Great landing, wrong airport

I read this phrase a while ago and it got to me. It fitted the projects I was working on. <Enter attentional bias>.  These organisations I was working with were building great solutions (technically). Unfortunately, not always what their customers were expecting. It confirmed for me that Systems Thinking is really important. Combined with some new insights from behavioural sciences, you will land at the right airport.

Small side confession: reading this phrase triggered two things in me.  

• A memory of that time I planned a fun getaway to Mallorca with a friend but ended up at the wrong ‘Weeze airport’. Which made me think of changing this title to “Great holiday plan, wrong airport”. 
• The realisation that this phrase beautifully articulates the million-dollar question: ‘Which problem are we actually solving with this solution?’  

Although the story of the first is – in hindsight – brilliant, I’ll focus on the second one in this post.  

In a previous blog we talked about secure deployment. Secrets management is an important part of that. So what does that mean? In this blog we’ll give some pointers on how to do secrets management well in the perspective of a secure deployment. It’s easy to start saying “use tool X to store the secret” or “have all these detection tools in place!”, but that would lead to blind spots. Instead, let’s take a look at some pointers that would help you increase secret security holistically.

A desire to improve. Each organization I have met is searching for new ways to do better. A higher quality of their product. Optimize their process to deliver software quicker. A caveat however is that organizations are typically focused on technology. Learning new skills, introducing new tools. Yes, they have their benefits. They can make your product better or improve the process. However, if you are solely focusing on the technology you only reap part of the benefits. In worst case you are even actively harm the organization. 

A data-platform is nothing more than a normal (cloud) platform with some additional functionality on top to make it specific to the requirements of the data domain. Instead of the applications that run on a “normal” platform like (web)services and front-ends it runs ELTs/ETLs and data applications. 

Social media has been blamed for locking people in a bubble, only showing them news that is in line with their beliefs. This divides society into different groups that have almost nothing in common. People read what they think they want to read, never seeing a different opinion. At the same time governments and influencers have started to call for filtering. Facebook would have to filter out lies and fake news, so we all see the truth only. The problem with the filter approach is that it will cause opinions to drift toward some bottom line truisms we can all agree on. If we start fining social media for violations, the companies will get more and more conservative, and we’ll end up in a boring world. Like having a perpetually overcast sky and an eternal drizzle. Grey goo everywhere.

This is not what we need. What we need is to be confronted with opinions that differ from what we think is right. So we (i.e. Albert Brand, Arjan Molenaar and myself) started a one-day research project at Xebia, inspired by a feature of my favorite Dutch newspaper, NRC. The feature is called Twistgesprek. The format is that two people discuss a statement during the week. Their conversation is summarized and published in the Saturday paper as a back-and-forth of messages. Quite often I start with a strong opinion about the subject being discussed, but end up with a more thorough understanding of its nuances because of the discussion. Having your convictions challenged and modified is a wonderful gift.
So, the idea was to show people ideas that directly contradict each other.
more

AWS (Amazon Web Services) offers a pretty neat NoSQL database called DynamoDB. It is fast and it can scale, what more can you wish for? The thing is, as a developer you are still responsible for designing your tables in such a way, that you actually make appropriate use of the benefits DynamoDB has to offer. If you simply apply your knowledge gained using other databases, you might end up wasting money and performance.

Many organisations have a new ambition to become a data-driven organisation. In essence, this means the organisation wants to make better business decisions based on insights provided by data [4]. Data itself is not able to advise a business for better decision-making. Therefore these organisations introduce a new capability: Data & Analytics. 
This blog elaborates on how adopting DevOps principles can enhance business value creation for the world of Data & Analytics.

When we run our software, we obviously want to see and understand what is happening and how well our software performs. To achieve this, we need observability as a key characteristic for our software. Observability is a measure of how well internal states of a system can be inferred from knowledge of its external outputs. This definition, borrowed from control theory, infers that metrics, tracing, and logging are key topics to be implemented in your software system.

Two of these pillars, metrics and tracing, are also of great importance to allow yourself to paint the complete picture. In this blog post, I will focus on getting the most benefits from your logging.

We all know that the hardening of a system or implementing 2FA does not magically improves the security of an organisation. For a successful implementation of IAM, PKI a holistic approach is needed. Also for the successful improvement of security in your organisation, a holistic approach is needed. Implementing and improving security demands your approach to cover both people, process and technology.

This blog provides you with a mental model on how to change behavior of people and how to change the culture of an organisation. To change the culture of your organisation you need to change the structures and lead by example. And there is more to it, why this works in changing the behavior of individual persons. 

I also highlight material to facilitate a workshop that helps you in making the mental models behind the behavior of people explicit.

Here we are. A fresh new year is beginning. Hopefully you were able to take a rest during the Christmas break. Typically, this period offers room for reflection. To not only think about what has happened, but also about what is yet to come. So, have you been making plans for 2021? And if so, have you thought about the execution?