Thursday, 31 July 2008

Architects - why are there so many and why are we reverse engineering a solution?

IT has a horrendous reputation in the Bank and I don't blame them. We are delivering solutions that do not meet the Bank's needs - cool (best of breed) technology is not a need, but a want. There are 3 teams of architects in the Bank: Enterprise, Solution and Infrastructure.

The Bank wants to make sure that it is the Infrastructure Architects that get to draw up the evaluation criteria. Shouldn't the process start at the Enterprise level and filter down through the project lifecycle?

The process as I see it should be:
a) Identify business need
b) Evaluate and document requirements
c) Engage with the Solution Architects
d) Business, Enterprise and Solution Architecture develop conceptual solution
e) Conceptual solution implementation tender created
f) Choose aligned Technology that meets needs, not infrastructure wants.
g) Build solution

Now, I am not saying that the Infrastructure Architects are not needed, but just that it is funny that they are driving a solution that we will need to do again in a few years and Business will shout again and reduce our performance appraisal score because we are not delivering the right solutions?

Infrastructure and a specialist skill and it is very important, but following a good enterprise architecture and ensuring that Solutions align with that architecture will mean that the job of the Infrastructure team will be made easier.

Wednesday, 30 July 2008

Performance Appraisals lead to mediocrity!

Performance appraisals are a pain. They encourage people to do just what is required of them as it is easy to get the 3 out of 5, but as soon as you reckon that you have done more than the norm and really excelled:
a) the organisation doesn't have an exact definition for the level you are trying to motivate that you are operating at and then it all becomes subjective.
b) no one gets a 5, ever, only the people who really shoot the lights out and that doesn't happen and no we can't tell you what shooting the lights out mean.
c) as the ratee you need to fight for your score, present a body of evidence (I don't really know what that means - should you present a body of your damager's enemy?) and fight in front of a board for what you have been doing and they liked and "encourage" in their employees.

I end up thinking is this worth the effort? If put in the extra effort, work the extra time and take on the additional responsibility and they make me fight like this to be acknowledged formally for it then what the f***! Why bother and then in the next cycle am I going to go to the extra effort?

Or worse, you do really well and are (by a slim chance) recognised and acknowledged but you didn't submit your time sheets in time and we needed to score you down for that. Why bother and then in the next cycle am I going to go to the extra effort?

Hmm, I wonder what Nikon kit I can buy on a mediocre increase and bonus?

Tuesday, 22 July 2008

Weekend of good food

This last weekend I had an awesome time in the kitchen. I have a hankering for making up recipes and experimenting with recipes. The weekend yielded preserved oranges, awesome custard tarts, the worst sushi I have made so far and the best gnocchi that I have made so far.

On Friday afternoon I preserved oranges using a recipe from the book "Preserved". The recipe itself is really simple, but I found that I needed more syrup to properly cover the oranges in my containers. Next time I'll make more and worst comes to worst use it to flavour a pudding at a later date.

I also made a fantastic baked custard tart from scratch. I really must start keeping a proper food journal instead of winging with recipes all the time, when I find something that works, I must write it down!

Thursday, 17 July 2008

I am going to the OLYMPICS!

I am going to Beijing to see the Olympics! I entered a local radio competition for an all expenses trip to see various events and some tourist stuff too!

Claire and I will be watching some rowing, athletics (incl: men's 100m final), beach volleyball and going to the forbidden city, great wall and some markets! I am so happy I almost can't believe it!

Long live Highveld and Coco-Cola!

Friday, 11 July 2008

PIX prize arrives

I got my Canon Ixus 80 IS today from the PIX competition that I won. It is a great looking little device, I got the chocolate colour, but it is so limiting compared to the D80!

It takes really good pictures, but I can't take command like on the D80 and I end up feeling frustated. I know that it is not a "pro" camera and I guess that I am used to the Nikon. I will concede that it does take some macro pics. I am lacking a macro lens for the D80 and the Canon will be my macro tool for a while.

Monday, 07 July 2008

PIX Magazine Competition Winner = Forrester

I won! I entered a photo competition run by PIX Magazine with the above photo and I have won a Canon Ixus 80 IS. The theme of the competition was Abstract. I took this photo just a few days after I got my Nikon D80 and I was fiddling with the settings and in this photo's case, the manual focus.

I am most chuffed, am off to go buy a copy of the magazine and see my name in print. In fact two copies, my Gran is going to love seeing my name in print.

Popcorn Flavoured Jelly Beans

On Friday night Claire and I went to go watch Hancock at the Monte Casino and this provided several interesting things...
  1. Numetro's online ticketing system doubled book the same set of seats about 6 times and this has proved the small indian mom protecting her kids is in deed stronger and more dangerous than the 7ft body builder trying to impress this mates.
  2. Hancock was a great movie. We really enjoyed it.
  3. Popcorn flavoured jelly beans (buttered popcorn on top of it) are disgusting! Full stop. End of argument.

Thursday, 03 July 2008

ISG Africa July meeting

I attended a very good get together of the ISG Africa Security forum today, the topics were around PCI DSS, PPI (Protection of Private Information) Bill, XSS and Client side web application security.

The PPI was the most interesting for me as it has MAMMOTH implications for anyone storing and using any information on anyone (natural or juristic). "Use" is defined in much the same way as the iron as can be said to have a high iron content, ie: is all pervasive by design.

I'll type up my notes and post them tomorrow, in the mean time think about this scenario post enactment: An organisation (irrespective of size) must be able to tell a customer where they got the customer's information, what they have used it for and who had access to it and when they are finished using it for its intended purpose, it must be destroyed.

Wednesday, 02 July 2008

Biometrics ISO Standard released for use in the Financial Industry

The International Organization for Standardization (ISO) has established a standard security framework, ISO 19092:2008, for the use of biometric authentication of individuals in the financial services industry.

This will be interesting to keep an eye on, especially the adoption of the standard by Banks on customer facing systems.

FNB used to offer a digitag with its internet banking, but stopped the issuing the device as the take up was so poor. I personally though it was a great implementation of a second factor authentication. SA Banks seem to have settle on a one time pin delivered via SMS to your cellphone for that added layer of security, but sim swaps and the like for me only make it a half an extra factor.

People just don't seem that keen for the hassle of keeping themselves secure.

More info here.