Professional IT

It was with great sadness that I read this article in the BBC British teenage designer of Summly hits jackpot.  This was not sadness for this young coder, I am pleased that he has had success with his application and hope that his skills go on to benefit our industry.  My sadness was because since the 1980's our industry has struggled to live down the teenager in a garage writing computer games.

This era lead to the Non IT trained upper management having very unreal expectations of the requirements of a properly designed program.  After all if a teenager in his bedroom can make something successful imagine how easily a room full of trained professionals can achieve....  This in turn lead to a perception that young people are more in touch with computers that has also delivered an unwelcome ageism to the industry.

The increasing complexity of computer games moved them to a point where working alone anywhere you simply could not compete with a professional game producer.  The increasingly complex graphics and crafted game play meant that few people would have all the skills necessary to create such a game, however long they took.  Not only that the industry moved so quickly that if they did not deliver a game in a timely fashion it was outdated and unwanted when it was finally ready.

Now along come apps and the news companies have dragged out the myth for another airing.  The truth is that on device single purpose Apps are not that hard to create.  The kind of application integrated into other business systems that must be stable and secure are quite another matter.  These will require careful design and time and effort and it makes me sad to think that our diligent work will be met with "but if a teenage can write this in his bedroom why are you taking so long".

Cloud poison

Last week I wrote about the need to trust in cloud services and likened the need to do so to our trust of the food production industries.  Many people though worry about cloud services because of "glitches" that occur.   These may be operational failures or security vulnerabilities that are discovered.

I once sat, a couple of years ago, with an upper manager who was lambasting Googles services because they had just had a two hour outage.  He used this as an example of why cloud services would never be appropriate and we should continue to provide our own services because they were more reliable.  I pointed out that the Google issue had been just two hours in the last 5 years but that did not shake his view.  I then pointed out that once a month the company's exchange servers were shut down and restarted to ensure consistent functionality.  This shut down period added up through just one year made for a significantly greater unavailability for our services than Googles had been in the last 5.  He still was not convinced and I understood at that point this was not about logic or reality it was about personal conviction and comfort with a bought object being touchable.

The same manager and multiple others I have spoken to also delightfully point out to me every security issue that the cloud services are accused of.  Once again they use this as a reason why we should continue to do it ourselves.  Our services though were based on products that also have security issues and frequently needed patching or upgrading.  Without exception this took a long time to achieve both through lack of resources and through the complications of actually deploying the required changes.  I have seen it take years to deliver these updates, and all that time the company remains vulnerable.  With cloud services almost as soon as a vulnerability becomes known the service is patched to protect against it, in most cases without the user ever being aware.

Returning to my food metaphor these things are like the occasional food scare we see.  The event may be accidental or deliberate and they often frighten us off the particular food for a short period, however none of us return to just growing our own food.  We trust the food industry and its regulators to keep us safe and advise us on how to avoid issues.

Trusting the Cloud

Hundreds if not thousands of years ago a lesson was learnt that has allowed our species to become what they are today.  It seems though that when it comes to the cloud we find it very easy to not behave in this same manner and that could be holding us back.

Once upon a time our ancestors had to spend their entire day looking for food.  Even once they had learned to cultivate crops and animals it still pretty much took all their time to do this, and though this led to a self sufficient life it was essentially just a daily grind.  Eventually what happened was that some people concentrated on the role of providing food, allowing the others to focus on other "value add" occupations.  We suddenly had time away from the fields to learn other things and work to the good of the race as a whole.  This free time eventually lead to the development of computers and even to the Cloud.

Most of us nowadays are so used to this state of affairs we don't really think about what we still to this day trust the farmer to deliver for us.  Indeed sometimes people seem to look down on the role the farmer plays in our lives.  The truth of it is that if they stopped making the food we need available, we would all have to stop working on computers and find a way to feed ourselves.  Today trusting others is the natural way of things.  It doesn't stop with food either as we also trust other services to help to keep us alive for example removing our sewage; purifying our water; and providing power for heating.

Why then is it so difficult for us to trust in the Cloud?

Like food production, once we learn to trust the Cloud with the subsistence part of computing we will be free to explore other things, focusing on the business benefits and how we can deliver new things in effective ways.    Without this we will all still be chained to the yoke of commodity systems desperately hoping that we can find the time to add some value.

Following the cloud

Just before I began my new role  25,000 mail accounts were moved from a hosted Microsoft exchange system to Microsoft's cloud systems.  This has not only simplified our environment it has made it more reliable and is perceived as a service improvement, better still it has significantly reduced our costs.  Now we are seeking to move the remaining more complex email accounts into this environment as well, that is once we have solved the enterprise vault issues.

Viewing it from the position of an organisation that has taken this path it all seems like a no brainer.  In my former roles though I encountered the nervousness that exists around the adoption of cloud solutions.  This is rooted partially in the uncertainty of trusting a third party and partly in concerns about where that leaves the IT department of the future.

It is inevitable that the cloud will and is changing the way that we use computers and there is nothing we can or should do to stop that.  Standing in front of its adoption will not protect our roles from the cloud but will simply encourage business users to work around us.  Instead we must focus on ensuring that we add value in areas that are not commodity computing, those systems that make our companies unique.

While it may initially be difficult to trust organisations that provide cloud services and indeed the infrastructure that delivers it to us it is important that we learn to do so.  Once we rid ourselves of commodity systems we will be able to concentrate harder on making a difference and supporting our organisations strategies.

And the cloud came crashing down.

I am a big advocate of cloud services but recent events have made clear to me that there is definitely some work to be done before we can rely on these services for everything.  Last week I arrived home to find that we had no internet, and worse still no dial tone on the phone.  For the second time in 6 months someone had run off with a section of the cable that joins the village I live in to the nearest telephone exchange.

This lead to a protracted disconnection from the internet that finished today five days later.  It is not until you miss something that you really realise how much you take it for granted.  Time and time again over the five days we had to check ourselves as we headed to the computer to find something out.  This was made particularly bad as this location also has extremely poor mobile data access.

Fortunately the hour I spend on the train each day gave me access to the cloud from my smartphone and all the same information was available.  Indeed now that my connection has been re-established I find that I am completely up to date with what I do, regardless of not having access from a computer for this time.  This shows that the smartphone revolution powered by the introduction of the iPhone has enabled anywhere cloud computing.  At the same time it shows that we still have some way to go making our fixed infrastructure reliable enough for cloud only computing.

China Tech

Yesterday I opened two parcels, the contents of each had been made in China. In fact this is a pretty common situation for us all, but although the items are made in China they are rarely attributed to the Chinese. This situation is going to start to change.

Chinese companies are very capable and in a lot of cases are doing much more than just make the products that we buy with a western companies name on it. This has been an expedient way to demonstrate the quality of their manufacturing, the iPhone itself an excellent example of this, but why would these companies not want their own name on the product instead?

At this point our conceit about the necessity for “Western” input into successful products blinds us to the capabilities of Chinese companies. Along with this goes a perception of Chinese home grown products being cheap rubbish that breaks easily. After all what mobile phone would you rather carry one made by Apple or one made by Huawei?

I remember my father telling me that once upon a time Made in Japan was seen as a mark of poor quality, something you would never buy. That has significantly reversed with people seeing these products now as quality items, companies such as SONY at the forefront of this. Japan though is a relatively small country, when China makes this step and their products become revered for their quality what will happen then? Will western brands, so dependant on Chinese manufacturing, survive the deluge?

Blackberry and Apple Crumble

This week has been interesting for the staff at Rim with their consumer BIS users being separated from services that they love. At the same time Apple have struggled with the demand for their new operating system causing issues with the update itself. This is particularly worrying because part of the new OS is a cloud service.

I write this not because I am an Android user and thus revel in the pain of these companies, because Androids turn will inevitably come. I write this because it demonstrates how easy it is for small problems to almost instantly become massive when so many users are affected and are connected to internet services. These incidents will almost certainly have affected Rim more than Apple, young users in the grip of a fashion to use Blackberry messenger will discover facebook chat or google talk works just as well. Indeed the iMessage technology in Apples ios5 may well be another blow to this service, assuming of course people can install it!

What is certain is that more effort will be made to avoid this in future, things will get better still. We should not forget in the middle of this kind of incident that error is what has lead us to the place we are currently in. Every error, leads us to making a different decision next time. So don’t lambaste these companies too hard because the embarrassment they suffer today will lead to better services tomorrow.

CAD in the Cloud

Focusing on the recent announcement by Autocad that they are going to follow a web strategy for their products we finally start to see engineering apps moving into the cloud. These were the ones that I feared would hold up the advancement to full cloud. With services like OnLive also expanding it is becoming clear that graphical applications no longer need to be positioned locally on the fastest box you can buy.

Indeed with the amount of processing available in the cloud it is likely that graphical apps delivered in this way will surpass the locally installed ones. These applications will also deliver a new degree of collaboration and maybe allow organisations to truly operate in a fully global manner.

The web programs will remove issues of software patching, whilst at the same time ensuring that all users are working on the same edition of the software.

Not only that but because these applications will require accredited logins to access them so pirating of the programs will become much harder, maybe even impossible. This will of course allow these companies to remove the work associated with protecting the products from theft massively reducing the price ;-)

This could be the start of the point where more complex users can become full cloud citizens, if the integrity of the data it uses can be guaranteed.

The "i" habbit

Today I found myself in a mobile phone comparison conversation. Unusually none of the people in the conversation were using iPhones and yet they were all very happy about that. Travelling on the train to London yesterday though iPhones seemed to be the device of choice. This could be down to the fact that todays grouping was all techies and they tend to be more motivated by technological cool than fashion.

What was clear though is that the iPhone has elevated smart phones to the device of choice, something I forecast in the early 2000’s. It took a ridiculously long time to get to this point and when it came it was the consumer pressure that forced the device into business. This was the opposite to the way that Smartphones were previously being marketed.

Flushed with that success Apple came up with the iPad, a media portal device with limited input capability that looked like a giant iPhone. Many commentators laughed and assumed it would never catch on, but as I expected it has become a staple of many houses. Though many houses have much more powerful laptops to hand the iPad with its always on capability has become the device to use. One colleague told me the other day that his gets at least 2 hours use a day but normally much more.

In corporate IT we have already seen the edges of this device making it’s way into the corporate world. Purist technologists will fight this, but they will be driven back by the weight of the corporate managers seeking to move the convenience of their home experience into the workplace. This will apply not only to the iPad but also to the plethora of other tablet style devices that are appearing. Microsoft’s Windows 8 will provide for much improved windows tablets but this is appearing quite late in the day and it is yet to be seen whether it will become a challenger. I hope it will because I need a tablet that I can write on, but I fear the “i” habit will by then be too deeply ingrained. If this is the case then we could be on the edge of the days where Microsoft’s operating system is no longer dominant.

If you are reading this thinking that corporate IT will remain the same despite all this you need to learn the lesson that Apple taught us. Every corporate user, no matter what their rank, is also a consumer.

The penultimate Cloud step

I have talked before about my views on private cloud, I believe in using the technology of the cloud in business just not that this makes it a private cloud. Whatever it is called though there is no doubt that making your business data centre behave like the Cloud has value.

It has operational value in the short term but in the long run what it is doing is preparing you for the trip to the real Cloud. It trains your administrators to work in this way, and your users to accept the underlying mechanisms but without having to risk placing your data out side of company control. It is this one risk that is holding back the adoption of the Cloud as a whole.

The Cloud vendors know this though and are working hard to clear away these issues. Eventually they will raise confidence in their services so far that companies will trust that their data is secured. Not only that mechanisms will evolve that will help you to buy a service from one vendor and then change vendor later in the day. I believe this will work something like it does with Mobile phone vendors today.

