Coffee Talk: Java, News, Stories and Opinions

Page 4 of 20« First...23456...1020...Last »

September 19, 2017  3:42 AM

Expert advice for JavaOne 2017 first-timers

cameronmcnz Cameron McKenzie Profile: cameronmcnz

If JavaOne 2017 is your first time attending the conference, it will serve you well to follow some advice and insights from a veteran attendee of the JavaOne and OpenWorld conferences.

The first piece of advice, for which it is currently far too late to act upon, is to make sure you’ve got your hotel booked. Barry Burd wrote a JavaOne article for TheServerSide a couple of years ago that included some insights on how to find a last minute hotel in San Francisco that isn’t obscenely far from the venue, although given the limited availability when I did a quick search on Expedia earlier this week, I’d say you’d be lucky to find a hotel in Oakland or San Jose for a reasonable price, let alone San Francisco.

Schedule those JavaOne 2017 sessions

For those who have their accommodation booked, the next sage piece of conference advice is for attendees to log on to the JavaOne 2017 session scheduler and reserve a seat in the sessions you wish to attend. Adam Bien’s session on microservices, Java EE 8 and the cloud is already overbooked. The Java platform’s chief architect Mark Reinhold’s talks on Jigsaw and Java modules already has a wait list, and the ask the Java architects session with Oracle’s Brian Goetz and John Rose is at capacity. The longer you wait to formulate your schedule, the fewer the sessions you’ll have to choose from.

When choosing session, I find the speaker to be a more important criteria for discernment than the topic. Most speakers have a video or two up on YouTube of them doing a presentation. Check those videos out to see if the speaker is compelling. An hour can be quite a long time to sit through a boring slide show. But an exciting speaker can make an hour go by in an instant, and if you’re engaged, you’re more likely to learn something.

Skip the Oracle keynotes

One somewhat contrarian piece of advice I’m quick to espouse is for attendees to skip the Oracle keynotes, especially the morning ones. That’s not to say the keynotes are bad. But getting to the keynotes early enough to get a seat is a hassle, and you can’t always hear everything that’s being said in the auditorium. A better alternative is to stream the keynote from your hotel room, or better yet, watch the the video Oracle uploads to their YouTube channel while you’re eating lunch.

But here’s why keynotes can take away from your JavaOne 2017 conference experience. For example, if you attend Thomas Kurian’s Tuesday morning keynote on emerging technologies and intelligent cloud applications, you’d miss Josh Long and Mark Heckler’s session on reactive programming with Spring 5. Actually, there’s a bunch of other sessions going on at that time, ranging from Martijn Verburg’s talk on surviving Java 9 to Stuart Marks’ talk on Java collections. If anything interesting gets said about new trends or technologies in a keynote, it’ll be covered extensively by the tech media. The same can’t be said for the nuggets of understanding that can be panned from attending a good JavaOne session.

Enjoy the party

The other big piece of advice? Enjoy San Francisco, especially if it’s your first time in the city. It’s the smallest alpha city in the world, but it is an alpha city. There are plenty of parties, meet-ups and get-togethers you’ll find yourself invited to, and it’s worth taking up any offers you manage to get. Having said that, keep an eye on how much gas you have left in the tank at the end of the day, because you want to be able to make it to all of the morning sessions you’ve scheduled for yourself.

If it’s your first time attending, I assure you that you’ll have a great time at JavaOne 2017, and with the new layout bringing JavaOne 2017 closer to the Oracle OpenWorld conference, this event should be better than any of the others in the memorable past. San Francisco is a great city, and the greatest minds in the world of modern software development will be joining you in attendance.

September 1, 2017  9:24 PM

Implementing cloud-native security means going back to your secure coding basics

cameronmcnz Cameron McKenzie Profile: cameronmcnz

There’s really nothing new under the sun when it comes to addressing security vulnerabilities in code. While there has been a great shift in terms of how server side application are architected, including the move to the cloud and the increased use of containers and microservices, the sad reality is that the biggest security vulnerabilities found in code are typical caused by the most common, well-known and mundane of issues, namely:

  1. SQL injection and other interpolation attack opportunities
  2. The use of outdated software libraries
  3. Direct exposure of back-end resources to clients
  4. Overly permissive security
  5. Plain text passwords waiting to be hacked

SQL injection and other interpolation attacks

SQL injections are the easiest way for a hacker to do the most damage.

Performing an SQL injection is simple. The hacker simply writes something just a tad more complicated than DROP DATABASE or DELETE * FROM TABLE into an online form. If the input isn’t validated thoroughly, and the application allows the unvalidated input to become embedded in an otherwise harmless SQL statement, the results can be disastrous. With an SQL injection vulnerability, the possible outcomes are that the user will be able to read private or personal data, update existing data with erroneous information, or outright delete data, tables and even databases.

Proper input validation and checking for certain escape characters or phrases can completely eliminate this risk. Sadly, too often busy project managers push for unvalidated code into production, and the opportunity for SQL injection attacks to succeed exist.

The use of outdated software libraries

Enterprises aren’t buying their developers laptops running Windows XP. And when updates to the modern operating system that are using do become available, normal software governance policies demand applying a given patch or fix pack as soon as one comes along. But how often to software developers check the status of the software libraries their production systems are currently using?

When a software project kicks off, a decision is made about which open source libraries and projects will be used, and which versions of those projects will be deployed with the application. But once decided, it’s rare for a project to revisit those decisions. But there are reasons why new versions of logging APIs or UI frameworks are released, and it’s not just about feature enhancements. Sometimes an old software library will contain a well known bug that has gets addressed in subsequent updates.

Every organization should employ a software governance policy that includes revisiting the various frameworks and libraries that production applications link to, otherwise they face the prospect that a hidden threat resides in their runtime systems, and they only way they’ll find out about it is if a hacker finds the vulnerability first.

Direct exposure of back-end resources to clients

When it comes to performance, layers are bad. The more hoops a request-response cycle has to go through in order to access the underlying resource it needs, the slower the program will be. But the desire to reduce clock-cycles should never bump up against the need to keeps back-end resources secure.

The exposed resources problem seems to be most common when doing penetration testing against RESTful APIs. With so many RESTful APIs trying to provide clients an efficient service that accesses back-end data, the API itself is often little more than a wrapper for direct calls into a database, message queue, user registry or software container. When implementing a RESTful API that provides access to back-end resource, make sure the REST calls are only accessing and retrieving the specific data they require, and are not providing a handle to the back-end resource itself.

Overly permissive security

Nobody ever sets out intending to lower their shields in such a way that they’re vulnerable to an attack. But there’s always some point in the management of the application’s lifecycle in which a new feature, or connectivity to a new service, doesn’t work in production like it does in pre-prod or testing environments. Thinking the problem might be access related, security permissions are incrementally reduced until the code in production works. After a victory dance, the well intended DevOps personnel who temporarily lowered the shields in order to get things working are sidetracked and never get around to figuring out how to keep things running at the originally mandated security levels. Next thing you know, ne’er-do-wells are hacking in, private data is being exposed, and the system is being breached.

Plain text passwords waiting to be hacked

Developers are still coding plain text passwords into their applications. Sometimes plain text passwords appear in the source code. Sometimes they’re stored in a property file or XML document. But regardless of their format, usernames and passwords for resources should never appear anywhere in plain text.

Some might argue that the plain-text password problem is overblown as a security threat. After all, if it’s stored on the server, and only trusted resources have server access, there’s no way it’s going to fall into the wrong hands. That argument may be valid in a perfect world, but the world isn’t perfect. A real problem arises when another common attack, such as source code exposure or a directory traversal occurs, and the hands holding the plain text passwords are no longer trusted. In such an instance, the hacker has been given an all-access-pass to the back-end resource in question.

At the very least, passwords can should be encrypted when stored on the filesystem and decrypted when accessed by the application. Of course, most middleware software platforms provide tools such as IBM WebSphere’s credential vault for securely storing passwords, which not only simplifies the art of password management, but it also relieves the developer from any responsibility if indeed any source code was exposed, or a directory traversal were to happen.

The truth of the matter is, a large number of vulnerabilities exist in production code not because hackers are coming up with new ways to penetrate systems, but because developers and DevOps personnel simply aren’t diligent enough about addressing well-known security vulnerabilities. If best practices were observed, and software security governance rules were properly implemented and maintained, a large number of software security violations would never happen.

