Monsters of Our Own Creation

It could hit almost anyone: a wrong click, a stupid mistake and boom. You fell victim to a nasty piece of ransomware. Or any kind of trojan.

You certainly heard about all the recent cases of ransomware spreading. It’s everything but funny when it happens and there many ways the user of the system might have been tricked into getting it on his or her machine.
The impact can be quite devestating, actually.

Trojans and worms were wrecking havoc on servers and end user systems for a long time, only it appears the attacks just keep getting nastier.

Ransomware is taking things to a more professional, large-scale monetization model. Unfortunately.

Unfortunately because of the sad fact that this is how some individuals/gangs want to earn their money. Unfortunately as well because most corporate infrastructures built up their own many monsters over decades.
Starting from more or less well managed servers to custom solutions nobody really understands in full depth anymore. It goes all the way to the laptops and PCs of the employees, bursting with tools that are all aiming at providing that aura of protection and control.
While the many tools that slow down these machines might in fact not be properly patched and supported and be hell’s gate of their own sort.

By the time you find out what these machines are really being used for things turn out to be really simple most of the time.
We are talking some spreadsheet magic, text editing, working with forms. And yes, printing stuff as that is still a thing in 2017 which is sad.
How much access to the underlying OS do you really need for accomplishing any of that?
Turns out, very little. Your modern days web browser and some useful tools like the online tools from Office 365 or Google Cloud are capable tools.

And if you embrace that idea many office working systems could easily get away with - dare I say! - chromebooks or chromeboxes.
In case you don’t know, those are completely customized OS from Google based on Linux with plenty of extra bells and whistles to make them as secure as you could hope for.
Access to the underlying OS is limited and the security concept makes it next to impossible to install software/run programs in an unauthorized fashion.
With the only example of Chrome extensions maybe.

Of course, again, these machines highly depend on cloud services by design. So yes, your networking should be well-thought through and protected. That would always be the case however and even more so with vulnerable, ill-patched full-access OS.
(Windows XP will be a lucky target for many years to come, being no longer supported but still used widely.)

And of course the cloud service dependency that raises extra-concerns: Is that secure? What about data privacy?
Well if you can manage IT security and data privacy well enough with your own homebrew tech stack hopefully not running on a server under your office desk, then fine for you. Chances are that what you deem good enough is not good enough tomorrow and contrary to the big cloud players you are probably not going to invest as much into data protecton + IT security in general. (Unless that is your business really.)
With that in mind, think again about how bad that dependency really is.

I have seen some emotional disputes about that but hey - it’s all just a matter of invest and sustainability. That goes for both your productivity strategy and machine inventory as well as your open mind towards the merits of cloud computing.
For the first, what most people are using is not necessarily the best for your purpose - again if browsing is all you need why throw a full-blown full-access machine at it.
For the latter, well, I guess there would be an epiphany waiting for you either way, sooner or later.

Stay safe!


This Will Never Work

I remember one time I was interviewing for a position about a world-wide transformation that started with a remark somewhat like this:
“Most people in this company think this project is going to fail. It has never worked and it will never work.”

That was a little bit of an odd conversation and in the end I am happy it never led anywhere.
Just think about it. A common piece of software was to be rolled out globally and the Program Manager/“master mind” behind it is fully aware of the slim chances of success and let’s you know right from start.

Is that an act of brutal honesty? Should I have tried much harder to get the job because it would never get any more honest than that?

Well, what it really shows is what a big divide within the company was going on at the time. (And maybe still.)

Here are some very likely stances present in the overall project context.

Don’t change my ways

Changing software is not really an emotional act, changing ways of working however can truly step people on the wrong foot.
While the project was all about streamlining, efficiency and transparency the people running the show in the markets have little interest in changing ways of working and existing processes.
Some of them might be the architects of these ways of working and processes. They could not be afraid of anything more than “looking bad”. Looking bad is even worse than “doing bad” because it might leave stains on white velvet vests..

It’s not even a rational thing, really. Yet change management has a big emotional side to it and changing processes is a tough one.

It’s not all that convincing

The reasons for starting the project are certainly sound and understood all the way up, yet there is one catch.

That idea was stuck somehwere on the higher floors of that skyscraper. Despite the belief of the ones at the top the message never made its way through the fabric of that tower.
The compelling story told up there did not get that echo it needed - for whatever reason. Maybe because the ones following did not get the story really.
Maybe because they were just not the right sound carrier to echo the story and only transported some bits and pieces they thought to be important.
Whatever happened, the story was way distorted by the time it reached some small local managers.

And there it ended up not all that convincing. That might appear not much of a deal. Yet it sets the tone for a long time and pure rationale will do little to help.
If ego and fear of loss of responsibility tag along it gets only exponentially worse.

That’s a brutal run-down isn’t it?
Not much more brutal than stating that there is almost nobody in the company who’d believe in success.

I was a little bit surprised that there is no English counterpart for the German word “Killerphrase”.
Kill-joy is headed somewhat into the direction. Yet what it really means is making statements that are more or less idea killers.
Not always intentionally, but the way they are constructed they only head towards destruction.

That was what I thought hearing when I was told:
“Most people in this company think this project is going to fail. It has never worked and it will never work.”

This is just like recapping all the resistance and lack of understanding you were facing.
The natural thing to do is to get to a clean with all stakeholders - or at least the ones open for reason and with the power to make decisions.
Starting a project like that with a starting situation that is poor at best is asking for failure.

Coming back to the opening of that interview this article started with. Here is what the opening statement was actually really saying: Hi, I am just looking for somebody taking over all the responsibility on my behalf. I have little intention setting the scene for success myself because that might be uneasy and it could get dirty.
A sound response should be: I understand. And this type of approach has never worked. Good luck. (Here we go, playing idea killer bingo! ;) )


Roles Are Not Forever

Roles are like diamonds - every single of them is precious, none of them is forever.

During the course of any project and in particular the complex ones it’s pretty common to switch hats.
Sometimes you are project managing, next minute architecting the solution, developing (parts of) it, doing press release management, run some marketing or sales show.

Would anybody find this a sign of incoherence or lack of continuity? I wager not, and more than that being able to fulfil more than one role when needed is what every employer is looking for.

The sweet irony however is that this is not reflected when it comes to hiring.
Most people, certainly recruiters, assume that your only aspiration would be to “get hired up the hierarchy”.

That might be the case for some individuals but those who take pride in their knowledge and skills care less about “impressive” job titles but rather opportunities to grow and excel.
That could very well happen by going with a title that is not “on par” with your current. I mean, why not?
At the end of the day it is just a matter of switching roles like you should be able to as a flexible person who is not good at one thing only.

One of the rules of leading is that a good leader knows exactly when it’s time to follow - and is indeed as good a follower as a leader.
If you truly understand this it should come only logical to you that “stepping down” is not a matter of “giving up” or acting on “not being fit for a role”.
It’s just a matter of changing gears. Quite to the contrary, if you are not able to change gears you should not ever be in lead anyway.

So do not judge to quickly and show some reason. Don’t assume everybody is in it for the hierarchy ladder game.
And those who really are should not be the ones you are after. Seriously.


When I Won That Microsoft Cloud Show Contest

What does it take to win in a creative Cloud Show contest? Creativity, technical interest and a little bit of time. Not really that much, honestly.
The whole deal was all about the 200nd show of the Microsoft Cloud show which really rocks.

A great podcast to listen to!

And here is that file I submitted, just for reference and in the spirit of full transparency:

I asked them to donate the XBox to some infant clinique and help have some poor young fellas to have as much fun with kick-ass games as I used to have.



Never accept that net neutrality is going down the drain!


How to Architect Azure

I am not biased when it comes to cloud computing. In general I am not biased when it comes to architecture. (Any architecture needs first and foremost to be fit for purpose, right?)

Let’s get ready for a multi-cloud future!
AWS? Check. Azure? Check. Wait a minute, Azure certification? It’s not as straight-forward as with AWS but once you know your way around you can get there.

Microsoft Azure is the cloud with most data centres around the globe, did you know?

I have compiled some practical tips on what to expect, how to pass the 70-534 exam. Check out my article on that and get a head start into your next certification!

Important to know: There is no thing like a static overview and learning guide for any of these cloud certifications and Azure ones are no different. This technology field is constantly changing and evolving - so do not try to scrap as much as you can but rather get yourself informed about the latest and greatest!

Enjoy! I am happy that my article resonates well, after all it’s a direct reflection of my own trip to certification. One that is absolutely worth it.


