permanent access to the same records to groups. Assign roles to individuals that will need permanent access to records their group does not have permissions to access. Assign permission sets to individuals that will need temporary access to information that their group does not have permissions to see.

3. Keep it simple: The organization should be developed using as few groups as possible. By using as few groups as necessary, the data stays restricted, leaving fewer users as potential vulnerabilities. It is also easier to manage.

4. Utilize roles, profiles, and permission sets: Roles, profiles, and permission sets make up for all possible impediments created by using groups. No matter what type of access someone needs and no matter how long they will need it, Salesforce has ensured that you will be able to give them this access as quickly and fluidly as possible.

Salesforce does a great job of providing the tools for us to secure our data. By utilizing good practices, you can create complex but secure hierarchies that allow your business to blossom without worrying about security vulnerabilities from within your organization.

Conclusion

SSO synchronization is more often than not an afterthought of SSO implementations. There are other methods to accomplish SSO synchronization between multiple websites, including those that are on different domains, however if your websites share the same Top-Level-Domain, then an SSO Domain Cookie approach is a simple and a fairly straightforward method to implement.

Imagine you work at ABC company, who owns and manages 3 websites:

1. An Identity Provider website: AMS.abc.org, and
2. Two satellite “Service Provider” websites: CMS.abc.org and LMS.abc.org.

Your customers can access courses and the community through the LMS and CMS websites respectively, and the AMS website is the system of record in which the user accounts are managed.

If you have the good fortune of having all of your organization’s websites on the same Top-Level-Domain (TLD) as in this case, “abc.org”, then a Domain cookie approach for a seamless SSO user experience might be a good option. Let’s examine how this works.

How it works:

AMS.abc.org is the Identity Provider. In other words, it is the system of record in which user accounts are managed, and it is therefore the website that will either serve the Login page, or will provide an API to be consumed by the other websites in order to authenticate users – note the latter assumes that the service provider websites are under our control and are trusted to pass-through the username/password. For our example, we will use the former.

Once a user successfully authenticates against AMS.abc.org, an authentication Token is issued and stored on the server – in some type of a database. A domain cookie (SSO cookie) is also created which contains aToken. The Token is temporary, unique, and very difficult to guess. A GUID works nicely. After this the user is redirected to the intended page. The intended page can be inferred from the URL referrer or can be specified in a URL parameter which is passed along with the URL when the user is sent to the Login page.

Because the websites share the same TLD and the SSO cookie is flagged as a domain cookie, the browser will send the SSO cookie along with any browser request to any of the websites on the same TLD – in our example, this includes LMS.abc.org and CMS.abc.org (both end in abc.org). When a request is made to a any of these Service Provider websites, the website inspects the SSO cookie, and takes the following actions:

1. If the SSO cookie exists, the Token is extracted from the SSO cookie, and is validated against the AMS API – The validation can take the form of an authenticated web service call (SOAP or REST).
2. If the Token is valid, the user is logged into the Service Provider website, and any additional user information authorized by the AMS to the Service Provider can be also requested from the AMS’s API.
3. If the SSO cookie does not exist, or the Token is not valid or has expired, the user is redirected to the AMS.abc.org Login page.

Below is a diagram that illustrates the flow:

There are two mechanisms in place now that can help keep our sessions in Sync:

1. When the user logs out from any of the websites, she/he is redirected to a logout page on the AMS.abc.org website. This page invalidates the Token and deletes the SSO cookie. Then the user is redirected to the website from where she/he logged out. Since the SSO cookie is no longer available and/or the Token is no longer valid, the Service Provider will know to “clear” the current user session, and redirect the user to either the login page or another landing page.
2. Synchronizing Login timeouts is accomplished by setting a timeout on the SSO cookie, and keeping the Login session alive is accomplished by sliding the SSO cookie and Token by “tickling” the AMS website- this can take the form of an HTTP Handler on the AMS website that is referenced by every page on the Service Provider websites.

In-Process sessions can expire at any time on any of the websites – they do not have to necessarily be in sync. The user may still be “logged in” on LMS.abc.org even if the SSO cookie and Token are expired or deleted; for this reason LMS.abc.org MUST inspect the SSO cookie and validate the Token on every request. On the flip side, if the LMS.abc.org “session” expires due to idle time, the SSO cookie and Token can be inspected and validated when the user requests the next page which would automatically log the user back in and start up a new session.

We just released a follow-up to this post!  Continue to Part 2 for technical considerations for an SSO domain cookie implementation.

If you have not already, click here to sign up to receive notifications on all fusionSpan blog posts.

Last week fusionSpan was at Community Brand‘s User Conference – Xperience18! Five days packed with lots of learning, sharing and connecting. Here are a few highlights!

fusionSpan was networking

We had a booth. Community Brands has compiled quite a cornucopia of products, which in turn meant there was a unique range of organizations at the conference. From small non-profits searching for ways to get the most out of the tools they have, to large associations looking to expand the services they offer their members, we spoke with organizations in the exhibit hall about a range of challenges they were trying to address. With fusionSpan offering services related to Salesforce, netFORUM, and WordPress, we were ready to talk solutions!

As with any good booth, we had giveaways! And not those pens that leak in your bag. We looked to, “grow new partnerships” with clients and vendors by giving out Forget-me-not seed packets – one in ever conference bag that was handed out. For those looking for a little sweetener, we also had our popular chocolate bars. Don’t worry, we hand carried them from DC to Florida to ensure there was no melting in transit!

fusionSpan was sharing

We had five presentations. One session looked at how to integrate your CRM tool with other systems without code. Another session focused on maximizing your ROI with Salesforce. fusionSpan even got to present as part of the ever-popular “10 Toolkit Tips you can do in 10 minutes” session focused on netFORUM Enterprise. With only 10 minutes we pulled out all the stops – there was learning, there were jokes, and there was even some juggling. Surely he can’t be serious? I am serious — and don’t call me Shirley.

fusionSpan was connecting

The user conference was also the first time we get to meet several clients in person. With all the great social events planned during the conference, there are lots of opportunities to get to know people beyond work. Granted, rarely do you get to connect with clients over a front row roller coaster ride at Universal Studios. Let’s just say it was a thrilling Xperience!

Say cheese!

6. Review your data policies and procedures.

Although your third-party vendors are required as data processors to make their software GDPR-compliant, they are not responsible for your internal policies and procedures. Take stock of your organization’s policies and procedures on how you collect, process, and store data.

While reviewing your organization’s processes, make sure that you are answering these four questions that relate to several key principles of GDPR:

1. Does your organization have data retention policies? Do you have a process for data deletion, if the individual makes the request?
2. How does your organization evaluate and assess new data sources, technologies, or business processes?
3. Does your organization have an internal process and communication plan in the unfortunate event of a data breach?
4. Does your organization have a legal basis or ‘legitimate interest’ in the data that is being gathered and processed?

7. Understand Individuals’ Data Rights under GDPR.

One of the most significant changes that GDPR brings is that the regulation grants ownership to an individual’s data to the individual, not to the organization.

The GDPR introduces these eight data rights for individuals.

1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.

The Information Commissioner’s Office (ICO), the UK’s independent body to uphold information rights, created a Guide to the General Data Protection Regulation that goes more in-depth on these new individual data rights, and what steps your organization to ensure the individual’s data rights are protected.

8. Perform a Data Protection Impact Assessment (DPIA) to minimize privacy risks.

GDPR recommends risk assessment be an ongoing and continuous process. Your first GDPR risk assessment will go a lot smoother if you have done a comprehensive data audit.

The ICO also created several checklists to evaluate your organization’s data protection compliance and also suggests actionable steps to improve your GDPR compliance.

9. Create an action plan to improve your organization’s data governance.

Once your data audit and risk assessment have been completed, create a roadmap to plan any necessary data migrations, consolidations, and policy and process changes.

10. Review your terms of use and other privacy communications

Finally, once your data audit is complete and you have planned your processes and procedures, meet with your legal team to revise your Privacy Policy, Terms and Conditions, and other privacy communications to be in compliance with GDPR.