You can follow Cameron McKenzie on Twitter: @cameronmcnz

August 14, 2017  8:17 PM

Implementing a custom user registry to consolidate LDAP servers and active directories?

cameronmcnz Cameron McKenzie Profile: cameronmcnz

Should you implement a custom user registry to help mitigate access to your various LDAP servers in order to simplify security tasks such as authentication and group association? The answer to that question is a resounding ‘no.’

The simple beauty of the custom user registry

On the surface, implementing a custom user registry is simple. While it differs slightly from one application server to the next, to implement a custom user registry, you typically only have to write a Java class or two that provides an implementation for half a dozen or so methods that do things like validate a password, or indicate whether a user is a part of a given group. It’s easy peasy.

For example, to create a custom user registry for WebSphere, here is the IBM WebSphere UserRegistry interface that needs to be implemented, along with the 18 methods you need to code:

1. initialize(java.util.Properties)
2. checkPassword(String,String)
3. mapCertificate(X509Certificate[])
4. getRealm
5. getUsers(String,int)
6. getUserDisplayName(String)
7. getUniqueUserId(String)
8. getUserSecurityName(String)
9. isValidUser(String)
10. getGroups(String,int)
11. getGroupDisplayName(String)
12. getUniqueGroupId(String)
13. getUniqueGroupIds(String)
14. getGroupSecurityName(String)
15. isValidGroup(String)
16. getGroupsForUser(String)
17. getUsersForGroup(String,int)
18. createCredential(String)

Now remember, the goal here is not to invent a system for storing users. When implementing a custom user registry, there is typically an underlying data store in which the application is connecting. So perhaps the purpose of the custom user registry is to combine access to a combined LDAP server and a database system that has user information. Or perhaps there are three different LDAP servers that need to have consolidated access. Each of those systems will already have mechanisms to update a password or check if a user is part of a given group. Code for a custom user registry simply taps into the APIs of those underlying systems. There’s no re-inventing the wheel with a custom user registry. Instead, you just leverage the wheels that the underlying user repository already provides.

So it all sounds simple enough, doesn’t it? Well, it’s not. And there are several reasons why.

Ongoing connectivity concerns

First of all, just connecting to various disparate systems can be a pain. There’s the up front headache of getting credentials, bypassing or at least authenticating through existing firewalls and security systems that are already in place. Just getting initial connectivity to disparate user registry systems can be a pain, let alone maintaining connectivity as SSL certificates expire, or changes are made in the network topology. Maintaining connectivity is both an up-front and a long term pain.

LDAP server optimization

And then there’s the job of optimization. Authenticating against a single user repository is time consuming enough, especially at peak login times. Now imagine there were three or four underlying systems against which user checks were daisy chained through if..then…else statements. It’d be a long enough lag to trigger a user revolt. So even after achieving the consolidation of different LDAP servers and databases, there is time that needs to be invested in figuring out how to optimize access. Sometimes having a look-aside NoSQL database where users ids are mapped to the system in which they are registered can speed things up, although a failed login would likely still require querying each subsystem. Performance optimization becomes an important part of building the user registry, as every user notices when logging into the system takes an extra second or two.

Data quality issues

And if there are separate subsystems, ensuring data quality becomes a top priority as well. For example, if the same username, such as cmckenzie, exists in two sub-systems, which one is the record of truth? Data integrity problems can cause bizarre and difficult behavior to troubleshoot. For example, cmckenzie might be able to log in during low usage times, but not during peak usage times, because during peak usage times, overflow requests get routed to a different sub-system. And even though the problems may stem from data quality issues in the LDAP server subsystems, it’s the developers maintaining the custom user registry code who will be expected to troubleshoot the problem and identify it.

LDAP failure and user registry redundancy

Failover and redundancy is another important piece of the puzzle. It’s good to keep in mind that if the custom user registry fails, nobody can log into anything from anywhere. That’s a massive amount of responsibility for anyone developing software to shoulder. Testing how the code behaves when a given user registry is down, or figuring out how to make the custom user registry resilient when weird corner-cases happen is pivotally important when access to everything is on the line.

Ownership of the custom user registry

From a management standpoint, a custom user registry is a stressful piece of technology to own. Any time the login process is slow, or problems occur after a user logs into the system, the first place fingers will point is to the custom user registry piece. When login, authentication, authorization or registration problems occur, the owner of the custom user registry piece typically first has to prove that it is not their piece that is the problem. And of course, there certainly are times when the custom user registry component is to blame. Perhaps a certificate has been updated on a server and nothing has been synchronized with the registry, or perhaps someone has updated a column in the home grown user registry database, or maybe an update was made to the active directory? The custom user registry piece depends on the stability of the underlying infrastructure to which it connects, and that is a difficult contract to guarantee at the best of times.