Helping to Turn Things for the Better

Have you ever thought about giving back? There’s much to do - and small things can mean the world to those in dire need.

Less talk, more action please!

Well, why not get some inspiration over here and participate on a Facebook page I set up to collect some thoughts around this.

You are using your skills, your knowledge and your hard work for all sorts of benefits, every day. Benefits for you, your employer, maybe some individuals here and there.
How many times do you feel like there have to be more ways to give back?
Return the favour of being in a position that allows you to thrive, which comes to society and your family as part of that backing you up.

What are we going to do?

Brainstorm about the things we can do to make a difference. The next time we meet up we’ll build something, putting ideas to action. Developers looking for a challenge and inspiration are highly welcome, all ideas shared are for everyone! Take them home, tweak them, go and have fun.

What ideas are we talking about?

Pretty much anything that helps the people. Be creative.
To get you started, think of an online job place for low educated people, a platform for free education for children and teenagers implemented by lectures (videos) with different subtitles, a well done nanny service for working parents, devices and tools for people with special needs. The list could go on and on and you might have some great ideas that are entirely different from these examples - looking forward to hearing them!

There are indeed many ways to give back. It seems to be something that we do haven an urge for, if you see Mr. Buffett just chipping in 3.2 BN $ “for charity”.

You might not have that kind of liquidity, help you can regardless.
If you have some great initiatives to suggest, please let me know! Happy to discuss with you anytime. Thanks for stopping by.


Hiring Is No Word Count Exercise in Real Life

Looking for a job can be tiring, hiring people is an energy drain too. It’s all procedures, word counts and instead of feeling like dating - what it should be like - it feels more like spinning that hamster wheel of yours faster and faster.

Well, of course it does not have to be like that. Still, something is off with the hiring business.
When listening to an AWS startup podcast about finding people for startups I was reminded of what. (It’s not limited to Startups, to take that away.)

Such as:

Job descriptions keep you too often left puzzled and the recruiting doesn’t make it any better

Articulating the “requirements” for a job is difficult. It literally almost always feels like there is only a remote connection between the job and its description. That is not so much of a surprise if you consider that rarely any requirement is captured correctly.
If you ever ran an IT project you know the consequences of requirements captured incorrectly. Let’s just say there are few happy ends with these.
Why would I even dare indicate that there’s a problem?
Well logically there have to be problems with the way things work - just think about how big the divide usually is between the people who articulate their demand like the “hiring managers”, the people who publish that demand and the people doing the prequalification looking to fulfil the demand, in other terms the people from “HR”.
This is not a fault game at play here, of course you need to split up tasks. And not everybody can be an expert in everything.
Ironically enough nevertheless the people with the demand, the ones actually looking for people, are the ones that end up investing the least time looking for people.
The higher the demand, the less time would they spend on a task that is obviously vital for breaking the vicious circle they are in - not enough people, not enough time to do just anything but running the hamster wheel.

How to crack this? I guess what should rather happen than providing check lists that are sort of interchangeable is expressing what the job setup is all about, what the challenges are and what is important to you and what core beliefs you carry. That’s your little sales pitch there, let the candidates respond to it and judge later. Don’t ask for the whole vita, don’t exclude candidates because they do not match a rigid schema.

Surprise and be open to be surprised. What about that?

And why should this be cool with anybody, remind me again?

What am I in for again?
Who wants to be in a position where little new tricks can be learnt and possibilities to advance your career, at least if you want to, are scarce?
People you want to work with certainly not. And “working with” is key here, not “working for” - you can choose to be a leader but if you are then your people come first, not you and nothing else.
Otherwise you are a sponsor at least and should leave leading to somebody better qualified.

So what to do then to advertise yourself as employer, or a good “dating partner” to stick to that analogy?

You don’t have to come up with all the perks of a Google but in return for responsibility why not grant freedom to explore something new and allow your people to discover themselves and what they can do.
Let ‘em showcase their work and themselves to the world in conferences, have think tanks, hackathons, let them go wild. Very likely there will be discoveries that can be put right back into your company.
Once you know how chatbots work you can use them everywhere, right? So don’t be that darn rigid and “result oriented” which translates to inhumane. People are at their best when they feel being part of something bigger.
An empty task box and a monthly reward for that will not get you there.

