Sunday, August 31, 2008
Open Source Public Relations?
I have realized that my futile attempts of encouraging industry analysts to provide deeper coverage on open source will go nowhere. The challenge is that analysts have substituted spoonfeeding for actual research where open source projects will almost always lose against their closed source counterparts.
So, instead of fighting the analyst game where the only way to get coverage is to reach deep into your pockets and pull out lots of lint, that open source projects instead consider the notion of open source public relations.
Open source projects shouldn't get in line to issue press releases but instead should always result in leveraging the answer that is most open. In analyzing other methods that were viral such as the 2,000 Bloggers project, why can't others within the community leverage the same tactic?
For example, OWASP has several thousand attendees throughout the planet. Imagine if a simple message went out asking all attendees to post one and only one blog entry that contains links to each other. Everyone who cares about Web Application Security and their blog ranks would rise immediately.
Popularity in the blogosphere is driven by links and we all know that hyperlinks subvert hierarchy. So why aren't you already linking to OWASP...
Links for 2008-08-31
I wonder why Dave Kearns and others aren't acknowledging the fact that while these should be thought of as personas and distinct in trivial ways that software vendors that provide solutions for identity have to twist them in order to sell products. The only way these concepts can converge is to ignore proprietary messages and the vendors who spoonfeed industry analysts and for the voice of open source to rise above the rest.
I believe that Bex Huff should keep this credential for himself. Of course, if he decides to use it for open mockery of hacked applications, I will most certainly smile. Maybe, now that he has this credential, Craig Randall may solicit opinion from him on how to make DFS secure.
I wonder when Indian outsourcing firms will abandon CMMi and propose something with a little bit more integrity?
An enterprise scale approach to social networking.
Robert McIlree shares lessons learned regarding a recent experience. My take is that he did the same mistakes I made earlier in my career which was to focus on conceptual integrity over gaining buy-in. Nowadays, in order to be a successful architect, you are not required but almost mandated to take portions of folks ideas no matter how freakin stupid they may be. The notion of buy-in and perception management is causing bad decisions to be made repeatedly in many enterprises. I wonder though why it would come as a surprise to him that others believes he practices analysis paralysis.
Today was an interesting day...
As I headed out the door to Home Depot to search for the most perfect Mugo Pine to add to my Bonsai collection, I glanced to my left and watched one car run into another. It wasn't too bad and I continued along.
As I turned into Home Depot, a Black SUV came barreling out of the lot and ran into a middle aged lady. The driver kept on going with his front fender literally swinging to the right. Other drivers had stopped to check on the lady and I decided to follow the vehicle. I noticed up the street not one but two police cars parked in front of the local strip club (Newington) and I decided to turn in. The police cars had tinted windows and I pulled up to the car and there were no officers in the vehicles. I drove around the lot hoping to find them but had no luck.
I drove back to Home Depot and checked on the lady and it took over five minutes for the police to show up (Berlin). They took the information and indicated that the guy was speeding away had just snatched a ladies purse in BJ's Wholesale Club. She was insured by AIG so I hope that the claims department there takes good care of her.
Anyway, I drove and finally parked and was walking to the garden section when some irate guy bumped into me while arguing with his wife in a very physical way. I gave him the look and he knew then that an apology wasn't optional.
On the way back, I passed the strip club and as I was driving by noticed that the two officers were now breaking up a fight between two women. All of this was before lunch.
Anyway, I did find the perfect tree...
Saturday, August 30, 2008
McCain vs Obama: Straight Talk
Friday, August 29, 2008
Do IBM employees understand web application security?
On the surface, one could simply say that IBM has a vast internal community but according to many IBM insiders when challenged to identify which IBM community takes on this topic, none have been able to provide an answer. Should the marketplace expect more leadership from IBM in this regard or are we content by having Microsoft and Oracle lead the way...
How do I link my work persona with my personal life? How do I let folks in other enterprises in my local area learn about an upcoming OWASP Chapter Meeting?
