A little while back I told my marketing team that I wanted to launch a video series. Something unique and clever, I said. Something more than just the predictable, infomercial dribble that seems to ooze from every pore of our industry, I said. Something more down to earth, in the weeds, that sort of thing, like a talk show.  And I could be the host.

They had questions. 

“Are you sure?”

“I’m sure,” I said.

“Camera adds ten pounds…”

“I’ve got good bone structure,” I replied.

“Do you have a topic in mind?” they asked.

“Not yet….But it needs to be something big….but real.”  I squared my forefingers and thumbs and held them over my right eye like a viewfinder.

“Can you dig it?”

Crickets…

“OK, we can talk about show topics later,” I said.  “Who wants bubble water?”

And there you have it. The story of how SWC’s new video series “Out of the Box” was born. Join us for our first installment as we discuss today’s crazy economy, technical innovation and entrepreneurial guts with MVTRAC President Scott Jackson. Watch it and let us know what you think!

Most people understand why one of the most important aspects of a technology solution is the need for security. Oddly enough, one area in particular that is neglected most often is the switching (“Layer 2″) domain within an organization.

Why is this so often neglected?  It could be due to a lack of awareness. Also, while most organizations are willing to invest in a firewall solution, the general impression is that the most significant attack vector is from the outside. But there’s more to this story.

Here are three types of attacks that your Internet firewall, not matter how good, generally can’t stop:

VLAN Hopping: This is when an attacker gains access to the restricted network segment (VLAN) by manipulating a misconfigured access layer switch using tagged frames to masquerade traffic where it should not be. This is the equivalent of Tom Cruise using spy masks in the movie Mission Impossible to trick his foes into providing him with access to vital information and documents.

ARP Poisoning: An attacker replies to ARP requests on behalf of another host and is able to intercept traffic bound for it. Think of this as someone going to your mailbox, reading your mail, then placing the mail back into your mailbox. Only in this case what is being read is all of the data being sent to and from your workstation or server.

MAC Flooding: An attacker floods the network with an invalid MAC address in an attempt to max out the switch CAM table. Once this occurs, the switch becomes like a hub and will allow sniffing of ALL data frames on the network segment. This is like a person (we all know one!) who is normally reserved and quiet, but when they have a bit too much to drink they starting spilling the beans about anything and everything, even stuff you don’t care to hear. If you feed a switch too much Layer 2 data, it starts blabbing.

As you would guess, there is a solution for every single one of these exploits, but is your network protected against them?  If I was a betting person–and based on experience–my answer would be, “Probably not.”  The good news is that securing your internal network can generally be done by leveraging the functionality built into your current hardware.

Now let me counter these three attacks with three solutions that can be used to protect your Layer 2 domain. It should be noted that most vendors support their own iteration of this feature but may go by slightly different names, so as always, consult documentation.

SOLUTION 1 – DHCP Snooping: This strategy, generally used in conjunction with DARP (Dynamic Arp Inspection) will keep connected workstations honest. Think of this as the ultraviolet light used to spot counterfeit money.

SOLUTION 2 – Port Security: This feature limits a connected host to a specific MAC address entry. In the case of MAC flooding, the port can discard source addresses above an allocated limit. This feature is easy to set up and very effective.

SOLUTION 3 – Static VLAN membership: I can’t emphasize how important it is to remove ALL traces of dynamic trunking/tagging negotiation on your network. Tagged frames should never have the possibility to be on user facing ports. (There is one exception to this in the instance of voice VLANs, but when done properly, it does not create the security dilemma at issue.)

Obviously this list is only the tip of the iceberg. NAC, 802.1X, VMPS and RADIUS are a few of the more robust methods being used. But I wanted to emphasize solutions that likely require no additional hardware. What strategies have you used to secure your internal resources?

Software developers are a unique breed. We love to think in abstract terms. Many of us are more comfortable communicating in Java than in English. It’s a sign of a truly advanced civilization that software developers have been put to meaningful work rather than sequestered from the rest of society.

If you read my previous post, you know that I am passionate about writing software on a human scale. This means writing software that serves the user, rather than forcing the user to conform to the software. There are lots of hurdles that developers must navigate to achieve this ideal. The first is probably obvious: how to get started.

