The Sun Has Risen On IT

The Sun Has Risen On IT

When I look back at businesses over the years, IT people were at the bottom of the pile. They were the embarrassing ones the company hid in the basement or darkroom somewhere not to be seen by the business. Perhaps it was the way they dressed? T-shirt, socks and all in a corporate environment. Oh, and there were language differences too.  

A conversation with an IT help desk went like this; 

Conversation 1

You:” Hello, my application is frozen.”

IT: “Have you tried restarting your computer?”

You: ” Well, no. Why do I need to restart my computer?”

IT: “*&(#!! .Jargon speak”

You: “Ok. I will restart my computer now.”

You restart your computer, and it works! Wow, how did they know this was what the issue was? They are so smart. 

Conversation 2

You: Hello, I am unable to connect to an application.

IT: Was the “exe” installed?

You: What is “exe”?

IT: It is the executable that runs when you click on your icon.

IT: In your search type “cmd” and go to the command window.

You: Where is the search?

IT: Explains…

You: I am in the command prompt.

IT: Type “ipconfig” …..

The acronyms are still there, but it is not limited to IT. You spend years learning how to spell words, only to contract them for whatever reason. A simple example will be, the “DB” is up and running? Are all the “apps” deploy correctly? Do we need to install “SSD’s”?  

Fast forward many years later, we are now fully trained to restart our computers when we have issues. We know to save our work—years of hard work to prepare the masses to use computer technology has finally paid off. We are now in the cloud.

IT staff can now remote to your desktop and not ask you silly questions.

People are now using technology to make everyday life easy. The IT guy, well most have been brought out of the darkroom, and the sun is shining on them. 

They are now the superheroes of the world. During the pandemic, IT companies are enabling businesses to move online. I know people are still asking were online is and what it means to be online, but that is a question for another day.

IT is here to stay. As we go into 2021, it will be interesting to watch how technology hardware and software will evolve.

In case you are still wondering what “IT” is, well, you can ask Siri or Cortina.

Securing Your Digital Assets

Securing Your Digital Assets

Security breaches are occurring every day. The world will forgive you for thinking you have your antivirus, security software and all locks in place to protect you and your company. 

A companies data refers to all the companies digital asset, which includes company emails, voice mails, files and lots more.

What is a security breach? It is merely unauthorised access. You have a security breach in your house if strangers walk into your home and help themselves to your belongings. Some may force the lock (brute force), some may tailgate you into your house and hide, others may make a copy of your key and open your door. 

securing digital assets

The concept is similar for your data. Your application is the interface that gives you access to your data. When thinking about your companies digital assets, you will not only have to think about the security of your application; you also have to think about securing all steps that lead you to your application. Ideally, the company should carry all analysis long before deploying the application into a production environment.

Let us go back to your home security, if you have your gold stored in a safe in the wall of your study and put a picture over it. Do you lock the door of the room and leave the main house and gate wide open? No, you still have security in your home.

Let us look at some of the steps leading to the execution of an application. 

  1. Turn on your computer or mobile device
  2. Log in to your computer 
  3. Access your application that lives on your computer or 
  4. Access application that lives in the cloud.

There may be more but I will address these simple steps in this writeup.

When you turn on your computer, if in the past you had

  •  Visited some strange site
  •  Used a USB key that someone gave to you for free
  •  Clicked on a link in an email 
  • Downloaded malware. 

When you turn on your computer operating system boots up, one of the above processes may have installed malicious software to execute on boot. Some may capture your keystroke and use this to obtain your password—one gate down, now to the next. 

You now log into the application that gives access to your data. So what happens is that your invisible key logger now also has access to your data and you do not know it. Wow, now how do you know that there is a stranger on your system? You have to be actively monitoring to know. 

Most social media sites will send the owner an email to say “you logged in from this IP is this you?”. These sites already have implemented security by default. For companies with legacy systems, this is not always the case. So they will never know unless they redesign their security framework. 

What if you are an application administrator and your password was hacked? Well, you are doomed. Unless you have a process that informs you when data over a certain number of rows have been retrieved and notifies you, you will not know. Or perhaps you have an algorithm that notices unusual pattern in your access and typing and sends you an email. Assuming the hacker does not get there first.

Let’s face it the prominent hackers are not going to retrieve data row by row? They are going for your whole database or whole directory files and disk.

As part of your security framework for your company, you have to implement security for:

  1. data at rest and in transit
  2. monitor changes to files
  3. monitor changes to directories
  4. remove all unused applications
  5. change passwords regularly* avoid using default usernames and passwords, and that includes using your name as a username.  
  6. Limit the number of times a user can try to log in
  7. Lock user out ofter x number of tries 
  8. Force password change after x number of tries
  9. Encrypt your data by default
  10. Protect your users from themselves. Educate them on security matters
  11. Users should avoid clicking on links in their email. Check who it is sent from first.