So yes, on the surface, an custom user registry seems like a fairly easy piece of software to implement, but it is fraught with danger and hardship at every turn, so it is never recommended. A better option is to invest time into consolidating all user registries into a single, high performance LDAP server or active directory, and allow the authentication piece of your Oracle or WebSphere applications server to connect into that. For small to medium size enterprises, that is always the preferred option. That way you can concentrate on using the software and hardware that hosts the user records to be optimized and tuned for redundancy and failover, rather than trying to handle such problems in code that has been written in house. It also allows you to point your finger at the LDAP server or active directory vendor, rather than pointing fingers at the in-house development team when things go wrong.

Inevitably, there will be times when a custom user registry is required, and it has to be written, despite all of the given reservations. If that’s the case, I wish you the best of luck, and I hope your problems are few. But if it can be avoided, the right choice is to avoid, at all costs, the need to implement a custom user registry of your own.

August 14, 2017  3:43 PM

Gender and ethnic parity is not equivalent to workplace diversity

cameronmcnz Cameron McKenzie Profile: cameronmcnz

Former Google employee James Damore’s recently leaked memo about his old employer’s employment activities has brought the discussion about IT hiring practices to the fore. After reading a vast number of articles written on the topic, it would appear that many believe the terms workplace diversity and gender representation are interchangeable. They of course are not, and doing so is not only intellectually dishonest, but it’s incendiarily disingenuous to the point that doing so actual hinders the progression of the important goal of balanced gender and ethnic representation in the workforce.

How do you define diversity?

I ran for president of my University Student Council twenty-five years ago. One of the other candidates was an enlightened progressive whose main platform plank was to promote and improve diversity in all areas of the university. It was a message that was well received in the social sciences, law and humanities buildings, but it ran into a brick wall when it was trucked into engineering.

In compliance with all preconceived stereotypes, gender parity in the engineering department was a little lacking back then, but a few of those future train conductors were getting a bit tired of constantly being beaten with the ‘lack of diversity’ stick. A student stepped up to the microphone during question period and asked the candidate if she felt the engineering department lacked diversity. After the candidate stumbled in her effort to provide a diplomatic answer, the student followed up with something more rhetorical.

“The leader of the school’s Gay and Lesbian committee is an engineer. Our representative to the student council is from India. Three of the five students who are on full scholarships are second generation Chinese, and even my friends with paler complexions, who you believe lack diversity, are here on Visas from countries like Australia, Russia, Israel and eastern Europe. So how can you possibly stand there and tell me we are not diverse?” The student was mad, and he had every right to be.

The engineering faculty was indeed diverse in a variety of beautiful even inspirational ways. Gender parity was certainly lacking, and I can think of a few minority groups that were under-represented, but for someone to stand in front of that group of students and tell them they weren’t diverse was an undeserved and unmitigated insult.

Confronting intellectual dishonesty

Even twenty-five years later, that exchange still resonates with me. Not just because it was so enjoyable to see a social justice warrior be so thoroughly destroyed intellectually, but because the student wasn’t wrong. He had every right to stand up and object to the insults and the derision that were constantly being thrown at the faculty to which he was proud to be a part.

With a history of participating in medium-term consulting engagements, I can say that I have worked on an admirable number of projects in a wide array of cities. I can’t remember any engagement in which the project room looked like a scene out of the 1950’s based TV series Mad Men, where every programmer was a white male, and every developer was a product of a privileged background. In fact, I was on a Toronto based project a number of years ago where my nickname on a team of over thirty individuals was ‘the white guy.’

I’m proud of all of those projects I’ve worked on over the years, and I’ve made friends with people who come from a more diverse set of backgrounds than I could possibly have ever imagined. And the friends I’ve made include a number of incredible female programmers, although I will admit that all of those project teams on which I worked lacked in terms of gender parity. But it would be an insult to me and to everyone I’ve worked with to tell me that the teams I’ve worked on weren’t made up of a diverse set of people, because they were. I have seen great diversity in the workforce. I have not seen great gender parity. There is a difference.