Organizations choosing enterprise-level Association Management Systems (AMS) likely do so for a range of reasons. They know they’re getting a product with a rich feature set and all kinds of configuration options. They know they’ll have a greater deal of flexibility. But, likely most important, is the system can be customized to their need.

Unfortunately, customizations are a double-edged sword. On one hand, they allow the organization to completely mold the AMS to their business needs. On the flip side, customizations require extra maintenance, which is work. With that in mind, here are a few items to consider when considering a customization.

Make sure it’s a business need

When staff says, “We need the system to X because that’s how we’ve always done it.”  SIRENS should start going off. Often old processes are built around an old AMS, and if you really liked your old system, WHY DID YOU GET A DIFFERENT AMS?!? Customization should always be driven by either a business rule or business need. Business rules are usually listed in the by-laws of the organization, and business needs are a feature that will help deliver against the business goals of the organization. Requiring staff to draft up a business case for new customizations is not excessive. If nothing else, staff willing to put in the effort to come up with a business case obviously have a little conviction behind their customization request, while the folks who think it’s too much work will likely figure out how to fit their processes within the baseline.

Clearly define purpose

As part of a business case, there should be an understanding of “WHY?” a customization is needed. Too often customizations focus on how they will work, with no conversation about “why.” Having a “why” clearly defined helps ensure the effort always matches up with the purpose. If you just focus on the how, you can end up 100 hours into a development project before you know it, and if the customization only helps one person save 8 hours once a year, you’ve made a mistake. Even if you do need the customization, there will inevitably be opportunities for scope creep. With a defined purpose any scope creep items you can ask, “Does this help address why we need this customization?” If the answer is no, then keep it out of scope.

Build for flexibility

Most customizations are built to fix an issue now. Which is good — until you’re no longer in the now.  In time, you will find yourself painted into a corner.

As part of the design process, try to identify input values. These could be inputs into formulas, text descriptions, drop down fields, or any other number of values. With each of those inputs, make sure the values are captured in an area that is easy to update without having a developer get involved, either in a control panel, system option, or some other feature that can be edited, instead of having the input value hard-coded into the customization.

Think of a spreadsheet, where you have to multiply a bunch of values by 20%. For each of those fields you could go in and type 20% into each field, but then if your boss comes back and says, “Actually, we need to do 25%,” you’re now stuck finding and replacing each 20% in your spreadsheet. Instead, what you want is to type 20% into one field, then everywhere in your spreadsheet where you multiply by 20%, just reference that field. That way when you need to switch to 25%, you only have to make one change.

Granted, building for flexibility usually requires a little extra work, so balancing the right amount of flexibility against your budget is a per-project judgment, but some are always better than none.

Conclusion

While everyone wants a perfect system out of the box, most enterprise level associations will inevitably need to customize. Being strategic, purposeful and flexible with those customizations will serve you well in the long-term success of your organization’s AMS.

“Did I lose my special treat?” A frequent question from my son. We’ve created a system in our home where if he behaves, he gets a “special treat” after dinner – usually in the form of 22 minutes of TV. While there are some issues with the system (what’s the leverage for behaving once he’s lost this special treat?), overall the incentive has succeeded because we’ve taught him about delayed gratification. That may seem like an easy task, but given how abstract the concept of time is to a child, he only figured it out after repeating the same process over and over.

Working with a customer relationship management (CRM) system presents a similar problem – people must do work now to reap the benefits later. A CRM can provide amazing insights into your customers, but only if people take the time to ensure data gets into the system. That requires staff to change their processes and spend time now to get results later. It’s not easy, but here are a few steps to get you going.

What’s your treat?

Promising a child a big piece of chocolate cake and then trying to give them one Oreo cookie and calling it even will not go over well. The same goes for staff. Too often a CRM is promised as the fix-all for everything – then when the CRM inevitably fails to deliver, staff discount the tool as a failure. Instead, try selling what you have. Talk about how an Oreo cookie goes great with milk. How much fun it is to twist an Oreo to separate one of the cookies from the cream. How an Oreo is kind of like getting two cookies!

