inTHiNK become a Microsoft BizSpark Partner

inTHiNK is delighted to become the latest Microsoft BizSpark Partner to help support the development of a new social cloud service codenamed “horizon”.

We’re delighted at this news as it will allow us access to the full range of Microsoft technologies and cloud services to ensure that “horizon” is a first class resilient cloud service from day 1!

Advertisement

Agility and IT Excellence

Many small and medium size organisations whether they be directly in the software development business or engaged in other corporate activities are experiencing similar problems when it comes to their IT Strategy.

For the software vendor it is a question of how do I excite the market with new innovations while ensuring what I have delivered to my current customers is and continues to meet their needs. For the enterprise IT organisation it is a need to deliver new innovative solutions to the business while ensuring a high level quality of service for those solutions already deployed. In this way the problems are similar and are superbly illustrated by the work of Jack Calhoun in his quadrant view of the organisation.

One goal is customer experience excellence, while the other is operational excellence but it is not possible to achieve these in tandem and therefore one needs to pick a route.

However, while one is able to aspire to these heights and indeed in some cases achieve them it is all too often that this happens as a “point in time” achievement. The real question is once you get here (or better, as you plan the journey), how do you continue to improve or at least maintain this status rather than fall back down? For this is often what happens and in many cases the finger points back to the technology and that where IT once drove growth it now impedes change.

The missing ingredient here is that these goals are set without a view of sustainability and this is where IT has a trump card to play and by doing so not only can IT enable organisations to achieve customer experience and operational excellence, it maintain this status into the future. So what is this ingredient? Quite simply it is AGILITY!

One of the key things software development have learnt over the years is the cost of innovation and dramatic cost of rapid innovation. As they argue successfully in their “implementing lean software development” book, Mary and Tom Poppendieck, state that “the cost of complexity is not linear, it’s exponential”. Wise software developers, they say “place a top priority on keeping their code base simple, clean and small”.

By developing agile software development practices that are light touch, expect and embrace change and are focused on delivering value it has allowed developers to invest much more wisely in response to challenges set by the business. However, although the successes have been widespread and repeatable so far the true notion of agility has not managed to move out much past the world of Software development itself.

Many argue wrongly that agile practices only works at small scale, that it is not rigorous or works at the expense of architecture and quality. These are wholly incorrect but do much to limit the values of agility from being expressed more widely across IT.

In the meantime, for those that have managed to harness the power of agility at scale, the successes are multi-fold enabling IT to build a much more focused business model in delivering services to their customers and in so doing ensuring a growth in operational and customer experience excellence, aka quality of service.

References

Jack Calhoun et al, The Next Revolution in Productivity

Mary and John Poppendieck “Implementing Lean Software Development” http://www.poppendieck.com/

Welcome new inTHiNKERS

It’s with great delight to announce the arrival of two new inTHiNKers to the inTHiNK Associate network.

Bola Rotibi brings over 18 years IT experience and is a world renowned and respected Industry Analyst in ALM space.

Bola joins the inTHiNK network to help define and deliver first class advisory services right across the Application Lifecycle which we are seeking to launch early in 2011.

 

Richard Godfrey brings over 20 years experience is software development, having built some of the most powerful .NET and Windows Azure based solutions in recent times. He is a well known and respected Software Architect heralding from many years at Microsoft and Deloitte.

Richard joins the inTHiNK network to bolster our ability to deliver architectural services and solutions designs as well as taking these forward into implementation and delivery.

For more on Bola, Richard and the rest of the inTHiNKers click here.

Testing the cloud?

One of my favourite subjects of late is how do you test your cloud?

It’s always been a challenge to get testing more involved in the development process and tooling has come along way to making this possible. But what happens when you add the cloud to the mix?

I’ve had a few chats with Danny Crone from nFocus about this in relation to Azure and was really excited to see they’ve got an event on the very subject …

The only problem is that this takes place tomorrow afternoon in Reading so I can’t make it …

http://testing-with-vs2010-in-the-azure-cloud.eventbrite.com

I only hope that there’s a repeat or that they share some of the presentations …

This sits well with the ALM Health Check Service that inTHiNK is looking to offer in the coming weeks – more on this soon!