There is certainly an issue in the technology field in terms of an under-representation of both women and certain visible minorities. But gender and ethnic parity is not the same thing as workplace diversity. Arguing that they are is disingenuous, and perpetuating this type of insulting intellectual dishonesty will do more to hinder the goal of achieving balanced gender and ethnic representation in the workplace than it ever will to enhance it.

August 8, 2017  7:15 PM

Big-Data is helping in wildlife conservation

shwati12 Profile: shwati12


Big data is on the boom these days. It has been helping every field. Let us see few of the projects of Big Data in Wildlife Conservation that has used Big data and Machine Learning as their key components.
Big Data in Wildlife Conservation

2. Big Data in Wildlife Conservation

In this section, various projects are discussed below which shows the aid of Big Data in Wildlife Conservation.

2.1. The Great Elephant Census

 In Africa alone, more than 12,000 elephants have been killed each year since 2006 and if this goes on, that day is not far when there will not be any elephant left on this planet. The protection of ecosystem is vital not only to wildlife but the communities around them to complete the ecosystem cycle and Big Data is helping in the same. In 2014, a survey The Great Elephant Census was launched by Microsoft co-founder Paul Allen to achieve a greater understanding of elephants number in Africa. 90 researchers traversed over 285,000 miles of the African continent, over 21 countries to conduct this research.

One of the largest raw data sets was created in this survey. The survey has shown that African elephant numbers has become only 352,271 in 18 countries and has gone down by 30% in seven years. This highlighted the need for on-going monitoring to make ensure better response times to emergency situations. Big Data is having a huge impact on conservation efforts that is going to help protect the Elephant population of Africa.

2.2. eBird

This project was launched in 2002. It is an app that helps users’ in recording bird sightings as they find any and input this data into the app. The app was created with a target to help create usable Big Data sets that could be of value to professional and recreational bird watchers. These data sets are then being shared with professionals like teachers, land managers, ornithologists, biologists and conservation workers who have used this data to create BirdCast, a regional migration forecast giving real-time predictions of bird migration for the first time ever. This uses machine learning to predict migration and roosting patterns of different species of birds. This will provide benefits by providing more accurate intelligence for land planning and management and allowing necessary preparations for areas prone to roosting bird gatherings.
Read Complete Article>>

August 8, 2017  7:13 PM

C# vs. Java: 5 Irreplaceable C# features we’d kill to have in Java

OverOps Profile: OverOps
The perfect programming language doesn’t exist. I hope we can agree on that, if nothing else. New languages are often developed in response to the shortcomings of another, and each is inevitably stronger in some ways and weaker in others.
C# and Java both stemmed from C/C++ languages, and they have a lot in common beyond both being Object-oriented. In addition to some structural similarities between Java’s JVM and C#’s .NET CLR, each advanced on its own path with their respective development teams focused on different visions of what the language should be.
We don’t want to get lost in the argument of which language is better than the other, we just want to outline some of the features that developers in C# are using that we don’t have available to us in Java.

August 8, 2017  7:13 PM

The Top 5 Disadvantages of Not Implementing an Exception Inbox Zero Policy

OverOps Profile: OverOps
Inbox zero is a concept that has been around for a while, and one that tries to help you keep a clear email inbox and a focused mind. Now imagine, what if you could take this concept, and apply it to your exception handling process? If this question made you raise your eyebrow, keep on reading.
In the following post we’ll try and tackle the inbox zero concept from a new perspective, and see how it can be incorporated into the world of production monitoring. Let’s go clear some errors.

August 8, 2017  6:58 PM

Are you going to JavaOne 2017? Book your San Francisco hotel now.

cameronmcnz Cameron McKenzie Profile: cameronmcnz

It’s likely not advice a veteran of JavaOne conferences needs to hear, but if you’ve got your ticket for JavaOne 2017, and you’re attending this OracleWorld affiliated event for the first time, I’m telling you not to do any last minute searching for a San Francisco hotel.

San Francisco is a city completely ill equipped for handling an event of OracleWorld and JavaOne 2017’s magnitude. In fact, San Francisco is so small, it’s ill equipped to handle events of any magnitude. The two million square foot Moscone Center, named after the San Francisco Mayor whose assassination was portrayed in the Sean Penn movie Milk, is a fine conference venue, but there are simply not enough hotels to accommodate all of the guests and speakers who will be in attendance.

