New version: Harden the assets. Guard the perimeter, too
Back in the day, thwarting security threats mostly meant timing out CICS sessions so hackers couldn’t dial in and inherit them. Then came PCs, distributed systems, the Internet, and lots more threats. We responded by locking down desktops and guarding the perimeter with increasingly sophisticated firewalls.
Many still think the best countermeasure is to lock everything down and not let anyone be creative. But businesses live and die on innovation, and innovation means more than new products to sell. It means creative thinking, and the implementation of that thinking, everywhere in the business.
These days we should spend more time hardening the assets than the perimeter, and even more time actively supporting users, because the biggest threat is a workforce that isn’t allowed to innovate.
Testing software means more than just putting code into production and seeing what happens
Old version: Maintain three environments — dev, test, prod
New version: Move a lot of testing to the cloud
Regression and stress testing separate the pros from the amateurs. They always have, and they still do. Regression testing makes sure new stuff doesn’t break old stuff. Stress testing makes sure everything will perform well enough when everyone starts banging away at it.
IT, being professional, maintained at least three environments -- development, test, and production. That meant buying three of everything. And maintaining them, too. Ouch!
Now, even when you maintain your own data center, spinning up a test environment in the cloud often makes more sense because you only have to pay for it while you need it. Depending on your production environment it can work quite well for regression testing, too.
Stress testing? Not yet. Too many variables, at least for the time being.
Control changes to the production environment
Old version: A formal change control process
New version: A formal change control process
We’re long past the days when developers could just slam their new code into production. There’s a process to go through. Nobody actually likes the process, but it isn’t about liking the process. It’s about making sure the change doesn’t disrupt production, and if it does disrupt production, it’s about making sure there’s a back-out plan.
Think the cloud changes things? It does. It makes change control harder because now, if you aren’t careful about how you manage your cloud providers, they just might slam their changes into production without going through your process.
It is, after all, their infrastructure.
Waterfall ought to work, but agile actually does
Old version: Informal back-and-forth between biz managers and programmers
New version: Scrum: Informal back-and-forth between biz managers and programmers, only with a book of rules to follow
Sign up for CIO Asia eNewsletters.