Blame it on Cloud Security

It is really an easy one, I suppose … so many business and IT decision makers told me that as the reason of not implementing / migrating their systems to the cloud.

However, truth is that data and systems residing in public or private clouds are as secure as you make them. Typically, cloud-based systems can be more secure than existing internal systems if you do the upfront work required.

For example, I am pretty sure the physical security, patch management and many other security measures are better implemented by Cloud Services Providers than your own IT department.

Check out the Security Guidance from Cloud Security Alliance and COBIT from ISACA for more details and the techniques, and I am sure you can implement a secure cloud system.

Cloud experts, any thoughts ?

linkedin pic 3

Blame it on the ever-changing requirements

Whenever there is a delay in software project delivery, the usual reaction is blaming it on the unclear and ever-changing business requirements.

Edward Berard, author of the Object Oriented Software Engineering, once said “Walking on water and developing software from a specification are easy, if both are frozen.” and clearly it proved that point … or did it ?

We all know in the real world, business changes fast and therefore so are the software requirements. So it’s really no point to insist in freezing requirements before starting the software development, instead we shall consider :

1) How can we cope with changing requirements in our development lifecycle ? (Read : Scrum Development)

2) How can we make our applications more flexible and easier to change without affecting other parts of the system ? (Read : API and Micro-services)

3) How can we migrate / rollback production systems easily ? (Read : DevOps)

4) How can we lower the cost of infrastructure and failure ? (Read : Cloud infrastructure)

So, don’t blame it on the requirement changes, as change is constant. Let’s do a better job in developing the business software.

Development professionals, any thoughts ?

linkedin pic 2

Blame it on technology

It’s really easy to blame everything on technology, whenever there is a project failure, especially new ones with lots of acronyms and buzzwords.

On the other hand, have we trained up the business users to master the technology ? Have we defined the project objectives clearly ? Have we reviewed and revised the business processes to work with the technology ?

People, process, technology … technology actually comes last.

So don’t blame everything on technology, blame the project failure on how we implement a new technology.

Technology professionals, any thoughts ?

linkedin pic 1

Connecting the Dots, Connecting the Blockchain

“Again, you can’t connect the dots looking forward; you can only connect them looking backwards. So you have to trust that the dots will somehow connect in your future. You have to trust in something – your gut, destiny, life, karma, whatever. This approach has never let me down, and it has made all the difference in my life.” – Steve Jobs

Back in 1994, I joined a company who was developing a document service for the trading companies in Hong Kong. The service facilitated the trading companies to send various trading documents to the Hong Kong Government securely and with authenticity.

The technology behind all these was Public Key Infrastructure, or asymmetric cryptography. Even though back then I was the System Architect of such system, the technology was totally new to me – Hashing, Asymmetric Encryption, Digital Signing etc. For some reasons however, I was intrigued by all these fancy technologies.

Fast forward to year 2000, Hong Kong rolled out the Smart IDs for Hong Kong citizens and each of these Smart IDs had a chip embedded that in theory you could store the Private Key inside it and did your own digital signing. And of course, with the receiving party’s Public Key, we could do secure encryption as well.

Eight years later, in October 2008, Satoshi Nakamoto published a paper on The Cryptography Mailing list at metzdowd.com, described the digital currency – BitCoin. And the infrastructure that BitCoin worked above was what we call now – Blockchain (this term is not used at all in the original white-paper).

By now, you all know Blockchain is again based on hashing, cryptography and time-stamping. Did I know what I learnt back in 1994 would become the foundation of the digital currency or even future computing infrastructure ?

No of course, because as Steve Jobs said … we can only connect the dots looking backwards.

I don’t know ten, twenty years later, what dots we all can connect and find something new. However, you may be able to get some insights on the following excellent documentary on Blockchain

Another year, another book list

book-xmas-tree

Unlike previous years, I didn’t complete all the books below cover-to-cover. Instead, for most books I just picked a few chapters to read, and learn as much as possible. There are some good ones though (i.e. I finished the whole book) … and you can tell how the state of my mind changed, along the year, with the reading sequence.

