Author Archives: Edouard Boris

How Doctor House can help your team improving critical thinking and problem solving competencies?

14 Wednesday May 2014

Posted by in Business Continuity

Leave a comment

Tags

As I wrote in a previous post, I noticed in my career that the engineers who are making the biggest contribution aren’t necessarily the ones with the strongest specific software, architecture or mathematical skills. They need to develop a new mindset: critical thinking and problem-solving competencies.

Do not confuse ‘continuous improvement’ initially developed back in 1880 and also known as the suggestion system. http://www.answers.com/topic/employee-suggestion-systems

Toyota still uses it, but this is not a problem-solving approach. The suggestion system requires an individual to make suggestions on whatever improvement they have an idea about, whereas problem-solving requires a team.

Now, do you remember Doctor House with his team writing down the previous patient conditions and symptoms (known previous problem, known previous changes),  do you remember the House’s white board?

If you ever managed complex, huge real time information systems, you know how difficult it is to determine the actual root cause of a problem. You know, how frustrating it can be to confuse a symptom with a cause, and how difficult it is to determine with certainty the sequence of root cause(s)/causes, which have eventually triggered the problem(s).

How does problem-solving requirement translate in real life? An option is to follow the principle of differential diagnostic procedure (DDP) for Incident management.

Putting together a DDP team composed of experts in different technical and non technical fields, setting up the right DDP structure and culture, in particular a no blame policy to ensure all opinions can be expressed (Do not operate like House!). Overtime, the DDP principles and discipline will increase the troubleshooting and analytical skills of the team, it will become a mindset. Ultimately,  DDP will reduce the MTTR i.e Mid Time to Restore/Resolve.

DDP team members will vary from phase to phase but members could include Application Development, Operation Center, Performance team, Infrastructure and business function (e.g. customer facing team).

Typical script used during a DDF will be in 4 steps:

Step 1: Information gathering. The chair person will gather information on the impacted service such as timing of occurrence, symptoms of the issue, logs, and list of recent changes.

Step 2: Candidate conditions (Listing of potential root cause).

Step 3: Sequencing. The candidate conditions will be sorted by the most likely causes. Specific analysis will be requested for the most likely causes in order to rule in or out the candidate condition.

 Step 4: Fixing. Candidate condition should be mitigated and proper monitoring implemented for measuring effectiveness of the solution.

Each of the step analysis, options, solutions, and validation should be discussed by the DDF for cross challenge/validation of assumptions and solutions.

You heard about the internet of things, now keep an eye on health connected devices

28 Friday Mar 2014

Posted by in New Trends

Leave a comment

The Health devices are the next big thing in the Internet of Things.

This will not be temporary. They will be instrumented, interconnected and intelligent.

Prevention and therapeutic care will be enabled by automatic data collection.

The device will be interconnected.

Think about the potential of sharing your health data with a community to help research. Don’t you do it already when you use Social Networking services such as Waze. I know, you are thinking that sharing your position on Waze and your health condition are really different.

Some communities are already sharing health related information: for example cyclist sharing their laps time, heart bit – well yes, but this is more sport networking that Health social networking.

Now, think that it is anonymous, think that it will help accelerate medical research. Think that it will also save you money. And when I say, it will, it is actually already possible. In the UK, the private insurance company Pruhealth  is already rewarding their customers using connected health devices.

 PruHealth members with Vitality can track their activity while earning Vitality points for their workouts. You can use a wide range of fitness devices and mobile apps including their own free Vitality Active app. And you get cash back for being active. Bottom line, you are healthier and save money.

In addition, you will be able to decide how, where and with who you want to share your health data, for example caregivers, health professionals.

The health device will be intelligent, deriving insights and recommendations , and comparing your data with your target or risk levels, sending alerts when needed.

For 50% of the  health device users,  the motivation is driven by an existing health condition. This will change for prevention, and encourage physical activity.

The question is: who will win the ecosystem battle. Will the health care providers  come together to set a standard, share needs, and make economy of scale, or will the market fight hard and will see the standard emerging. No one wants to invest in the next Betamax and finally see VHS winning. Would you?

If you want to go further, I recommend you this good paper from IBM “The future of connected health devices: Liberating the Information Seeker.”

PCI The Payment Card Industry Data Security Standard : Only 11.1% OF COMPANIES MET ALL THE DEMANDS OF DSS 2.0 IN 2013

27 Thursday Mar 2014

Posted by in Payment, Security

1 Comment

Tags

image

Hi there,

A couple of weeks ago, I updated you on the risk of PCI not being prescriptive in terms of governance.

The new report published by Verizon is really worrying: In 2013, only 11% of companies met 100% of the security norm standards.

What is PCI : “The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment”.  (Source)

The report highlights a significant improvement from 2012, when 7.5% of companies were fully compliant. Really? Is that significant? This is absolutely terribly low.

PCI requires that some routine and periodic tasks be performed. Frequencies vary from monthly, quarterly, biannual, and annual.

  •  For example, only 39.6% of companies complied to the control 11.3.a (Perform external and internal penetration testing at least once a year).
  •  An other example: 68.9% OF COMPANIES MET ALL THE DEMANDS OF REQUIREMENT 3 (Protect stored cardholder data) IN 2013. Really?

Visa Europe provides up to date information on PCI compliancy, you may want to check it out before your next online purchase.

You can also  be checking PCI merchant list on https://www.visamerchantagentslist.com/

PCI 3.0 was released in November 2013 and still does not address the continuous controls. How do you call a child who does not work during the year  and just wait for the final exam?

IT under pressure: McKinsey Global Survey results

27 Thursday Mar 2014

Posted by in Talent Management

Leave a comment

Tags

,

Read the McKinsey report.

I’m interested in your views – Please contribute.

Mine is that the report is spot on number of points, but does not develop any recommendations.

I observed that technical & analytical skills are different, and unfortunately, with the increasing complexity of information systems, IT staff do need to connect the dots – ‘read the matrix’, or they aren’t capable of addressing the most complex situations because they remain in their own expertise silos, missing the big picture. Analytical training, use case scenarios, cross function-training, workshops, post mortem analysis and coaching are the keys. It takes time and energy, but certainly contribute to reduce the MTTR.

In addition, the report does point out the lack of clear career path. I designed in the past separate management and ‘individual contributor’ career paths, formalizing the expectations and more importantly:  an engineer becoming an expert will be recognized, compensated and valued, at comparable levels within the company and outside on the market.

Why Twitter Can’t Keep Crashing | Gadget Lab | Wired.com

13 Thursday Mar 2014

Posted by in Social

Leave a comment

Tags