Archive

Monthly Archives: June 2010

Those People That We’re Always Looking For…

June 30, 2010
Software Projects
2 Comments

I’ve been rereading Joel Spolsky’s “Smart and Gets Things Done”.  His writing style is entertaining.  I’m not always in 100% agreement with the guy, but who ever agrees 100% with anyone right?  However, Joel has a ton of things that are smart, well thought out, and when one pays heed can really help out during the course of a software project.  Since I’ve been writing on this topic lately, I figured it would be a great idea to give this a read and maybe even add my two cents to a few of his passages.

I didn’t get very far and I had already found one bit that I wanted to elaborate on.  This part was in remark to hiring college interns and the fact that the best college students are often already good programmers.

“The good news about our field is that the really great programmers often started programming when they were ten years old.  And while everyone else their age was running around playing “soccer” (this is a game many kids who can’t program computers play that involves kicking a spherical object called a “ball” with their feet (I know, it sounds weird)), they were in their dad’s home office trying to get the Linux Kernal to compile.  Instead of chasing girls in the playground, they were getting into flamewards on Usenet about the utter depravity of programming languages that don’t implement Haskell-style stype inference.  Instead of starting a band in their garage, they were implementing a cool hack so that when their neighbor stole bandwidth over their open-access Wi-Fi point, all the images on the web appeared upside-down.  BWA HA HA HA HA!”

This got me thinking.  I’d like to find programmers who have started a band, chased the girls, played soccer, flipped the images, argued the Haskell points, compiled a Linux Kernal (or two or three), and more.  I don’t want the all exclusive nerd only programmer, because today they’re often not that useful on software projects.

When I’m looking for other developers to hire and work with I want a number of things.  The technical bits are of course important, very much so, but I want to work with developers who know about all sorts of things.  I want programmers that know why financial application development pays well and non-profit work doesn’t, I want them to know about the successes and losses of business endeavors within the software industry.  Most importantly, I want them to be personable, approachable, and interested in life beyond just hacking lines of code 24/7.  Nothing wrong with the later, but that is only helpful for about 20-40% of the time on a project.

Warren Buffet looks for the criteria of “integrity, intelligence, and energy”.  I’m curious, readers out there in reader land, when you’re looking to work with a team or hire a team member what do you look for?  What are some key indicators besides the white board coding questions and technical bits?

Security, A Rant Sort Of… and a shocker.

June 29, 2010
Cloud Speak, Azure, AWS, Meetups n' Such
2 Comments

Here’s a shocking statement for a lot of people in technology and especially outside of technology.  “Your money is at greater risk because it isn’t in a cloud.”  Here’s another shocker “Your medical information is at greater risk at your on-premises Doctor than if it were stored and protected by access control in the cloud.

Is that shocking to you?  If you aren’t shocked you probably know a lot about cloud technology.  The cloud is more secure than most of the IT Departments, physical server locations, secure Government installation, and other environments than one might imagine.

Why Am I Writing This Blog Entry?

While I was listening to Steve Riley’s talk on AWS Security I started this blog entry.  A few of the questions that were brought up made me realize how little of the physical and platform level security is actually understood.  Even though this was about AWS it also applies to Azure, Google, and other cloud environments and platforms.  After several weeks of studying Azure and several years of working with Cloud type technology at Webtrends this statement shocked me, “A bank or a medical entity wouldn’t put its data in the cloud.”*  I couldn’t help but think that someone posing this statement as a fact (even though I know that it is absolutely not a fact) is sorely misinformed about cloud computing and technology.

Well, I wanted to retort this this statement myself, but Steve handled the question as a rock star presenter would.  But I still want to elaborate on this topic.  Also check my previous blog entry “Your Cloud, My Cloud, Security in the Cloud” (* See Addendum) as I touched on this topic from the vantage point of web analytics.  What we have here is the conversation of data that truly needs to be secure.

Cloud Security – Physical

The cloud environments has physical locations all over the world.  Each of these locations are not advertised or easily located.  They are obfuscated and not listed for the reasons of security.  Once you get to one of these facilities the location has numerous physical security restrictions including; time based access codes, security cards, some have retinal scanners, and the list goes on.  In addition, many of these security methods are used concurrently with others.

In addition to this, people maintaining the cloud technology centers don’t have access to the data.  They do not even know how, nor could someone specifically tell them how to gain access to specific drives or machines that have the data of specific instances without extensive work.  That alone provides an immediate level of security, both for data and physically.  That leads me to this next point.

Data Security in the Cloud

Having data spread across virtualized storage mediums is a step into another realm of security.  For more than just security reasons data is spread across multiple storage locations.  Because of the virtualized nature of this storage the actual data is located in a number of locations that is shared among machines.  These machines are not maintained in relation to these storage points.  The storage points are tracked by the machines, in secure ways, so that only an account can access that data.  In addition to this spread of the data, the storage is actually moved from point to point on machine at various times to maintain uptime and redundancy.  Because of this it also increases the complexity in finding this data by nefarious means.

