Security

The Cloud and beyond

Sharing awareness of a couple of Internet Evolution items:

i) blog post about cyberspace protection and Einstein 3.0

ii) an IBM video about what cloud computing is and why it is vital. 

Intrinsically and pervasively quality may evolve inherent to the Cloud and Cyberspace and in some interconnected way may help to increasingly evolve balance, harmony and what social responsibility can mean for humanity.

Balanced approach will evolve, embedded in the culture

Inside the prior VIIP post, innately within the “e.g.” provided for “reports” you may find the following words (and a reference to SOX) interesting. In general you may enjoy browsing through the entire report.

Qatar is serious about ensuring a high quality of corporate governance

It is likely that a balanced approach will evolve, with greater emphasis on governance and internal controls embedded in the culture of multinational organizations

See “All is in check” page 237, article by Tim Wells, PricewaterhouseCoopers-Qatar

Framework revised 2008; is it helping, or can it?

Perhaps the 2008 revision of MOF can help improve the inherent quality of your organization, for example perhaps relative to service management functions associated with Business and IT alignment, IT Governance, Compliance and Risk Management.

As noted within MOF’s 5.1 GRC SMF document, certainly this is true…

“Governance, risk, and compliance are potentially far-reaching and interwoven activities that require participation by everyone in the organization”

If you have not already, perhaps do some related reading and thinking. Feel free to also share whether the revision has been a help to your organization, or whether you believe it can be in the future. Thank you for doing so.

Have a great weekend.

Global embedding of good practice

By now you’ve likely at least heard of ITILv3 and CobiT4.1. You may in fact be making related plans in your organization. What about PSP BOK Version 1.0 (August 2005, since revised and released March 26, 2008)? As more and more read 5.1 and other parts, will commonsense principles become more embedded globally? Will reading and applying the document help overcome problems innately within a young profession that potentially has the most pervasive influence within the modern world? It just may be that real quality does exist and that it must increasingly become inherent within each of us, within all interactions, within that which we use, create and imagine. Intrinsically the critical component of continued forward progress just may be each of us increasingly partaking in good personal practices and positive collaborations.

Read this fun look at a serious topic (network availability)

Looking for an enjoyable, funny, colorful post to read? Try this one! Although the topic is based on something fairly serious (Internet down!!!), it is an enjoyable read simply because of the fun way in which it is written (nice job Nicole!). Also enjoyed was a particular comment which referred to this fun site, It’s A Wonderful Internet (nice research find Asad!). Perhaps some readers of VIIP remember this post which is about a movie with a similar title. Perhaps some remember this post which contains serious numbers in terms of what a single hour of outage means to particular industries (millions per hour!!!).

Has your organization had a network outage recently?

If so feel free to share how long you were down, whether you and others accomplished objectives for the day regardless, and whether you or someone somehow tried to make a positive difference in the day for others regardless. Ideally some good came to the day. Ideally appropriate thanks was plentiful for the inherent quality brought to the day, or the risk management practiced, which allowed objectives to be accomplished regardless of the network unavailability.

The relationship between CobiT and Val IT

A quick post to share awareness…

There is some potential interesting reading in Volume 3 2008 of CobiT Focus. Articles in the July issue include one on the relationship between CobiT and Val IT; and another on IT Risk Management. There are more however. You can view the newsletter here.

Compliance, Governance, Security (and ideally value that’s increasingly inherent)

Sounds like an interesting blog: Regulatory Compliance, Governance and Security. Welcome aboard Charles.

ISO-27002, SQL Server and the Windows Server 2008 Firewall

Step 0 of this recent post, SQL Server and the Windows Server 2008 Firewall, says ISO-27002 is worth reviewing. If you have, perhaps you agree.

Does the inherent quality of your security strategy include application of what you’ve read in ISO documents?

A far reaching edit to the “Value delivery” IT governance focus area of CobiT 4.1

The word “pervasive” can be found within the level 5 (Optimised) wording of the maturity models for P06 (Communicate Management Aims and Direction) and ME4 (Provide IT Governance). Considering what may be a far reaching edit to the “Value delivery” IT governance focus area of CobiT 4.1, “and pervasive” may be implied however could be explicitly stated after the word “intrinsic”. If you have run into resistance suggesting CobiT to an organization feel free to share a related comment or post. Please do so in a positive way and feel free to add whether you believe CobiT 4.1 is applicable to all organizations who utilize IT.

Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimising costs and proving the intrinsic value of IT.

New white paper sponsored by VeriSign

Write a comment or post and share your expert feedback about this new white paper by VeriSign associated with proactive protection for online transactions. Thank you in advance for doing so.