Last but not least another thing that will not get you there. Selecting candidates because they won a word count game in their CV for all the words you expected to have in it.
Give candidates a chance because it feels right - and the attitude seems right.
(NB: Counting words is the “Hello world” of the Big Data world. Hiring is not a Hadoop tutorial, however - you can do better than that.)


Decision Making No Mans Land

Decision making is fun and games, until it eventually isn’t anymore.

Don't ask me!

We are all told that decision making is an important part of life. Taking just any direction without decisons is not possible, in fact every move you make is the result of decisions taken.

Now have you ever encountered a situation when an important decision was endlessly deferred in your organization and everybody caught up in analysis paralysis?

Of course you have. Why is it that we find ourselves having a hard time to take a decision, even though taking no decision could easily turn out to be more severe than one that is not optimal? The reason is simple.

Taking the risk of taking a decision comes with responsibility and moreover, the way people think in most organizations still, with liability. There is a saying that the best way of avoiding doing anything wrong is by not doing anything at all.
That is why so often external help is brought in to back people up, ideally a strategy firm people know. You would think that is for the sake of finding the best possible answer, in reality you’ll find it’s just a way of outsourcing the decision making. At least the parts about liability - if anything blows up later it’s the consulting firm and thir bad advise and not you who took the responsibility for a decision.

How could we get into a de-facto standard mode of associating decision making with punishment? How come we talk about great decisions in great length but try to avoid talking about bad decisions? Would there be less to be learnt from the latter?
No, it all comes down to politics I am afraid. When appearance matters more than anything else nobody wants to have stains on their white velvet vests. Any decision taken has to be potential to be a stain.

There is only one way of dealing with this: do your due diligence, make decisions, defend them (as somebody will always argue against the decision no matter what) - but be open to revise these decisions. Be fair. Be fact based. Don’t judge too harshly as you would not be judged harshly. If you are really in a spot where a “bad” decision is not tolerable, assuming you have done your very best to turn around when things went south, you are most likely in the wrong place. Unless you actually like acting and politics - in that case there is plenty to do in the Decision Making No Mans Land.


There Is Nothing Wrong With Debt, Until It Eats You Alive

Debt in IT Architecture is just as unavoidable as financial debt for any company. Managing it carefully is at least equally important.

Maybe we should work on this...

It’s amazing how common sense is repeatedly ignored in digital domains. Debt is a perfect example - in your booking sheets there would be all sorts of reasons to accept debt or even welcome it for the better of the company overall. What you would however never do is simply ignore debt.
How come ignoring architectural debt is so common in the IT space, then? Even worse, in many organizations there is no doubt about the IT debt itself but zero grasp about its magnitude. The attempt to put the debt in numbers was never made.

That appears strangely indifferent. It still just adds up if you consider that IT is still considered only as cost center in way too many organizations. In that light, why not stick to something that “works” and focus on the profit centers, right?

The epiphany that these profit centers are directly tied to your IT cost center in almost any case today* comes only much later, might take years to shape out.
That is certainly the case for organizations that struggle with (the idea of) improved online or combined online and offline sales channels, hence do not realize that the baseline IT is not only a matter of cost but an enable for new business models altogether.
However it is the case as well for organizations that are only “operationally” driven, meaning ones that will only focus on customer projects and sacrifice innovation to that end. Such organizations include even high-tech startups.

So architectural debt is all around and not only a concern for traditional companies and their legacy IT infrastructure.

Truth is, architectural debt has the annoying tendency to exponentially increase complexity and cost while decreasing reliability and security.
Ignoring it while you still have time to breathe is only asking for a hasty rescue mission with uncertain ending.

What now then!

The only way to break a vicious cycle of “no time to improve” -> “the mess is slowing us down” -> “no time to improve” is to get back to square one. What is the reason you are running your IT systems? What is your long-term plan? Deliberately slow down to turn things around - and take it as an investment. Unless you get to the conclusion that running your systems was a bad idea in the first place. Then don’t waste capacity on a lost mission - do the hard and the right thing and get rid of them ASAP.

Losing speed comes unwanted when plenty of project work is knocking at the door, that’s clear.
Yet, losing speed in order to do the right thing is certainly better than ending up agile but fragile.

*) Unless your business vision does not involve complete or new and in either case actionable data, processes nor flawless process and system integrations.