Google Mis-step Shows Dangers of Market Dominance

Posted At : January 31, 2009 10:44 AM | Posted By : Robert Munn
Related Categories: Business,IT Governance,Security,IT Evolution

As related by various news outlets, Google today experienced a one hour outage because an employee inadvertently marked the entire Internet as "malware". While the immediate story may be the inconvenience to users everywhere who were unable to use the Google search engine to view web sites during the outage, the bigger - and far more troubling - issue is the power a single company has over such a central component of the Internet, and how that power, in the wrong hands, could lead (intentionally or otherwise) to Very Bad Things happening on the Internet.

 How many people were aware, prior to today, that a single Google employee could label the entire Internet malware with such ease - or at all, for that matter? If there are such poor controls in place at Google that something so damaging could be done by accident, what kind of damage could malicious employees or hackers do on purpose? 

This issues raises the very real and very worrying prospect of the potential for corruption at Google and other companies with such market power. Want to get ahead of your competitors? Forget about buying ads, that's too expensive. Why not try to bribe a Google engineer to finess your search ranking to the top? Is that possible? What safeguards are in place to prevent it? Does anyone outside Google know? Does anyone inside Google know? 

Lastly, this story makes me even more wary of cloud computing. Sure, cloud computing offers some very cool upside- virtually unlimited scaling, relatively simple management of applications (as system hardware and services like clustering are abstracted away from the user), and good pricing. Still, I worry about the downside - that's part of my job, after all. What happens if an employee of the cloud provider makes a mistake that removes a bunch of applications from the cloud? Who is responsible for economic losses sustained because of such a mistake? CIOs might want to read the fine print on that cloud computing contract before jumping in with both feet.

Comments (0) | Print | Send | del.icio.us | Digg It! | Linking Blogs | 340 Views

Webmaniacs keynote by Ben Forta

Posted At : May 19, 2008 7:22 AM | Posted By : Robert Munn
Related Categories: IT Governance,Programming

I'm at the Webmaniacs conference in Washington, DC today. This morning, Ben Forta gave the keynote address on ColdFusion 8, but he also gave the crowd a preview of a couple of things in store for the future of ColdFusion- a public bug tracker and a public enhancements request system complete with voting for feature requests. This is great IT governance practice and I am very glad to see Adobe adopting this model for ColdFusion, as they have with Flex already.

 

Comments (0) | Print | Send | del.icio.us | Digg It! | Linking Blogs | 368 Views

IT Ecosystems - Part IV

Posted At : June 8, 2007 4:44 PM | Posted By : Robert Munn
Related Categories: IT Governance,SOA,IT Evolution

Today I present the last part of my four-part piece on IT ecosystems. This last part deals with the human /organizational side of SOA - understanding corporate politics, building coalitions, gaining consensus, and providing governance and process to support your infrastructure.

 

4. In an ecosystem where every property has access to every process or service, where do you draw the lines about which system exposes which functionality? The nirvana of process decomposition can devolve into the ugly reality of political turf wars, with individual middle managers trying a land grab to "steal" each other's roles by incorporating functionality from one system into another.

Dave Watts:

The bigger issue I've run into isn't people trying to stake out other
people's stuff, but rather the opposite - people not being willing to
support what other people are using. If I build a system that depends on
services from three or four different organizational units, who gets blamed
when those services fail? (And they will.) There's a lot of paperwork that
goes into any serious SOA effort I've seen, involving who has to support
what, how they have to provide support, etc, etc.

Mark Kruger:

Looking around at blogs on topics like SOA and integration I think this point - interdepartmental cooperation - is missing from the discussion… "Banging heads" is rarely productive. Getting buy-in is a proactive process that requires salesmanship, collaboration, congeniality and integrity. Everyone has "spheres of influence" and a CTO may temporarily get what he or she wants by running rough shod over those carefully crafted power structures, but in winning the battle he or she will more firmly entrench such structures and quite possibly lose the war.


Rob Brooks-Bilson:

This is where governance comes in.  There are lots of vendors out there now selling solutions to help you manage that governance, but at the end of the day, a well defined Enterprise Architecture with the backing of management is necessary (I believe) to be successful.  Enterprise Architecture can be a wonderful tool for limiting the scope of turf wars.  The governance layer helps you maintain the inventory (it's more than just UDDI for web services) of what's available, where, and who's responsible for it.  You need to build a culture of reuse.  It's difficult getting people to move away from the idea of "I need to get a list of customer numbers, so I'll just write my own query to get them from the db" to the idea of "let's create a single service for retrieving this information, exposing the process through the ESB".  

When you say you want to influence people to do the right thing, that is certainly a valid approach, but it requires a heck of a lot of effort given the potential number of players in an organization.  An alternate approach is to tackle this through an Enterprise Architecture initiative.  You can involve key players from various groups, but the main person you need to influence here is the CIO/CTO.  You get them on board with the concept of EA, get their backing, and the getting everyone else to fall in line - especially when one of the goals is to better align IT with the business - should be a whole lot easier.


A good SOA effort, like any enterprise-wide initiative, requires the active, ongoing cooperation of lots of people. Like never before, IT needs to work hard in a collaborative role, both inside the IT department and in the rest of the enterprise, in order to successfully execute an SOA strategy. “Banging heads is rarely productive”, as Mark noted (in response to a comment by me about the innate urge to do just that). As Rob B. notes, a governance layer can provide the mechanism by which disagreements are settled and rules finalized. Much like governance in a change management group can ease tensions among business users, application owners, and infrastructure staff by providing clear rules about the production release of changes in IT infrastructure, SOA governance can provide a clear set of rules and a neutral forum for resolving disputes among business users, application owners, and other stakeholders.

Finally, all of these questions pertain to just a small part of current IT ecosystems. IT evolution touches phone systems, network infrastructure, desktop computers, collaboration systems, hardware infrastructure, external systems from customers to vendors – virtually every piece of technology in the modern enterprise. Successful management of an IT ecosystem is an ongoing campaign to measure the effectiveness of current systems, look for opportunities for improvement, and guard against risk. Thanks to everyone who responded to my original questions and contributed to this discussion. 

Comments (0) | Print | Send | del.icio.us | Digg It! | Linking Blogs | 846 Views
BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.