Let’s follow Maria Von Trapp’s advice in “The Sound of Music” and start at the very beginning. Before we write a single line of code, we need to have clear answers to some very basic questions. A good way to approach those basic questions is to use the classic “Five W’s” that we all learned in school: Who, What, Where, Why, When and How. Here is a quick primer on how this applies to initiating software projects:

Functional Requirements:
WHAT must the software do?
These are the “Must Haves.” Come up with a list of 5 – 10 bullet points that enumerate what the software must do to be successful. If the list gets longer than this, the project should probably be broken into smaller iterations.

WHY is it important?
These are the “Must NOT Haves.” Summarize 3 – 5 problems (as reported by the users) that will be addressed by this software. Are there things they can’t do that they need to accomplish?  Are there things that are harder than they should be?  Are their customers complaining about issues or missing functionality?

Resource requirements:
WHO is required to be successful?

• Developers and other technical experts
• Project managers
• Business domain experts 
• End users  and customers

WHERE will the project work be done?
Do not make assumptions about the geographic location of any resources (human or technical). Cultural differences abound across environments, organizations and people on the development and implementation side. Assumptions about any of these differences can often make or break a project.

WHEN will the software be ready for the user?
This will likely be a moving target as information changes. Start somewhere with your best guess. It’s much easier to alter project timelines as you go than to shoot for vague or unspecified targets.

Experience requirements
HOW will all these other questions and answers be integrated?
This is the last question you should ask yourself. As you review the Five W’s, you should have a clear enough view of the significant details that you can say with confidence, “This is how we should approach this problem.”

Over the next few posts, I’ll unpack these a bit and discuss how we can use basic journalistic techniques to learn what we need to know to get started. In the meantime, what questions would you add to this list? How is my approach similar (or not) to your approach?

If you’re in the Information Technology field, you’re familiar with industry certification. Some may question the neeed for certification for in-house IT professionals or consultants, but I believe there is a distinct value to working with certified professionals.

Generally, “certified professionals” refers to an organization that has achieved partner level status with the vendor. For example, to be a Microsoft Gold Partner, the company must meet certain criteria, including having multiple Microsoft certified professionals on staff. Cisco, Symantec and HP have similar programs.

Some people (like myself) are “cert” junkies with a road map of certifications planned out for the next several years; others are adamant that they add no real value to their profession. Here are three outdated myths about industry certification that I hear most often:

Myth #1: Certification doesn’t measure “real world” skills.
I hear this a lot! But don’t be fooled: vendors have made big strides in testing “real world” knowledge on their exams. For example, both Microsoft and Cisco certification exams now contain robust simulations that mimic live environments. If you can’t fix it at the console, you won’t pass.

This is essential because technology changes so fast. Certification is a vendor-specific “seal of approval” that ensures IT professionals are on top of the technology and the changes. IT professionals often seek certification in their core competencies, so certs help them build deeper expertise.  

Myth #2: Certification only benefits the vendor.
It’s no secret that vendors need to make a profit. However, they accomplish this by having the widest adoption rate of their product, not by creating certifications. To have the widest adoption rate, the product must be a cost-effective, manageable and viable solution for whatever technology need the solution fills.

I would argue that the higher saturation of a particular certification is indicative of high product adoption—so the product creates the certification not vice-versa. A larger pool of skilled individuals, via proxy of IT service providers, creates a competitive market for support options. A competitive market benefits everybody.

Myth #3: Certification = Higher support costs.
While hiring a highly skilled, credentialed IT professional to perform work may seem to cost more up front, the back end costs are ALWAYS much lower. Why?  If the planning, design and implementation phases are not done strategically or correctly, the project will inevitably generate higher costs in the long run from rework and change orders. I’ve seen many projects scrapped altogether or a complete “rip and replace” of a system that failed to get off the ground due to poor planning.

What’s your perspective on certifications for IT professionals?

The technology sector is pretty funky. It’s always morphing, always changing. The trick is to know when these changes actually mean something. It’s not so easy. Too often we hear the beating drums of change from our industry’s publicity machine. It’s weeding through the clutter and finding the real news, the real trends that can be the challenge and, in some rare cases, the opportunity.

Recently I found myself thinking about Microsoft, Apple and Google. I found myself connecting some dots, drawing some conclusions and wondering if I had developed a notion based on reality or publicity. I thought it may be interesting to throw these thoughts out here at SWC Perspectives and collect your reactions.

