Browsing articles in "Uncategorized"
Mar 12, 2013

Prototype Testing

Have you ever poured your heart and soul to help test and perfect a product that, after launch, flopped miserably? Not because it was not working right but because it was not the right product.

Are you currently wasting your time testing a new product or feature that, in the end, nobody will use?

Testing typically revolves around making sure that we have built something right. Testing activities can be roughly described as “verifying that something works as intended, or as specified.” This is critical. However, before we take steps and invest time and effort to make sure that something built right, we should make sure that the thing we are testing, whether its a new feature or a whole new product, is the right thing to build in the first place.

Spending time, money and effort to test something that nobody ends up using is a sheer waste of time.

What is prototype testing? Here’s a somewhat formal definition – the dry and boring kind you’would not find in a dictionary:

Testing the initial appeal and actual usage of a potential new product by simulating its core experience with the smallest possible investment of time and money.

Make sure – as quickly and as cheaply as you can – that you are building the right it before you build it right.
My thinking on prototype testing evolved from my experiences with Agile and Test Driven Development. It applies some of the core ideas from these two models and applies them further upstream in the development cycle.

Nov 9, 2012

The Emperor’s Seed

Once there was an emperor in the Far East who was growing old and knew it was time to choose his successor. Instead of choosing one of his assistants or one of his own children, he decided to do something different. He called all the young people in the kingdom together one day. He said, “It is time for me to step down and to choose the next emperor. I have decided to choose one of you.” The kids were shocked! But the emperor continued. “I am going to give each one of you a seed today. One seed. It is a very special seed. I want you to go home, plant the seed, water it and come back here one year from today with what you have grown from this one seed. I will then judge the plants that you bring to me, and the one I choose will be the next emperor of the kingdom!” There was one boy named Ling who was there that day and he, like the others, received a seed. He went home and excitedly told his mother the whole story. She helped him get a pot and some planting soil, and he planted the seed and watered it carefully. Every day he would water it and watch to see if it had grown. After about three weeks, some of the other youths began to talk about their seeds and the plants that were beginning to grow. Ling kept going home and checking his seed, but nothing ever grew. Three weeks, four weeks, five weeks went by. Still nothing. By now others were talking about their plants but Ling didn’t have a plant, and he felt like a failure. Six months went by, still nothing in Ling’s pot. He just knew he had killed his seed. Everyone else had trees and tall plants, but he had nothing. Ling didn’t say anything to his friends, however. He just kept waiting for his seed to grow.
A year finally went by and all the youths of the kingdom brought their plants to the emperor for inspection. Ling told his mother that he wasn’t going to take an empty pot. But she encouraged him to go, and to take his pot, and to be honest about what happened. Ling felt sick to his stomach, but he knew his mother was right. He took his empty pot to the palace. When Ling arrived, he was amazed at the variety of plants grown by all the other youths. They were beautiful, in all shapes and sizes. Ling put his empty pot on the floor and many of the other kinds laughed at him. A few felt sorry for him and just said, “Hey nice try.” When the emperor arrived, he surveyed the room and greeted the young people. Ling just tried to hide in the back. “My, what great plants, trees and flowers you have grown,” said the
emperor. “Today, one of you will be appointed the next emperor!” All of a sudden, the emperor spotted Ling at the back of the room with his empty pot. He ordered his guards to bring him to the front. Ling was terrified. “The emperor knows I’m a failure! Maybe he will have me killed!” When Ling got to the front, the Emperor asked his name. “My name is Ling,” he replied. All the kids were laughing and making fun of him. The emperor asked everyone to quiet down. He looked at Ling, and then announced to the crowd, “Behold your new emperor! His name is Ling!” Ling couldn’t believe it. Ling couldn’t even grow his seed. How could he be the new emperor? Then the emperor said, “One year ago today, I gave everyone here a seed. I told you to take the seed, plant it, water it, and bring it back to me today. But I gave you all boiled seeds which would not grow. All of you, except Ling, have brought me trees and plants and flowers. When you found that the seed could not be grown, you substituted another seed for the one I gave you. Ling was the only one with the courage and honesty to bring me a pot with my seed in it. Therefore, he is the one who will be the new emperor!

Aug 3, 2012

Your Data is Everywhere

Your data is everywhere. Here now. Was there yesterday. It’s on devices you own and devices you don’t.
It’s being accessed from within the office, on the move. It’s up in the cloud, it’s back on the ground – somewhere, anywhere. Meanwhile, the constantly shape-shifting shadow of data loss looms over every business.

You must see how ready your organisation is to tackle these new security challenges. You must know
how your state of security-readiness compares to typical enterprises, the areas of concern
and prioritise your security.

Data Theft means theft of different forms of electronic data stored in a corporate network in various forms,formats and location. Data can be stolen either by an outsider if he/she gets access to your data sources or by the employees of the firm themselves.

Data theft occurs when an outsider/insider gets access to your data and uses it for malicious purposes either by copying it through some form (using Flash drive, CD/DVD etc) or transfering (through ftp, mail, IM etc) it to some different location

Data Theft can be prevented by finding out how much of data is currently exposed in a corporate network
through different data sources and contiuosly monitoring data usage so as to prevent if some confidential data is going outside.

Let me share two examples of small business data security incidents.In the first incident an employee left a company (let’s call Company C), but the employee’s email account was not turned off. There were no checks setup at Company C to delete employee access (email, network, etc), and the work email account was being forwarded to the former employee’s personal email. While employed with Company C in a sales management role, the employee had setup a competing company, and when the employee left Company C, he continued to receive sales lead emails from Company C’s clients.
This continued for several months, and today Company C is having to spend several thousands of dollars in litigation in addition to facing the loss of several key clients.

The second incident involved a colleague of mine. Her healthcare provider’s office was broken into,
and the computer was stolen. This computer contained the financial and personal information of hundreds of patients. Personal banks accounts were accessed and money was stolen among other things.
When a credit card is breached it is a major inconvenience, but it can be stopped relatively quickly.When a bank account is breached, it becomes a much more difficult issue to deal with and fix.
This business lost the trust of hundreds of patients in addition to putting their financial and
personal information at risk. This could have been easily prevented by encrypting the computer, which by the way can also be done for free.

The following steps highlight the security plan for any business.

Step-1 Asset Identification/Classification and Risk Assessment
(i) Identify Information Assets
(ii) