September 12, 2014

Jenkins and continuous delivery: Handing developers more power
Continuous delivery not only involves high-frequency iterations to improve the way software works, but also allows real-time checks to measure whether code changes are achieving specific business objectives. "Developers will have a way to provide feedback themselves to the business. A lot of developers sometimes feel that they are not impacting their company as much as they'd like. They're being asked to do things they might or might not like but they don't necessarily think they can impact the direction and success of the company," Labourey said.


CIOs ill equipped to manage the growing security threats
Security, or Information Security (InfoSec) as the more formal term, is going through a period of massive change. In recent months, the public has become keenly aware of the risks from Information Security. Public security issues at Target, UPS, Apple’s iCloud, Home Depot and the government’s Healthcare.gov website moved the security awareness front and center for the general public. When considering the reach of these companies, statistically speaking, it is highly probable that one or more of these issues has affected most in the US.


Interview with Grady Booch
So, we need to separate methodology from process, for the two are not the same. On the one hand, there was a general recognition that we needed better ways to reason about our systems and that led to this era of visual modeling languages. On the other hand, it was clear that traditional waterfall methods of the 60s and 70s were simply not right for contemporary software development, which led us to the predecessors of agile methods. Waterfall (from Wyn Royce, although even Wyn recognized the need for incrementality) begat the spiral model (from Boehm) which begat incremental and iterative approaches, which were always a part of the OOAD processes we at Rational developed.


Become a Value Creator
One way to be a good value creator: give coworkers credit where credit is due. The need to appear smart can lead managers to cast blame on others for missteps or to claim an employee's idea as their own when speaking before their bosses or boards—the kind of thing that can be terribly demotivating to the person who had the idea. "It's a tragedy when that happens," Hall said. "Somebody is trying to claim value, but in doing so, the person has destroyed value for the company by demotivating an employee. Everybody loses."


Don’t Let Internal Obstructionists Derail Your S&OP Initiative
Software industry professionals will tell you that when S&OP initiatives, Business Intelligence or Supplier Analysis or other types of technology-driven projects fail, software is very rarely the culprit. That may sound self-serving, but it’s true. People determine success. Passive Internal Obstructionists are difficult enough, but the more aggressive and outspoken type present special problems. Specifically, their positive contributions may be very visible and easily measured while the extent of the silent damage they inflict is difficult to gauge. Here are two examples:


Software testers petition to stop ISO 29119
ISO 29119-4 is proposed to codify a set of software test design techniques. According to SoftwareTestingStandard.org, "The test design techniques that are presented in this standard can be used to derive test cases that can be used to collect evidence that the requirements of each system under test have been met and/or that defects are present." The standard comprises about 25 techniques which are split into three branches, "Specification-based techniques," "Structure-based techniques" and "Experience-based techniques."


Future of the enterprise: Heavy investment in Internet of Things security
Chief information security officers (CISOs) are already seeing a change in the business environment due to IoT, as devices, networks and systems are becoming more interconnected on a daily basis -- and security must evolve as a response. The problem many CISOs will face is the need to blend approaches and solutions to cater for IoT security, and this may include securing mobile and cloud architecture, industrial control, automatons and physical security, according to Gartner.


Update your application security policy after Heartbleed
The dilemma CISOs face is ensuring code used within software projects is secure without incurring the wrath of business owners and development teams who are under pressure to deliver applications and updates on time and within tight budgets. As the threats increasingly outweigh the benefits of insecure software, security officers need to reevaluate the risks involved in using open source software and third-party components and how best to manage them. The security and quality of open source software -- two reasons enterprises choose to use these libraries and components -- is dependent on each project's developer base being large enough that any bug and fix is eventually obvious to someone.


Developing leaders: Turning life into learning
For the average leader, life is filled with an kaleidoscope of challenges that offer tremendous opportunity for learning and growth. Ordinary occurrences during a normal day at work can be as instructive as the most carefully crafted training exercise — for a leader who recognizes this — for a leader who knows how to turn life into learning. Organizations can redeploy billions of training dollars each year by focusing on helping leaders mine their regularly scheduled lives for deep insights, feedback, strategies and solutions.


Salesforce Issues Malware Warning
"This is not a vulnerability within Salesforce," the company was quick to point out. "It is malware that resides on infected computer systems and is designed to steal user log-in credentials and resides on infected customer systems." As a precaution, Salesforce customers should work with their IT security teams to ensure that their anti-malware solution is capable of detecting Dyre. If you believe your company has already been infected, you can request assistance from Salesforce by opening a security support case here, and selecting security as the product topic.



Quote for the day:

"Leadership is a dynamic process that expresses our skill, our aspirations, and our essence as human beings." -- Catherine Robinson Walker.