Arguably the strength of Microsoft lies in the fact that, through the Windows operating system, it owns the desktop. For decades over 90% of the world’s desktops have run  on Microsoft. The result has been dominance in the application market and then eventually the browser.  Ultimately, Microsoft parlayed this position into creating a “stack” of enterprise applications that, integrated together, are arguably the best value in corporate information technology.

But perhaps things are changing?

Over the last couple of years we have come to include the term “Cloud” computing within our daily vernacular. The definition of Cloud computing seems to be a moving target but there are some key principles to agree on, most notably the notion that technology, whether in the form of infrastructure or application, can be utilized from a third party, over the Internet. Frequently the first benefit to be considered is that this architecture saves the customer from investing capital in hardware, license acquisition costs and administration.

I think the cloud model is living up to its promise of creating a new approach to investing in IT. I also think, as time is moves on, that most organizations are realizing it’s relatively safe to “let go” of controlling the information technology infrastructure. “Big Brother” is not going to steal the data, capital is typically better invested in core competency operations, and the trade-off between a third-party Service Level Agreement and managing a fully staffed IT department is compelling.

But put all of this on a shelf for a second. I need to develop another argument before I can put my entire question together.

I think it is fair to say that the device market has exploded.  To be specific, when I talk about devices I’m referring to the iPhone, Android, Windows Mobile phones, Blackberry devices, etc.  You can probably lump the iPad and Netbook in there as well. And, when I say “exploded” what I mean is that today’s device is universal. It is already the PC, television, automobile of our generation. Everyone has one; it’s universal.

Today, the iPhone constitutes 25% of the smartphone market. It seems that Apple takes chunks of market share with each release of this product. Now, not unlike Google with its recent release of Android. In fact, seemingly overnight,  the Google-driven Android surpassed iPhone for market share. In both cases, what seems clear is that what is driving market growth is the application market.  Of course there are other reasons to buy an iPhone or an Android, but I wonder if this war will be won or lost by the app space?

On another front, I recently learned that Microsoft’s browser dropped below 60% of the market for the first time, while Chrome, Firefox and Safari increased users. Pretty dramatic numbers if you consider that only two years ago, Explorer accounted for over two thirds of the browser market. In point of fact, given today’s trends, Firefox is set to overtake Explorer in market share within the next quarter.

If Microsoft became today’s dominant technology player by controlling the operating system of the desktop, then what does it mean when the device market OS and browser is not Microsoft?

OK, put that question on the shelf as well.  I’ll come back to all of this.

Another thought (related to all of this) occurred to me during a recent sales call. It was one of those meetings that I imagine I’ll remember for a long time.  The account does not fit into our typical profile in that the company has roughly 25 to 30 users.  More frequently our accounts have hundreds to thousands of users. Why I was in the meeting and what compels me about the discussion is what the customer asked for.  Simply put, he said: “I don’t want hardware on my site anymore. Not a single server. And when my users need information, I want them to go to a browser.”

By the way, this is not a company I would call an “early adopter.” It’s a typical Midwestern manufacturer. I imagine the last time they had a technology architecture conversation, I was five years out of college (I won’t dignify this with a date).  But think about that. For a manufacturer, which almost always has at least a handful of proprietary applications along with the usual productivity stuff (i.e., Microsoft Office) this is saying A LOT.

One more statistic to consider before I ask the big questions.

So far the Apple App Store has seen 228,458 applications published in the United States alone.  Every day another 59 join the ranks.

Now for the big questions.

Ask yourself (provided the context of my piece) how you would pull off my client’s request.   Then ask yourself how you may be able to do this in six months or one year?

Ask yourself, if I’m starting a company today – from scratch – how do I setup my technology systems?

Ask yourself, if I’m creating an industry-based application (like the ones my manufacturing client uses), how do I develop it and for what environments?

OK, now take everything off the shelf and look at it. What does the future look like?  I’m not kidding. That’s my question. Is the market really in a state shift? If so, how does this affect us – the customers, the publishers, the integrators? I have my thoughts (which by the way I have conveniently stayed away from in this piece). But I am very interested in what you have to say. Please let me know – respond to this post with a comment.  Pass this article to a friend and let him or her post a comment.

I want to know what we all think!