If you have implemented Cloud technology in your data centre then as soon as you have confidence in the Cloud you can just shift the internal services. The chances are this could be done pretty transparently possibly even without a service break. Whilst I still believe going to Cloud services for some services is right for a lot of companies right now, implementing your own Cloud Technology is a really good transitional step it that is a risk too far.

AAS and the cloud

I read somewhere once a comment that the cloud was a load of aas.  Today I was reading a document that had a table that showed the US  National Institute of standards and Technology’s definition of cloud computing referenced with the type of aas applicable.

The aas (as a service) tag has become common yet I was interested to see that my home computer is considered to be “Iaas on private cloud”.  This typifies for me the trend to reclassify everything that we have done in the computing world for the last 20 years as being cloud.  I cannot agree with this nor do I agree that there is any such thing as a private cloud.  The private cloud is simply technology implemented within a company that has the characteristics of a cloud service.  It’s relationship to the cloud is roughly the same as a generators relationship to the national grid.  Only a very snobby organisation would fire up the private electricity grid when the national one goes down.

The cloud is public and different because it is pervasive touching everything , not bounded by the walls of an organisation.  It’s public nature leads us to distrust it and in corporate IT we have to protect our organisations hence we need to do something that meets our requirements in a way we consider safe.  We have to balance this with the CEO’s desire to have “Cloud” because all of his contacts and magazine subscriptions tell him this is good, thus we call our solution private cloud.

Eventually mechanisms will evolve that will allow us to trust in the security and the privacy of the cloud and the need for “private” anything will go away.  There will be just the cloud, or more likely an interlocking series of melded clouds.  At that point we will look back a realise how old fashion we were being trying to maintain a separation rather than trying to encourage safety in a public world.

The incredibles

Ten years ago when I moved from small department IT into the world of corporate IT I heard for the first time the use of the word Architect in reference to someone working in the IT world. There was one person in the organisation that held that title, and he sat on the IS management team.

Recently I started a short period of work with a company that is at roughly the same stage of maturity as we were then but this time everybody is an Architect. There are Enterprise Architects, Technical Architects, Solutions Architects and so on going almost all the way down to calling the cha lady a beverages Architect. The truth is this is common in all companies anyone who is anyone is called an Architect.

Now leaving aside the fact that in the UK it is actually illegal to call yourself an Architect if you are not a member of the RIBA, this situation put me in mind of a film I watched recently. The Incredibles is about a superhero family in hiding, and it’s great. The thought it triggered was that in the film the bad guy wants to give everybody technology so that they can all be super heroes. His point is “When everyone is special then no one will be”.

I wonder if this is the case for the title Architect, and I wonder if this in itself makes it more difficult for us to achieve gravitas in the eyes of business units. If you look at the engineering world then being an engineer or a senior engineer is good. In fact many engineers do most of what Architects do yet they are proud to not be architects.

It seems to me that the separation should be between roles that think about how things should be done and roles that actually get things done.

Keeping it simple

For some years now I have wrestled with the concepts around Enterprise Architecture and how these can be applied to a business. It is clear that the application is not straight forward and that there is something that is making this so.

I have argued for some time that what I truly need is a way of sketching and Enterprise Architecture in the same way as a traditional Architect sketches a building. The truth is though that the traditional Architect does not do one sketch of the building but many, from different angles and perspectives. This builds to inform the viewer about the building that he is planning. No matter what the angle though a drawing is really easy for architects and non architects alike to quickly comprehend.

In Enterprise Architecture this is most definately not the case. It seems that having no way of visualising the virtual world of computing has driven us instead to opt for complex stacks of paperwork to help us. If we are not really careful though these stacks of paperwork are simply ignored, even by ourselves. How many of us can quote all of our Enterprise domain principles from the top of our heads? These make up a realatively small amount of the documentation we produce. Is it anywonder that people with less committment to EA see it as a pointless exercise?

Unfortunately the Architecture frameworks out there don't seem to help much either. This is especially true as achieving a complete framework requires you to use combinations of the existing methods. For example whilst Zachman provides a way of classifying information it provides no process, whereas TOGAF to a certain extent is the opposite. Not only that frameworks like TOGAF are so flexible that it is unlikely you will ever get consistent uses of it.

All of this combines to make the use of enterprise architecture too complex and diverse thus stopping it from being as effective as it should be. As an Enterprise Architect I believe we must look to finding ways to simplify the way we present Architectures and make them more understandable to "normal" people if we are going to demonstrate our value.

I am a name not a number

One of the problems inherent in the gradual merging of the consumer and business world is that companies can tend to focus on an individual when setting up computer systems. This makes it really difficult to separate the individual from the role in the event that they move on or change role within the company. This is particularly important when applied to temporary roles or secondments that have significant authority. I have seen situations where someone that has worked temporarily for the finance director has then moved to another location within the business with no changes to their account occurring.

Currently when I join a company I am given an account on the companies computer system, usually a staff number, a mobile telephone etc. Each of these has their own identity number used to access them so essentially even at the beginning I have multiple names. This is complicated by the fact that if I leave the company I may take my mobile phone number with me etc.

Now step forward to a world in which everyone is given an online identity at birth and that is their only account, effectively a unique on line name. This identity is used for everything telecommunications, electronic communications even access to public transport etc. Now when I join the company my unique name is associated with the role that I have taken up. All information and access rights pertinent to that role are delivered to me. I have seamless access to cloud and company systems that allow me to carry out that role but when I move on the role is assigned to my successor. Anything sent to myuniquename@mycompanysuniquename is directed to my role and thus I see it but via the role, this means my successor would also in archieves. In addition I see anything directed to myuniquename@myhomeaddress and from myuniquename@myfavouritehobby etc. but these would be directed elsewhere and not be available to any successor. Telecommunication would also use this same format rather than numbers with the method of communication being chosen by the initiator, ensuring that after you leave, phone calls to someone doing your old role will go to them and not you.

