Posted by Leo de Sousa on July 12, 2010
My friend Nick Malik wrote a post - Zachman’s Fatal Flaw: No Row for Customer. Here is my response …
Do I believe that Zachman’s Framework is fatally flawed? No. It all depends on your perspective and that to me is defined by your EA maturity. How we view and evaluate models and frameworks depends on how much time we have spent working on Enterprise Architecture.
Here is a simplistic example of what I mean. Think of our understanding of astronomy that we have at various stages of our education. As an elementary school student, we learned about the solar system and the main celestial bodies. As we progressed to secondary school, we learned about gravity and its influence on the solar system. At a university level, even more depth and understanding of the physics adds to our understanding (and perspective) of the universe. Would a graduate student use the grade school model to understand the solar system? No, but does that invalidate the elementary model used to introduce astronomy to grade schoolers? No it does not.
What Nick observes is that our view of the Zachman Framework has changed, due to the growth in our EA maturity. Most organizations that embarked on establishing Enterprise Architecture practices focused internally first. We did this to understand what we had and what it cost to deliver the technology services required by our companies. EA also started primarily in the IT departments and slowly began to grow outwards to assist in business and strategic planning. If we start with an internal view focused on IT what would you expect? An internal focus – think of it as getting our house in order. This is a very “Inside-Out” perspective and the Zachman Framework served may organizations well over the past decade. That is why so much EA writing uses the “IT” and its relationship to “the Business” model. Here is Nick’s quote about the flaw:
What is the fatal flaw? As you can tell from the title of the post, the flaw is an “Inside-Out” perspective on the enterprise.
We are maturing our EA profession from being focused on our internal processes and complexity and moving to a customer centric focus. Now that we have a better handle on our internal house using an EA approach, the next logical place for EA to focus and show value is in strategic planning. Nick’s quote about the customer is particularly important here: Read more...
Posted by Leo de Sousa on January 21, 2010
In early December, I spent 2 days at the Microsoft Canadian College Update. I sent Nick Malik (@nickmalik) a message and we met for lunch. I really enjoy catching up with other Enterprise Architects and Nick is top of my list. We talked about a broad range of topics like how EA can help with downsizing, EA models and data, Center for the Advancement of the Enterprise Architecture Practice and Twitter.
The topic of forming an EA team came up. “How would you staff up an EA team?” Nick challenged me by asking “Would your first hire be an Enterprise Architect?” At first I thought, yes of course an EA office needs EA’s in it. Well not so fast … if the EA Office was being put together for the first time in an organization, what does it really need to do?
Show value early and often to the organization. In order to do this, an Enterprise Architecture team needs to gather data and a way to link into projects.
Nick strongly suggested that instead of hiring another EA, I should think about hiring a project manager role and an accounting/data analyst role. (This assumes that you as the Chief Architect will do the EA work yourself.) So, if you have the opportunity to build an EA Office think long and hard about what you need to do and the roles you need to accomplish your goals. As I am writing this, I really think I need to revisit my work on Enterprise Architecture Capability Maturity Models.
So what roles would you pick? Please let me know.
Posted by Leo de Sousa on December 9, 2009
Session 11 Patrick Hevesi, Enterprise Technology Architect, WW CATM Security Lead
Microsoft Forefront – Business Ready Security Solutions
Evolving Threats
- 2 axes – threat and person
- Threats = Curiosity, Personal Fame, Personal Gain, National Interest
- Person = Script-Kiddy, Undergraduate, Expert, Specialist
- Results: Vandal (largest area by volume), Author, Trespasser, Thief (largest area by $ lost and fastest growing segment), Spy(largest amount of gov’t IT security $ spent)
Evolving Threat Landscape
- huge improvements in bandwidth of networks
- botnets leveraging peer to peer
- 88% of attacks are on applications – top 3 applications attacked: #1 Adobe Reader, #2 iTunes, #3 Quicktime
- the explosion of social networks introduce hugely naive users to places where they voluntarily give up their personal data
- Malware sites #1 Game Cheats #2 Pornography #3 Music Lyric #4 Gossip sites
- http://www.microsoft.com/sir – security intelligence report (free report – updated every 6 months)
Core Infrastructure Optimization Solutions (optimized desktop, optimized datacenter, business ready security)
- best protection is to run Windows NOT as administrator especially when surfing the web
- Microsoft worked with Intel and Dell to build security into hardware and software (OS working with the hardware – 64 bit)
- Network Access Protection – 2 certificates (IPSEC) issued – one for the machine and one for the user enforces machine health
- http://microsoft.com/optimization – self service questions to see where your organization is on a maturity scale – Dynamic IT
- Dynamic IT scale – basic (cost centre), standardized (cost efficiency), rationalized (business enabler), dymanic (strategic asset)
Business Ready Security – help securely enable business by managing risk and empowering people
- Identity Protection, Identity Access, Identity Management
Forefront – Endpoint Protection, Protection for Exchange, Identity Manager, ISA Server Edge Security (client, server, mobile, cloud) Read more...
- Defense in Depth – 64 bit hardware, 64 bit Windows 7 and Mobile, Windows Server Core, Network Access Protection (NAP)
- Services – Forefront Online Protection for Exchange
- Edge – Intelligent Gateway Application, Internet Security & Accleration Server
- Server – Forefront Security for SharePoint, Security for Exchange Server, Security for OCS
- Client and Server OS – Forefront Client Security
- Forefront has 5 built in virus scan engines working together
- Microsoft Security Essentials – free tool, next generation of Forefront Client Security
- Windows Rights Management Services – BitLocker, Encryption File System (EFS), information protection