When I’m not architecting business intelligence solutions or working in the garden with my inquisitive 3 year old, I find time to watch “Deadliest Catch”.  I always have 3 or 4 episodes queued up on the DVR on any given day. I rather enjoy doing my homework while the briny episodes unfold on the LCD.  It could be worse.  Especially if my wife has episodes of Oprah to catch up on!  Yikes. 

One thing I’ve noticed since becoming a DC fan is that all the captains make most of their decisions from the gut.  These decisions include deciding where to fish, how long to fish an area, when to increase the bait in the pots, when to ask the crew to pull long shifts, and when to stop the current plan and start over with a new plan.   How are these decisions/plans arrived at?  The show gives some insight into the decision making process but for the most part we are led to believe that all the decisions are made at the whimsy’s of the curmudgeon captains and their vast years of fishing experience.  This gave me pause the other night.  Could this gut feel decision making approach be a metaphor for some decision makers in the mid-market?

I find there is a parallel between this gut approach on the show and many of our prospects in the business intelligence mid-market.  There are countless small businesses that have become successful by having leaders who can make good decisions based on wisdom and a little bit of luck.  There are also countess examples of small and even large organizations that failed because rash decisions were made.  Our job entails meeting these decision makers, and convincing them that fact-based decisions derived from information can be a good thing!     Every organization has access to data.  Turning that raw data into actionable information is what gets me exited and keeps me coming back each day for new and interesting challenges.  I rather enjoy the warm comfortable feeling of making decisions based on information.  When I buy something at the store I know my money is good because I checked my checking account balance from my blackberry earlier.  I don’t make purchases based on my recollection of the balance from a week ago.  Not good and usually not correct! 

I wonder what the captains on DC would think if I parked myself and my laptop in their wheel house for week or two?  I can see the dashboards and reports I would create. Perhaps I could convince Sig Hansen to let me pear into his decision process and formulate some analysis assets to help him get the crab!  Maybe a trend report that shows average pounds of crap per pot.  Or a deck hand scorecard that shows: avg hours without  sleep, count of employee injuries per string, Avg pounds per pot, Median sort duration per string, Running pounds of crap caught, forecasted profit share, and remaining units of bait.  I could go on and on…   

I don’t know if we’ll ever see SQL Server Analysis Services running on the computers of the Alaskan crab fleet, but I feel convinced that cube based information would make them all better captains.  Of course, taking away risk and unknowns from the decision making process might not make for good TV.  I’m certain it would put more cash in the pockets of the captains and crews. 

Anyone hungry for Maggiano’s and Business Intelligence? 

I will present business intelligence in a luncheon format at Maggiano’s in Oak Brook IL on May 21 from 12-1:30PM.  The topic will be:  “SWC LUNCH & LEARN – Building Better Dashboards with Microsoft 2010”  If you haven’t signed up already, I highly suggest you do so.  We’re very excited about our 2010 BI vision and look forward to demonstrating this vision at the luncheon. We hope you can join us!

The Era of Convergence. Wow…that sounds scary. But as even the most casual technology enthusiast will admit that this is the environment we live in.  DVD players with wireless Ethernet that allows streaming of content; telephones are no longer “telephones” but mobile devices, digital music players, cameras, PDAs, etc. and the list goes on.  It’s hard to identify an area of technology that has not been affected by the ever increasing synergy that a wired (and wireless) society affords.

It’s exciting, but in a corporate environment, there can be unexpected side effects and even contentious situations when making technology paradigm shifts. A perfect example is moving away from traditional telephony (PBX) to voice-over-IP (VoIP) systems. Historically, an organization likely had one group managing their telephony and one group managing IT. With the introduction of VoIP, we now have a shift away from dedicated copper for phone lines to, potentially, running the desk phones over the existing corporate LAN.  (Can you say, “convergence”?)  Politically speaking who owns it?  Does the legacy telephone group understand the new technology?  Do you invest in training dollars to get their skills on par?  Or is it done the other way around: will the IT department now take responsibility for the phone system? (Because, you know, IT people have so much free time on their hands.) Which leads us to an interesting conclusion:

Technology adoption + convergence = drama
Why, you may ask, does this all add up to drama? Most commonly, people fear change or feel threatened (“Will I have a job?”) or sometimes both. In the case of our transition to a VoIP system, if the IT department takes responsibility for this, the telephony group may feel as if their responsibilities are being diminished; they may worry about what the next wave of changes may mean for their jobs. If you manage groups of people and are moving ahead with or just considering new technology adoption, it’s important to consider the political boundaries that might be crossed.  

