Monthly Archives: October 2013

Pay peanuts, get monkeys

I am often contacted by organizations who wants me to do consulting or architecture work. Some of these inquiries come with a stipulated maximum hourly rate, typically fairly low.

There are two problems here:

  • Paying by the hour creates an incentive for the consultant to solve the problem as slowly as possible
  • The savings from hiring a poor or mediocre architect is completely dwarfed by the additional cost of the poor or mediocre architecture he instigates

Do you think Richard Branson instructs Virgin Galactic HR to “get the cheapest astronaut you can find”?

Life lesson from the Boston Marathon bombings

I’ve just read The Exclusive Inside Story of the Boston Bomb Squad’s Defining Day on Wired.

Bomb squad members are trained to use a careful, methodical approach and lots of high-tech gear to disarm explosive devices. But at the Boston Marathon, there were two blasts and they had to contend with the risk that more bombs had been placed to target first responders. And they had hundreds of left-behind bags to search.

Because they knew their objective, they were able to improvise their methods. Without their body armor, they bravely slit open the sides of bags with pocket knives to examine as many bags as possible as fast as possible.

If your employees know their objective (the “why”), they will be able to adapt to changing circumstances. If all they know is is the “what”, they will be stuck with a single response even if the situation changes dramatically.

Control Your Information

It appears that international credit bureau company Experian was inadvertently selling private information to online criminals posing as “private investigators”. These criminals then used Social Security numbers, birthdays and drivers license records to commit identify theft. Ironically, Experian is also selling protection against identity theft to private customers…

Do you know what data you are storing, and who has access to it? If you don’t have data classification and access procedures documented and implemented, you are at risk of negative publicity, customer ire and even legal action.

Your Fallback Plan


I was flying back from Stockholm after a conference this week, and the SAS computer system was down. But the gate agents initiated their manual boarding procedure and issued me a hand-written boarding pass.

Manual boarding pass

It took longer, but eventually everyone was on board and the plane left.

Do you have a business continuity plan in case of catastrophic IT failure? Just adding double internet connections and redundant power supplies is not enough.

Something is rotten in the state of Denmark

Denmark considers itself a world leader in information technology. This attitude has led Danish politicians to mandate one common login system for every public website and self-service application.

Unfortunately, this system (known as NemID – “easyID”) is plagued by frequent problems. The most recent debacle was that the organization entrusted with the implementation apparently forgot to test it against the latest Java update. So when a new version of Java rolled out last week, 5 million Danes were cut of from using public services or home banking.

Do you have any single point of failure in your IT infrastructure? A high-availability server cluster does not help if there is a critical error in your software. Do you have a fallback plan in case central infrastructure suddenly can’t be used?

Application Kidnapping – Could it Happen to You?

In Denmark, a startup hired some freelance developers. They ended up in a dispute over pay, and the developers locked the project owner out of the project. The startup folded.

If you are using offshore resources, you probably don’t want to wait for a court decision in Manila, Kiev or Bangalore. Are you sure your application, code and data is safe even if you end up in a dispute with your offshore development or hosting provider? Or are you at risk of application or data kidnapping?

Should your team use a framework?

Some developers have an aversion to frameworks, feeling that it will be faster to just write everything themselves.

This might be true for a simple throwaway application with a expected life span of a few months, but for serious code that will have to be maintained, using a framework always saves time over the lifespan of the application.

Developers working on their own time are free to program in whatever way they want – but a professional programmer is being paid to solve business problems. It is completely OK to mandate the use of a specific framework in your organization.

Lessons from the Obamacare website

To no big surprise, the website went down promptly after being launched. This is the place where people sign up for “Obamacare,” and officials foolhardily insisted that everything was ready for a million visitors. It wasn’t.

Serious websites generally eschew big-bang launches because it is so hard to get it right. Often, they start out with a “dark launch” where new features are made available, but not advertised. A few people will find them and try them out, allowing the website operator to verify that everything works in real life. If major problems are found, the feature can be quietly deactivated without the negative publicity that has gathered in spades.

Next time you roll out a major addition to your web site, try it out with a dark launch first, and then gradually add users in a controlled manner. “Big Bang” went out of fashion approximately 13.82 billion years ago.

Agile in U.S. Department of Defence? Really?

The U.S. Department of Defence has long been fighting a valiant rear-guard action in defense of Waterfall project methodologies. However, the times they are a-changing.

A colleague just pointed out the revolution hidden in section 804 of the U.S. National Defense Authorization Act for Fiscal Year 2010:


The Secretary of Defense shall develop and implement a new acquisition process for information technology systems….

(2) be designed to include—

(A) early and continual involvement of the user;

(B) multiple, rapidly executed increments or releases of capability;

(C) early, successive prototyping to support an evolutionary approach; and

(D) a modular, open-systems approach.

That sounds a lot like agile to me. It will be interesting to see how this plays out in real life once U.S. government eventually starts working again.

Oracle Cloud: Demonstrating Dark User Experience Patterns

You know there are good User Experience Design Patterns. There are also anti-patterns – bad stuff done by people who don’t know better.

And then there are Dark Patterns – User Experience deliberately crafted by clever people to trick users. The Oracle Cloud trial is unfortunately an example of the Roach Motel pattern. Many pages of instructions on how to sign up, but nothing about how to terminate your service.

It becomes almost absurd when you try to use the prominently featured chat function, only to be told “Chat Support is presently unavailable. Your inquiry is important to us”. You can’t make these things up…