For your CRM, talk about what specifically will be tracked in the CRM. Identify current processes – likely related to reporting or tracking – that will be significantly easier and/or less time-consuming because of the CRM. Point out that having one set of customer data means that when a customer’s email bounces, only one person needs to fix it and it will automatically update for everyone else. Focus on the true value of the CRM.

What’s a reasonable timeline?

My four-year-old recently asked, “How many minutes until my birthday?” When I informed him it was approximately 383,000 minutes away, a mix of disbelief and terror seemed to wash over him. While birthday presents are a great example of delayed gratification, they’re too far off to provide motivation – I need to provide an incentive that is more tangible.

Same goes for the CRM. Providing those early wins builds momentum towards long-term goals. Show how a list of contacts entered today can be pulled as a report tomorrow. How financial transactions being entered in the CRM can help reconcile the General Ledger. How tasks that used to take five steps now take three steps. While the longer-term results may take six months to a year out, short-term successes help reinforce the necessary processes that allow you to reach your long-term goals.

Who’s the parent?

While it’s never any fun, parents need to remind their kids that they must EARN that gratification. Whether through following directions, helping with chores, or remembering to say please and thank you, there needs to be effort to earn the gratification. If the child still gets their “special treat” even if they don’t use please or thank you once, then they have not learned anything. The parent needs to hold the child to their end of the bargain.

For work, that means ensuring staff are entering customer information into your CRM. They must follow the processes and take the time to ensure the information is complete. Initially, this will likely include regular reminders to staff about the processes. Auditing the data on a regular basis will help identify individuals not in compliance with the processes so that more targeted interventions can occur. Change doesn’t happen overnight, so don’t give up. And if all your intervention does not work, do not then do the work for them. Otherwise they will never learn.

Conclusion

While getting the most out of your CRM takes work, the effort will be worth it. There will come a day when staff just enter all their information into the CRM and children will wash the dishes without being reminded. And you will get an extra 30 minutes to of “me time” – which will be your delayed gratification.

Underutilize technology and it will rust away…

As part of an office redesign, an organization I used to work at installed all new screens in the conference rooms. They also installed two large touch screen projectors that allowed for an “interactive” presentation. Instead of sitting behind their laptop, the presenter could control their presentation directly from the projection screen, making for a more engaging and collaborative experience. Except it wasn’t. Few staff bothered to learn how to use or even connect the screen to their computer, primarily using the screens to just display presentations. Because they leveraged projectors, the image was inferior to the HDTV screens. So, what seemed like superior technology turned out to be inferior in practice.

Too often new technology is introduced to an organization at great cost without addressing the strategic purpose or plan for the tool. This results in under-utilization of the technology, which in turn leads to wasted resources. Avoiding this waste requires thoughtful preparation, implementation and operation of new technology. Consider leveraging the following four steps to ensure success.

Define success

New technology should be trying to solve a problem. Make sure to articulate the problem and expected improvements once the tool is in place. And it cannot be that, “once we implement X, everything will be great!” That’s the perfect way to set technology up to fail. Instead focus on specific measurable outcomes you’re planning to accomplish with the new tool.

Identify relevant use cases

When working with small organizations, nothing makes me cringe more than the phrase, “Well at Amazon they…” or, “You know Apple uses…” It’s like comparing an orange with an entire apple orchard. There are tools tech giants use that are relevant to other organizations, just make sure you identify how your organization is going to apply a tool. A great example is Slack. Slack can be an incredible collaboration tool. But if staff don’t understand how their processes fit into the tool, then adoption is likely to be low. Connect the tool to the process, and you’ll have a much greater chance of success. Which relates to my next point.

Personalize training

Everyone is busy, which is why processes rarely change. Assuming a new tool will encourage change is a mistake. Because everyone is so busy, no one has time to identify the best ways they can leverage new technology. Instead, people will identify ways the new tool fits in their current process without disturbing anything else, which likely underutilizes the tool. People focus on what they understand and ignore the rest. Personalized training helps remove the burden. Staff don’t have to invest as much energy into the tool. Accomplish this with a pilot group who is willing to invest in the tool and can the role it out to the rest of the organization. Or have trainers conduct follow-up one-on-one sessions with staff to see what they are doing and identify any potentially new processes. Explain the tool in their terms, and they’re much more likely to understand the bigger picture.