This is much more in keeping with our concept of the future, after all you never see people on science fiction programs trying to remember what account they used to access their computer do you? The techniques to provide this are available today, we simply do not use them because of tradition or because they make things more complex and thus more expensive. If we want a future where we are not bogged down by exponentially multiplying accounts though we are going to have to start giving this some priority.

This week I have been involved in discussion about consumerisation and it’s effects on corporate computing. The interesting thing for me here is that IT professionals see a difference between consumer equipment and corporate equipment when in computing terms no such difference exists. The same computer that powers my sons obsession with computer games can happily deliver CAD drawings. His mobile phone is just as capable of taking phone calls and emails as any corporate Blackberry. In short consumer equipment can deliver corporate outputs (although not always the other way around particularly in the case of games).

There is really only one thing that forces us to draw the distinction and that is restrictions around the accessibility of the data that is on the devices. It is important to corporates that some data is protected, sometimes to an extreme degree as there can be penalties for leeking this data. This need not be legal penalties but can also be loss of reputation or just financial loss. IT departments are very aware of this an are tasked to prevent it and thus see corporate computing as different.

Consider though that it is actually important to consumers to protect some of their data too, sometimes also to an extreme degree. Penalties for leeking this data can be the same, loss of reputation or financial etc. The real difference is many consumers simply do not understand this whether applied to computing or indeed just ordinary life. I am reminded of the time Jeremy Clarkson printed his bank account number in his news paper column because he did not believe anyone could abuse it. Someone used this to make a donation from his account to charity and he soon realised the error of his ways.

So if both consumers and corporates benefit from the security why is it not inherent in all devices? Well the answer here is that it is starting to happen, I would argue that the iPhone/iPad environment is equivalent if not better than an average corporate computing environment. The devices are locked down, only run applications from an approved source and data on them can be protected and wiped if necessary etc.

The iDevice model is very much an old world device and application model as we are used to but there is also the Cloud computing model. Googles chromebook uses the cloud model to deliver services, which are arguably more secure than many business systems, and protects its hardware by keeping two copies of the firmware and checking one against the other to prevent keyloggers etc. from getting a foot hold.

Microsoft are not going to be locked out of this either though and their forthcoming Windows 8 will make use of an application store and provide similar features to it’s competition.

All of this confirms that the world of corporate computing and the world of consumer computing will inevitably come closer until there is no difference between the two. It will become as normal to have a computer allowance as it has been to have a car allowance, and combined with Cloud computing this will significantly change the current world of the corporate IT professional.

Trial and Error

As well as selection of over complicated technology products there are other factors that may well contribute to the slow deployment of technology. As we have aspired to IT professionalism we have also potentially lost some of the factors that made us agile.


We have decided that we should get everything perfect first time, after all we specialise in this stuff don’t we? This is reinforced by the way we are treated by our businesses if even the smallest thing goes wrong. As a breed nothing is every good enough for an engineer in whatever discipline they work. We can always improve something and will do so if we are allowed to, even if that means starting again from scratch and missing deadlines. Add to this the threat of bite back should anything fail and projects take too long as we try harder and harder to make them perfect.

The evolutionary process that has lead to our own existence on this planet and then to all of our achievements makes use of the trial and error process. You try a few things discard the failures then keep the successes and try a few more things based on them. To improve our delivery timescale we need to be able to work in ways that allow application of trial and error.

In software development we have methodologies such as agile that allow us to use this process quite effectively. I have seen a number of significant successful software development projects use this to great effect. In infrastructure though this does not seem to be the case as large investments in equipment that don’t do what was expected is never going to be popular. Once again though there is hope on the horizon in the form of Cloud compute.

Spinning up a computer in the cloud to try out your new service costs you only the computing power that you use. If the service does not work then just turn it off again and stop paying, suddenly you are free to take risks. This potentially allows you to become much more agile in your approach to the creation of infrastructure. Not only that but successful trials can be scaled up within the same service into a live system, or depending on the services you are creating can be moved onto on premise equipment.

Of course software is a factor in here that currently confuses the picture. Whatever software you are putting on the Cloud compute infrastructure will need to be licensed correctly. This may well be a driver that helps certain open source products to proliferate as their licensing may better suit this agile environment, until the large software vendors work that out at least.

Choosing technology

One of the things that we all know as IT professionals is that our industry has a truly appalling failure rate. It has always been there and over recent years I have seen nothing particularly change. Statistics suggest that failure rates are 40% but I suspect that the truth is much higher. Some of these failures will be through projects simply taking too long to deliver the required benefits in a timely manner. I have seen for example Windows 7 projects started as part of a Microsoft TAP program before the OS was released being overtaken by the imminent (6 months) release of Windows 8.

Why is it that these projects take so long? Well a lot of it is down to complexity the products chosen, their configuration and the method of deployment all become highly complex. This is especially so when they are deployed into a preexisting large environment. There is however another possibility, it is us that is over complicating the delivery of these projects.

A few months ago I bought my Son a new mobile phone, he’s a Maths geek who spends a lot of time on the computer. I selected a smart phone that I believed would give him maximum functionality and reduce the number of gadgets that he needed to carry. A few days ago I asked him how one of the programs on it worked and he told me he had no idea he’d never tried it. This surprised me and on further discussion I realised he had tried pretty much none of the advanced functionality of the phone. “It’s like this Dad” he said “I use it for making phone calls and sending texts”.

My knowledge of technology and the potentials of the device lead me to select something considerably beyond what his use of the device required. The people selecting technology for our businesses are also extremely technical and vulnerable to the same conceits. I have seen outsourced projects fail because in house technical staff have mandated architectural elements of the outsourced service. I have also seen selection of simpler products or services overruled by technical opinion, only for the extra facilities obtained to never be used.

