Your shout: data management, VPN security, SOA and recycling

Have your say at


Computer Weekly readers' give their views

Look at the bigger data management picture

I am writing in reference to the article "Chains lack unified customer view" (Computer Weekly, 14 March ). All too often, a CRM solution or business intelligence implementation is seen as the resolution to the problem of how to manage an organisation's "master data", rather than tackling the problem as part of an overall master data management strategy.

Often, the problem gets filed in the "too hard" pile and an ongoing manual process of reconciliation and matching across different systems exacerbates the problem. These issues hold businesses back.

A strategic approach to managing the organisation's information assets is critical. Tactical delivery of master data management solutions within this framework, which can reap operational and reporting improvements, can then be undertaken and reused as the solution grows.

Without this strategic approach, businesses will continue to struggle, reinventing the wheel and failing to realise value from their information assets.

Alex Plenty, senior manager in consulting, Deloitte


Spread the word about virtual network security

Your Events article looking ahead to Infosecurity Europe ("Experts to debate merits of deperimeterisation", Computer Weekly, 21 March) neatly summarised the most pressing security concerns of the day for IT managers.

The question of whether security architecture should be based on the deperimeterised model, and whether the benefits of new technologies such as VoIP outweigh the security risks involved calls for greater education on the much neglected issue of VLan security.

Organisations must take the initiative in protecting each and every port on the corporate network if they are to stay safe.

The strong uptake of IP-based technology - devices that operate outside the firewall - means it is already too late for businesses to rely on a changed approach from ISPs to protect them from denial of service (DoS) and distributed denial of service (DDoS) attacks.

To manage IP networks safely, organisations should be applying techniques such as rate limiting, which can restrict the flow of information per second through a particular port - keeping just enough bandwidth available for critical applications such as VoIP, but preventing external attacks from having any impact on the enterprise network.

The prioritisation of traffic, so that protocols such as SIP can be a granted special privileged status, is an additional benefit of this technology. IP-enabled devices within a virtual network must be protected from each other as well as from threats originating from outside the network. The popular approach to network security fails to take this into account, and instead merely applies the tried and tested access control list to a virtual network.

Layers of security must be built into each port if interaction between new devices is to be controlled and a specific class of service guaranteed.

The long-running debate on deperimeterisation and VoIP security has been thoroughly exhausted in the technology pages, with a notable lack of positive conclusions to achieve closure on the subject.

It is now time for real education on carefully targeted measures and techniques such as rate limiting, which is among the most effective means of fighting DoS and DDoS attacks. Such techniques allow organisations to fine tune policy and ensure nothing is left to chance. They also mean that exciting new technologies like VoIP, with all the business benefits on offer, can be embraced without fear.

Emile Knetemann, IT director


Reduce, reuse and recycle with SOA

Although Cliff Saran makes many valid points surrounding the development of service oriented architecture in his article "A clear path to SOA" (Computer Weekly, 14 March), it is worth highlighting SOA's crucial role in the reuse of disparate legacy applications.

According to the Aberdeen Group, 80% of all companies are still reliant on their legacy systems and 180-200 billion lines of Cobol in existence today, meaning that the option to "rip and replace" these ageing applications is not viable, due to the huge costs and risk involved.

It is important to point out that, for the first time, SOA allows companies to reuse and seamlessly integrate their oldest applications as business services. It allows otherwise disparate, discrete IT systems to talk to each other so that companies can avoid the extreme cost and risk of complete systems replacement.

Julian Dobbins, Micro Focus


SOA's biggest benefit is communication culture

At last, a series of sensible articles on service oriented architecture (Computer Weekly, 14 March). The IT industry really doesn't help itself with the continued hype surrounding "new" technologies, of which SOA is the latest. However, there is genuine reason to be excited about SOA, even if we accept that it's not a panacea for all integration woes.

True, much of the technology involved in SOA has been around for a while but WS-* standards designed specifically for SOA are new and have really given it a shot in the arm in recent months.

But, perhaps the biggest benefit of SOA thinking is its dramatic impact on the development culture. It encourages project teams to speak to everyone within an organisation that will be affected by the building of a service - whether it be the technology department, end-users or 'C' level executives - and agree what the final product will look like.

This enables the most important parts of a project to be built first and means that key components of the service can be up and running immediately so that people can get on with using them within a relatively short time. This not only delivers a quick return on investment but also means that the remaining parts of the project can be tweaked, based on users' feedback from a real, working system.

So while we shouldn't get excited about everything with an SOA badge, we should accept that when used properly, SOA can build projects quicker and to users' specifications.

Erik Doernenburg, technical principal, ThoughtWorks


That picture of Glasgow looks out by a city mile

I note that the picture you chose to illustrate Glasgow in your article on that city's shared services project was actually the Royal Mile in Edinburgh.

Still, at least you managed to select a picture not featuring a man in a kilt, playing bagpipes in the rain. Well done.

Nick Addison


Answer back

Do you disagree with someone's opinion on this page? Or do you have something to say about a Computer Weekly article? If so, we want to hear from you. E-mail [email protected]

Read more on Web software