Sten Vesterli's Blog

Do You Understand What You are Running?

May 13, 2022IT Leadership, Technology That FitsAbility, Blockchain, Leadership

Don’t run systems you don’t understand. Some people had placed billions of dollars into a cryptocurrency called TerraUSD. They were told this was a “stablecoin” that would keep a value of $1. Underlying this claim was a clever algorithm that interacted with investors and another cryptocurrency in complex ways. Until its magic no longer worked and the supposedly stable TerraUSD dropped 80%. Trading in it is now halted.

In the global financial crisis of 2008, people had invested in complex financial instruments that they didn’t understand. Many billions were lost and large institutions went bankrupt. The banks who came out of the crisis unscathed were those who had stuck to simple banking products that everyone could understand.

Take a look at your IT landscape. Can you find somebody who understands your operating infrastructure? Or have generations of DevOps engineers just googled problems and tweaked your Kafka and Kubernetes configuration until it somehow seemed to work?

You Can Do More Than You Think

May 12, 2022Spiritual ProgrammerGoals

Could you land a plane? Unless you are a flight simulator enthusiast, you probably think you can’t. But if you were in the air and your pilot fell unconscious, you would be able to land the plane. A passenger with no flying experience found himself in that situation above Florida yesterday. With assistance from an air traffic controller, he successfully landed the small aircraft.

Many things we think are impossible really aren’t. Once we start, we find that we can do more than we thought. The important thing is to take action towards the goal. If you take no action today, you are not likely to take any action tomorrow. But if you take one small step today, you are likely to take another tomorrow. The difference between zero actions and one action is huge. Take that one action today.

Perimeter Defense is Dead

May 11, 2022IT LeadershipSecurity

Yet again, a critical vulnerability in commercial, high-end network equipment. This time, BIG-IP gear offers any hacker the ability to remotely access the management interface. The intruder doesn’t need authentication and can run any command. It’s rated a scary 9.8 (CRITICAL) on the CVSS scale, and it is being actively exploited.

If you still needed convincing that your network needs micro-segmenting or a zero-trust architecture, here is another piece of proof. This is not cheap consumer-grade gear. This is a highly reputable vendor of expensive equipment used by most large companies around the world. They can’t keep their devices secure, even though they are supposed to implement best practices in secure software development.

Depending on perimeter defense today is like being France in 1939 believing in the Maginot line. If you are a CIO, today would be a good day to chat with your network team about just how securely segmented your network is.

Add Some Control to Your Life

May 10, 2022Spiritual ProgrammerLife, Planning

Are you in control of your life? Many people feel that life is coming at them faster than they can respond. That leaves you with a feeling of being stressed and overwhelmed. That decreases your happiness, negatively impacts your health, and causes you to make worse decisions.

One way to add some control to your life is to start each day by deciding on one task you want to complete that day. If your most important task is one that cannot be solved in a day, you can decide that your task for the day is to work on the larger task for one hour. Agile teams start their day with a stand-up because it works. You can do your own personal stand-up, too.

Why Employee Surveillance Doesn’t Work

May 9, 2022IT Leadership, Technology That FitsLeadership, Motivation, Productivity

Do you know what a “mouse jiggler” is? Your most innovative employees do. It is not a device to shake a rodent in a cage. It is a small USB device that sends random mouse movements to a computer.

Who would want such a thing? Employees subjected to tracking software, that’s who. With the mouse moving, the software will record “productivity.” The pandemic led to a boom in surveillance tech, euphemistically called “employee productivity software.” As workers return to the office, that tech is not removed from corporate laptops. But workers are pushing back, in accordance with Newton’s Third Law of IT systems: Whenever the organization implements a policy, the employees will implement an equal and opposite workaround.

Techno-optimists keep trying to replace humans with technology. There are some places where that works. Replacing human leadership with surveillance technology is one of the places where this strategy doesn’t work.

