Posts

Work Holistically

ITSM best practice frequently suggests working holistically.   This is particularly true when defining a strategy and architecting a design solution but when you think about it, this holistic viewpoint should permeate every investment, improvement, and action in the entire value stream from thought to end of life for every service or product deployed.
At a high level thinking holistically involves looking at things from a people process technology perspective but cannot leave out our partners and suppliers.  No service, process, or functional team stands alone.   Changing one element of a complex system will impact others.  This is a real challenge because no one team can know everything about all aspects of the system.  Therefore, working holistically requires a balance between specialization (functions and departments) and the coordination of complex integrated process activities.  It is only then do we get a clear picture of the lifecycle of a service and any hope of managing it eff…

DevOps Testing – Do it Right

One of the key principles of DevOps stresses that we need to fail and fail fast.   A key part that frequently gets omitted.  That key element of the principle is that we fail fast so that we can LEARN. When we learn it is always best to act and to share.   In the spirit of learning and sharing here are some consequences of not performing DevOps testing properly that might help to mitigate some of your challenges.
Consequences of NOT doing DevOps testing properly – challenges and thoughts
Culture Conflict Culture Conflict can exist between business leaders, developers, QA testers, infrastructure/tools staff, operations staff or any stakeholder in the entire value stream. When there are unclear roles and responsibilities for the testing of a new or changed service or product, a friction begins.  This friction propagates conflict.  Be aware.  Make management of organizational change a priority.
Test Escapes (False Positive)               False Positive Test Escapes occur when the DevOps testi…

Cyber and DDOS – What is it?

We saw in a recent blog from “The Professor” how cybercriminals could create a network of controlled computers to propagate a “BotNet”.   One of the malicious reasons for these powerful networks of control is so that the hacker can perform “Distributed Network Attacks” (DDA’s). We all have experienced this at some level and the outcome is not good for enterprise, corporations, or businesses of any size.  DDA’s create disruption even to our own home operations.  

A DDA is sometimes referred to as a Distributed Denial of Service or DDOS attack.  This virus or network of virus’s attacks behind the scenes to take over system resources.  A DDOS could attack switches, hubs, routers. It sometimes will flood the network backbone with nuisance transactions with the intention of sucking up all the bandwidth that might otherwise be necessary for day to day operations. DDOS can bring to a screeching halt the web sites for processing claims, or even shopping cart interfaces for the purchasing of pr…

Portfolio Management & BRM

The purpose of Portfolio Management, when applied to Provider investments (especially, IT investments), is a central mechanism to an overall Value Management approach by making investment allocation explicit against strategic choices such as how much to invest in potentially high value, but usually risky initiatives versus safe but low-value activities.
The Service Portfolio represents the complete set of services that are managed by the service Provider.  It is used to manage the entire lifecycle of all services and is defined by three categories of services.  The service pipeline represents service that is under consideration (purposed) or those that are currently in development but are not yet ready for deployment or consumption by the business partners. The next category is the service catalog which represents all live services or services that are available for deployment to the business partners. The final category is retired services.  This represents the services that are curr…

DevOps Test Engineer Question…What is the difference between Static Testing and Dynamic Testing for Continuous Deployment?

Every organization that delivers products or services will need to shift their ideas for how they plan, build, test and deploy a service that is resilient and for one that truly delivers value for both customers and the internal business.  Continuous Integration, Continuous Delivery, and Continuous deployment are all supported by Continuous testing.    Continuous anything will not be assured of success without Continuous Testing.   Continuous testing is the process of executing automated tests as part of the software delivery pipeline to obtain immediate feedback on the business risks associated with a software release candidate. Shifting left ensures that the test takes place early, up front in the pipeline of delivery, NOT after the development.  Testing after development is too late because then we do not have the time, money or resources available to re-engineer, re-design or to re-develop appropriately.   When we test after the development of an application the best we can do wit…

Business–Provider Alignment Model

The purpose of the (IT) Service Provider is to serve the needs of the business.  This is carried out by providing services to the business which are then engaged to provide some form of value to both the business and the Service Provider. Often the value delivered is less than optimal because the Service Provider and the business have different perspectives, culture goals, objectives, and incentives.
The Business-Provider Alignment Model (BPAM) provides a framework for being able to analyze and understand these differences between the provider and its business partners. By engaging the BPAM we can begin to surface dialog about the relationship between the provider and the business and begin constructive discussions about the partnership that needs to be created. It does this by allowing each party to exam the four key elements of alignment – business environment within which the business operates, strategic context for the business, provider strategy and the provider portfolio of inves…

What is a Botnet - Why do I care?

Today every business is an internet business.  The performance of any business is directly related to the capability and performance of IT.  Therefore, we must all take cyber security seriously.  
Let’s start with a botnet by breaking down the word itself.  The first syllable, “bot” is short for robot. The second syllable “net” is from the word network.  A botnet is formed when a hacker writes a computer program that will breach security on a single computer.  It does not stop there.  This computer program called a virus has the capability to take over that computer that it just hacked into. It does not stop there either because this is not good enough for the cybercriminal.  With a botnet, the virus will move from one computer to another, take control of each and then connect all of the disparate computers into a powerful system or network of control.  This is known as a botnet.
Cyber criminals are control freaks.  They will sometimes create a virus that controls thousands or even mil…

Search This Blog