One of the challenges faced by software developers today working on cloud applications and distributed systems is the problem of setting up the developer workstation in a development environment comprised of an increasing number of services and technologies. It was already hard enough to configure developer workstations for complex monolithic applications, and now it’s even harder as we start to break down the application into multiple microservices and databases. If you are starting to feel like your developers’ workstations have become fragile beasts that are able to generate builds only by the grace of God and through years of mystery configuration settings, then you are facing trouble. Seek medical help immediately if you are experiencing any of the following symptoms:

• The onboarding of new developers takes days or even weeks because getting a new development machine configured is a time-consuming and error-prone process.
• The words “But the code works on my machine” are uttered frequently within your organization.
• Bugs are often discovered in production that don’t occur in development or staging.
• The documentation for deploying the application to production is a short text file with a last modified date that’s over a year old.

Read More

There was a time, back in the day, when life as a software architect was simple. Release cycles were measured in half-years and quarters. Application traffic was significant, but not insane. Data was always persisted in a centralized, relational database (because that was the only option). And best of all, the applications themselves were hosted on high-end, company-owned hardware managed by a separate operations team. Life back in the day was good.

But then the Internet kept growing.

Release cycles got shorter as the business fought to remain competitive. Traffic continued to grow and huge spikes could happen at any time. The relational database was coming apart at the seams, no matter how much iron was thrown at it. And in the midst of it all, everyone started talking incessantly about this new thing called “the cloud” that was supposed to fix everything. The brief period of easy living had come to end.

Read More

Emerging in-store positioning technologies like iBeacon hold the promise for highly-personalized, “Minority-Report-like,” marketing programs. However, this technology is still at a very early stage. Retailers who adopt the technology first—and are able to execute it brilliantly—will almost certainly gain a competitive advantage. But the challenge is that it’s not entirely clear what experiences can be created today that actually offers a better shopping experience. Much of what the industry is talking about now centers around using proximity technology to offer coupons to shoppers in-store. I, for one, think we can do a lot better than incessantly pushing discounts to shoppers as they peruse the aisle.

At POP, the innovation team wanted to weed out the hype from the reality by building a real, working prototype using today’s technology to create an in-store shopping experience that didn’t suck. We wanted to build something that added value to the shopping experience for the customer and promoted stronger sales for the retailer.

Read More

A rash of cyber attacks and security news hit over the Labor Day weekend, impacting The Home Depot, Healthcare.gov, Goodwill and Apple. But at least this recent flurry of security activity is positive in one respect: it gives us a glimpse into the mechanics of real world attack scenarios.  The more we can use this as a learning opportunity, the safer we’ll be. Here are a few lessons we should take away from the attacks:

1. Understand that even if you do everything right, you’re still not safe

During the first few days of the September iCloud breach, in which explicit pictures of several celebrities were hacked via Apple’s iCloud backup service, many people were saying that the victims should have used two-factor authentication to protect their information (sadly, another example the “blame the victim” mentality). It was later disclosed, however, that Apple’s two-factor authentication didn’t actually cover iCloud backups. So, even if you are one of the rare, paranoid people who use two-factor authentication, it wouldn’t have protected you.

In a similar vein, having the most secure password in the world, wouldn’t have helped the customers of Home Depot or Goodwill, who’s stolen credits cards were used in-store. If the people processing your credit cards get hacked, no amount of cyber protection will save you.

Read More

Somewhere in the PR offices of the Goodwill, the Department of Health and Human Services, and The Home Depot, a crisis-management specialist is enjoying a small moment of thanks. On the one hand, they’ve probably had a pretty terrible week, dealing with the press and trying to explain the causes and impacts of major security breaches within their organizations. On the other hand, they are probably considering themselves lucky. They know that the best way to divert attention away from their own crises is for another, more interesting crisis to hit at the same time.  Fortunately for them, their unspoken prayers were answered. At the same time stories broke about their breaches, it was revealed that naked photographs of high profile, female celebrities were stolen from Apple’s iCloud service.  Hacking + Apple + celebrities + naked selfies = a four-of-a-kind in the tech news world, and trumps even news about a security breach that might be bigger than Target’s 2013 attack. Let’s face it, Jennifer Lawrence has a lot more charisma than Home Depot credit card numbers.