Here are 3 pointers to help ensure a successful adoption across the board:

Recognize key players in your organization.  Every organization stands to benefit from the unique perspective and wealth of knowledge senior members possess.  Leverage their insight as a means of implementing change. Getting to know your people will also let you know when ”toe stepping” is going to occur. Most people understand that technology can and does change, and that the only way to survive is to adapt; they deserve the opportunity to understand the trajectory and hop on board.

When considering technology strategy, don’t “over hire.”  Just because you have adopted a new technology, don’t assume you need a full-time subject matter expert (SME) to manage this domain. You may be able to leverage an outside consultant to oversee deployment and execution; in most cases, this is the only way to get the needed expertise within budget. For long-term support, supplement your current staff with additional training and maintain a relationship (and budget) with your specialist consultant for issues that are beyond the expertise of your staff.  

Be thorough and take your time.  Just because something “new and improved” comes along, don’t minimize the impact it will have on your people.  If they are not able to leverage the technology, it will frustrate them and your business will not benefit. Creating a technology road map will help prioritize and negotiate reasonable time frames for adoption. To the extent feasible, ensure that everyone in the organization knows the road map.

While there will never be a one-size-fits-all solution, you can alleviate any unnecessary “drama” by understanding your company’s culture and political boundaries, then managing your employees’ expectations accordingly. So your equation will look more like technology adoption + era of convergence = success.

Microsoft has announced that the official launch date for Office 2010 and SharePoint 2010 is May 12. It will be called the Future of Productivity. After using Office 2010 (beta, release candidate, release to manufacturer) fully integrated with other core Microsoft Stack of Technologies (Windows 7, SharePoint 2010, Exchange 2010), I believe that it lives up to that title.

We fully integrate our personal gadgets like MP3 players, notebooks, mobile devices to emails, social networking sites and entertainment. This allows us to manage our busy schedules and coordinate with friends and family. Why shouldn’t we have the same convenience and efficiency when it comes to business collaboration and productivity? Now that Office 2010 is the enabler for other technologies, we can achieve that integration.

To commemorate the launch of Office 2010, SWC will have a luncheon on June 3; watch for more details soon or sign up now to receive an invitation. Our goal is not just to show you the exciting new features of Office 2010, but also to demonstrate how it fully integrates with the Microsoft Stack of Technologies. You’ll see for yourself how Office 2010 is truly the Future of Productivity.

Are you old enough to remember when Disney World handed out ticket books for the rides? Each ticket had a letter–A, B, C, D or E–and was valid for one ride. ”A” tickets were for the least interesting rides, while ”E” tickets were for the best, most exciting rides like Space Mountain. Of course each booklet had way more ”A” tickets than “E” tickets. 

I can still picture my parents flipping through our ticket books, counting how may E’s we had left.  Should we ride Space Mountain again? Or wait to see if the line for Pirates of the Caribbean would go down? At the end of the day, we would ride the horse-drawn streetcar up and down Main Street several times. We always had B tickets to burn.

They got rid of those tickets a long time ago (1982 according to Wikipedia), but I still remember what it felt like the first time I realized I could ride Space Mountain as many times as I wanted. As a roller coaster-loving 11-year-old, it was pure joy.  I remember standing in line with my brother for our umpteenth blast-off and talking about what a great idea it was to get rid of tickets. “Why didn’t they do this sooner?” I wondered aloud. “It makes so much sense to let people ride the rides they want to ride when they want to ride them.”

I was a real philosopher, huh?

What I couldn’t have understood at the time was that keeping tens of thousands of visitors fairly evenly disbursed across a park of that size is a logistical nightmare. The simplest solution is to give people limited access to the best rides. In other words, force the guests to use the park in a way that works best for Disney.

The lettered ticket system was replaced by an intricate system of electronic passes and limited-availability tickets.  I can’t begin to imagine how complex the system was to develop. But it works; it’s fairly amazing, actually. And I still get to ride Space Mountain as much as I want.

In my experience with software projects, I too often find myself tempted to take the B-Ticket approach. I want to avoid the complexities of giving a user the experience they want. At times, it’s a budget concern. Other times, there are technical issues. 