Software Security: have we nailed it?

Software security has and continues to be a top line issue for most organisations, yet software and IT teams still continue to produce and deploy insecure code and applications with serious consequences for the brand, reputation and, of course finances of their customers and their own organisation.

Creative Intellect in association with the IASA have recently launched a survey that seeks to understand the security challenges across the development cycle and look to see if it is handled better by large or small projects, organisations and if there is a difference across industries.

I thoroughly recommend you taking part in the survey. All respondents will get a free copy of the full report and will be entered into a draw to win a free half day consulting session with Creative Intellect Consulting Ltd in the field of software delivery and application lifecycle management.

The survey link is: http://www.surveymonkey.com/s/SecuritySurvey-CIC

inTHiNK! it’s official!

After 5 great years of fun at Microsoft UK it’s time for me to say so long as I move on to new things although I fully expect to remain part of the Microsoft ecosystem and still haunt the corridors of the UK Campus from time to time!

So what does a Microsoft Architect do after Microsoft? Well more architecture it seems from the business through to its people and the systems the use. There are actually three main strands to my post-Microsoft strategy that I’ll summarise below:

As you may know I’ve had a long history with IASA, especially here in the UK where I founded and have chaired the UK chapter for around 6 years now. During this time we’ve been developing a credible and sustainable education and certification program for IT architects and now, along with my colleagues at IASA, I want to bring this to Europe. We’re holding our next UK certification boards this November but the plans for IASA Europe are much bigger than just this.

inTHiNK! is the name of my new professional services practice www.inthink.co.uk. inTHiNK! will offer services from business & technology strategy, architecture practice and guidance through to cloud readiness and enablement. This will scale out through an extensive associate network of solid top-level IT professionals. Contact info@inthink.co.uk if you want to follow up.

As a brand new bizspark partner I will be seeking to exploit the value of the Azure platform delivering a new breed of SaaS enablers and business offerings to the market!

 

Here’s my new contact details if you wish to stay in touch

Matt Deacon
CEO, inTHiNK! Ltd
www.inthink.co.uk
mattdeacon.wordpress.com
www.twitter.com/mattdeacon

White papers from Matt Deacon

White Papers List of white papers that I’ve produced or contributed to over the past few years:

	Thinking beyond the Clouds: Supply, demand and service-centric IT, 2010. Produced by Freeform Dynamics in consultation with the Microsoft Architect Council, this report identified a number of trends that are having an impact on the supply, deployment and operation of corporate IT facilities. “Currently, the impact is being felt most directly within the IT supplier community, but over the coming years the fruits of their labours will more strongly influence the way companies source and integrate IT services. In this report we look at what’s driving the trends and ask how should end-user organisations prepare to make the most of how IT services are delivered?”
	Outlook: partly cloudy with sunny spells to follow, 2010. Report authored by Matt Deacon and Dan Scarfe, dotNet Solutions that discusses the benefits of taking a hybrid approach to cloud computing and describes a simple approach when considering cloud options.
	The Arc Magazine, 2008: A 4-part publication that discussed the Microsoft ‘Software + Services’ strategy from a business and architectural perspective: Software + Services a business perspective Defining the Architecture of S+S Principles of Privacy Reaching for the Sky
	IT on the front foot, 2008 Sourcing, architecture and the progressive IT organisation Produced by Freeform Dynamics in consultation with the Microsoft Architect Council, this report identified the characteristics of progressive IT organisations and what they are doing that sets them apart from the pack. There is indeed such a thing as the ‘progressive’ IT organisation Progressive IT organisations reveal a progressive approach to sourcing We can learn from the experiences of more progressive IT organisations Architecture and integration become key elements of progressive IT The goal is for IT to raise its game
	Four Reasons to go Green, White paper that spells out the four main arguments for use in convincing your organsiation that green is a good colour to be : The Environment The Customer The Government The Money
	SaaS as a Disruptive Technology, 2007 Investigation into the nature of Disruptive Technology and whether the phenomena known as Software as a Service (SaaS) has the propensity to be disruptive. Contains a useful model for considering products from a disruptive perspective.Published on MSDN in 2007 in Conjunction with Dr Steven Moxey, Manchester Business School. Register article Disruptive Technology Framework developed as part of the project:

How Secure is your Cloud?

