Tag: work
User requirement gathering
Sometimes, when dealing with our stakeholders, we get into conversations that I like to paraphrase thusly:
I want something. but I leave it to other people to figure out what I want.
And make it purple. Cause that has more rams. More rams are better.
It’s my project, but don’t expect me to make decisions about it.
It needs to do everything I want, just how I want it.
But I’m not going to tell you how I want it to be done. Cause that’s private.
And if it doesn’t work, it’s your fault. Why can’t you just do it.
I need it yesterday.
:)
View out of my office window
Failure is always an option
If the Empire in Star Wars Had Big Data…
…the Empire would have won. A search of records would have revealed where Luke Skywalker was living on Tatooine. A more efficient collection and aggregation of Jawa records would have located the droids immediately. Simple data analysis would have revealed that Ben Kenobi was really Obi Wan Kenobi. A search of birth records would have revealed that Princess Leia was Luke’s sister. Had the Empire had anything like the NSA, it would have had all the data it needed, and it could have swept up the droids and everyone else, and that would have been that.
There is an important lesson to be learned from Star Wars: If you are trying to establish and maintain a ruthless Empire, you can greatly benefit from better data aggregation and analysis.
The Empire also could have benefited from a better knowledge of data security:
1. Key hardware and controls should be secured in a locked area. The controls to the Death Star tractor beam should have been located in a less open location.
2. Strong authentication is essential. Any droid shouldn’t be able to plug right in and access all data on the Death Star. For example, had two-factor authentication been used, the rebellion would have been crushed in the trash compactor.
3. Good data breach response is essential. A better response to the improper accessing of the plans to the Death Star might have averted catastrophe for the Empire.
4. Encryption should be used to protect important data. Encrypting the plans to the Death Star would have been a wise thing to do.
Unfortunately for the Empire, its understanding of data was poor. Had the Empire conducted routine risk analysis, invested adequately in its security program, performed annual training of key personnel, and otherwise maintained reasonable administrative, physical, and technical controls, the problems could have been averted, and the Empire would have won.
Star Wars is essentially a movie about data breach response — one that failed rather miserably. With all due respect to all the hard work and late nights that Darth Vader spent responding to the breach, the breach could have been averted, and the response would have been effective had the Empire employed experts on the use and protection of data.
The Rebel Alliance certainly didn’t win by being more savvy. Obi Wan Kenobi needed to learn better techniques of data de-identification. Most experts will advise you that if you want to hide someone as important as the son of Anakin Skywalker, you shouldn’t have him use the Skywalker last name. With all due respect, if Obi Wan Kenobi wants to go into hiding, the name Ben Kenobi is a rather poor attempt at cloaking his identity.
The ultimate lesson in all this is that it isn’t enough to use light sabers and the Force, battleships and blasters, and an endless supply of storm troopers. It’s knowledge about data that is key. Darth Vader and Obi Wan Kenobi should both have been fired and replaced with privacy and security professionals!
Respect the planning phase
Coding style and standards
The bit about the “corporate lawyer using a phone autocorrect that only knows excel macros* is now officially my favourite put-down.
Going to be an interesting day
My allergy meds are making me a bit loopy today.
First, there was the daily stand-up meeting where I interrupted a colleague like so:
him: yesterday, Brazil
him: today, FCS
me: TOMORROW, THE WORLD!!!!
Then there was this, that made me laugh out loud in the middle of the open-plan office space:
Fear me, for I am doped up on allergy meds.