The more I design software, the more I find myself wanting to create systems that operate on a human scale. Ultimately, software must work for people; not the other way around! To create a useful tool, the user’s desires must be the primary concern whenever possible. In the real world, technical hurdles and budget constraints sometimes force us to compromise. If the user’s ideal solution isn’t viable, the compromise must be just that–a compromise.

A solution should be crafted that finds the closest fit to the user’s ideal rather than the easiest for the developer. People want to ride Space Mountain, not the Mike Fink Keel Boats. Herding people where they don’t want to go may address overcrowding.  But the rides exist for the riders, not the other way around.

In this blog, I’ll be tossing out thoughts about how to write software that operates on a human scale. Please post your own thoughts and comments. There are as many ways to solve software problems as there are users. The more conversation we get going, the more we’ll all benefit. And the more our users will benefit.

Incidentally, if you happen to be a great lover of Mike Fink Keel Boats, please accept my apology for my flippant disregard.  Ride them to your heart’s content. That means one less person in front of me at Space Mountain.

My wife is a notoriously bad cook. I have been married for fifteen years and I love my wife–but it’s not because of her cooking. The truth is that she simply hates the entire process. If I walk into the kitchen and she is doing anything more than pulling some fruit from the refrigerator, I turn around and walk out as fast as I can.

Over the years I have tried to come to grips with my wife’s disability. It’s a little bit like the five stages of grief.  First there is denial: “Her cooking is really not that bad.” Then anger:  “You’re kidding me!” Then bargaining: “How about we go out to eat tonight, then shopping!”  Then there’s depression and finally,  acceptance. I haven’t gotten there yet.

Today, as the father of growing children, I find myself in sympathetic company, particularly with my teenage sons.   It’s shocking  how much food a teenage boy can eat. Maybe even more impressive is how fundamentally important food is to a teenager. There are moments, if I catch them at the wrong time, when they are really hungry, that I know my life hinges on how fast I can get them to something edible.

Last night turned out to be one of these near death experiences. I was driving home from work when my wife called.

“Can you pick up the boys from practice?”

“Sure,” I said.

“Pick up the baseball player first, then the swimmer,” she said.

“No problem,” I lied, knowing that this will take me from one side of town all the way to the other. During rush hour.

“Oh, and I made dinner tonight,” she said.

“What did you make,” I asked.  My toes curled as I waited for her response.

“Stuffed peppers!” she said cheerfully.

“Great! That sounds great. See you soon,” I said, wondering how in the world I was going to sell stuffed peppers to our teenagers. 

At the baseball field, my son jumped into the car.

“I’m dying!”  he barked. “I need to go to Portillo’s.”

I try and sell the stuffed peppers. I fail miserably. We drive to the other side of town and pick up my oldest son. I try and pitch the stuffed peppers again.

“Stuffed peppers?” he said, his voice mixed with disbelief and disrespect.

The ride home was littered with complaints, wild arm motions and desperate pleading to save them from Mom’s dreaded stuffed peppers. I had two choices: either feed my kids at a local drive-through and risk the wrath of my wife or put two savagely hungry teenage sons in front of the mystery peppers and make my wife happy. It was a classic no-win situation.

Every day I find parallels between business and life. How many times have all of us been faced with “no-win” situations in business? In IT consulting, it happens at the drop of a dime. Somewhere between the complexities of technology, the dynamics of mid-market operations and the flaws of humanity is a formula for chaos.   Misunderstandings can litter our everyday dialogue and put us in compromised positions every day. How we deal with these situations can be as important, if not more important, than the situations themselves.

To find the right solution, people often use the skills, tactics and strategies that are most familiar to them personally–even though that may not be the best approach to every situation. That’s why it’s important for IT consultants to think of situations from other perspectives beyond their own and ask, how would Bob solve this challenge? What would Stuart say if he were in this situation? By viewing the challenge from the prism of another, we may find a winning solution, even in so-called “no-win” situations.

In the case of the crazy teenagers vs. the stuffed peppers, I was tired and desperate, but I did manage to work a little magic and find a solution that made everyone happy. But as I sat at the dinner table with my family, I realized two things: my wife had cooked the best meal of our marriage and my sons needed to work on their table manners.