One final point of physical security for data is that each customer, has completely segmented data stored in separate virtual instances.  This separation is equivalent to two storefront businesses side by side.  They are separated by a physical wall just like the manipulation of data in the cloud.  This is important to grasp on many levels as nobody would question placing one business next to another – entire cities have existed for hundreds of years that way – so can businesses within the cloud.

Security at the Platform Level…

…I wanted to continue on this topic but I’m going to hold off.  Right now for work and personally I’m researching a number of additional security ideas within the cloud.  It includes physical, data, access control and other security principles.  I’ll have that write up for for another day, inclusive of the platform level security.

…as for now, that wraps up this semi-ranting piece.

*Addendum:

Seattle Amazon Web Services Group

June 28, 2010
Cloud Speak, AWS
Leave a Comment

If you’re into cloud technologies and such, you should swing by the Seattle AWS Group tomorrow after work.  Go sign up on the eventbrite site.  If you do go, leave a comment and I’ll be sure to introduce myself.

Here’s a blurb from the eventbrite site…

Our next meeting is on Tuesday, June 29th, 2010.

Learn how Amazon Web Services can provide efficient scale of IT infrastructure capacity to quickly meet growing business needs.

Join us to learn about the exciting world of Cloud Computing and AWS! If you are a seasoned expert or just starting out with AWS, come share discussions on your AWS experiences (good and the bad), security architectures, best practices, automation and general cloud computing ideas with other members.

For more information, please visit http://www.sawsug.com

For more information about the group check out the Seattle AWS Groups website.

Software Project Baseline

June 28, 2010
Software Projects
2 Comments

There are multiple phases to a software project.  In this blog entry I would like to talk about and discuss (please leave a comment or two) what the basic things are that a software project needs to get started and prospectively move through development and on to a successful deployment.  The following is a short list of the key items that a small software project needs to move forward.

Core Ideas and Staff

  • The core idea must be available via a readily available resource.  This could be an individual such as an analyst, a customer, or other person.  Another option would be some written definition, detailing the high level concepts of what the application could do with avenues for determining more specific functionality as the project moves forward.
  • The appropriate leadership;  project manager, application architect, application designer, or other leads need to be available and have an understanding of how the project will be accomplished from a staffing level.
  • Appropriate staffing for engineers, user design experience, and others that will do the technical work.  These individuals would preferably know what the above stated core ideas are, be in continuous contact with the key stakeholder who lays out the core ideas, and be knowledgeable in the realm of the technology that will be used to build and deploy the software.
  • Project ideology and methodology needs to be clearly defined and explained to all members of the development team, user experience, customers, and anyone involved in the project.  This needs to be done shortly after the core idea is laid out.  This aspect of the project is basically the “strategy” or “game plan” that will dictate how the day to day operations of the project are performed.  Lean Agile with a proactive vs. reactive nature, SCRUM with a high level waterfall at the executive level, and others are examples of ideology and methodology.

Technical Bits

  • A development technology stack, or at least some of the main pieces (IDE, main programming language like Java or C#) needs to be identified to focus around.  This needs to be done early enough to determine appropriate staffing skill sets, but not too early as to derail the focus on the core ideas.
  • Appropriate machines, with at least basic operational software (It could be Linux with OpenOffice, Windows 7 with Office 2010, or simply an Internet enabled device running Google SaaS Office Apps).  These devices need to be made available before the start of the project for every staff member.

Summary and Questions

These are the basic things that I could think of at a very low level.  I am trying to create this list at a very simple and basic level.  In a future entry I will extend past this to what is needed from a practices point of view in more detail, and the same for the technical bits.  I would love to get any feedback on additional items for these lists.  Please leave a comment or three and help me out if you would.

The Simple Migration to Azure

June 24, 2010
How-to, Cloud Speak, Azure
2 Comments

This is a quick entry just to show how to migrate an existing ASP.NET (or ASP.NET MVC) Web Application to Windows Azure.  Make sure you have the Azure Tools SDK installed before stepping through this, otherwise you’ll get an empty project folder and end up with web page in Visual Studio.  With your existing solution/project open in Visual Studio 2010 right click on the solution and add a new project.  You will see the dialog as shown in the image below (click for large full size image, same goes for subsequent images)

Name your project and then click on OK.  The following secondary dialog will appear.  Since you want to use one of your existing web applications leave the “Cloud Service Solution:” section empty and click OK.

You will then see the following project appear in your Visual Studio 2010 Solution.

Right click on the Roles Folder in the new project as shown below.  You will get the following options as shown;  “New Web Role Project…”, “Web Role Project in solution…”, and “New Worker Role Project…” and select the “Web Role Project in solution…”.

The following dialog will pop up with any available web applications, in my case there is a single ASP.NET Web Application that is listed.  Click OK and you now of a Windows Azure Cloud Deployable Application.  Complete a build and right click on the Cloud Deployment Project and click Publish for the next steps into the cloud.  But I’ll leave that particular exercise’s steps for another entry.

 

Shout it

Follow

Get every new post delivered to your Inbox.

Join 3,273 other followers