I feel this is an indicator that there is still not enough input from the actual end user in the decisions that are made. Even when an end user is involved, the end user tends to pick an IT aware individual from their organisation as their representative and this person has the same tendency to select technology. This is especially likely when you work in an engineering based organisation! The trick is to choose an individual that knows the business purpose inside and out but professes to be bad with computers. Once selected the temptation to sell them the IT options they need must also be avoided, especially if they appear to want less than you feel you should give them.

One last point nowadays I often hear technical staff telling me how Cloud services will never work; that we will always have in house facilities and that cloud is just the latest buzzword. This time it is different though, always in the past making the new technology work has always required the input of the technical people. With Cloud all a business needs to adopt the services is a computer and an Internet connection. Cloud services give the business the chance to choose technology support that is sufficient for them with out added complication from us. If IS departments want to remain relevant they must get better and choosing technology.

Could we replace Active Directory with Facebook?

Facebook may not be used by us all but it is certainly known to almost everyone.  Many people tell me proudly how they never use it, others how they have thousands of friends.  Like going to the pub or chess club, Facebook is to each what they need it to be.

Leaving aside the social abilities of Facebook there is another quite interesting property of the service.  This property is perhaps counter intuitive and certainly is something that has also been highlighted as a problem with on line services.  The property I am talking about is identity.

Now if you are an ICT security professional you probably just through something at the screen, or more likely clicked the back button.  Those of you that did not, bear with me while I explain why Facebook has properties that could identify you uniquely as an individual on line.

Okay so now assume that I create an account online for a shopping site.  They ask me my name, date of birth and something secret usually my mothers maiden name (like that was not on public record!!).  That’s it off you go, almost anyone can pretend to be me creating an account and doing whatever they wish.

Now take a look at my Facebook account.  In there is a lot of information about me, even though I am careful not to expose too much.  There are photo’s of me, there is a network of friends all of whom know me as I am choosy about who I have as a friend.  There is information about my hobbies and there are lots of examples of the way I think and my humour.  Pretending to be me on this account is much more difficult, indeed a number of times I have spotted times when this has happened to friends via a “frape”.  Of course a “frape” is normally perpetrated to  embarrass the victim so is quite obvious.

The other advantage to Facebook is that as a web destination it becomes something that people regularly use and check.  I can guarantee that a Facebook user will check the site regularly yet I doubt many of them check their online bank account for abuse every day.  This means that if something changes or some information gets posted that they did not do themselves they will most likely notice quickly. A “frape” does not go unnoticed for very long.

Finally consider what would happen if my Facebook account became the basis of my identity and was used to access other services.  My authenticity is reflected by all those facts about me and assuming any such use was reflected in my newsfeed my vigilance is assured.   Even without the authentication a feed of events, say accesses to your bank account, into Facebook as a private newsfeed would provide many users with information they do not otherwise see and potentially make them safer.

There are two further things to consider:

Facebook was not designed to be used in this way and may well have other problems that could lead to compromise.  I am noting here the conceptual benefits of a social network in uniquely identifying you and maintaining your vigilance not suggesting just jumping in and using Facebook instead of Active Directory for authentication.

Although with work it would still would be possible to masquerade as me it is not as easy and would require work and research by the perpetrator.  It is of course easier to become me if I don’t already have a Facebook account, a villain could create one for me and assume my role.  Something for all of those that gleefully tell me they never use Facebook to think about.

Pen based computing.

The tablet PC is a device that is currently receiving a lot of attention and they are undoubtedly changing the way people consume information.  Apple’s iPad device has clearly re-invigorated this market but it has a major weakness that is now showing up in almost all the devices in the class, it’s focus is on consumption of data and not creation.


Steve Jobs is quoted as saying “if you see a stylus you blew it”, the inference being that provision of a stylus destroys the user friendly nature of the system.  He certainly was not wrong when applied to the mobile phone application and it is likely that it was the stylus that kept windows mobile confined to the geek world, your average user saw this as too complicated.


Yet once the device has scaled up to tablet size things could be different, but the current trend for slavishly aping Apples designs seems to have killed off the potential of the stylus.  Even Microsoft, whose tablet technology has formed the mainstay of my computing for more than 5 years, killed off a promising tablet technology called Courier because it felt it would not compete with the iPad and its clones.  Whilst the iPad et al have fairly competent on screen keyboards they do not have the same flexibility as the pen driven tablet for inputting information.  The capacitive touch screens of the iPad allows writing apps but they are hard to use with fingers or rubber tipped pens and are not anywhere near as accurate as using a pen.


I believe that the pen based computer has struggle to make it for a number of reasons.

1. Users did not figure out that there was no need to translate handwriting in to text in the majority of situations.  They believed their sloppy handwriting would never be recognised and thus the tablet would not be of value.  In reality 75% of my use of a tablet is handwritten notes.
2. Whilst the original Microsoft tablet devices were thick versions of the iPad format, Toshiba's introduction of the convertible tablet convinced the market that hedging your bets was the way to go.  People would get one of these and tell me they would learn to use it as a tablet when they had time, but they never found the time making them expensive laptops.
3. There was nothing “sexy” about the devices they were just another kind of windows notebook with a pen for a mouse.  Though people still look at me using a tablet and ask if it’s an iPad, when the tablet is off or not in use it’s just an everyday notebook.

I really hope that Microsoft don’t completely follow Apple with their Windows 8 release and that they retain and improve the pen based computing, combining it with touch.  Alas the recent trend has been that Microsoft plays to the established market.  If they do this then what will happen is that eventually Apple will introduce a pen based tablet ( see this patent application if you don’t believe its a possibility ) on their terms alone.  They will see that if they enable students in lectures and managers in meetings to just write their notes straight onto the tablet they can replace their entire knapsack/briefcase with one tablet PC making this the must have purchase of the new school year.  This was the vision of the courier.


They will have to hurry though if this article on Indiana schools is any guideline as if they take too long people may no longer be equipped to make use of the pen driven tablet.