The career, Software Developer (your comments appreciated)

There are many who began their career in IT as a software developer (aka computer programmer or software engineer). Within this group there are also many who no longer regularly author code. Many of these individuals were once very good at generating code that met requirements and had all reported bugs fixed prior to the code going into production on time and on budget. Today, after decades of significant change within IT, there are many positions within that do not require incumbents to author code or to even have much understanding for the skills and daily challenges of software developers. Today in many organizations and on many projects, it is not surprising to discover that there are more people scoping, managing, testing and supporting the work of software developers than there are software developers. Improvements in talent, process, languages, tools and so on potentially could be behind this (e.g., now you can do more in less time and with better results, so you don’t need as many developers). You may particularly say this is so, if the bulk of the people in the organization are focused on activities unrelated to the work of software developers. Many opportunities today however can be enabled by software and technology so you may think it would not be surprising to see a growth in the number of people employment globally in IT, and particularly as related to software development. While quality is increasingly driving results, deadlines are still a big part of reality. In today’s world it may be true that software developers experience fun with the pressure of deadlines (e.g.), however beyond simply imposing increasingly challenging deadlines one way to grow excellence in results may be related to increasingly discovering ways to grow excellent programmers and in making software development increasingly a fun and rewarding career.

Draw upon the above paragraph and 20 questions below as input to your thinking, and comment on the career of computer programming. Thank you for doing so. Your comments may help evolve the world towards increasingly better results for all from various perspectives while helping software developers feel appreciated for the inherent quality they are and help increasingly to produce.

1. Are computer programmers over worked (e.g., not involved in providing estimates and asked to deliver quality in periods of time that impose risk and stress)?
2. Can someone be an IT Pro if they never coded?
3. Do you need to be able to read code (perhaps with a bit of assistance from a full-time developer) in order to be an IT Pro?
4. What makes an excellent software developer?
5. Are excellent software developers (aka computer programmers or software engineers) able to trouble-shoot a program if they never saw the language or code base before?
6. What are a few inherent qualities of excellent software developers (e.g., strong logic and math skills, broad understanding of technology and business, diligence, endurance, self-motivated, highly energetic and ethical)?
7. Does an excellent computer programmer make it a standard part of their processes to test their own assumptions early and regularly?
8. Do they provide tests and documentation with the code they produce so there is a complete versioned package of intellectual property, and so regression testing can more easily and quickly be done in an automated way for entire eco-systems?
9. Are excellent software developers always advocates and catalysts for that which is socially responsible and eco-friendly? 
10. Do excellent software developers (aka computer programmers or software engineers) have a common quality foundation, and do they maintain a regular practice of knowledge sharing and keeping current so they can utilize or recommend that which may help to make quality and value increasingly more intrinsic and pervasive?
11. Are the best computer programmers working as part of the force for good, or are hackers on the dark side the best software developers?
12. Everyone has a stake in prevention (i.e. quality assurance), and each role has a purpose that ideally provides value, however if you had to pick the most important role would it be software developer?
13. Can security and many issues be solved proactively by globally growing excellence in software developers?
14. If there was a round-table of executives and visionaries meeting to determine the next steps to make things increasingly better, should the round table include a couple of the best computer programmers?
15. Who would you say are some of the best computer programmers of all time and why?
16. Would looking at the answers for question 15 help to identify innate characteristics that could become part of the quality foundation for the current and next generation of software developers?
17. Does belief help to program reality (e.g., if you believe you are an excellent programmer, will you strive smarter and harder in various ways to progressively ensure excellence in the code produced by you and the global IT profession)?
18. Are tools increasingly helping to produce better results while making the job of software developer easier?
19. Will peer programming in the future involve a human and robot?
20. What tools and languages do you think are the best for a software developer to utilize today and why?

The value inherent to web events

Would you like to simplify an SAP Upgrade or reign over risk and instill performance assurance for greater operational excellence? If so you may want to check out this list of IDS Sheer webcasts. If you find they help you make quality, value, excellence and simplicity increasingly inherent, feel free to write a related comment or post. For further awareness you will note at least one of the webcasts is also listed on SearchCIO.Com, where you can find various webcasts that you may wish to also write a post or comment on. Thank you for doing so. 

Increasingly the value inherent to web events is growing and helping others ensure greater value within their organizations and for their customers. This post takes no credit, simply shares awareness of a few web events that may be of value to you, intrinsically and pervasively.

The value of security inside engineering

The title of this post presents words found within an interesting April 8 piece about Google by Michael S. Mimoso, Information Security magazine Editor. Here is the link. And here is a link for RSA ‘08 special news coverage.

Is PCI compliance enough? Is non-compliance illegal?

Some interesting reading at Hack-igations. For a related post and comment also see FTC: Failing the Consumer. Is PCI compliance enough? Is non-compliance illegal?

As a society we need to focus on beating the criminals, and stop flogging victims like TJX as unfair privacy infringers. — Benjamin Wright

Security solutions for the present

This security solutions whitepaper was posted March 2008 and originally published in October 2006. If you are aware of intrinsic and pervasive solution improvements since the whitepaper was published, feel free to comment or write a related post. Thank you for doing so.