So many questions, not enough answers...
Thursday, August 28, 2008
Social Networking 2.0
Are more CIOs getting fired?
How many CIOs do you know that attempt to treat IT as business as usual where every problem gets rephrased as a challenge that is immediately confronted by a thinly veiled chock-a-block eye candy Powerpoint presentation that lacks substance or becomes an opportunity to see buy a product on the magic quadrant to fill a niche when they should have instead focused on a longer term view by encouraging their existing vendors to do help them enable the strategic intent. Being a CIO requires more than handwaving.
Back up the school bus and bring in your favorite insulting firm to help you with without realizing that this isn't just about them pulling something out of their knowledge management systems and charging you six figures to do search and replace with a little bit of ceremony piled on top. While this is a different circus, using the same clowns won't get you that far.
As a profession, we need to stop bullshitting as we are more reactive now than in any other time in history. There is nothing truly strategic that IT does. OK, I know that your incestual habit of word overloading is going to cloud your thinking, but stick with this thought for a moment and acknowledge that crisis is what gets most projects funded and being proactive rarely works. Let's skip the whole perception thing and look at reality by figuring out how long it takes for your enterprise to roll out upgrades to new products that will obviously provide more features that can be leveraged as the litmus test.
Nowadays, it is rare to see a CIO stay in the same position for more than five years. If everyone knows this dirty little secret, then can we really expect someone in that role to truly think strategic? I would wager that turnover within IT organizations only serves to benefit those who are turning over and in the long haul hurts the business. The mindset of show me the money now is more important than loyalty, stewardship or even fiscal responsibility. It is no longer about making business better, it is though all about what you can sell within a specific time horizon.
Let's throw the baby out with the bath water. Did your enterprise just get a new CIO? I bet he/she walked in the door thinking that whatever the last person did wasn't right and know that they were brought in to do things differently. So, doing things differently will most certainly address perception management but different doesn't mean better, it simply means different.
CIOs you have been wildly successful in outsourcing all the folks who otherwise would have sucked up to you and have been successful in reducing expenses by outsourcing to India. What's next? Oops, you have no clue as you may be a one-hit wonder.
Within my own network of enterprise architects, I rarely run across any of them that aspire to become a CIO no matter how well positioned they may be. The funny thing is that most enterprise architects have an understanding of cause and effect and therefore understand that doing things differently may not always be the right answer. Yes, change is needed within most IT shops but it is more than just rolling out a brand new shiny process. It is also more than just selling the notion of governance as most folks really don't want to step in it. Change has to be targeted at winning the hearts and minds of those within IT such that change is something that isn't sold but something folks truly want to do for themselves.
Which does your CIO care more about? The morale of the troops or the perceptions of their boss? Of course both are important, but which is more important? Leadership requires followership and you can't be simply appointed a leader. Leadership and management are not interchangeable words. For CIOs that haven't figured out this dirty little secret, maybe you have already noodled that the acronym for CIO may stand for Career Is Over...
Wednesday, August 27, 2008
Why more IT professionals prefer consulting...
Sadly, in my own network I too fell short in finding folks who understood both. The funny thing is that both of us could find folks who understood both but worked for consulting firms but neither of us could find folks who understood both but were employed by large enterprises.
My general reaction to this is that is the start of a trend that could potentially be the anti-thesis to business/IT alignment. When a growing number of IT professionals are favoring contract work over permanent employment because of the better pay on offer, it says that no one that is qualified may be looking out for the best interests of the enterprise and the enterprise architecture may suffer.
Another take on this problem space says that HR isn't doing their job in that they don't allow for much flexibility in terms of compensation for salaried employed but can be very flexible since HR usually isn't involved with contractors that they are ultimately devaluing their own role.
Anyway, using consultants for your enterprise architecture initiatives is somewhat dangerous and if you are thinking long-term, then you should have HR policies that allow this to be accomplished. Maybe, we need to discuss IT/HR alignment?