Corporate tea room XBox 360's

Using information technology to hold together the community of workers will undoubtedly become integral to the way companies work as we move into a less office block centralised world.  For many years video conferencing has been seen as a way to join remote offices and be productive without travelling.  From systems sat on the top of old CRT televisions to the modern high definition telepresence rooms videoconferencing has held the promise of Star Trek style visual communications for all.

Over the entire length of my IT experience though I have yet to see video conferencing that delivers on this promise.  A lot of techies think they do, but as teasing the units into making a connection inevitably requires a techie to be present they often don’t realise that most business people struggle to make these work.  Even with a technologist present it inevitably takes the first ten or fifteen minutes of a meeting to actually achieve a connection to the other party.  I suspect that if investment is made in these systems they would work better, but alas in many companies they are caught in an investment loop because upper management does not want to invest because “video conferencing is useless”.

This all looks to be changing in the consumer world with a number of developments threatening to turn out TV’s into videoconferencing units.  Last year’s Google TV introduced a set top box that could be equipped with a camera and plugged into your TV to deliver Internet television and other services.  One of the potential services here would be videoconferencing delivered using service that are already in place such as Skype etc.  In the last week however Google announced their Google Plus social networking product and this contains a component called Hangouts.  This essentially a video chat room that promises to make connecting and sharing video connections much more interesting.  

Internet TV will inevitably come and form a part of the future however there is another potentially more immediate solution to the videoconferencing television.  Throughout the world over 50 million televisions are equipped with a Microsoft XBox 360 and of  these  a quarter are equipped with a Microsoft Kinnect.  This device is a motion sensitive controller for playing games but it is also equipped with a camera and microphones meaning that there is a network of millions of televisions all waiting to share the Internet.  Add to this Microsofts’ recent $8 billion deal with Skype, the popular consumer based voice and video connectivity service, and you have the seeds of an easy to use global video conferencing network available to all.

Many corporates will look at this and assume this does not matter to them as this sits in the consumer world, however if you can connect your home workers via this network then virtual tea rooms and meeting rooms become practical.  Better still this would be done using a mechanism that people are ordinarily using to stay in touch with family around the world.  It may well be that, initially at least, the price for this will be corporate XBox 360’s in meeting rooms.  Would you be willing to pay that price or would you insist that this games technology remains in teenagers bedrooms where it belongs?

Moving the tea room

Last week I talked about mobility and how important it is to the future of companies.  Imagine though that this comes to pass and we enter a future where everyone works from home, there is simply no need to move from your house.  There is no commuting and there are no office buildings everyone works on preassigned tasks.  What would your company be like then?  There are people out there that say your company would be efficient, cost effective and low carbon.  They would be right but what they will have missed is that your company has no soul.  

In general humans are gregarious and furthermore when working together in teams we have a much greater capacity than working in isolation.  Many designs are formed and problems solved not at a stark white desk but in the kitchen, the tea room or around the water cooler.  With a mobile workforce there is no centralised point for chance meetings to occur.

One evening a little while ago I got involved in a discussion of the tea room kind.  It involved a good friend and as well as us several of his friends and a few of mine got involved in a lively debate.  Together we put the world to rights and developed some new friendships to boot, and none of us had left our respective homes.  That’s right we spontaneously created a think tank with no location barrier between us on Facebook.

Having used the word Facebook I’ve sent many of you running for the hills making cross gestures, but you need to reconsider.  Facebook is not evil or a time waster in and of itself, it is simply a mechanism that can enable that behaviour.  It can also enable a lot of good behaviours, used properly this kind of social networking can keep your company’s soul alive even after all the physical locations have be shut down.  It does not have to be Facebook, something that works in a similar way will work too.  It simply needs to give people ways to interact, without censure, so that they can find solutions or inject into someone else's work insights that they have to share.

People will use it when they are at home anyway, you may as well get some benefit out of it.  This kind of social networking is the tip of the iceburg, with much more coming in the future so think about how you can apply it to making your business more sucessful rather than how you stop it.

Working towards invisible travel

For many years now one of the characteristics of work has been that it is a place you go. This requirement has lead to many logistics problems that are continuing to escalate.  We go to work earlier and earlier to find space on crowded roads and in car parks or stand for hours on crowded trains and station platforms.  Not only is this not convenient, rising train fares and petrol costs are making the journeys more costly.  This is not the only cost either as there is significant environmental cost not just as pollution but also as noise and visual intrusion.  The truth is that if we continue as we have been with rising world populations travel will be halted by global gridlock.

Many technological solutions to this problem are being sought in intelligent traffic systems; self driving cars; interactive car networking systems and of course environmentally friendly vehicles.  These may help, certainly in the short term, but the best way of reducing the traffic is for people not to travel in the first place.  Most modern companies have remote access systems but how much do they really use them?  Although I see some technology companies using remote access systems aggressively my feeling is that most “normal” companies see remote access as a nice to have for emergencies rather than as a replacement for travelling to the office.

Sometimes it is the reliability,speed or ease of use of the solutions in place that promote this viewpoint, but more often it is the organisations view of work that is at fault.  Company culture drives a viewpoint that says if you are not in the office you are not working.  Working from home is seen as a euphemism for having a hooky day off and thus frowned upon.  As long as you are in the office you are deemed to be working and all is okay, yet in this lies the requirement that IT groups stop you “playing” with things that are not work.

To truly utilise mobile computing, companies are going to have to change they way they work.  ROWE - Results Only Working Environment was a concept that was one way of achieving this, people are paid for what they deliver, not where they sit.  The theory behind this makes sense however it’s failure to catch on (yet) demonstrates that this is a hard problem to crack.  In it’s extreme ROWE could even become something like Amazons mechanical turk a system that allows posters to submit work that freelance individuals can complete and return.  Companies like pharmaceutical company Eli Lilly have used this kind of concept to dramatically reduce their development costs, posting work and paying a bounty for the first solution to the problem.  These solutions could have applications for many companies, and an impact on the world of work that is currently difficult to predict.