Security is Somebody Else’s Problem

May 6, 2022IT LeadershipSecurity

There is good reason security is invisible: It is Somebody Else’s Problem (SEP). In his geek classic “The Hitchhiker’s Guide to the Universe,” author Douglas Adams describes how the secret to making something invisible is to surround it with an SEP field.

Security is not actually invisible – I’m at an event in Copenhagen with 3000 security professionals this week. But it is still considered Somebody Else’s Problem by the rest of IT. Except for basic Authentication and Authorization, security is not on the minds of developers and system administrators.

We cannot magically make people care. We already know that to get good testing, we have to add professional testers to each team. To get a good User Experience, we need to add UX professionals to each team. We won’t get improved security until we also add security professionals to each team.

Do You Trust Amazon?

May 2, 2022IT Leadership, Technology That FitsSecurity, Trust

The default is no trust. You shouldn’t trust a random USB stick you pick up in the parking lot, and your customers and users don’t trust you. If you want trust, you have to be transparent in a way your users understand and appreciate.

Somewhere in the Amazon terms & conditions it probably says in illegible legalese that everything you say to your Alexa smart speaker can and will be used against you. Researchers have shown that your interactions with Alexa are reported to dozens of advertisers, and Amazon says the research is flawed. Who do you believe?

Amazon have hundreds of lawyers and are probably within the law. The problem is that they are not complying with users’ expectations. If you want any kind of goodwill from your users and customers, you have to meet their actual expectations. Hiding behind reams of legalese doesn’t cut it.

Unnecessary Complexity

April 29, 2022IT Leadership, Technology That FitsCompetence, Decisions

Why use a proper screwdriver when you have a multi-tool? It is true that it is a lousy screwdriver, but it can do a dozen other things. That’s the thinking behind using Microsoft Windows for Point-of-Sale terminals. It turns out to be a bad idea. It can take up to 40 minutes for a Windows 11 machine to install the latest update, and in the meantime you are unable to do business.

The problem is not throwing an overpowered machine at the task. A Raspberry Pi works fine for a home weather station even though it is only using 0.01% of its capacity. The problem is adding unnecessary complexity. A Windows 11 workstation is running literally hundreds of services, 98% of which are not necessary for Point-of-Sales functionality. The more components you have, the more potential problems you will have, and the harder it will be to find them when they occur.

You would never allow your IT architects to use over-complicated components with dozens of unnecessary interactions, would you?

Create a Breathing Habit

April 28, 2022Spiritual ProgrammerHealth

How is your breathing? Now you might notice it. But most of the time, your breathing just happens. Try taking a few deep breaths. Notice how you feel calmer.

Breathing is interesting because there is a direct two-way connection between your breathing and your emotional state. Your stress level affects your breathing, but your breathing also affects your stress level.

To make sure you remember to take some time to breathe deeply, connect breathing with something you already do. Find some action you take several times a day, and take a few deep breaths before you do it. For example, whenever you pick up your coffee mug for a refill, hold the mug while you take three deep breaths. Getting some good breathing into your life will reduce stress.

Online Makes Meetings Worse

April 27, 2022IT LeadershipManagement, Metrics

When did you last walk out of a useless meeting? Never, right?

When did you last participate in a meeting where you got no benefit and contributed nothing? Last week, right?

We were slowly learning from trailblazers like Elon Musk to cut down on meetings. Then the pandemic and the associated video meetings teleported us back to the stone age of meetings. We have more meetings than ever, they start late and drag on, and involve too many people. Analyzing the video of online meetings shows that 50% of participants show up late, 40% have low engagement and 24% of participants don’t say a word during the entire meeting.

When something becomes easier, people do more of it. It takes a conscious effort to get back to focused meetings without clear agendas and only the absolutely necessary participants. Are you tracking how many meetings you have in your organization? If you aren’t, you can be sure you have too many.

(image: Kit-Kat ad mockup by Sam Hennig, creative strategist at Something Big)