Robert McIlree debating with James Robertson
Thoughts on Discrimination
At some level, discrimination occurs in every culture whether it be race, religion, gender, sexual orientation, whether you are a process weenie or prefer lighter-weight approaches and so on. The conversation that has never occured in America is how is this best addressed.
Many within corporate environments have simply changed their terminology and may reject candidates for other stated reasons while much of the practice still is status quo.
I wonder if it is actually better for society if we were to not mislead folks into applying for positions that they cannot be possibly even considered for? While aspiring for growth and other positions is healthy, encouraging otherwise wasted efforts surely has an effect on productivity.
Besides, wouldn't it be more beneficial to humans to know that you didn't get hired because you look like Lurch from the Adams family than to get a generic response stating that you weren't the right fit?
I guess I have lots of opinion and no opinion on this topic at the same time. Anyway, it is fascinating to observe other cultures and think for a moment that at least in this regard, Trinidad is not following the worst practices of the United States and our approach to human resources. For the record, I am savage believer in equal opportunity, so don't get it twisted...
Tuesday, August 26, 2008
Alternative careers for displaced IT workers
The funny thing is that I know more folk who have either retired early or left IT because of incompetent managers who pushed them over the edge with bureaucracy than I do who have left because they were displaced by their jobs being taken by Indian outsourcing firms.
Sadly, industry analyst firms such as Gartner and Forrester can't really survey their clients for this type of data to get at the root cause as it would be politically incorrect for even HR to capture this aspect as part of an exit interview. I wonder though if folks feel I am at least partially right?
Links for 2008-08-26
Jason Hiner pretty much sums up why IT is no longer a profession many desire to be in
The Tulsa Techfest is a two day conference where you not only get to hear from the best and brightest in IT, but also take care of charity at the same time.
Todd Biske provides insight into how ITIL can benefit SOA but misses an opportunity to provide even more value. While it is somewhat cliche to talk about continual process improvement, it would be highly valuable to outline what types of feedback do operations types observe that could benefit the software development side of the house.
I thought this blog posting was intriguing from a variety of perspectives. First, the ability to understand how resumes vary amongst different parts of the planet is something I never really thought about. More fascinating though is whether one should mention marital status which I say is a good thing. As an enterprise architect, If you can't sustain your own marriage, why would a business customer want to have a business relationship with you either. I believe marriage or lack of speaks miles about candidates.
I wonder if Nishant Kaushik will acknowledge that one of the reasons why there are so few relying parties is the simple fact that Web Access Management vendors such as Oblix, CA Siteminder and so on simply haven't updated their software to support! Of course, when they finally get around to it, they will of course allow their marketing weenies to declare that it is not on the upgrade path but an entirely different SKU ultimately elongating the problem.
James Robertson, seller of products that the marketplace no longer desires has noted a debate between myself and Robert McIlree. I wonder why he always notes debates but never actually participates in coming up with solutions such as making sure that the OWASP Enterprise Security API also has a Smalltalk equivalent...
Monday, August 25, 2008
Has America ruined yet another nation...
I speak infrequently about cultures I admire and figured I would take the opportunity to give praise to several nations and things that I like. Let's start with India. While the country is poor in financial terms, it is culturaly rich. Imagine a place where regardless of whether you are Hindu, Christian or Muslim, you can openly acknowledge your religion and others will respect it. Imagine a place where you can have your children watch Channel Zero on TV and not be worried that nudity, violence or other immorality will confront your four year old. Imagine a place where you can watch movies as a family and don't have to always worry about the rating of a movie or certain forms of gratitious sex.
Welcome to India and Trinidad. Two great nations who are becoming less of third world countries and more equal participants in a global economy. Yet, the question remains as to how these nations can grow and thrive without becoming a clone of America. As these two nations do more trade with the United States, they aren't just creating jobs but are also trading immorality with the US. As more countries interact with the United States, they also tend to pick up ideas of our criminal enterprise as they learn a lot by watching TV. Murder rates are increasing, teen pregnancy is increasing, divorce rates are increasing and the sanctity of marriage and a culture of values is being traded for a culture of the dollar.
During my honeymoon eleven years ago, I got to see wonderful movies such as Yes Boss. On my most recent visit, I learned that all the movie theaters that used to show Indian movies are now closed. Bollywood has been replaced by Hollywood. As a nation becomes more industrial, it also loses its underlying culture. Imagine being on a Caribbean island where fruits such as Mangoes, Oranges, Breadfruit and Banana's grow in abundance but you have absolutly no access to them. When it becomes easier to eat fast food such as KFC than it is to eat healthy, it hints that America has been successful in destroying another country.
I remember eleven years ago, when I wanted to call a relative, I used to call the payphone and someone would run and get them. Today, everyone has a cell phone that are in many ways better than what we have. While this is considered progress, sometimes you have to acknowledge at what expense this comes at. If you think American's have a problem with debt, then you haven't talked to the average Trinidadian. The economic model of extending credit in the era of Ronald Reagan and free spending has been applied in third world countries. Sadly, having an economy based on this model will surely collapse.
What is great is that my family has managed to profit from the exploitation of others. One family member is a manager for Coca-Cola and has increased the amount of soda consumption by kids several fold. Other relative is a manager for an appliance chain and has doubled store sales simply by talking about easy credit terms. Some will view my commentary as a success story in that they are doing well in providing for their families while others will see the morale implications of their actions. I wonder what side of the fence do you sit?
Sunday, August 24, 2008
Thoughts on Spanish and remaining ignorant...
Have you ever heard the phrase: when in Rome? I guess this applies to most demographics except for those who speak Spanish. While I tend to poke at Indian Outsourcing, I do have the utmost respect for folks from India. People of India make a strong effort to learn not just English but the American form of English. They also manage to keep their own culture but do not require others to adapt to it.
While on vacation in Trinidad, I had the opportunity to talk with my nephew (Hi Robby) who is a firefighter. The previous day, he and his team had rescued a family in a burning building. Depending on one's perspective, his bravery or stupidity caused him to run into a burning building to save a family who only spoke Spanish. While this type of thing is very common in the US, this is the first time he ran across this in Trinidad as folks traditionally from neighboring countries such as Venezuela have adapted.
For those who will get it twisted, my nephew's last name is Salazar so get busy reading into it. The government of Trinidad is now paying him to learn Spanish. While this is a logical reaction, is this really the right thing?
If Trinidad is to survive as a nation, it needs to not repeat the mistakes made by other nations such as the United States...
Do Indian Outsourcing Firms understand Web Application Security
The folks over at Cognizant are the only consistent exception I have been able to observe. They actively encourage their employees not only learn about web application security but to also attend local OWASP chapter meetings regardless of whether they are in India or the United States. They even sponsor the OWASP chapter in Chennai.
It is curious to me that Cognizant understands the value proposition of encouraging their employees to participate in OWASP, but other firms such as Infosys, Satyam, TCS and others are still missing in action...
Saturday, August 23, 2008
Indian Outsourcing Firms
The ability to establish a dominant position in application security is still up for grabs and can be had by simply sponsoring local user group meetings to gain mindshare. Any predictions as to who will be first?
Friday, August 22, 2008
Thoughts on why recruiters fail at finding top talent?
One interesting observation is that the recruiters within many large enterprises think that recruiting occurs solely during core working hours. As a chapter leader for OWASP I know that a lot of top talent shows up at the user groups I run yet there are few if any recruiters in attendance actually networking with folks in attendance.
During my last user group meeting, I actually presented a listing of job opportunities that were IT security focused and not run of the mill and will continue to help recruiters find highly qualified candidates. The only thing in exchange that I ask of them is to help spread the word that we need to make application security visible.
I have probably failed the recruiting community because I am encouraging them to do something other than lurk at my user group meetings. Many recruiters get it twisted and think that a security-oriented user group will only attract IT security professionals. OWASP doesn't exist to teach security professionals why software developers write horrific code but does exist to teach developers and architects how to write better code.
Wouldn't it be intriguing if a recruiter decided to sponsor Pizza for our next meeting or were to spend fifteen minutes on the podium talking about the state of the IT industry and raffled off a Microsoft Zune Player to the person who asked the best question...
Thursday, August 21, 2008
Why Web 2.0 is something that enterprise architects should avoid...
Many enterprise architects frequent industry conferences where there is a healthy mix of learning and relaxation. Being out of the office afforded one lots of time to focus on the human aspects of technology and more importantly the eye candy especially when you are in Vegas, Miami or similar destinations. Sadly, Web 2.0 is ruining this practice.
What happens in Vegas, stays in Vegas is a phrase I wouldn't put much faith any longer. With blogs, Camera phones that upload to Flickr and now Twitter, the ability to be caught in suboptimal positions that will be shared with others is something to ponder....
Wednesday, August 20, 2008
Enterprise Architecture: The end of work/life balance...
Tuesday, August 19, 2008
Project Managers who pretend they are Enterprise Architects
In order for a discussion to go anywhere, it requires not just pontification of opinion but some facts as well. Robert McIdiot posted Suggestions for the OWASP maturity model which factually proves that he should more frequently exercise his right to remain silent. Anyway, let's dissect his confusion to see if there is any insight.
- The Enterprise Dilettante is named "project leader" for the "maturity model" project for a relatively new outfit named OWASP - why does the acronym remind me of a venomous insect and not an internationally recognized standards body?
- I wonder what he'll do about contributions to this "effort," particularly code, from India, or eastern Europe.
- yet rail about offshoring even though current IT employment in the US is higher now in 2008 than it was before the dot-bomb implosion earlier in this decade.
- So Jimbo, what's your "maturity model" going to look like? Code? Process (heaven forbid)? Powerpoint (OMG)? How heavy is it? How light? How constrained by the Agile Manifesto? Or not? Bottom line dude: who does it successfully serve?
- It's one thing to get on a soap box and bleat endless platitudes that in the end mean nothing to anyone. On the other hand, if you have something of value to deliver...we're waiting, but not holding our collective breath.
- Show me - and I'm betting that you can't.
If you want to make bets, I bet that you couldn't competently run an open source project because you can only succeed based on command and control. I bet you don't even comprehend the value proposition of open source nor the community model at large. I would bet though that you will either post a stupid response regarding open source or simply practice remaining silent.
Anyway, I hope that the organizations that Robert Mcilree consults for truly get what they pay for...
Vacationing in Trinidad
I hope that my co-workers are jealous thinking about how much fun I will have on the beach while they crank out even more sterile Powerpoints...
Monday, August 18, 2008
Indian Outsourcing and how Inexperience Generates Failure
When you study the code, it seems like many within India are learning from books and web sites which are weak proxies for actually learning how to design software. If no one on the project knows what good code looks like, you get (guess what) code that doesn't look good.
The interesting thing is that India hasn't yet taken advantage of the love of Agile methods. Consider, the ability to write suboptimal code where you can immediately declare that you were focused on business value as first priority. Your followup statement can be about the need to mercilessly refactor code at a later date. In the end, you have a nice set of Martin Fowler approved excuses for failure.
What is more interesting is the findings of an upcoming industry analyst firm who will be releasing a report on the ability of Satyam, Infosys and others to write code that doesn't have any of the OWASP Top Ten vulnerabilities. It shouldn't come to a surprise to anyone that the result isn't kind. The analyst writing the report also noted that India has lots of opportunities on learning how to write secure code but due to cultural reasons, few take advantage of user groups such as OWASP.
The only way for code to improve is for folks writing it to learn from others who are superior to them and are willing to publicly acknowledge such fact. Maybe it is a good thing that India has mastered the Peter Principle by promoting those who can't code into managers...
Free Legal Advice
Read this and make a copy for your files in case you need to refer to it someday. Maybe we should all take some of his advice!
A corporate attorney sent the following out to the employees in his company.
1. The next time you order checks have only your initials (instead of first name) and last name put on them. If someone takes your checkbook, they will not know if you sign your checks with just your initials or your first name, but your bank will know how you sign your checks.
2. Do not sign the back of your credit cards. Instead, put “PHOTO ID REQUIRED”.
3. When you are writing checks to pay on your credit card accounts, DO NOT put the complete account number on the “For” line. Instead, just put the last four numbers. The credit card company knows the rest of the numbers, and anyone who might be handling your check as it passes through all the check processing channels won’t have access to it.
4. Put your work phone # on your checks instead of your home phone. If you have a P.O Box, use that instead of your home address. If you do not have a P.O. Box, use your work address. Never have your SS# printed on your checks. (DUH!) You can add it if it is necessary. But if you have it printed, anyone can get it.
5. Place the contents of your wallet on a photocopy machine. Do both sides of each license, credit card, etc. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel Keep the photocopy in a safe place. I also carry a photocopy of my passport when travel either here or abroad. We’ve all heard horror stories about fraud that’s committed on us in stealing a name, address, Social Security number, credit cards.
Sunday, August 17, 2008
Thoughts on Richard Stallman and Free Software
There is lots of software which serves the general interest without serving any one person or company sufficiently that they would signle handedly pay upfront for its development. Patronage simply is anti-innovation and relying on this model is a bad idea. Can we acknowledge that patrons are rarely forward thinking? Can we also acknowledge that complex, well-designed software is likely to result from patronage.
How ethical is free software? If you deliberately seek to destroy thousands of folks way of earning money, then ethics demands that you at least try to find an alternative for them. Richard, the answer isn't to immediately give up all your worldly possessions and beg for grants as this model worked for you but otherwise doesn't scale.
For the record, there are some models close to patronage such as how OWASP develops its software, but you might have noticed that there is a preference for licenses other than your personal favorite. More importantly Richard, you have forced lots of enterprises to waste money that could have been used to forward the cause of open source software but instead you made them give it to lawyers. Does this feel good?
Youngest Victim of Offshoring
No words can justify the loss of a child. When reading the blog of Mohan Babu K. I actually cried. This individual is someone whom I have exchanged emails over the Internet on a few occasions. While we have never met nor heard the human voice, I feel like I know him.
For those who read my blog, I encourage you to review and sign this petition asking authorities and the airlines to investigate. The details of the event are here.
As for you Mohan, seek out our creator, the one God to whom all praise is due. In the meantime, I will pray and ask that you find the path to a better place...
Saturday, August 16, 2008
Is your CIO committing Management Malpractice?
Before we get started, I think that much of the problems aren't directly related to IT and are caused by general human resource professionals and their non-forward thinking way of viewing the world. Consider that HR isn't involved in outsourcing and at some level, this is what allows it to be mediocrity successful.
Many of the today´s human resources professionals have struggled in appreciating the value proposition of working from home, when they have developed for so many years a mentality where managing payrolls, exerting control through rigid policies and being an administrative organization with poor emphasis in people issues has determined that flexible work schedules as a mean to provide a right balance between life and work to busy, valued and stressed employees is not one of the top concerns from a merely transactional HR management.
A conservative corporate culture usually is adverse to assume a high risk profile and are characteristically reluctant to provide to its employes the time and the authorization to work at home as part of a talent policy to deliver true employee satisfaction from the perspective of providing a flexible work schedule as part of a corporate program designed to deliver means to reach a healthy balance between life and work.
This reluctance in providing flexible schedules to work from home are accentuated through of managerial malpractices like micromanagement where the activities developed by manager´s subordinates are obsessively overviewed; the possibility of innovate is systematically denied and the communication among co-workers is systematically censured.