I believe these changes will come in the long run, but in the meantime the key is to work with business managers to show them ways in which they can enable homeworking and yet still feel that the work is happening.  This means connecting HR, Business and IT together.  If it is done well for one part of your organisation then the resulting savings will boost the results of that area leading to others wanting to adopt it.  Just providing the tools and sitting back and waiting for them to be used, as IT departments have for years, cannot change the paradigm.  You have to work at it.

Taxi to the cloud

Earlier this week I sat and listened as a supplier talked to me about the five kinds of cloud.  Once again I see confusion as I believe that this is a digital question, it is either cloud or it is not.  Just because something is not a cloud solution does not mean that it’s the wrong thing to use but labelling it “Private cloud” to keep the CEO off your back or sell your product does not work for me.  As the father to two boys I often have to get them from A to B and as I approach a time in my life where I don’t have a car I started wondering, is owning a car the same as a “private taxi”?

A Taxi frees you from the costs of car ownership and driving but requires you to pay for the service that you actually consume.  Use of a Taxi frees you from concerns about parking, car theft and even more mundane things like purchasing fuel.  It is flexible, can do anything a car can do but can also scale to deal with unusual requirements, for example additional people.  There is also a possibility that in some circumstances it could become unavailable, if for example every Taxi in the area was currently in use.  To ensure best use of the Taxi you need to ensure that you change your working methods slightly for example by ensuring you book the Taxi ahead to ensure it is where you want it when you need it.

A car forces you to take on a number of ownership responsibilities such as ensuring the car is registered, has road tax and MOT and is regularly maintained.  Once you have chosen your car its capabilities are fixed, until you decide you must select another, you cannot scale it to deal with extra passengers for example.  A car can become unavailable through breakdowns, or even through theft none of which can be easily predicted.  It can also become unavailable through routine maintenance, for example when it is in for MOT.  Additionally a car can become unprepared for your requirements causing inconvenience, for example if you neglected to fill with fuel and have a long journey the next day.  Like a Taxi you need to understand how to use a car to its best for example by planning refuelling stops and by arranging a courtesy car during routine maintenance tasks.  On the other hand it’s use generally involves just taking the key from the hook, and it’s often handy additional storage too.

The truth is that although the two seem superficially to be the same because they are both based on a particular physical object, the two things are really very different.  Depending on your circumstances one or the other will prove most appropriate.  In this particular case a Taxi is often used in addition to a Car, for example to solve the additional passenger or car parking problem.

Just as a Car is not a “private taxi”, use of virtualisation products etc. in your data centre services does not represent a “private cloud”.  It is a very advanced corporate setup with many of the same characteristics as the cloud but has a wholly different set of advantages and disadvantages. Your CEO should be happy with that rather than forcing you to buy something with the word Cloud attached to it.

Buying services

A good friend of mine is in the market for a new car.  In the conversation about this significant purchase we talked about how when we were younger we would always look at what was under the bonnet.  It turned out that my friend had decided and bought the vehicle without ever even thinking about doing this.  He simply fully trusted that the car would do what it told him it would in the brochure.  

This experience is not new to us, the same is true of our home telephone; the satellite TV we buy; the electricity our children consume so much of etc.  We buy them and use them when most of us do not have clue about how they work, we simply trust the provider will supply what we want.  99% of the time this works for us but occasionally there will be a feature that we don’t like or that we feel is missing.  When this is the case we put up with not having it because the rest fulfils our need.

The problem comes when someone knowledgeable about the inner workings of a service is asked to organise procuring that service.  This happens quite frequently within organisations when the architect that designed the previous exchange system is asked to outsource email for example.  Their perception of what is necessary is coloured by their previous experience and often has a highly technical flavour, something that the end user will probably never notice.   Small, often infrequently used, facilities that are available in current services are held up to be vital.  This leads to hosted services being customised by vendors at the insistence of the specialists, even though the vendor has not operated the service like that before.  Doing this adds additional delay and quite often makes for a service that does not operate as expected.

When considering the use of cloud services this lack of customisation is often the key objection within the technical areas.  Missing features are highlighted as an absolute no go, despite the fact that they are not often used.   This is the equivalent of rejecting the car purchase because an otherwise perfect vehicle does not have a folding rear arm rest.  The truth is when buying into services as with buying a car you must expect to make some compromises. If your requirements are for a car that does 200mph on a fuel consumption of 100mpg then you either have to wait for something to come along that can do that or compromise on one of those figures.  When buying a car you can usually customise various things but only within a manufacturer controlled range of configurations, this too is true of services. 

If you have a long list of things that have to be changed about a service that are not yet on the vendors option list then either you are not realistically compromising or you are looking at the wrong service.  If this is the case do not be tempted to persuade the vendor to modify the service for you, walk away.   It’s really important that you trust this service and that it just works, persuading the vendor to do things they have never done before is not a great way of achieving this.  I have seen this happen too many times now and I have not yet seen it work out well.  If you cannot find a service that matches your requirement and you are certain you are not being too uncompromising then the market has not yet matured to a point that suits you. 

It is worth noting here that sometimes staff with technical skill can focus on options that they know a cloud service will be unable to provide simply to obstruct the concept.  You need to be sure that the requirements you are unable to meet are business requirements not technical ones.  You can be sure that if business users themselves go out to buy IT services they would be unlikely to look under the hood.   They will assume that the service does what it says on the tin

1984 controlling the users

In corporate IT the main topic of conversation is always management, how will we ensure everything is managed and safe.  Inherent in that discussion is how will we stop users from doing things that they should not?  This is often enhanced by security discussions and user indiscretions, all driving IT to put in place restrictions on what can be done to ensure people conform.  This all adds up to IT departments controlling all aspects of business users digital life.

