March 29, 2013

Straight talk on security gets employees to listen -- and comply
"Compliance is necessary, but it's not sufficient," says Malcolm Harkins, vice president and chief information security officer at Intel. Harkins' goal is to get employees to go beyond compliance toward full commitment to protecting the company's information. "If they're committed to doing the right thing and protecting the company, and if they're provided with the right information, [then] they'll make reasonable risk decisions."

Build Simple Web UIs with the Nancy Framework
According to the github page, the Nancy framework (NancyFx) provides the "super-duper-happy-path" -- a "lightweight, low-ceremony framework for building HTTP-based services." This is exactly what a Windows service needs for exposing a simple configuration UI. Normally, you'd plug NancyFx into ASP.NET and use it instead of Web Forms or Model-View-Controller (MVC). But NancyFx supports other hosts such as Windows Communication Foundation (WCF), and even supports the concept of "self-hosting."

New Windows 8 hardware specs hint at 7-inch tablets and a Microsoft Reader
The new guidelines relax the minimum resolution for Windows 8 devices to 1024 x 768 at a depth of 32 bits. That’s a significant change from the current guidelines, which require a minimum resolution of 1366 x 768 for a device to be certified with the Windows 8 logo. From the announcement, it appears that the new guidelines are effective immediately, but it’s likely that any new devices that use this form factor will ship along with the forthcoming Windows Blue update.

Microsoft makes good on promise, publishes list of 41K patents
"Transparency around patent ownership will help prevent gamesmanship by companies that seek to lie in wait and 'hold up' companies rather than enable a well-functioning secondary market," said Brad Smith, Microsoft's general counsel, on a blog announcing the searchable list. "[And] transparency is a prerequisite to enforceability of patent licensing pledges. Quite simply, without transparency it is impossible to determine if a company is in fact abiding by those commitments."

Our Security Models Will Never Work — No Matter What We Do
If security won’t work in the end, what is the solution? Resilience — building systems able to survive unexpected and devastating attacks — is the best answer we have right now. We need to recognize that large-scale attacks will happen, that society can survive more than we give it credit for, and that we can design systems to survive these sorts of attacks. Calling terrorism an existential threat is ridiculous in a country where more people die each month in car crashes than died in the 9/11 terrorist attacks.

8 Reasons Enterprise Architecture Programs Fail
Enterprise architecture was conceived some 25 years ago to address the increasing complexity of IT systems and their poor alignment with business goals. The same problems still exist today, amplified by the accelerating pace of technology change. Why is it that EA programs are more likely to fail than succeed? Here are eight typical failure modes, followed by recommendations on how to avoid them.

Failing. And dealing with it.
You will fail. That's the reality of trying to bring new things to life. You will fail, and may fail over and over and over. You may never succeed, actually. But, some folks are able to take that failure and get to the mantra of Principle 14, which is Failure Sucks, But Instructs. The wonderful article titled "Following Your Bliss, Right Off the Cliff" published on New York Times examines the failures and recoveries of several entrepreneurs

10 Geeky Ways to Celebrate April Fools' Day
April Fools' Day has become increasingly geeky, since the Web, cameras and other high-tech tools make it so much easier to prank people. Here's a roundup of ways to make the most of your April 1.

Don’t Plan for Perfection
we simply let the future unfold without forecasting. On the contrary, as a good manager, you must understand your costs, your revenue model and how you make money. And you’re on the hook for growing and strengthening over time. However, instead of relying on what is most often an unnatural level of precision around an unpredictable set of numbers, build the systems and processes to incorporate learning, constantly refresh forecasts and push the planning

What does a CTO do?
Amr Awadallah summarizes his findings by answering four core questions: (1) what is the CTO Mission? (2) how to measure the CTO? (3) How should the CTO split his/her time internally vs externally? then finally (4) what are the specific responsibilities of the CTO towards the main constituents inside the organization? Note that this role description is focused on pure CTOs, as opposed to CTOs whom still own the operational aspects of the engineering organization, it is also biased towards enterprise CTOs vs other domains.

Quote for the day:

"We all need lots of powerful long-range goals to help us past the short-term obstacles." -- Jim Rohn