Computer Weekly readers have their say
Successful deployment of SOA is a big challenge
Your article on service-oriented architectures (Computer Weekly,
13 September) highlighted the fact that this technology could help
companies achieve the long-term goal of creating applications that
reflect the business.
Yet while successful SOA developments can breathe new life into
monolithic applications and provide, for the first time, a flexible
and responsive IT infrastructure, mining the depths of these rules
to find the right components and business rules is a significant
challenge.
While the concept is sound, achieving successful deployment is
far from a given. Without doubt, SOA is an order of magnitude more
complicated than any application development previously undertaken.
As with any successful development, it requires the right
architectures, standards and methodologies.
However, SOA also requires the integration of multiple diverse
application types to reflect the new business model. Rather than
changing the entire application or building a new solution from
scratch, organisations need to mine the specific services required
from each application - for example, inventory and pricing models
to support online ordering.
SOA offers potential - but it is the execution that will be the
difference between success and failure. Combining these tools with
conceptual change and, critically, an incremental delivery strategy
will significantly increase the speed of development and, hence,
reduce the risk associated with SOA - providing organisations with
the opportunity to rapidly align IT and business for the first
time.
Scott McCurdy, ASG
End the perception of IT as just a male-only
club
The statistics released by the DTI (Computer Weekly, 20
September) concerning flexible working do not provide concrete
evidence of a possible exodus from the industry.
Firstly, the survey was conducted among 42 women and although
the industry is suffering from a shortage of women, this is hardly
a representative sample.
Furthermore, only 25% of women highlighted flexible working as a
reason to stay at a company - not exactly a jaw-dropping stat. Most
importantly, it should be remembered that flexible working is not
just beneficial to one sex.
Retention of staff has always been a challenge for the IT
industry as a whole, but it is time for us to address the balance
between males and females, otherwise we risk losing important
talent.
While I appreciate that these surveys highlight areas for
improvement, the entire industry needs to delve beyond the surface
and ask itself why we are not doing more to attract women in the
first instance. The results, I am sure, will reveal much more than
the need for flexible working. Part of the problem is perception.
For over 30 years we have been saddled with the reputation of being
a male-dominated sector, so a good starting point would be to get
across the message that it's not an "old boys club" - and fast.
Richard Nott
Offshoring is driven by price rather than
quality
While I agree mostly with Corn‚ Human's article (Computer
Weekly, 13 September), there are two important myths that should
not be allowed into any discussion about offshoring.
First, it is blatantly wrong for any corporation at this time to
look to offshoring as a way of addressing a quality problem, as is
implied in the article. Offshoring to places like India always was,
and still is, motivated by savings in unit labour costs and not by
higher quality.
While offshoring countries, through sheer market share, are
maturing their software development industries, they still have a
way to go before they can genuinely claim to be more attractive
than the West on the grounds of quality and project success rate.
The failures are still at least as prolific as when one is looking
over the shoulders of good Western engineers - they are just
possibly cheaper failures.
Second, as is stated in the article, software development, by
its very name, is not a "housebuilding" enterprise. Certainty and
detail come gradually in a software development project (whether
its managers accept this reality or not). If we could completely
specify software in all detail before we began to code, the code
itself would be a direct translation of the specification -
probably automatable and not requiring a large number of skilled
developers. But, unlike a house, software is too complex and
intangible for even trained analysts to come up with a desirable
solution purely on paper, with any efficiency.
Specifications sent to offshore centres to "code up" regularly
result in failure. The offshore developers fill specification gaps
by making far fewer "educated guesses" than developers working
close to the target business.
To those of us who openly accept these inevitabilities, the
practice of incremental building with very rapid and direct
feedback to the business has proved useful, and this can be
extended to include offshore labour if correctly planned.
The right approach, not just the right tooling, is critical to
offshore success.
Stephen Clothier, Accurity
Digitised records can help to prevent fraud
It's refreshing to see that the Office for National Statistics
(ONS) is taking steps to digitise its records (Computer Weekly, 9
August), but it is surprising that this hasn't been done
sooner.
The project will not only provide improved services for the
public, but also has the potential to enable businesses to better
protect themselves and their customers from ID fraud. For this to
come to fruition, the digitised records need to be aggregated into
a comprehensive database that can be made available to private
companies.
Many banks and retailers are already using ID verification
solutions that draw on databases such as the electoral roll,
Companies House data and lists of deceased individuals. The
availability of the ONS' data will help to make these solutions all
the more robust.
Ian Green
Citizen database needs to go much further
In response to the report on the successful trial of a
citizen database (Computer Weekly, 6 September)
While the government's trial of a citizen database should be
applauded as a positive step forward, I would argue that it does
not go far enough. Instead, it should be seen as just one stage in
the journey towards information-sharing across all public sector
departments.
The onus for the Customer Information System (CIS) seems to be
on uncovering benefit fraud and tracing offenders, which is of
course important, but is this aim ambitious enough? What appears to
have been overlooked is that there is huge additional value to be
gained from sharing data across government departments in terms of
improving consumer rights.
As well as helping to spot fraudulent activity, the creation of
a single citizen view across all parts of the public sector could
be massively beneficial in enhancing services to individuals. For
example, registration and contact details could be shared across
departments and streamline the process of applying for services
such as a passport, driving licence or tax credits, to name a few.
It would also go a long way to helping the government shake off the
image held by some people that any interaction with it is
automatically long and painful.
It seems the government is on the right track, but the "holy
grail" of completely joined-up services is still a long way
off.
Martin Sutherland, Detica
We are all responsible for improving
security
In response to the article "Public fearful of online retail
fraud" (computerweekly.com)
It's getting boring hearing from the security industry how
terrible e-commerce merchants' security is, and by implication how
we must all spend money with them. Maybe the question could have
been whether the security industry is providing effective
protection. I suspect the answer would have been "No".
There is already extensive legal protection for online shoppers.
For example, if a credit card holder is charged for goods that they
didn't order and didn't receive, they simply contact their card
issuer and get the charge reversed. It's as simple as that.
Besides, these shoppers must take responsibility too and implement
some basic steps in guarding against identity theft - such as the
use of anti-spyware and keeping the operating system fully
patched.
In the industry, we all have a responsibility to be well
informed and to spread this information among colleagues and
friends. If we do this, it will actually help to tackle the
security issues that confront us. Paying security consultants might
be useful, but starting with the obvious is better.
Chris Barling, Actinic
Mobile virus threat must be taken seriously
In response to the article "Users warned of mobile virus
threat" (Computer Weekly, 6 September)
I am concerned that despite recent warnings urging IT managers
to protect mobile workforces, viruses are starting to penetrate
mobile devices and cause damage and disruption.
The Commwarrior-B virus only caused a medium-scale infection,
but it won't be long before we see mobile viruses causing more
damage and disruption on a network, especially with the use of
mobile devices becoming more widespread. Even though mobile viruses
are still in their infancy, IT managers should take heed of this
story and open their eyes to the kind of damage mobile viruses can
cause.
With a staggering 5,838 of PDAs reportedly left in London taxis
in the last six months, it is imperative that CIOs know exactly how
many new handheld devices are being introduced into the company
network and whether or not sensitive corporate data will be stored
on them. Employees should also alert their IT department
immediately so any new assets can be checked for viruses, recorded
and monitored. But in practice, most do not.
Organisations underestimate the importance of securing mobile
devices, oblivious to the potential security risks that these small
tools can have on their IT environments. If businesses continue to
ignore the security implications of not securing handheld devices
adequately within the enterprise, they risk exposing sensitive
corporate data to hackers who always welcome new ways into the
network.
Paul Butler, Altiris
Mobile in the real world >>