This is something society can learn from, if we put chips in people so we know where they are and develop technology that can control their actions and ensure they can do no wrong .  We can use this technology to fully monitor them and ensure that they are truly under control and carrying out only the designated tasks in exactly the manner they have been told. That way the world would be a much better and safer place, wouldn’t it?   

Not to me and probably not to you we'd be giving up too much, although there will be some that will be nodding thinking it is a great idea anyway.  The truth is it is in our non adherence to the current way of working  that we discover new and better ways of working.  These ways of working can only come into being if the freedom to change is there, but this does not have to mean anarchy.  It means we have to develop ways of management that can change quickly and respond to new thought, even if we do not believe the idea will work as new ways of working can come from failed experiments too.

Alas most IT departments are not able to act in this flexible manner, technical staff are too often very opinionated about what is right and surprisingly unwilling to change.  This escalates through the organisation and it seems the bigger the IT organisation the slower and more unable to change it becomes.   For example in one organisation I worked for the process for creating a collaboration site involved an official online request which prompted the receipt of a document which had to be filled in and returned prior to a three week SLA on delivery of the site.  The rationale behind this is site management but compare this to the process involved in creating a Google site and you start to get the picture.

This is what makes consumerisation and cloud computing attractive to a business, they see it as a flexible and rapid way of working.  They feel they can come up with new ideas and ways of working that will propel them forward, but underneath they miss that these systems are actually every bit as standardised and restricted as corporate IT, you get what the system delivers and nothing more.  If you have ever wanted to use a flash application on an iPhone or iPad you will already know that, but you probably still think you iDevice is the coolest thing around.

So here is the real trick, you need to provide IT to your business in a way that is managed but feels like it is completely free and cool.  To do this you need to give way on the little things that really don’t matter, like creation of collaboration sites and compensate by absorbing the complexity of managing them.  This applies to the use of consumer technology in business and so much more, you may KNOW that something will not do the job but don’t stop it on this basis allow your business to find it out for themselves.  Set up a small scale pilot, be enthusiastic and supporting , if it goes wrong you can easily clear up if not you learn something too and the business is pleased with your supportive attitude.  Win Win.

Facebook in the office

Last night I had a conversation with some old friends which once again touched on Facebook within a company.  Their company like many has banned Facebook because they believe that people will waste time on Facebook rather than doing their job.  This is absolutely the wrong thing to do.

Banning Facebook because you are worried about malware delivered by it causing the company issues of password leakage etc. is a valid reason, but fears of time wasting is not.  Managing time wasting is a job that should be done by managers, it is what they are paid for.  Unfortunately they often feel if part of their job can be done by banning electronically then they can save themselves effort.  This may be because they do not truly understand computing or through force of habit but it cannot serve in the long run.

I first started having these conversations about web browsing in general, and later about instant messaging and it is clear people still do not get it.  If you are relying on corporate computer systems to stop employees wasting their time then you are going to fail.  Nowadays they can just as happily do Facebook and a lot else from their nice new android mobile phone on an unlimited contract.  Of course you could bring in rules to make them turn those in at the door but you’d also need to go through their bags looking for any magazines or books they may read as well.  That’s also ignoring the plethora of other technology they may carry from iPads to gameboys.

Worse in order to save your company money on office space you are also thinking about asking people to work from home more often.  Granted you can still control what is done on their corporate laptop via VPN services, but what are you going to do about the other distractions in the house?

The answer is for managers to man up and manage.  Know what an employee should be able to deliver in a certain time period and if he/she consistently fails then find out why and manage it through HR processes designed for the task.  I know it’s easier to just blame IT for letting them “play” but in our modern world of connectedness and distractions this is the only real way for companies to operate.  If you are looking for some ideas put ROWE in your search box and see where it leads you.  

Honesty in the face of the cloud

Over the last few days there have been some interesting things going on with Twitter and a certain footballer.  Essentially this footballer has requested information from Twitter about a twitter user that has posted personal information about him.  This may have been done to try and circumvent a “super injunction” and thus prompted the action.

It isn’t the rights or wrongs of the story that I find interesting it is the reaction of Twitter users who promptly on a large scale tweeted the name of the footballer, or at least of the footballer they thought was responsible.  This kind of action happens on a regular basis but this one was in direct response to their feelings about a legal approach to twitter.  It was in their eyes are defense of their freedom of speech.

It seems to me that this footballer underestimated the power of twitter and its ilk to have significant effect on the way people think.  What the he sought to do by bringing this action to Twitter was to prevent the twitter rumours from becoming mud that sticks.  What he actually achieved was ensuring that the mud did indeed stick, whilst at the same time his action brings suspicion that he was actually trying to cover up a guilty act.  The thing is that if he was indeed trying to unearth a news paper that was seeking to use twitter to get around a “super injunction” he would almost certainly have failed.  It is highly unlikely that they would have planted such a tweet from their own account and would have done it from an internet cafe because they would have known they were breaking the law.  This would have made them untraceable.  

The concern people have here is that the masses on twitter et al can be manipulated by a few individuals for their own purposes.   It is a danger well understood by the more controlling governments of this world and by the newspaper moguls that have become accustomed to functioning in that role.  I suspect it will not be long before all governments seek to act against this is some way.  The most likely will be that laws will be passed that ensure that your genuine identity is attached to all such comment.  This will mean that any such postings could accurately be tracked and that posters would be responsible for their comments.  This will reduce the number of law abiding citizens from contributing as they will fear the repercussions.  The less law abiding, however, will continue do this through fake or hijacked identities.  This will gain them more believability in doing so as they will be assumed to be genuine people, but the amplification of the subject by enraged law abiding citizens will be reduced.   Funny thing is the only way to effectively implement this kind of control will  be through some kind of active identity card system...  

For the meantime if your company becomes the target of something like this on twitter, think really carefully about whether should attempt to stifle the issue using legal action.  If you are truly not guilty you would be better advised to ride out the storm.  If you are guilty then you are going to have to be honest and hope a full apology will be accepted.