Thursday, March 13, 2008
Links for 2008-03-13
I suspect that many enterprisey folks don't understand why being prescriptive is bad
Enterprise Architecture has now declared that proof of concepts are no longer relevant. After all, if your executives can say the phrase best practices and innovation in the same sentence, the only other things you need is a comprehensive industry analyst chart and a wonderful chock-a-block eye candy Powerpoint presentation from your software vendor. We all know that vendors never twist facts and always tell the truth about their capabilities.
Successful attacks are successful because they usually remain unknown. One of the best ways to uncover what would otherwise be unknown is through proper log management techniques. Unfortunately, most developers aren't thinking about practical considerations around what to log and this is usually not specified at development time.
Security professionals need to pay attention to any tool which allows for the capture of personally identifiable information without user consent.
Bex Huff believes that Enterprise Content Management standards to date have been horrific. I agree! I am of the belief that the notion of industry reference architectures tend to be closer to being useful. Imagine if Alfresco, Documentum, Stellent and others got together and defined collectively how ECM should integrate with ESB or how ECMs should integrate with external directory services instead of storing users
Has anyone noticed that Gartner hasn't provided any guidance on how folks should think about such issues?
Great article on implementing enterprise architecture in environments where it can't be sold.