  1. The Art of the Start 2.0: The Time-Tested, Battle-Hardened Guide for Anyone Starting Anything
  2. Beyond Measure: The Big Impact of Small Changes (TED Books)
  3. The Year Without Pants: WordPress.com and the Future of Work
  4. The Lean Product Playbook: How to Innovate with Minimum Viable Products and Rapid Customer Feedback
  5. The Power of Habit: Why We Do What We Do in Life and Business
  6. Getting There: A Book of Mentors
  7. With Her Eyes (Short Stories by Liu Cixin Book 11)
  8. The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
  9. TED Talks: The Official TED Guide to Public Speaking
  10. Magicians of the Gods: Sequel to the International Bestseller Fingerprints of the Gods
  11. The Seventh Sense: Power, Fortune, and Survival in the Age of Networks
  12. Never Split the Difference: Negotiating As If Your Life Depended On It
  13. Competing Against Luck: The Story of Innovation and Customer Choice

And there are a few I have yet to start … hope I can finish those in early 2017.

  1. Viral Loop: From Facebook to Twitter, How Today’s Smartest Businesses Grow Themselves
  2. The Road Less Traveled, Timeless Edition: A New Psychology of Love, Traditional Values and Spiritual Growth
  3. The Art of Startup Fundraising: Pitching Investors, Negotiating the Deal, and Everything Else Entrepreneurs Need to Know
  4. Hard Landing: The Epic Contest for Power and Profits That Plunged the Airlines into Chaos
  5. From Big Data to Big Profits: Success with Data and Analytics
  6. Actionable Gamification – Beyond Points, Badges, and Leaderboards
  7. Joy on Demand: The Art of Discovering the Happiness Within

Pick a few from above to read, and tell me which one(s) you like most.

Have a great Year of Reading ahead !!

New Roles of CTO, CIO, and CEO

Busy Businessman

We all know what CTO, CIO and CEO stand for, but lately I just think all these titles now stand for something else. Something pretty different.

First, as we all know the full name of CTO is Chief Technology Officer. According to Wikipedia, CTO is an executive-level position in a company or other entity whose occupant is focused on scientific and technological issues within an organisation. Of course I guess “technology issues” include what technology to use, to deliver and to maintain. In the security conference SecureHongKong couple of years ago, renowned security expert Dr. Meng-Chow Kang told the audiences that CTO stands for Chief Trust Officer. I agreed with it wholeheartedly. Technology is crucial to most, if not all, corporations nowadays; but what really matter is the trust that we all shall build among the technology and the stakeholders.

Then what about CIO, Chief Information Officer ? That one is rather easy, as many companies already renamed it to Chief Innovation Officer or Chief Integration Officer. Last year, Deloitte pointed out it’s time CIO to evolve to Chief Integration Officer, and CIO is not only the connective tissue but the driving force for intersecting, IT-heavy initiatives. And of course, to many new startups, innovation is really the single most important reason why the company exists at all. The new Chief Innovation Officer (or CINO) shall manage all the processes of innovation in the organization.

Lastly, the Chief Executive Officer – he or she that shall own the company vision, provide proper resources, build the culture, make good decisions and deliver the company’s performance now may has many new roles. In addition, the modern day CEOs shall understand what experiences the company’s products and services are being delivered to the customers as well as stakeholders. Indeed, many companies already established the role of Chief Experience Office (or CXO).

So, are you possessing one of these job titles ? Are you ready to take on the new role(s) ?

F-Stop Guru Camera Backpack

Two things I don’t like much about the Manfrotto / Kata Revolver backpack are first, it’s not designed to hold two camera bodies even with its rather huge body. Second issue is the backpack cannot stand by itself – after all it’s designed like a revolver (such that you can access lens easily).

So, the Revolver is out … and F-Stop Guru is in.

To me, a great camera backpack should has the following features (YMMV though) :

  • It has to be lightweight.
  • It shall look like a typical hiking / day-trip backpack, but not a backpack with camera gear inside.
  • It shall hold two M4/3 camera bodies, a few Olympus Pro zoom lens, one or two fixed lens, and a flash.
  • It shall allow the photographer to access the gears easily, by slinging the bag or access from the side.
  • It shall be able to slot in a 13 inches laptop.
  • It shall include lots of small internal pockets to hold accessories.
  • The shoulder strap shall not be that thick to fit the Capture Pro Camera Clip.
  • It shall has side pocket(s) to hold bottle of water.
  • It shall include rain cover.
  • And of course, It can stand by itself.

Bonus – it can fit in an internal hydration pack.

Well yes, the F-Stop Guru fits the bill.