Friday, March 07, 2008
Is Awareness an Enterprise Architecture Antipattern?
Have you ever noticed that a lot of effort goes into making folks aware especially in large enterprises but it never really goes much deeper than that...
Do we have a communications problem or is communication the problem? Have you observed that many enterprisey architects have put tons of effort into their strategies around SOA, BPM, ECM only to make folks aware? Have you also noticed that even after all of these awareness activities that the enterprise still doesn't know how to build thoughtful services, integrated business processes nor secure ECM architectures?
Awareness is what enterprise architects do to IT executives. This is the starting point and not the destination. For every enterprise architect who has attempted to sell security, SOA or the hype of the minute, have they also attempted to go well beyond awareness and figure out how folks can practice building better architectures.
For the record, I am part of the problem. Pretty much all of my peers know how to spew security buzzwords but none of them have been trained beyond the level of awareness and therefore will still continue to propagate security worst practices. For example, in the domain of security, many know security trivia and now can recite SQL injection and cross-site scripting but may not bad code or even bad design from a security perspective even if it were properly labeled and staring them in the face.
Simply, enterprise architects need to spend more time in help others not just become aware but to develop a deep understanding. Maybe the problem is that HR has a say in most training that occurs in large enterprises as they have wrapped it up in the nomenclature of personal development. When are we going to learn that awareness initiatives are good for sexual harassment and copier training, but falls short if you attempt to apply it to SOA, Security or anything more meaningful...
| | View blog reactionsDo we have a communications problem or is communication the problem? Have you observed that many enterprisey architects have put tons of effort into their strategies around SOA, BPM, ECM only to make folks aware? Have you also noticed that even after all of these awareness activities that the enterprise still doesn't know how to build thoughtful services, integrated business processes nor secure ECM architectures?
Awareness is what enterprise architects do to IT executives. This is the starting point and not the destination. For every enterprise architect who has attempted to sell security, SOA or the hype of the minute, have they also attempted to go well beyond awareness and figure out how folks can practice building better architectures.
For the record, I am part of the problem. Pretty much all of my peers know how to spew security buzzwords but none of them have been trained beyond the level of awareness and therefore will still continue to propagate security worst practices. For example, in the domain of security, many know security trivia and now can recite SQL injection and cross-site scripting but may not bad code or even bad design from a security perspective even if it were properly labeled and staring them in the face.
Simply, enterprise architects need to spend more time in help others not just become aware but to develop a deep understanding. Maybe the problem is that HR has a say in most training that occurs in large enterprises as they have wrapped it up in the nomenclature of personal development. When are we going to learn that awareness initiatives are good for sexual harassment and copier training, but falls short if you attempt to apply it to SOA, Security or anything more meaningful...