Cloud security is perhaps the number one topic when it comes to cloud computing and this is still definitely the case if you look like meetings like CloudCamp for example. So why then is there not more of a focus on it from the cloud vendors?

In their June report, "Assessing the Security Risks of Cloud Computing" Gartner provided a fairly competent list of questions that customers should raise with their prospective cloud vendors.

1. Privileged user access.
2. Regulatory compliance
3. Data location
4. Data segregation (which includes Encryption)
5. Recovery
6. Investigative support
7. Long-term viability

Although the list is useful, and I especially like number 7 raised in a security context, there are a couple of key points missing, that while they maybe covered in some subtext under these seven items I personally believe they should be raised to the top level. So here’s my additional set of security topics to raise with your vendor:

8. Internal threat management
9. Portability/access
10. SLAs/Penalties
11.Security in depth

Internal threat management

As we all know too well (or should), one of the majority of security threats of traditional data centres comes from within, with the cloud you’re passing this issue on to someone else. So what are the internal threat management procedures of your cloud vendor? How do they safe guard your data from prying eyes? Sure, encryption and segregation are elements that help here, but what are the data centre processes themselves?

Portability/access

A real favourite topic out there that in many ways overtakes the issues of interoperability is that of portability. How do I safeguard my ability to move from one cloud to another?  Once my data is in a cloud how easily (expensive, quickly) can I get it off again? Now add to this the question of secure and robust portability and this becomes a really interesting question to ask.

SLAs/Penalties

So if there is a breach of security what is the cloud vendors policy? Is this transparent? Made publically available? What sort of compensation could you expect? Free hours? SLAs are an obvious discussion point with cloud vendors but are seldom discussed in terms of security.

Security in Depth

This is one I particularly like and relates to internal threat management and processes but specifically to the development and creation of the cloud vendor’s infrastructure itself. Clearly clouds just don’t happen, someone has to build them and that means software engineering. Therefore a clear explanation of their cloud development processes should be clearly articulated at a software development level. This is one of the key lessons Microsoft has learnt over the years and one I know well.

 

So what other security questions would you want answered by your prospective cloud vendor?

SOA: A square peg in a round hole?

It is really interesting when you look back on your blogs over the years and reflect on how your views have changed, and whether anything still remains true given what you know now. Over the past few months I’ve been researching the state of SOA today; well over a decade since .NET Web Services arrived on the scene and the term SOA first came to popular attention.

One blog I’ve referred to time and time again in talking about SOA is the one I wrote on SOA Anti-patterns back in 2005. I use these anti-patterns regularly when talking to people and had come to think that their value had never been more significant than they are today given the emergence of the so-called “cloud”. However, I had noticed that they resonated less well with those where SOA was being “successful”. It therefore came as quite a shock when I actually re-read the blog only to find that the core tenet on which these anti-patterns were based was actually proving to be itself one of the core anti-patterns of SOA and why in so many cases SOA has proved unsuccessful.

The anti-pattern was actually described in the opening section where I suggest that the decentralised nature of SOA “left unchecked” could lead to the occurrence of a number of the anti-patterns that I went on on to describe. Unwittingly, I had hit upon one of the core anti-patterns for SOA; the square-peg anti-pattern, it was just that at the time I didn’t realise it.

The square-peg anti-pattern

As I noted back in 2005, SOA is a “decentralised” pattern for integrating distributed systems, but what I didn’t realise at the time and where the true problem turns out to be, is that we insist on trying to fit SOA (the peg) into a “centralised” model of IT (the round hole). This is like holding the same poles of two magnets end to end, they repulse each other, we are simply trying to put two incompatible models of operation together as one.

From a centralised perspective of IT these anti-patterns make sense, but turn the problem on the head and they become less significant and maybe cease to exist. The reality of the problem turns out, not to be one of fitting a square peg into a round hole, but that there are simply no square holes!

