Month: April 2019

IT Is Supposed To Work, Right?

Lorin Olsen
IT Doesn't Have To Be A Horror Show

For many companies, the IT department is not the department of solutions. Rather, it is the department that misses deadlines, omits requirements, and frustrates the people who really make money within a company. Truth be told, most companies aren’t in the business of IT. Most companies make money either because they design products, they build products, they deliver products, or they support products. And these products are (hopefully) desired by their customers. IT exists in order to facilitate the real business of a company.

So why does IT fail so often? Or stated differently, why does IT believe it is being misrepresented in the board room?

These questions are important. In many companies, IT has adopted an air of superiority. IT leaders have sought to “rebuild” companies based upon what they believe is the “best” corporate strategy. Sometimes, the IT leaders are right. Most times, the IT leaders are deceiving themselves and possibly defrauding their stakeholders.

What Is The Purpose Of IT?

While IT can be a means of generating unique value within some companies, everyone must admit that successful IT teams take part in the routine operation of every business. IT is used for accounting and finance. IT is used for sales and marketing. IT is used for product design and product testing. IT is used for manufacturing and shipping. But in many ways, IT is now like real estate or office supplies. Every company has to have IT (and the tools and capabilities that IT delivers) if only to perform the uninspiring parts of routine operations.

This is very reminiscent of many other key technology waves throughout our history. In particular, I am reminded of the effects created by the introduction of the printing press and the introduction of double-entry bookkeeping. Both of these technologies were a means of enhancing (and accelerating) work that was already being done. In the case of movable type, the printing press replaced the people who were hand-writing scrolls and books. In the case of double-entry bookkeeping, accounts and ledgers augmented the role of simple storage vaults. Both of these technologies introduced remarkable transformations in society. And like these technologies, IT has been the source of remarkable changes.

Like the aforementioned technologies, the transformational capability of IT is highlighted in how IT has replaced burdensome, tedious, and dis-spiriting office drudgery. IT has released office workers from the burdens of the mundane so that they can focus upon the creative and inspiring work that is before them.

When IT Works

IT works when its advantages are almost seamless. In a very real sense, you know that IT is working best when it is taken for granted the most. While IT wants to be part of the “main event”, the most successful projects are often the ones where success is achieved when IT is like the invisible hand of Adam Smith.

The Commoditization of IT Services

When I began my career, IT was the place where the best and brightest minds worked insane hours in order to deliver the ‘next big thing’. This was true for the PC. It was true for operating systems (e.g., CP/M, Windows, OS/2, etc). It was also true for “custom-built” corporate services. In the nineties, corporations spent millions of dollars building customized ‘clones’ of ERP and CRM systems.

Today, all of that has changed. Hardware is a commodity. And software is now the ‘table stakes’ for hardware vendors – and service providers. Because of the “free software” movement of the eighties, the core of almost all systems now contains free/open components. At the same time, customers now believe that they should get both hardware and software for free. Most are willing to trade their birthright (i.e., privacy and independence) for a subscription fee.

Commodity Markets Are Challenging

If you accept the premise that IT products are now commodities, then there are a few economic consequences. Commodity markets usually have a low cost of entry. That means that there are (and will be) many competitors in any given market.

  • This is true for computer hardware. You can get great hardware for a very low price. You can get hardware from Chinese companies, from Korean companies, or from a host of other “offshore” suppliers. Even the United States still has some “onshore” fabs (e.g., Intel). But the majority of fabs are overseas. And they produce economically compelling components. It is fascinating that while chip/system designers can be found anywhere in the world, most fabs are in Asia. Bottom line: Fabs are expensive. So they succeed only through economies-of-scale. Until new computing technologies emerge (e.g., quantum computers), it will be very difficult to defeat offshore fabs that are funded by national governments.
  • It is also true for IT manpower needs. Today, you can get software services from India, China, southeast Asia, eastern Europe, and even South America. With millions of programmers worldwide, the job of writing mundane software is no longer differentiating. Bottom line: The labor winners will be the people and organizations that can take their margin from software laborers. Alternatively, it is still possible to specialize within specific industries (e.g., healthcare, aerospace, etc).
Making IT Matter – Again

Cheap hardware, cheap labor, and free software are making IT less specialized – especially at the component level. It is no longer possible to simply be a good analyst, a good programmer, or a good operator. Successful IT teams must be able to build comprehensive solutions from all of the available parts. Like residential architects, the successful IT leaders will know what is available in the market. They will know how to integrate standardized components into a working solution. They will know how to operate that solution in order to maximize the economic impact (of the solution) upon the business. In short, they will work with the owner to meet their functional desires. They will select the standardized components needed to meet the economic objectives of the owner. And they will know where to get the best labor to do the assembly, testing, and implementation of the solution.

Can someone make money being a specialist? Yes. But most specialists must be undisputed experts. Or you can make money by achieving economies-of-scale and operating with razor-thin margins. If you can do either, then you can make remarkable sums of money. If you can’t, then systems integration and solutions architecture may be your next best avenue for success.