Cutting the stay short

Many attendees would love to spend the entire week in San Francisco, but the per-night hotel cost just becomes far too prohibitive. The conference is still almost two months away, yet discounted three and four star hotels available through the JavaOne 2017 website are already pricing at between $285 and $585 a night. And I’d be happy to bet that those $285 a night hotels won’t be available by time September rolls around. In fact, about a month before the conference, Oracle usually takes down the option to book a hotel through their website, as all of the available rooms have been booked.

As a long time consultant who worked largely in the US north-east, I rarely booked accommodations more than a month out, and typically would search for a hotel two weeks before a gig would start. The first time I attended JavaOne, I applied the same strategy and suffered greatly for it. I found very expensive accommodation at low-budget hotel on Lombard Street. The $350 a night motel didn’t have any air conditioning, and it was an unusually hot week in the city, making the stay particularly uncomfortable.


Never too close for comfort

Furthermore, the location was well beyond walking distance to the event, but given the complete lack of cabs in the city, I had to make the sweaty and uncomfortable hike myself. Uber has helped address the transportation problem in the city, but at an event like JavaOne, you want to be close to the shenanigans. It’s nice to be able to get to the opening events without having to get up ridiculously early, and it’s also nice to be able to rest in your hotel in the late afternoon before walking back and attending some of the evening events. Cabbing back and forth to a hotel tends to be both expensive and unnecessarily inconvenient.

So this is my final word of warning to people attending OracleWorld or JavaOne 2017. Make sure you’ve got your hotel booked. Do it right now if you haven’t done it already. Otherwise you’ll be spending way too much money on accommodations, and the only hotels available will be 30 miles away in Burlingame, or even worse, in Oakland. And trust me, you don’t want to be staying there.

July 20, 2017  5:49 PM

The top 100 Java libraries in 2017 – Based on 259,885 source files

OverOps Profile: OverOps
It feels like only yesterday we were scraping data from GitHub to discover what are the top Java libraries of 2016, and all of a sudden another year has passed. This year, we’re kicking this data crunch up a notch and introducing Google BigQuery into the mix to retrieve the most accurate results.
For this year’s data crunch, we’ve changed the methodology a bit, and thanks to Google BigQuery. First, we pulled the top 1,000 Java repositories from GitHub by stars. Now that we had the most popular Java projects on Github, we filtered out Android and focused only on 477 pure Java projects.
After filtering the projects, we counted the unique imports within each of them and summed it all together. A deeper walkthrough of the research process is available at the bottom of this post.
Without further adieu, it’s time to see who are the winners and bloomers of 2017 most popular Java libraries. Who will sit on the Java throne?

July 20, 2017  4:39 PM

How women in IT influence today’s workforce and tomorrow’s technology

Daisy.McCarty Profile: Daisy.McCarty

What would the tech world look like without leaders, visionaries, and entrepreneurs like Satya Nadella, John Ive, or Elon Musk? What about the contributions of the other seven men who complete the list of “The 10 Most Influential Leaders in Tech Right Now” according to Juniper Research? Would the world be a poorer place without these powerful, intelligent, and insightful men bringing their minds to bear on the problems facing the world today? I think so.

Now imagine a world in which at least half of the names on that list were female. That’s a day that many women in the technology sector look forward to with anticipation. In my interviews with women across the tech spectrum, I certainly heard stories of obstacles and discouragement. But the overwhelming outlook is positive. It’s only a matter of time until the full impact of women in tech begins to be felt at all levels, adding depth and richness to a sector that is geared for an incredibly exciting decade.

I asked my interviewees to tell me about women they admire in their industry, what they believe women have to offer the tech world, and what the future will look like as our influence grows. Here’s what I found out. First, women aren’t tearing one another down. They are definitely cheering each other on.

Who do women look up to in tech?

It’s great to have role models at top levels of leadership in the technology field. Meg Whitman was a name that came up more than once in conversation. Julie Hamrick, Founder and COO of Ignite Sales, pointed to Meg’s early success at the helm of the world’s leading auction site. “For me, it’s the fact that she grew eBay to become a household name.” But it’s not just the wins that people find compelling about Whitman. It’s her attitude about adversity and challenges. CeCe Morken, EVP and General Manager of ProConnect at Intuit, also spoke about her admiration for the current CEO of Hewlett Packard Enterprise. “She so embraces learning from failure. One of the things she told us is that she now celebrates failure as much as she celebrates success in her all-hands meetings. These are just fast failures, experiments they learn from.”

