A Business Technology Place

Got Password? Can Microsoft simplify?

Who makes the rules?

Hackers love them. Security auditors like to engineer them. The average person hates them. IT support teams use them for jokes. Our computer passwords have an identity crisis! Do passwords protect us or are they just a nuisance to our everyday lives?  I find weekly articles about how hackers can crack most passwords in minutes. For some thieves, cracking a password isn’t enough fun, so just steal them. It seems the value passwords bring for protecting information is diminishing.

Industry experts created password complexity rules we should all follow to make the passwords more secure. That makes it a little harder for hackers to crack a password but does not make them theft-proof. Unfortunately, it also drives many people without a password system to write down their password on paper. Who can remember words with all those special characters and capitalizations? In essence, to get the user more secure the rules made their system less secure.

Businesses implement password complexity rules to meet a couple of constraints: a security control they are given and limitations from the software system they are using (i.e. field length, characters allowed). The result for all us is an inconsistent set of rules to govern passwords for all the systems we use. Is it 8 characters or 10? Does it require special characters? Can I reuse a password I used two years ago?

What you know and have.

Several years ago, a popular method for authentication security was created to offset the weaknesses of a single password system. Two-factor authentication is based on the idea of something you know and something you have. So for example, I know a password and I have a phone where you send me a second code. Or I know a password and I have a physical security card I can tap or read.

Now, Microsoft is experimenting with removing the password requirement completely. Their new system would make life easier for their customers because it doesn’t require a pesky password for data access. Well kind. It requires a pin from the phone to get access. I see this as a hybrid two-factor authentication. Something I know, my phone PIN. Something I have, my mobile device.  If I lose or misplace my phone they say there is an option to revert to a standard password. Would you use this?

Human behavior.

Protecting data with authentication systems is a good study in human behavior. We protect the data because we don’t want others to see it. We protect access because some people steal data. We develop authentication systems that try to find a balance between human usability and password complexity. I can see this as a college class. Psyc 231 – Human behaviors for data access and protection.

Got password?

Photo Credit: Thomas Au via Creative Commons. https://flic.kr/p/dT3HaA

 

Mapping software development to Lean IT.

The right process will produce the right results.

A core concept of the Toyota Production System is the right process will produce the right results. The “right process”. What exactly is that? Software development practitioners spend entire careers in search of it. Everyone has ideas and rationale to support various methods including Waterfall, Agile, and Hybrids.

But there is more here than a methodology match. As I consider how to adopt and grow Lean business principles in IT, I face a classic dilemma; how do I influence standardized tasks and visual controls into a software development process? Software developers are a different breed of office worker. Many of them have personality traits which make consistent processes quite a challenge.

Are software developers rule followers?

Here’s what I know about guys and gals that write code for a living:

  1. They are puzzle solvers
  2. They are inspired by writing code not documenting progress
  3. They don’t enjoy estimating because they don’t want to time box their craft
  4. They are artists who care more about how code is written than the process used to govern the project

So here’s my dilemma. A software developer is a person who is a creative problem solver that needs space to be an artist and really just wants to write code. How I put that person in a system that seeks to define standard processes and visual controls as a means to provide customer value?

Software developers are rule followers. They write code against a predefined language syntax. They crave requirements up-front before they start writing code. But software developers are also artists. They want freedom to express their talents through what they create, not a set rules defined by someone else.

Lean IT. Finding common ground.

When faced with opposing viewpoints, I believe the best approach is to focus on common ground. What do Lean IT and the attributes of a software developer have in common? Everyone wants these things:

  • Eliminate waste – Businesses like the effect on the bottom line. Developers don’t like spending their time on busy work.
  • Increase customer value  – Businesses like the effect on sales and repeat sales. Developers like having jobs and customers giving them new problems to solve.
  • Standardized work – Businesses like repeatable tasks that can be improved. Developers like a clear definition of what is expected of them.

Starting with these concepts, I think it’s possible to get developers on board with Lean IT.  With a little flexibility, compromise, and focus on the core business principles of Lean, a team can move down the path of increasing customer value. Let’s start there.
Onward and upward!

Photo credit: https://flic.kr/p/6U71RM – Jeff Sandquist via Creative Commons

Roku 3 stuck on update from 5.6 to 7

I solved a problem with a Roku 3 update this past weekend. The Roku box was a freebie from my internet provider when I signed-up for their streaming service package. The initial setup worked fine, but after a few weeks the system froze. I had to power cycle the unit to get it back online. After a second-time freezing I checked manually for system updates. At this point the online prompts told me there was an update available to version 7 of the Roku OS. It looked like the update successfully applied. However after a reboot, the system went back to version 5.6.

