Sten Vesterli's Blog

Making IT Live up to its Promise

Tag: Leadership

Offering Alternatives

IT Leadership, ,

Are you building critical software? Then you know to offer a fallback option if something – despite all your testing – does not work. That is often not a concern in organizations that can simply force users to suffer their app. Like the public sector in Denmark, where every parent of a schoolchild in Denmark must use the “Aula” app. Unfortunately, a botched upgrade means that many cannot log in.

Having only smartphone apps makes you vulnerable. The app stores do not older versions, so once you have rolled out a defective version, you (and your users) are up the creek. The mitigation for this risk is to also offer a responsive web application with only the most crucial features.

Take a look at the smartphone apps your organization offers to its customers. Are any of them critical? If so, do you have an alternative ready?

In Praise of (Useful) Managers

IT Leadership, , , , ,

You do need some managers. Elon Musk is trying to prove that Twitter can be run with only himself and the people who write code, and it’s not going well. It turns out that it takes a little more to run an organization than just coding and tweeting.

For example, Elon had announced that only enterprise customers who would pay $$$ would have access to the API. But he had fired everyone who was able to process an application for an enterprise license. So when the last overworked API engineer committed the change that implemented the limit, there were no paying customers because there was nobody to take the money of the few tool vendors willing to pay up.

Your overhead grows inexorably. Unless you pay very close attention, the fraction of total headcount actually writing code goes lower and lower. To avoid ending up having to take a chainsaw to your organization as Elon has done, calculate your coder percentage today and keep track of it.

Hybrid Work is a Leadership Decision

IT Leadership,

Get back to work, or else… That is the message from companies across the board. The latest is Amazon, who just dismissed a petition from more than 30,000 workers objecting to their three-days-a-week-in-the-office policy.

The Wall Street Journal reports that hybrid work is back to the pre-pandemic level at around 16% percent on average, with higher values in technology and information work.

Software is a collaborative effort, and no amount of Zoom meetings and Slack channels will change that. For example, I once led a team dispersed in four different rooms. Even though we were all on the same floor, we were constantly behind schedule and delivering poor quality. When I finally managed to get us all in the same room, productivity and quality shot up.

As an IT leader, it is your job to create as much value as you can with the resources at your disposal. You are not doing your job if you shrink from your leadership responsibility and let your programmers work wherever they want.

Where is the Profit

IT Leadership, Technology That Fits, , ,

“But we’re a startup!”

“That’s not enough anymore. How will you become profitable?”

This is the essence of discussions between startups and their VC funders today and increasingly between big companies and their shareholders. Unfortunately, Ford’s CFO didn’t get the memo because he is still trying to pass off their $3 billion loss on electric vehicles with the “consider-us-a-startup” excuse.

Increased shareholders’ attention is also forcing all the big tech companies to kill off many of their loss-making projects that do not have any path to profitability, with an accompanying bloodbath of firings.

An audit showed that 47 of the 98 Danish municipalities were running AI projects. Two of these had provided value.

Do you have realistic business cases behind your projects? Or is the business case a collection of rosy assumptions retrofitted onto a project someone just wanted to do? It is better to find and kill vanity projects than to be called to the CEO’s office to explain why you are frittering away the company’s money. Contact me if you want an independent outside opinion on your project portfolio.

Who Thinks About Risk?

IT Leadership,

A “Silicon Valley Bank Risk Management Department” T-shirt is the latest in ironic workwear. Not that SVB seems to have much risk management – their Chief Risk Officer stepped down in April last year, and the position was vacant for eight months.

Does anybody have the Risk Manager position in your IT organization? Every project creates a risk matrix and mitigates the worst risks, but once the project is complete, risk management evaporates in many organizations. The CISO does some risk management, but many IT risks are outside her remit. And risk management falls squarely in the “important, not urgent” category that always gets pushed to the back of the task list…

Criminally Bad Project Management

IT Leadership, ,

Sometimes, failed IT projects cost real money. Like it just did for British bank TSB, who was fined about $60 million for their shambolic IT migration. The disaster locked people out of their accounts for weeks, and the total cost to the bank is now approaching $500 million with payments to customers, project post-mortems and IT cleanup.

“The firm failed to plan for the IT migration properly, the governance of the project was insufficiently robust and the firm failed to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems,” the report from the banking authority concluded.

Those words don’t apply to any of your IT project, do they?

Once you Grow up, you Need to Stop Moving Fast and Breaking Things

IT Leadership, Technology That Fits, , ,

Moving fast and breaking things can be fine for a startup. They might need to iterate several times and maybe even pivot once or twice before they achieve product/market fit. It is not OK for an established business. Facebook has long since given up on this strategy, but Twitter, under Elon Musk, has rediscovered it. By thrashing around and changing direction daily, they are alienating both the users and the advertisers who were supposed to pay. If you want to move fast, roll out changes to a small percentage of your users. A mature continuous delivery organization practices blue/green deployment, but even if you are not doing CI/CD, you can still test changes with a small subset of your users. Don’t uncritically inflict the latest great idea on your entire user population. #itleadership #innovation #makeitliveuptoitspromise

Beware of Asymmetric Risk/Reward Profiles

IT Leadership, Technology That Fits, , , , ,

Would you continue to sell a lock based on technology that has been known for 14 years to be trivially easy to hack? Of course not! But Scantron in Denmark has merrily been foisting insecure locks on unsuspecting Danish apartment administrators. Even after a worried renter told them about the problem in several emails and even physical letters (!), they ignored the problem. It took a media shitstorm to make them realize the errors of their ways.

Digital locks have an asymmetric risk/reward profile. The reward is small – you save a little by not having to administer physical keys and re-key locks. The risk is huge – someone might copy a key, turn it into a master key, and rob hundreds of apartments.

When you are evaluating digitalization projects, be very careful about those with such an asymmetric profile. Almost every organization has digitalization projects with a better risk/reward balance than digital locks…

Be Prepared for Every Eventuality

IT Leadership, , ,

My latest favorite German word: Bargeldnotversorgung. It means “emergency supplying of cash.” The careful Germans are preparing for the worst-case scenario of widespread blackouts. Part of their plan is to make sure that everybody has an adequate supply of little colored pieces of paper, also known as “cash.”

Meanwhile, in Denmark, authorities, and shops are merrily careening towards a cashless society that will collapse as soon as the power goes out.

There are many things that can go wrong, and a well-run organization is prepared for all of them. In cases of risk management, be like Germany, not like Denmark

IT Leadership has to Harness the Power of AI

IT Leadership, Technology That Fits, , , , ,

AI has finally gotten really useful inside the IT organization. Most of the examples on the internet are frivolous and amusing, like how to remove a peanut butter sandwich from a VCR, written in the style of the King James Bible. But ChatGPT is helpful for mundane tasks in IT as well.

I’ve been fixing open issues in a small open-source project recently. One of the issues was that part of the code would concatenate strings to build SQL statements. That’s a classic SQL Injection vulnerability. ChatGPT can fix these bugs faster than I can. So I tell the AI, “please rewrite the following to use bind variables,” and give it the code.

Another example is working we legacy shell scripts. My sed/awk skills are rusty, but I can give a convoluted shell statement to ChatGPT, and it will patiently explain all the options and exactly how it works.

Many of your programmers are already playing with ChatGPT, GitHub Copilot, and other AI tools. You might as well embrace it. Set up a knowledge-sharing community for those curious about how AI can help IT. Have them present to you and the rest of the IT department. You’ll be amazed if you haven’t played with ChatGPT and its ilk.