Sten Vesterli's Blog

Making IT Live up to its Promise

Tag: Leadership

Are You Aware of the Dangerous Tipping Points in Your Business?

IT Leadership, ,

“Gradually, then suddenly.” That’s Mike explaining how he went bankrupt, in Hemmingway’s immortal voice. It’s also how cryptocurrency exchange FTX collapsed. And it’s how usage of your IT systems declines.

It happens all the time that users suddenly defect en masse from a product that used to be popular. For a while, the vendor gets away with offering a slightly worse product and charging a little bit more. Inertia and the inconvenience of switching means that for a long time, users will only slowly trickle away. But unless the vendor changes course, they reach an irreversible tipping point where their product usage crashes.

It can happen to your IT even if you don’t sell your software. When the database gets slower and slower, or the sign-in procedure becomes more and more cumbersome. One day you will realize that your users are running the business with no security and no backup in Smartsheet and Excel…

Using the Power of UX for Good or Bad

IT Leadership, Technology That Fits, , ,

You can easily manipulate users. Using design tricks to confuse and deceive users is known as “Dark UX,” and Airbnb has been an enthusiastic practitioner. For example, American users have always been surprised that their great deals look much less great after humongous compulsory “cleaning fees” are added at the last step.

I never saw this trick in Denmark because such shenanigans are illegal here. Airbnb power users know to search for Airbnb rentals in the US on the Australian site because deceptive practices are also illegal there.

Under pressure from users and regulators, Airbnb has stalled for years, implausibly claiming technical challenges in displaying the total price. However, it seems like the pressure has now grown too big to ignore, and even Americans should shortly be able to see the actual price.

User Experience knowledge is meant to help users, not trick them. You don’t want your company to become a byword for deception like Airbnb has become.

How Do You Make Sure You Keep Up?

IT Leadership, , ,

Did you learn anything this week? Every industry is changing rapidly, and the IT industry more than most. Those who keep their noses to the grindstone every day will miss important trends. There are new technologies, new tools, and new ways of working.

I was discussing the future of IT with some of the sharpest minds in Denmark at the Software Architecture Open Space in Copenhagen yesterday and came away with new insights and provocative rebuttals to some of my entrenched notions about how organizations can be successful with IT.

If you are in a leadership position in IT, how do you ensure that your key players take time out from their day-to-day tasks to learn what is happening in the industry?

Handing Off Your Problems to Someone Else

IT Leadership, Technology That Fits, ,

Today is the day when up to 300,000 Danes can no longer access their online banking. They also cannot use any of the gazillion public services that require a login. That’s because the old public ID system in Denmark has been retired, and everyone has to use the insecure and shoddily built new one.

The reason thousands of people are left behind is the cumbersome signup process that – among other things – involves scanning the chip in your passport with a modern smartphone. It turns out many people can’t figure out how to do that. But that is not a problem for the organization behind the ID system. They simply tell users to show up at the local service point in their town for help.

It is, however, a problem for the overworked local service center employees. They are staffed to (barely) manage their usual work. Dumping 500,000 IT support tasks on them has predictably led to huge waiting times for an appointment for anything.

Don’t allow your IT systems to dump their problem somewhere else and declare themselves a success.

Are You Sure Your Backup System Works?

IT Leadership, , , ,

Why did all the trains in Denmark stop on Saturday? Russian hackers may or may not have been involved, but Danish incompetence was.

The Danish State Railways (DSB) has digitized all the paper that a train driver used to carry. That’s temporary speed restrictions, track works, and deviations from the standard schedule. They have also outsourced their digital solution to an amateurish vendor, and neither the vendor nor DSB had a backup solution. So when the vendor shut down the system due to an unspecified “security issue,” the trains stood still.

I’ve boarded a Delta Airlines flight with a hand-written boarding card on a scrap of paper. A professional organization continues to run, though slower, without its computers. An unprofessional organization like DSB is paralyzed. Are you like Delta Airlines or like the Danish State Railways?

Why Should the Business Trust You With Their Money?

IT Leadership, Technology That Fits, , ,

“Give us a bag of money and go away.” That seems to be the thinking of most in the #NoEstimates movement. They have, of course, misunderstood the original concept, just like people who claim to do Agile when all they’ve done is to do away with the documentation. I agree that estimation is hard and software is complex, but asking the business to commit money for unknown benefits in the uncertain future represents monumental hubris. The real world works by comparing costs and benefits, even though both cannot be evaluated exactly.

I’ll be meeting some of the best and brightest IT architects in Denmark at the annual Software Architecture Open Space next week. This is an open-format conference, and I noticed some of the other participants have already brought up estimation and #NoEstimates as a topic. I’m looking forward to an interesting discussion. If you are in the vicinity of Copenhagen on Nov 3rd, I encourage you to participate in SAOS as well. You’ll surely learn something.

The Problem is the Humans, Not the Technology

IT Leadership, , ,

The weakest link is the human. Microsoft does keep the software in their Azure cloud up to date with the latest patches but still managed to lose 2.4 terabytes of data belonging to 65,000 customers in 111 countries. The reason is that someone at Microsoft misconfigured a storage container.

This story became public because a security company wanting to sell its scanning solution posted it. They also informed Microsoft, who quickly secured the container. But for every white-hat hacker scanning the internet for unsecured storage, there are ten black-hat hackers siphoning off your secrets and selling them.

By buying a high-level cloud service from a reputable vendor, you can be sure that it runs on well-patched servers without known vulnerabilities. But you’ll have no idea when your cloud vendor fails to secure some lower-level service until you read about it in the news.

There are Many Reasons Not to Move to the Cloud

IT Leadership, Technology That Fits, , , , , , ,

You don’t save anything by moving to the cloud. Ask around – how many of the organizations you know who moved to the cloud have reduced operations headcount? Some things are simpler in the cloud, but many others are more complicated.

You enforce some good security practices because there is no way to NOT install the latest security patches. And you can quickly spin up an extra testing environment.

But unless you really have a highly variable load, or you are starting something new where you don’t have a clue how much power you’ll need, the cheapest option is to buy some hardware and put it in your server room.

The next time one of the vendors tells you how much you save by moving to the cloud, take a really good look at the calculation. I’ll be happy to help you. You will likely find out that there isn’t a business case for moving.

Can You Trust Your Vendor?

IT Leadership, Technology That Fits, , ,

Did you invite the hackers in yourself? Hundreds of German companies are waking up to the revelation that “German” cyber-security company Protelion is a front for a Russian company with links to Russian intelligence.

The hapless boss of the German IT Security agency even invited Potelion to sit on the German Cybersecurity Council. He is facing an unceremonious sacking…

Being able to roam freely inside the firewall and install agents with admin privileges is the dream of any hacker. There are at least one million devices running Protelion’s “security” software and the companies who invited Protelion in face a wholesale scrubbing of their entire IT infrastructure.

How do you plan to ensure that your security audits do not worsen your security?

Are you Dependent on Freelancers?

IT Leadership, , ,

Using freelancers is dangerous. It starts innocently enough with just a single developer experienced in your chosen tool. But soon, you’ll be hiring a few more freelancers to fill positions you couldn’t hire anyone to do. Suddenly you wake up to the fact that the only people who know how to use half of the cloud services in your product are freelancers, who will be gone next time there is a funding squeeze.

I’m in favor of temporarily using freelancers to augment your team – I’ve been an external consultant most of my working life. But use them responsibly. Freelancer.com showed a 40-50% increase on a year-over-year basis last quarter for various categories, while postings for permanent employees on other sites grew only 12%. That sounds like many organizations are becoming dependent on freelancers. So ask yourself if you can maintain and run your systems without freelancers.