The solution I found was to do a factory reset of the device. During the reset the system automatically updated to version 7 of the Roku system software. I did have to re-authenticate with my Roku apps, but that was much better than the system freezing and I’m happy the Roku device isn’t defective.

IBM reverses course on work-from-home

We can improve business results with this change!

IBM recently announced the end of work-from-home for the Marketing department as it moves towards regional offices for co-locating the Big Blue workforce. They aren’t the first to do this. Yahoo reversed course in 2013 by banning work-from-home and Best Buy followed their lead. Could this be another business cycle forming? Companies have been centralizing and decentralizing organizational layout for years as they switch between shared service cost-savings and greater focus on customer needs. Now it appears working-from-home, telecommuting, and flexible work arrangements may start going through similar cycles.

The debatable points.

Working-from-home has many characteristics and touch-points to create debate:

  • Team collaboration vs private think-time
  • Consistent schedules vs flexible schedules
  • Meetings together vs conference calls
  • Productivity of the group vs productivity of the individual
  • Commercial office cost vs home office cost
  • Relationships and culture
  • Employee retention
  • Commute time

The irresistible force to change something.

It’s easy to see how business leaders are drawn towards this policy as a means to improve efficiency and productivity of their workforce. The debatable items can all impact workforce productivity. But change is initially disruptive and must be executed properly to yield the desired results.

Obviously there is no single right answer. Organizations must weigh options and make decisions based on their business environment, their workforce, and their culture. Workers have preferences based on their life-stage, distance from the office, position in the organization, and personality.

Regardless of personal preferences, it does not change the mission of the organization or the commitment required of the workforce to produce great work. Ultimately, managers make a decision and move forward with it to create the culture and environment they want to achieve the mission of the organization. The work-from-home policy attracts or repels would-be workers. But the workforce needs to understand the interests of the company must survive to provide services customers will buy and to provide long-lasting security for employees.

Onward and upward!

photo credit: Debra Roby via creative commons.

Visual Management Board for Lean IT

A note from my Lean journey

A few years ago I was introduced to Lean concepts and principles at work. After several months of studying the topic I realized that many of my professional activities for both managing processes and people already mapped to some of the core components of Lean. That makes sense as many of the leading management philosophies and programs of our time share foundational elements.

One of the important principles of a Lean is visual management.  Visual controls are used to communicate information to people that indicate if the current condition of a system is acceptable. The Toyota Production System says to use visual controls so that no problems are hidden. It’s like the old phrase, “you can’t fix what you can’t see.”

On my personal Lean journey, my next task is to develop a Flow and Performance Board.  This will be a form of visual management that displays information to use at recurring team meetings. The contents on the board support the Lean principles of continuous flow and reducing waste. Effectively, the board becomes a visual control to see how flow of product is progressing for customer value-added activities and where waste exists in the system.

Flow and Performance for IT – My 1.0 version

I used the following guiding principles when designing the 1.0 version of a Flow and Performance Board for my IT shop:

  1. Show elements of product flow – At what stage work is in the system.
  2. Show key metrics – If possible show actual vs expected. The focus of the board, and Lean, is process flow and eliminating waste (as opposed to traditional boards that focus only on results).
  3. Show flow influencers – These are items that may influence the production system such as holidays and customer audits. The intent is to make the influencers visible ahead of time so it’s possible to manage through them instead of reacting to them.
  4. Show audit results – Part of the Lean journey is having leaders that inspect our work to see if we are following standard process. IT also has a rapidly growing set of requirements for compliance, which customers require, that fits in this space.

My 1.0 version of a board looks like this:

Since IT team members are geographically dispersed and most of our tools report data electronically then this will be an electronic board. Content will vary for different groups within IT. My first board is targeted towards and enterprise level view.

The board is intended to be referenced during recurring team meetings so that team members have a visual control as they inspect pieces of the product flow. As such, it should be easy to read and process information. The contents of the board must be current to be relevant. Ideally the board will updated dynamically to reduce the amount of non value-add work of administrative processes.

I anticipate I will wrestle with screen real-estate, content, and compactness with each future iteration.

Onward and Upward!