Although this string of hacks might have been an unexpected deus ex machina for a few lucky PR professionals, for the rest of us, it’s a really scary series of events that forces us to take a step back and ask the question: is anything safe online? Let’s review each of these breaches and see what we can learn from them so we can be better protected ourselves in cyber space.

Read More

Harvard researchers developed a system of 1,024 micro-robots that move using vibration and can self-organize to accomplish simple tasks, like forming the shape of a wrench or a star. The swarm system is based on biological systems (like ants!) who display complex behavior by following a handful of simple rules. The feat was considered a breakthrough due to the large number of bots in the swarm. Previous micro-bot swarms were less than 100.

Read More

The Iconoclast

Dan Geer has never been one to walk away from a fight. In 2003, he was fired from security firm @Stake after authoring a report released by the Computer and Communications Industry Association arguing that Microsoft’s monopoly over of the desktop was a national security threat. Given that Microsoft was a client of @Stake at the time, it’s not a shocker that he didn’t make employee of the month. Somewhat humorously, in an interview with Computerworld after the incident, Dan remarked, “It’s not as if there’s a procedure to check everything with marketing.”  Somehow I think a guy with degrees from MIT and Harvard didn’t need to check-in with marketing to gauge what his firm’s reaction to the paper would be.

Fortunately for the Black Hat audience (and those of us who watched the presentation online), Dan continued to live up to his reputation. He outlined a 10-point policy recommendation (well summarized here) for improving cyber security. In the preamble leading up to the policy recommendations, he made two key points that provide critical support for his policy argument:

1. The pace of technology change is happening so quickly now that security generalists can no longer keep up. Highly specialized security experts and governments are now needed to protect our information assets.

2. If you want to increase information security, you have to be pragmatic and willing to make compromises. As Dan succinctly put it: “In nothing else is it more apt to say that our choices are Freedom, Security, Convenience—Choose Two.”

These points are important to keep in mind when listening to his presentation because they provide critical context for his potentially unpalatable policy recommendations.

Read More

Don’t worry—we’ve all done it. If fact, most of us are still are doing it. Actually, most of us are doing it and still think it’s okay to do it.

No, I’m not talking about sneaking in a little TMZ while we’re at work. I’m talking about using Microsoft Project or Excel to make a project plan—something far worse for productivity than the worker time lost by following the latest celebrity break-ups.

Okay, I admit it: I use Microsoft Project Gantt charts for planning small internal projects. And this isn’t really a problem because the time horizon for these projects is short, the complexity manageable, the impact of delays relatively minor, and the amount of uncertainty fairly limited. In short, it’s a simple tool for a simple problem.

But what happens when the project gets more complicated? When the environment in which the product operates is constantly changing? When deliverables are complex and require significant collaboration across teams and partners? When money is on the line and people’s careers hang in the balance? That’s when the Gantt chart starts to break down.

Read More

Almost all companies today have a compensation program for at least some employees based on performance. From CEOs who are awarded bonuses for hitting a target share price to bike messengers who are paid by the delivery, performance-based compensation is widespread today.

Clearly, given the ubiquity of performance-based compensation, one would assume that a great of deal of research has been conducted to assess the efficacy of this model. Why would all of these smart business leaders follow practices that don’t work? That would be crazy. And if you made that assumption you would at least be partially correct: decades of research have been conducted to determine if performance-based compensation works. The problem is that, according to author Alfie Kohn writing for the Harvard Business Review, the research all confirms the opposite conclusion:

As for productivity, at least two dozen studies over the last three decades have conclusively shown that people who expect to receive a reward for completing a task or for doing that task successfully simply do not perform as well as those who expect no reward at all.

Read More

Read More

A natural result of human evolution is the desire for man to establish control over the world around him. Ever since the earliest days of civilization, long before science, man conducted rituals to foretell the future and performed ceremonies to control the environment. Fortunately for us, we learned a thing or two along the way, developed science, and switched from rain dances to irrigation systems.

In fact, we were so successful using science to control our world, it was only a matter of time before we applied scientific principles to business. In the early 1900s, management pioneers like Fredrick Taylor, Henri Fayol and Henry Gantt led the charge. Taylor, acknowledged as the father of scientific management, realized that factory workers became more productive when their compensation was tied to their output, and thus developed the concept of piece rates. Fayol, considered the father of modern business administration and project management, defined the five essential functions of project management:

1. To forecast and plan
2. To organize
3. To command or direct
4. To coordinate

Read More