For IT and let’s face it, for the really important part; the business, to really take advantage of SOA it needs to give up being the monopoly, it needs to decentralise and devolve control to the services themselves. The result is smaller IT, encapsulated within the service, focused almost entirely on delivering business value for that service, rather than having to pay a high tax to conform to the demands of a centralised IT function.

The three Cs!

So if this is the major problem, then why do it? Why not drop SOA and retain the centralised model for IT? Of course this is an option, but let’s look at it through the lens of the three Cs that Hammer and Champy raised in re-engineering the corporation:

• Customers take charge
• Competition intensifies
• Change becomes constant

IT is subject to the same pressures and has to deliver the service that is required by the business. Your customer demands the ability to be more in control, dynamic, they have choice and increasingly have the potential to ‘shop elsewhere’. The competition from others who can provide the service, faster, cheaper and to order is increasing. The rate of change required by your customer grows daily and the need for IT to move from reactive to proactive and part of driving business.

Specialised Units of Business Capability

In looking at the trends within the business itself, one can see it is differentiating into often finer units of specialism. the benefit being, to take advantage of market leading innovation quicker, cheaper and at lower risk. IT needs to power these new capabilities, but can’t do so through a rigid model of centralised command and control. These new capabilities need to move fast, grow fast and evolve quickly in response to change. The IT needs to be as close to that business innovation as possible and be part of the solution rather than a problem that slows down their time to react.

The rise of the Central IS function?

So what now for IT? Is it the end of IT department? Well may be it is, as we know it today. Decentralisation is inevitable for Business as it is for IT, as the technology layers commoditise there is less need for many of the old functions of IT, but given all these moving parts, these increasing units of specialised business capabilities, the increasing number of sourcing choices for services of all shapes and sizes, it is clear that there is a need for:

• co-ordination
• governance
• compliance
• innovation management

These, then become the watch words for the future of the centralised IT function, but it is perhaps the name that needs a change, it is less about the technology but still about the information and management and certainly needs to nurture innovation and of course it’s all about the service.

Welcome to the:

Corporate Information and Innovation Management Service.

How to handle the press (or your boss)!

I get to meet some great people in my line of work and there are none more interesting and fun than the GreyBeards!

GreyBeards is comprised of Martin Banks and David Tebbutt, both seasoned journalists and technology writers who offer a range of strategic consulting and training courses focused in part dealing with the media. I’ve had the good fortune to be on the receiving end of their wisdom, both in the class room but more often outside through our engagements at events and meetings. David, sent over a really useful graphic they use as an aid-memoire for those that engage readily with the press. However, as he pointed out, it’s really applicable to almost any circumstance where you have a message to convey which immediately made me think of the challenges we face as IT professionals in gaining the support and commitment from our peers.

Copyright GreyBeards Ltd. 2010
(Click here or on image to see a fully annotated version)

If you click on the picture it will send you to David’s version that is full annotated, just hover over any part of the diagram to get relevant information.

The “egg-timer” (triangles) demonstrates the need for preparation and in constructing, simplifying, refining, and I think, symbolised by the image, consolidating your key messages. This then flows into the bottom half which represents the expansion into the interview itself.

The “bridge” to me is central and key to your interview technique in my opinion as it is a reminder that where ever your conversation may start, you need to seek to get back to your key messages, the areas you are experienced and knowledgeable to talk about.

The “rat hole” is the place that needs to be avoided and the reason you need to use the “bridge” to link back to saver ground.

 

The“safety zone” is where you want to be to deliver your message and is amplified on the right hand side of the diagram. The circular nature of this reminds you that you can roam any where within the safety zone, but remember the closer you get to the boarders, the nearer you get to the rate holes so use the bridge to move to safer ground.

Getting across the river!

Another useful analogy I was shown sometime ago was to imagine that you need to cross a river.

You have a pile of rocks in your pocket that you can throw out into the river that will help you get across. These represent your key messages you wish to relay.

However, as with all stones in water, be aware that they become slipper when wet! Many are uneven and wobbly too.

You must avoid the water at all costs so you must try to balance on your stones. If not then the shark is sure to get you!

(Picture drawn using Expression Blend 4!)