Measure progress

Everyone measures how their customers engage with their technology, but what about staff? Many tools allow for some level of reporting on staff usage. How often do staff login? What functionality are they leveraging? If a direct messaging system was introduced, has there been a decrease in emails? If a cloud storage solution was introduced, is the system holding machine back-ups seeing less data usage? This all goes back to the first point on defining success – how will you know you’re there if you never bother to measure your progress? If you never stop to check the map, how can you confirm your headed in the right direction and not about to drive off a cliff.

Being more strategic in the tools you implement will likely mean you leverage fewer tools, but that’s likely a good thing. Fewer tools means less learning by staff, which results in them spending more time focused on their actual work. While at times taking a short cut to a quick implementation of a new tool may seem optimal, you’ll end up waste both staff time and financial resources in the long run. If you are strategic when you start, and you will succeed in the long run.

A similar version of this post was originally published on IT Chronicles.

Tired of receiving the “You have one or more certificates in your Salesforce org XYZ* that will expire soon…” notices? Or worse, when your CEO receives it and sends a panicked email to you at 3 in the morning?

You can solve the countless email bombardment, for you and your users, by creating a new certificate and transitioning all your connected Apps and API’s to use the new certificate. SSL certificates in Salesforce are used by Connected Apps using SAML, SOAP and REST APIs. This post will take you through the steps of creating new certificates with longer expiry dates to replace the expiring ones.

The process of creating and configuring a new certificate is fairly straightforward and can be done in 2 fairly quick steps:

• Generate a new self signed certificate
• Modify connected Apps to use the new certificate as described here

The issue is that Salesforce, by default, will create self-signed certificates that are valid for only a year. This means that every year you have to create new certificates. The process (as described above), is relatively painless, but most of these Connected Apps are third-party integrations, which means there is a whole lot of coordination needed to migrate these applications to use the new certificate. The actual work is relatively easy and just involves importing the certificate by these third-party systems/vendors. The coordination to make it happen and then test all of these integrations is time consuming.

One way to mitigate is to not rely on Salesforce, and just generate these certificates with longer expiry dates.

Note: Most Certificate Authorities (CA) will only issue shorter term certificates because they want to be able to guard against private keys that get compromised. Since we are using a single self-signed certificate, we can change the key and certificate on our schedule.

Openssl is an excellent open source tool to do this. Here is a quick-and-dirty guide to generating a certificate for use with Salesforce:

Step 1: Generate a self signed certificate valid for 10 years

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -days 3650

Here the -days flag is setting the expiry date of this certificate for 10 years. You can set it to any number of days.

Step 2: Convert the certificate and key into pkcs12 file

openssl pkcs12 -export -in cert.pem -inkey key.pem -out server.p12 -name salesforce_cert

Note: Use a password when prompted, as you will need it later.

Step 3: Import the new certificate into a keystore file (the format Salesforce expects)

keytool -importkeystore   -destkeystore server.keystore -srckeystore server.p12 -srcstoretype PKCS12 -alias  salesforce_cert

Step 4: Import the new certificate into Salesforce

Go to Setup->Certificate and Key Management->Import from Keystore

and then import the keystore file created in Step 3.

You now have a new certificate available that is valid for 10 years. Just modify any of your connect apps to use the new certificate. And send the public key (cert.pem from Step 1), to any of the external system, so that they can continue working with the new certificate.

fusionSpan was at AMSFest, put on by Teri Carden, founder of ReviewMyAMS.com. It’s an intimate event where association professionals can get an up-close look at a bunch of different AMS (association management systems) vendors all in one place. They also can talk with industry partners (like fusionSpan) about what the trends are and what they should have on their radar. Very informative for both organizations beginning the process of moving to a new AMS as well as organizations just looking to stay abreast of the latest news related to association technology. Highlights included:

AMS Implementation

Heard from Rene Shonerd who is currently implementing 5 AMS systems at once. A little crazy, but sometimes you just got to do what you got to do. She pointed out that before making a move, associations should always reassess their current system – new feature come out all the time, and those new features may solve your current issues. If you do decide to move, make sure to rank the importance of different feature BEFORE looking at systems – don’t want to make a decision based on some shiny object that isn’t business critical.