Based in the premise that employees are the most valuable asset in current organizations, most of the Fortune 500 companies are developing programs with diverse recreational activities and flexible job schedules where working at home is a possibility to help to their employees in reaching a healthy balance between life and profession, and by this way minimize the risks of having employees suffering from professional burnout.
Having said that, is straightforward the appreciation that for these companies their employees are considered as an valued asset because they have the unique opportunity of enjoying of a supportive workplace environment where their professional development will be systematically encouraged, their expectations will be fulfilled in a supportive workplace environment and additionally, they enjoy the privilege of working in a company, which culture is appreciative to recognize, reward and celebrate timely, the extra-value that a responsible and competent professional may offer to his/her organization.
Friday, August 15, 2008
Ways to ignore airline baggage limits...
I dropped the family off at the airport this week and noticed several couples waiting inline. They were traveling to Puerto Rico when the counter agent told them there would be an additional fee for overweight baggage. Another person standing in line heard this conversation and took some items out of their bag and put them into the backpack they were carrying.
This next couple made it to the counter and placed their bags on the scale where the counter agent preceeded to put the baggage tape/sticker on the back and handed it back to the couple to carry over to the TSA baggage folks. Of course, the counter agent moved along to the next customer when this couple decided to simply take stuff out of their backpack and place right back into their luggage.
Of course, TSA is solely responsible for checking bags and doesn't really care if someone either adds or removes stuff prior to it being handed to them. In many airports, especially when crowded you could do this without a TSA agent nor counter agent seeing it.
In other words, you are an idiot if you pay for exceeding baggage limits...
Thursday, August 14, 2008
Enterprise Architecture: Does CMMi encourage worst practices?
It is important that Architects stop embracing hybrid thinking as this is a mental disorder. While the primary purpose of the quest for process quality is product quality, the theory that the quality of a product is dependent on the quality of the process used to produce it is flawed. Of course, if you look hard enough, you can find relationships between any two observations. For example, did you know that the price of tea in China correlates well with the quality (or lack of) of code written by Indian outsourcing firms?
There is a distinction between product quality and process quality. Process quality focuses on the ability of an organization to meet budget and schedule commitments. Having documented, repeatable, measurable processes helps with estimation. Software quality is not really the focus, except that an organization must be able to predict when the product will have a sufficiently high level of quality to be considered "finished" and an organization that makes good estimates won't find itself in a position where it has to change plans and trade quality for time or money.
Ever been to McDonalds? Bet you didn't know that they are CMM Level five? Does anyone think that McDonalds product quality is high? I wonder what the relationship is between flipping burgers at McDonalds and the quality of code produced in India?
Six Year Old Kids in Trinidad are Trembling
Wednesday, August 13, 2008
The secret relationship between martial arts and enterprise architecture
Ever wonder why Taekwondo is an olympic sport and other styles aren't? Does it have to do with actual fighting ability or instead is chosen solely because of its popularity? Most folks don't understand that Taekwondo is a sport and not a martial art!
Martial arts aren't learned for fitness, they are learned to protect yourself. In a confrontation, the dumbest thing you could do is to attempt to kick someone in the head as you could get sweeped very easily. Unlike Taekwondo or other sports, Jujitsu sole purpose is to bring pain to folks.
Ever notice that pretty much no one that does extreme fighting ever has a background in either Kempo Karate or Taekwondo but they all have some form of Jujitsu. What works as a sport doesn't work in self-defense and vice versa.
So, what does this have to do with enterprise architecture? Is enterprise architecture and its goal to be more aligned with business goals driven by popularity or by the ability to win? The former is all about perception management while the later is all about reality.
Sadly, IT nowadays is all about perception management yet the business that it is supposed to align with is all about reality. There is no perception that we are now in a global economy and that your competitors are aiming to place an armbar on your enterprise.
Should enterprises be focused on flashy but otherwise useless kicks or should they instead be focused on the more practical...
Does Sun understand software security?
Most recently, it was announced that Sun also produced an insecure version of OpenID. Does Sun just care about security features or do they also care if their security features are secure?