This is by no means an exhaustive list, but it is a start. Check all gates to your systems and secure them.

*The frequency of password change should be assessed by individual companies. We now have GPU’s that allows hackers to run code-breaking algorithms quicker. Think of ways to break their tries. 

Technology – Automatic Landing

Technology – Automatic Landing

Bad weather affects the airline industry more than other modes of transportation. For example, when there is a thunderstorm, you are still able to drive your car, take public transport or take a train (usually).
However, when there is a thunderstorm, the airlines in the affected region experience disruption.
When this happens, there is a whole lot of logistical work that goes into rescheduling flights and delays may be experienced in other destinations not affected by the weather.

Not too long ago, about ten years, while travelling by air we would experience disruptions due to poor weather. One particular type was flight delay due to fog.

Fast forward someday in the year 2020, and there was some announcement at the airport about some delays affecting European flights. I thought the delay was due to another French air traffic controls on strike.

We got on the plane, and the pilot apologised for delays and stated that this was in fact due to weather disruptions across Europe. I was glad it was over; I did not know what type of weather delay it was.
As we approached our final destination, the captain announced that due to the weather conditions, we would have an automated landing. All devices had to be powered down, not on safe, sleep or any other sleep flavoured mode.

I was very excited as I had never experienced an automated landing. We were all set and ready to go I looked out the window, and it was all clouds there light coming through the clouds as we made our way towards the airport.

The plane began its descent towards the airport as if gliding. I looked out the window, and it was still very cloudy. I could not see a thing. The wheels came out as the plane progressed towards landing, still very cloudy outside. It felt like we were still in the clouds then the tyres were on the runway, visibility was poor. I could see nothing just what looked like fog lights shining through the deep fog.

The landing was great made me appreciate the advances in technology even more. What would have been cancellations and hours of delays was saved by technology.

The Future – All Things Disruptive

The Future – All Things Disruptive

When you hear disruptive, what is the first thing that comes to mind?

Suppose you were deemed to be a disruptive child at school and dealt with according to the well laid out school policy. It certainly may not bring back warm fuzzy feelings to you. I have heard and read of such cases. 

How about taking a train to work and suddenly through the tannoy you hear, ” I am sorry to announce the 7:16 a.m train to London has been cancelled.” 

You are going on holiday, and you read of significant disruptions to the flights due to the air traffic controller strike in France. 

There is a pattern here, but it is negative. Notice how everything is going in a certain way, and everyone has accepted it is the way and the only way. Then bang! Something interferes and changes our plans, and we have to adapt

It reminds me of ants they if you observe them going in a straight line and an obstacle is put in-between they go around. In other words, they adapt. Too many of this and it becomes chaotic.

In this decade, we have seen a different type of disruption. How it is perceived depends on what side you are on.

If you are a taxi driver who has been making his money for years charging what you feel like using your ticketing machine and taking long routes to set the maximum fee from your client then, Uber and Lyft are bad news. On the other hand, if you are the client who has been on the receiving side of this form of exorbitant fees, then you are elated. 

Looking at the word disruptive in google ngrams viewer, we see that before the year 2000, there was a strong focus on controlling disruptive behaviour in the classroom.  

Then we start seeing disruptive feature differently from 2009. A technical analyst looking at the chart will say there was a break out from 2019, and the trend is in place.

This break out was as a result of significant progress in the technology sector. Whichever way you look at it. We now have everything appended with tech. FinTech, EdTech, SupTech, RegTech, BigTech, AutoTech, FoodTech, HomeTech,GovTech, to name a very few.

To crown this decade and to cement the need for technology, Covid19 came. Tech no longer became optional but is now the most crucial thing allowing businesses to function. 

The era of going to university and retiring 50 years later is gone, disrupted. We now need to adapt. Schooling is no longer the same. The youths are questioning why they have to spend 4 years doing a degree only to come out, and there is no job. 

So what will education look like in the future? Look out for my write up on this. 

We now need to look into the future and see if our roles will be relevant and adapt. During the Covid19 pandemic, we saw what the essential skills were. This is country-specific. 

Either way, the disruption is here to stay. The question is, what side are you?

The Year is 2040 – Refactoring Legacy Systems

The Year is 2040 – Refactoring Legacy Systems

When building it is worth sparing a thought for those who will maintain the system and how the system will evolve seamlessly in the future.

If you work with technology, front or back end, you may have come across some systems that have evolved to become monsters in the company. In some case, when asked to modify some functionality, the developers break out in a sweat because they know they are going somewhere and do not know when, if at all, they will return.

There was a time when it was fashionable to create codes and put the business logic in triggers in the database (Cringe!)—the computer dark ages. Then we had several generations after, where more code was built upon this not so great foundation.