But most of the women I spoke with didn’t choose a big name as a “shero” they look up to the most. They told me story after story of women they know personally who have inspired them. Charlene Schwindt, a software business unit manager at Hilti, put it simply. “I most admire some of the women I see and work with every day. When they complete a successful project, have big wins, get major status or an executive position on a board, that’s a huge achievement.”

Julie mentioned Valerie Freeman, CEO at Imprimis, as a role model. “She is one of those people who is doing well in business and doing good in the community.” Mary McNeely, Oracle Database expert and owner of McNeely Technology Solutions, spoke highly of peer advisory facilitator and talent development consultant Tanis Cornell as someone who showed that hard work and self-belief really can pay off. “She didn’t start out in tech, but she moved to technology sales, pulled herself up by the bootstraps, and overcame barriers to succeed.”

Jen Voecks is the founder and CEO of the tech startup Praulia, an online service that matches brides with wedding vendors. For her, the most inspiring thing to see is other women creating something new in the industry. She pointed to Molly Cain, former Executive Director of Tech Wildcatters, as an inspiration. “She built a lot of things herself.” Today, Cain is the acting Deputy Director of Digital Innovation and Solutions/Venture Relations at the DHS. Quite a remarkable achievement and certainly one that will make her a role model for many more women throughout her career.

How do women change the game within tech organizations?

There’s simply no substitute for having more perspectives for both innovation and problem solving. Charlene has seen the benefit of a diverse team in determining how to develop the projects under her direction. “What women bring to the table can be different. Often, consideration of how people work with technology is not really coming into play as it should during the development process. Even if you have people talking to the customer about what they want, everything is based on interpretation. With a cross gender team, you get a different result by having multiple views on the same thing.”

This is something Julie found true as well. “I’ve noticed when we have women on our teams we have better follow through and more creativity. They are good at filling in the gaps. Amidst all the ones and zeros, women see more of the gray, more depth.” That’s not just good for short term improvement. It’s also essential for long term viability. Tanis Cornell pointed out that economic and financial experts are catching on to the fact that women are good for business. “It’s been shown in study after study now that companies with a better gender balance on the management team perform better financially. Meryl Lynch and other firms are starting to pay attention. They are investing in and recommending companies with more balanced leadership at the top. It’s simply a good business decision.”

How will women influence the future of technology?

Women are bringing their power to bear in leadership, innovation, entrepreneurship, and more. The days when tech was developed through a primarily male lens are fading fast. That shift is bound to have an impact on what happens in the next five to ten years. Many women I spoke with mentioned the subtle but potent effect the female touch may have on the direction of tech. According to Julie, “I think things will become more friendly and useful. They will have more care to them, even in technology. Tech is more utilized by everyone these days. Going forward, there will be even more self-service, but the experience will have a more satisfying, human feel.” Mary echoed this sentiment, in terms of what it will take to succeed in the tech field and the world in general. “As the world becomes more roboticized, there’s also going to be a counter trend. Good intuition and people skills will become even more critical.”

CeCe Morken offered this advice for the current and coming generations of female innovators. “Look ahead and be aware of what’s coming. It’s changing faster than ever before and you need to find a way to grasp it.” Morken put her money where her mouth is recently by purchasing the latest virtual reality tech for employees to experience at work. Intuit is not looking to launch any products using that technology right now, but CeCe wants her people to be familiar with what’s available so they aren’t playing catch up later as innovation continues to accelerate.

Jen highlighted the importance of tech for changing the future of women as well. “Tech gives you a new platform. It allows you to reach a broader audience. As an inventor or business owner, you have the opportunity to grow faster and meet partners.” In essence, tech is democratizing the entrepreneurial space even more than before, ensuring that women can advance on their own terms even if the corporate world continues to change more slowly.

Women in tech must keep reaching for their dreams

Data scientist Dr. Meltem Ballan has faced her share of challenges in building a career in tech. But she offered encouragement to other women in their quest to rise to the top. “It’s not insurmountable. There is no ceiling. Just keep on going out there and doing it. Learn to network well, and have the courage to take that next step.” Mary McNeely agreed that the future is there for the taking. “What we get next is whatever we want. We are educated and empowered. Our star is rising.”

Page 4 of 20« First...23456...1020...Last »

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: