Search

mikehking dot com

Personal Reflections: Agile, Leadership, Technology, and Life

Open Search
Category

technology

Cyber Security 101 for Small Businesses

If you’re a small business, the world of cyber security can be very overwhelming and intimidating.  There are infinite articles you can read about, a long list of cyber security maturity frameworks and concepts you could try to learn, and an overwhelming feeling that you can’t possible actually defend yourself from the hackers all over the place!

Cyber is a big, complex thing that is hard to do — if you’re looking to better defend your organization and you don’t know where to start, I recommend this approach:

  • Read the Center for Internet Security’s (CIS) CIS Controls, as they’re a great list of security controls (fancy way of saying todo items) that are already in priority order — so you start at #1 and just keep working your way down the list.  Here are the top 5:
    1. Maintain a current list of all the IT hardware (equipment) you use
    2. Maintain a current list of all of the software applications you use
    3. Invest in, and use frequently, a vulnerability scanning tool (e.g. Tenable.io) to identify security holes and then go fix them
    4. Limit who within your organization has Administrative Access.  Instead limit the access to only those who must have it, and then track who has it and who is using it to do what when.
    5. Configure IT equipment securely and monitor the configuration to ensure these configurations are being changed — for example, you may use an imaging solution to push out a consistent, pre-configured image of Windows 10 for new employee laptops and then use a device management software (e.g. Microsoft SCCM) to monitor the configuration across your organization
  • If you’re ready to keep digging in, read the NIST Cyber Security Framework (CSF), give yourself a red/yellow/green score on each of the 5 core domains and then focus on improving on the areas you think are the best return on your time and money
Advertisements
0

Audio-only Mode for Video-based Training Products

Random product backlog idea:  It’d be awesome if companies that offer online, video-based training (e.g. Lynda (now LinkedIn Learning), PluralSight, O’Reilly Safari, Udemy, etc.) offered:

  1. An audio only mode for their mobile apps (so I could enjoy their content while driving and wouldn’t need to wait for the videos to download or stream)
  2. Better queue/backlog management (Castro does this amazingly well for podcasts), so I could queue up my training modules in a prioritized order, not just an unsorted “Watch List”

 

0

How Opinionated are your Tools?

Organizations must intentionally determine how opinionated their collaboration tools (business systems) should be, to align with their culture and business model. Opinionated tools align well with top-down organizational cultures, while non-opinionated tools align well with decentralized, self-organizing cultures.

Organizations struggle at each extreme:

  1. Top-down organizations struggle to scale effectively, creating bottlenecks and issues when decisions constantly require senior leader approvals.  People talk about how our world is more volatile and faster moving (see Half of S&P 500 Companies will be Replaced in next 10 years), and that companies need to be more Agile.  Agility is hard when you need 3 approval signatures to make any changes. scaled-frameworks.PNG
  2. Self-organized teams struggle to stay coordinated, as each team can “wander off” from any centralized approach to things like enterprise priorities, technology architecture, processes.  They struggle to stay aligned with each other, which is why we see so many Scaled Agile frameworks (see icon mosaic to the right) trying to figure out how to keep self-organizing teams aligned with each other.  Self-organizing teams also struggle to stay aligned across an organization related to things like Enterprise Architecture (consistent technologies) and Business Architecture (consistent processes).

Organizations need to find the right balance between these two extremes for their entire organizational culture, and how they select, configure, and maintain tools to align with this approach.  The figure below shows the spectrum I envision, where a company moves the triangle to find the spot they want their organization to be, and then aligns tools with that spot on the spectrum.

opinionated tools spectrum.PNG

Technologies can come out of the box very opinionated (think about a tool like the TurboTax wizard interface, that walks users through a workflow it decides without asking how you want to use the tool) or it can be very flexible (think about Microsoft Word — you can write your letter first, and then format it; or you can setup the page size, orientation, and header before you write your letter).

Technologies can also be configured to be very opinionated — JIRA as an example is an issue/ticket tracking system that has a variety of Agile planning/management capabilities.  Out of the box, the tool comes with a few standard ticket types and workflows, but you could let each team in your organization configure their own ticket types, workflows; leaving all the permissions wide open for the organization.  However, most organizations make JIRA “more opinionated” before they deploy it, only letting a few select leaders/administrators make changes to the system.

On the opinionated this spectrum, I see organizations selecting and configuring tools with a heavy focus on ensuring employees use a tool exactly the way the organization’s senior leaders want them to be used (highly opinionated).   Allan Kelly recently write a great post about how dangerous this power centralization can become for organizations.

On the non-opinionated side, organizations struggle to stay cohesive.  They can become organizations of individual teams or almost a group of consultants who are trying to accomplish things; but can’t leverage the scale of their organization to accomplish great things.  This can devolve into anarchy, where teams don’t help each other.  Think about a team who can’t share talent with other teams, because they’re using different processes or technologies.  Or a leader who isn’t able to report on progress because each of her teams is using their project tracking tool completely differently.

Organizations, and the Office of the CIO organizations that should be enabling them, need find the balance, like a train station where the rules of engagement are clear (Where do I get a ticket? Where do I get on the train? Where do I get food?), but different people can get to their trains in different ways.  Organizations don’t have to be the wild west with teams doing whatever they want (think about a SharePoint site with no governance where you can’t find anything) and organizations don’t need to be top-down culture where no work gets done because everyone has given up on requesting approvals and resigns themselves to the slow-moving status-quo.

1

Using JIRA to Scale your Business

I recently spoke at the 2017 Capability Counts conference, put on by the CMMI Institute. David Anderson Keynote 2017.PNG It’s an interesting event that isn’t focused just on CMMI maturity models — instead it’s a conference where a few hundred people get together to discuss process improvement, Agile, software engineering processes, and a variety of other related topics.

The keynote (shown in the picture above) is David Anderson of LeanKanban University talking about the core concepts of Kanban, which go far beyond most people’s understanding of 3 column boards.

I spoke on using Atlassian’s JIRA product to help an organize scale — sharing some best practices/recommendations on how to use a tool like JIRA to get information out of email, hallway conversations, and meetings and into a system where work can be clarified, prioritized and tracked.

0

CIO 101 for Entrepreneurs

This morning I got to share IT infrastructure, business strategy, and business
architecture tips and recommendations with some local current and future entrepreneurs at The Capitol Post in Old Town Alexandria.  Capitol Post is a great organization focused on inspiring Veteran entrepreneurs to find professional clarity and scale those visions.  They offer several great things, including  a cool co-working space right in North Old Town Alexandria, classes, and a startup accelerator program.

img_9850

Here are the slides and strategy template I went through with the group this morning, helping entrepreneurs deal with IT.   We talked about:

We talked about how IT for non-technical entrepreneurs can be like personal finance for non-financial people — it’s very important, but it’s hard to motivate yourself to invest the time you need to understand it, make some solid plans, automate it, and then move on to creating value.

It’s been a year since I last taught at Capitol Post (https://mikehking.com/2015/09/11/talking-technology-bunker-labs/), and it’s great to see how much they’ve grown (the office is beautiful and their getting ready for their next cohort to go through the Bunker Labs DC accelerator.

0

How to Copy Photos from Apple Photos to Google Photos with Correct Dates and Times

I recently wanted to copy a large set of photos (over 10,000) out of Apple Photos (Mac-based photo management application/database) and save them on a USB hard drive so I could import them to Google Photos (cloud-based photo management service).  I did an export of all the photos out of Apple Photos, which saved the date and time information in the EXIF metadata, but not in the file metadata itself.  Here’s how I solved this (which I’m sure isn’t the most elegant solution), using a Mac:

  1. I found this thread, which explains how to use a few different tools to accomplish this, on photo.stackexchange.com
  2. I downloaded jhead for my Mac
  3. jhead for the Mac doesn’t support recursive (e.g. -r) calls, so I needed to consolidate all the images from sub-folders and sub-sub-folders — I did that using this command on the Mac terminal using this command “find ./ -name ‘*.jpg’ -exec cp ‘{}’ ./ \;“, which I found on this forum http://ubuntuforums.org/showthread.php?t=1385966:
  4. Then I deleted the folders and sub-folders, as I don’t need them for organization (I just want to get the photos backed up into Google Photos)
0

How to Pick IT Systems for your Small Business

If you’re the CIO, Director of Technology, IT Person, or Only Person (Solopreneur) at your organization, here are 5 areas of questions areas to consider when determining if a specific IT system or process would align with your small company’s needs:

  1. Alignment:  Does this system align with your business model (how you do business) and your current infrastructure?
  2. Lock In:  Would this system lock you (Vendor lock-in) into this vendor or system long-term?  Could you export your data and move to another system as you grow?
  3. Investment-worthy:  Is this system worth the investment of money and time (your time, your employees’ time, your customers’ time?
  4. Get Traction:  Would this system get traction with your employees and/or customers?  Does it align with how you do business, or would you spend your time forcing people to use it?
  5. No Huge Risks:  Are there any significant risks (red flags, deal-breakers) that should drive you away from this system? (e.g. cyber security, loss or productivity, removes future options you want)

align-framework

Shameless plug:  If you’re interested in learning more about setting up the technology for your company, or future startup, check out this free class I’m teaching next week (Thursday, Sept 10, 2015), sponsored by Capitol Post, in Old Town Alexandria:  Technology 101 for Entrepreneurs (How to Choose to the Best Systems for your Business).

0

How does a CTO Spend Time?

I’ve recently realized that I’ve been drawing a similar pie graph several times recently, explaining how I spend my time as a Chief Technology Officer (CTO) at a small business.  I thought I’d share for those interested in how I spend my time juggling the demands of CTO across various company priorities.

CTO_time

If you’re interested in learning more about small business CTO activities, including technology strategy when you’re too small to have a dedicated CTO, check out this free, upcoming training in Old Town Alexandria, sponsored by Capitol Post, that I’m teaching next month (Sept 2015):  Technology 101 for Entrepreneurs (How to Choose to the Best Systems for your Business).

0

The Kindle’s Best Feature: Seeing all your Highlights on one Website

The Amazon Kindle is great and it’s incredible it was introduced almost 8 years ago.  I realize it can still be a controversial topic for hard-core readers regarding whether paper for e-ink is better, but for anyone who doesn’t own a Kindle or does and doesn’t know about this feature, the best part of a Kindle is being able to see all your highlights from all your books in one place online at:

Some of you may already realize this, but it’s incredible.  The ability to be able to go back and review everything that resonated with you when you read it is incredible.  Sure, if you underline or highlight tangible, real-paper books; you could go through your old books on the shelves — but no one ever does.

Being able to scroll through a feed that shows the books in the order you last read them, and the highlights are incredible — here’s an example:

Screen Shot 2015-07-19 at 9.55.30 PM

While I don’t use this feature as much as I’d like to, I love the ability to scroll through and see what struck me in a book I was reading recently or years ago.

0

Powered by WordPress.com.

Up ↑