SSO and API

Featuring fusionSpan’s very own Gayathri Kher, this panel dived into the nitty-gritty of SSO (single sign-on) and API (application programming interface). While all AMS vendors can check a box that their system does have an API, not all APIs are built the same. As you are getting ready to make a purchase, ask them to demonstrate the capabilities of their API, budget money to maintain your integrations, and understand that, as the name suggests, you will need a programmer to do some programming. There was also an interesting conversation around Middleware that can serve as a cog to connect multiple systems, but can also be costly.

Investors Discover

Lots of AMS vendors are buying and being bought. A vendor being purchased could be a good thing – the panel noted that generally only good companies get acquired. It could also mean trouble – an acquisition likely means a change in culture. Key takeaway for associations? Ask questions – reach out to your favorite employees at that organization and see if they are sticking around. If they are leaving it may be a red flag of things to come.

Was a very informative event with lots of very knowledgeable speakers donating their time to put on a great event. Plus, if you’re about to begin the search for a new AMS, may as well do it at a location with a rooftop networking event. We had a great view of the Capitol, Union Station and the rest of the DC skyline.

One of our clients, a small-staff association, wanted to improve user experience during the annual conference registration . In the past they just used their AMS, netForum Pro to register attendees but increased customer service calls forced them to look for an alternate solution. This time around they wanted to simplify the registration process and reduce the work that their staff will need to do in managing registrations.

Our recommendation was to use a dedicated web based Event Management software. Some advantages of using an online event management software to manage your events and registration are

1.  Provides online access and a dedicated branded event website.
2.  Automate the entire event registration. Users could manage their own registrations. Optionally they are allowed to modify their registrations and even initiate refunds.
3.  Process credit card payments.
4.  All event and registration data is secure.
5. Affordable for a small staff organization
6.  Can integrate with the current membership database.

The first 4 features are pretty much universally supported by most good quality event management software.

Its the last feature that we were most interested in. Reducing staff overhead by letting attendees key in information does reduce your staffs overhead, but this information already exists in your membership database, why enter it again at all? Wouldn’t it be better if most of the registration information is already filled in for your members?

Most of the registration information including attendee name, address and contact information is already in your membership database (substitute with your CRM or AMS). Since the organization we were doing this for already used netForum Pro and Abila provides a comprehensive set of web services that provide secure access to your member data, all we needed was an event management software that would support this integration.

This helped us in selecting Cvent since it provides this exact capability we were looking for. They call it Single Sing On (SSO), but it is a little more than just single sign on. In effect they allow externalizing user authentication and also allow for pre-populating user information.

When a user goes to our dedicate event website and try to register, Cvent redirects them to the Organizations homepage. Here they see the familiar login page. Once we authenticate the user with their netForum credentials (username and password), we redirect the user back to Cvent and also send details about the user which includes

•  Full name
•  Address
•  Phone number
•  Email address
• Membership Information

The interaction is a little more complicated than shown in the previous figure. The following diagram shows some of the HTTP redirection that takes place when performing the SSO –

Since Cvent recognizes the organization as a trust identity provider, it just accepts all the information regarding the user and creates one in their own system. The user now sees most of their registration information already pre-filled and can make changes if something has changed or enter their payment details.

What is cool is that we can even recognize different category of users (in our case just Active Members and Non-members). This allows us to offer different registration fees to different users.

One minor caveat – Cvent did recommend using their SAML based SSO solution. After several tries and working with their support it simply did not work. It was either not installed on their end or their were some configuration errors. Either way it still seems experimental with minimal documentation. We ended up using HTTP FORM based SSO which also uses SSL (and a slight work around for mutual authentication), so it was just as secure if non-standards based. If you are looking at SSO with Cvent, please use this method first and if time permits try the SAML based approach.