Fast-forward years later, you are asked to make some changes, and you attempt to make one change and discover that the effect ripples across many “hidden” entities which in turn affect the business processes.

So are we out of the woods? Well, a better question to ask is, do those legacy systems still exist? Unfortunately, they still exist, and the concept of “if it isn’t broken why fix it” is still alive and kicking.

To be clear, I speak of monolithic systems. I won’t name names, but they are everywhere, and these systems are used every day to develop even more monolithic systems.

These systems are hard to refracture or migrate, and the mere thoughts of analysing these send shivers down the developer’s spine.
It is not only the refactoring that is the problem; it is the fact that these products do not scale.

I know some companies have made an effort to say their monoliths are scalable and use all the buzz words, but the fact is, these products do not scale. Under the hood, they are mere monoliths.

Fast forward to the year 2040, the world is different; people rarely talk to each other. Everyone walks about virtually. You are sitting in your living room, and you think ah, I have run out of milk I will go to the shop. Instead of turning on your device and loading an application, you get into your virtual car and go to your virtual supermarket. You walk into the supermarket and see others there, the shops are all stacked nicely, and you pick a basket and pick put things in your basket and pay.

How is this possible? Well, you have a chip that uniquely identifies you. When you put your clothes on, it knows what clothes you have on because this is also tagged. When you go into the shop virtually, you appear as you because you are all chipped up and wired to a giant computer. Your chip is also linked to your bank, tax and all the internet of things.

Next, you hear the doorbell ring, a drone drops your delivery, yes the chip knows where you live so you do not even need to enter your address. Your little robot picks your delivery and unpacks.

So who are the developers? Are they humans or robots? What are the developers in 2040 thinking of what we are doing now? Code today is the legacy code of the future.

Big data – Online shopping technology

Big data – Online shopping technology


Yes, computer technology we cannot seem to do without it. Recent years have seen a massive increase in online activities including but not limited to, banking, insurance, bill management and payments, shopping, trading, news, music, electronic books, social media, online gaming, online film sites and many more. 

The recent surge in people staying at home showed pressure in some unexpected and some familiar places. Some governments were asking Netflix and companies alike to reduce the bandwidth usage to reduce the stress on the broadband services. I will save the broadband discussion for another day.

Ocado – A case study

Let us look at Ocado if you read the about page, and it states they are the world’s largest dedicated online supermarket and it has a quarter of a million(250,000) active customers (of which I am one) and 15% share of the UK online market.

So what happened then? Why are we getting the above page? Well, for one, when companies say they are online, it does not mean they are in the cloud. They could have their server room somewhere in their head office, and this clearly cannot scale as quickly as possible. Or they may be in the cloud but have implemented a monolithic application.

I am sure that we do not have 108,668 people queuing where I live. This number as you can see is half way. We started off with over 250,000.

So they introduce the online queuing system. The queuing system could also do with an update if you insist on using one. Take a ticket and leave your mobile phone number when there are three people ahead of you get a text to let you know you are almost next in line ( yes it can be a paid service). Let us not dwell on this; there are more pressing IT strategy issues as well as architectural issues.

IT & Data Strategy

Why are IT and data strategy essential in the cloud age? A company that wishes to grow and scale quickly must have a mandate which comes from the board of the company. Failing this all efforts from IT will be futile. For an online business, a cloud strategy is a must if you want to grow your business.

What is in the cloud?

Cloud service providers offer a wide range of services that allow your digital business assets to be secure and scale seamlessly. 

A lot of companies are afraid of putting their data in the cloud due mainly to security fears. I will touch briefly on some available services.

Security 

  • Cloud providers offer protection for protecting data, protecting application and protecting your infrastructure. 

 CDN 

  • Webpages can be cached at a location closest to you, allowing for low latency.

IAM 

  • Identity management allows you to create users, groups, roles and policies.

Durability 

  • Guarantees no loss of data so data will be there when you need it.

Availability 

  • Speed of access. Customers get fast and reliable access

Scalability 

  • Allows an application to meet demand seamlessly when required. In other words, to the end-user nothing changes.  
  • Resources automatically get added as volume increases. 
  • As the volume decreases, the resources are released.

Networking and elasticity in the cloud

In the example case, Ocado, auto-scaling and load balancing seems to be an issue.

Conclusion

How will I implement the Ocado online platform differently?

  1. Move it to the cloud if it is not already there. e.g. Amazon Web Service (AWS ), Google Cloud Platform (GCP) and Microsoft Azure.
  2. Use implement a scaling strategy this will allow your site to autoscale
  3. Partition the online service by location. Each user should be able to request a service base on their location. The calendar is not a global calendar so I am not sure what went wrong here.

It is pointless for a customer to wait on a queue for 6hrs and lose their place because it is their turn on the queue at 4 am and well it is sleep time. 

One thing is for sure it seems the whole country is in one queue.