An interersting finding in IT World relating the people who commit sabotage in the workplace and their work behaviors. The article details that …

The research suggests that potential troublemakers should be easy to spot. Nearly all the cases of cybercrime investigated were carried out by people who were “disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly.”

From an organizational point of view, this seems pretty obvious. People who aren’t happy and aren’t performing are the most likely to act out. This isn’t an IT specific thing, I would guess you see the same behavior in people who work in finance and embezzle company funds.

The article goes on …

According to security management vendor Calum Macleod of Cyber-Ark, most organizations are leaving themselves exposed by “not paying due care and attention to the people who are charged with looking after their systems and applications.” Even outsourcing cannot resolve the problem fully, he said.

This sounds like a wise thing. Organizational problems are the responsibility of the organization, and the responsibility isn’t just to punish or to root out bad seeds. The responsibility is to make a culture where this sort of thing is unlikely to happen, then to monitor for any possibilities that may arise.

While it is individuals that perform these acts, they don’t happen in a vacuum and often there are components of the behavior that can be prevented cheaply, quickly, and easily. Don’t discount your people by ‘profiling’ out suspects and thinking that will solve your problems.

Openfount has released S3Infindisk for EC2, a product that answers a lot of wishes in the EC2 community. One of the biggest issues with EC2 is the lack of persistent storage on the server instances, and this tool is a first attempt at a solution.

Basically, when you are using EC2, everything on your server that isn’t statically defined before the machine runs goes bye-bye as soon as the machine reboots. Not a real problem for software, but for data this is a major bummer. Amazon makes S3 storage available without data transfer fees, which is wonderful. However, it takes real effort to transfer data back and forth between the systems (with something like jsh3ll), and most data-centric tools (especially database servers) expect real-time access to a working file system.

S3Infinidisk bridges this gap, allowing an EC2 instance to use S3 like a real Linux filesystem. While it is a bit of hack, it allows data tools to work the way they need to and it allows an EC2 instance to take full advantage of the AWS environment. This is a huge step forward in making EC2 a more usable environment for utility computing!

I haven’t had a chance to try the product out yet, but am excited to do so. I appreciate the licensing structure (free single-user version + commercial high-performance version), although I would prefer seeing open source. Also, since the tool is based on the FUSE subsystem, I could easily see this spreading like wildfire.

The Sarbanes-Oxley Compliance Journal has a very detailed article discussing the implications of spreadsheets on compliance and financial regulation. It is a well thought out, well written piece that gives very specific, very conservative steps to ensure that an organization doesn’t run into regulatory issues from day-to-day business practices.

One thing I appreciated in the article was its realistic tone, which recognized the existence of shadow systems and the role that they play in the real world. While the article focused on spreadsheets, this doesn’t mean that they are bad and that centralized CRM is good (as a matter of fact I might argue the opposite in many cases). The real issue being discussed is the risk that occurs when information architecture doesn’t match the needs of the organization.

Looking Globally

For many low-importance, one-off operations, a spreadsheets is fine. It can be shared easily, and usually owned by one person. However, what normally happens is that someone sharp (and usually not someone in IT) decides to do try to build some infrastructure around a spreadsheet without considering the consequences. It is quick, cheap, and easy to do, to a point. The problem is that the point when a spreadsheet becomes unmanageable is often well after the point where an organization depends on its output to function effectively.

For any system, an information architect needs to consider:

• Cost
• Effectiveness
• Visibility
• Traceability
• Mangageability
• Quality
• Auditability

Furthermore, the situation needs to be considered from a forward-thinking perspective. That is, we need to try to understand how the landscape is going to look a few years down the road, and to make our systems flexible enough so that we don’t put our organization into a bind if we are wrong.

Spreadsheets are normally built only considering cost and effectiveness, something that is only discovered after time has gone on. It is often the case that a system would be much more effective living in a database, BI tool, or custom software application when considered over time.

Visual Literacy has a very interesting page called the periodic table of visualization. It is very similar to the periodic table of the elements, but might be a tad more applicable to the everyday business analyst.

The site is a comprensive look at a huge number of different ways to visualize information, ranging from the artsy (such as the graphic facilitation) the the mundane (pie chart) to the technical (entity-relationship diagram) to the silly (knowledge map).

The UI is very good, and examples of each different type of visual tool, and a nice overall classification of the different types of visual tools. This could be very helpful if you are stuck trying to figure out how to communicate information but don’t know exactly where to start.

Take a gander …

Steve Tuck from Datanomic has an post about data quality on dq:view, where he discusses (and tries to dismantle) the use of a government produced master data file for mailing addresses in the UK. While the posting is very specific to a single application, it speaks to a situation that drives a lot of data management issues.

He writes:

Authorative sources of data are indeed useful - just don’t count on them to tell the truth, the whole truth and nothing but the truth.

I believe that one of the biggest problems that we have in dealing with data is the false belief that for every organization and situation, there is a single view of information that can satisfy everyone’s needs. Now, this isn’t a technology problem and it isn’t a data problem, it’s an organizational problem.

The Myth of the Single View

In any organization, we end up with different groups with different needs, normally based around:

• Speed
• Reliability
• Accuracy
• Cost

Each group has specific needs based on their own situation. For example, when looking at customer data, the people in HQ might not care if every customer account has the most up-to-date address available, but the people in the warehouse certainly do. At the same time, the people in the warehouse don’t care about how much it costs to , while the people in HQ are much more focused on the bottom line.

Get these folks together in a room and you will have a terrific argument about what the organization needs and and how it is going to be done (BTW, there is a related post to this on the wonderful Creating Passionate Users).

While this sounds like a problem for human resources or general management, this phenomenon is usually expressed as a function of IT, because that is where the rubber hits the road. Since IT is often a shared resource and has a vested interest in interoperability, the issues of culture and organization come out as a function of architecture development.

An Honest Assessment

The honest truth is that there isn’t a single view of the business, its data, or its processes, that is going to meet the needs of the entire organization. A lot of vendors and consultants for CRM and MDM solutions are going to try to tell you otherwise, realize that they are selling something as they do this. The answer is that this is a complicated world, and things aren’t getting any easier.

If your IT is going to represent the entire organization, you must embrace complexity and understand the fact that there are going to be a cacophony of voices and a host of diverse world views that all exist simultaneously and are all using and competing for the same resources.