Maintaining Technology Currency (and Relevance)

Lorin Olsen
Grasp the Future
Grasp the Future

A few months ago, I wrote an article about mobile privacy. In that article, I wrote about how every “off-the-shelf” mobile platform MUST be modified in order to ensure some modicum of privacy. I expanded upon this thought when I recently presented to the Fox Valley Computer Professionals. [A version of that presentation can be found over at SlideShare.] One of the most important themes from the presentation actually arose during the obligatory Q&A session. [By the way, the Q&A time is always the most important part of any presentation.] From this Q&A time, I realized that the single most important takeaway was the necessity of maintaining technology currency.

From a security perspective, it is essential to remain current on all elements of your infrastructure. One of the most exploited vectors in any organization is the rampant inattention to software maintenance. It only takes one zero-day exploit to compromise a meticulously maintained system. And for those organizations that do not remain current on their software, they are opening up their systems (and their customers) to external exploitation. A decade ago, PC World highlighted the risks of operating with un-patched systems. While the numbers may have changed since that article, the fundamental lesson is still the same: technology currency is one of the most under-recognized means of hardening your systems.

The Human Factor

But technology currency is not just a matter of ensuring the continuing usability of our technology investments. It is also an important matter for ensuring the sustaining value of the people within our teams. I have been involved in IT for several decades. In that time, I’ve seen many waves of change. In that time, I’ve seen mainframes became Unix Systems. Windows desktops became Windows servers. All applications servers (regardless of their OS) became web servers. And now these same “n-tier” servers have become virtual systems that are now running on “cloud” platforms.

But with each wave of technology that emerged, crested, and then subsided, you will probably find a whole group of technology specialists who are now displaced. Fortunately, most technologists are flexible. So if they didn’t stay working on legacy systems, then they have willingly (or unwillingly) embraced the next technology wave.

Redrawing the Boundaries of Trust

Like many technologists, I have been forced into career acrobatics with each new wave of technology. And I have complicated these transitions by switching between a variety of IT disciplines (e.g., application development, information security, capacity and performance management, configuration and change management, and IT operations). So it was not a surprise when I realized that information privacy changes were driving similar changes – for the industry and for myself.

For almost two decades, I’ve been telling people that they needed to shift to hosted (cloud) platforms. Of course, this shift meant entering into trust relationships with external service providers. But for the last four or five years, my recommendations have begun to change. I still advocate using managed service platforms. But when privacy and competitive advantages are at stake, it may be necessary to redraw the trust boundaries.

A decade ago, everyone trusted Google and Facebook to be good partners. Today, we view both of them (and many others) as self-interested members of an overly complex supply chain. So today, I am recommending that every company (and even most individuals) revisit the trust boundaries that they have with every part of their supply chain.

Moving Personal Fences

We have decided to redraw trust boundaries in dramatic ways. First, we have decided to forego the advantages of partnering with both Facebook and Google. This was simple when it came to Facebook. Yes, not being on Facebook is hard. But it is eminently achievable. To that end, I am celebrating my one year divorce from Mark & Co. But redrawing the boundaries with Google have been much harder.

Getting rid of Google has meant moving to new email services. [Note: This also meant abandoning builtin contact address books and calendaring. It has also meant discontinuing the use of Google Apps. And from a personal level, it has meant some dramatic changes for my mobile computing platform.

Bottom Line: Moving off of the Google cloud has required the construction of an an entirely new cloud platform to replace the capabilities of Google Drive/Cloud.

Nextcloud Replaces Google Cloud

We needed a platform to provide the following functions:

  1. Accessible and extensible cloud storage for both local and remote/mobile users.
  2. An integrated Contact database.
  3. An integrated Calendar database.
  4. An integrated Task database.
  5. A means of supporting WebDAV and CalDAV to access the aforementioned items.

Of course, there is also a whole group of “nice-to-have” features, including:

  • Phone/location tracking,
  • Mobile document scanning (and OCR),
  • Two-factor authentication

After considerable review, we decided to use Nextcloud. It provided all of the mandatory features that we required as well as all of the “nice-to-have” features. We further decided to minimize our security exposure by running this service from within a VPS running onsite (though offsite would have worked as well).

Outcomes

It took several days to secure the hardware, setup the virtual infrastructure, install Nextcloud, and configure it for local and mobile access. Currently, we’re using a Nextcloud virtual “appliance” as the base for our office cloud. From this foundation, we extended the basic appliance to meet capacity and security needs. We also installed ONLY OFFICE as an alternative to both local and cloud-based Microsoft Office products.

At this very moment, we are now decoupling our phones and our systems from the Google cloud infrastructure. And as noted before, we’ve already changed our DNS infrastructure from ISP/Google to our own systems. So we are well on our way to minimize the threat surface associated with Google services.

Of course, there is more work to do. We need to further ruggedize our services to ensure higher availability. But our dependence upon Google has been drastically reduced. And the data that Google collects from us is also reduced. Now we just have to get rid of all of the data that Google has collected from us over the past fifteen (15) years.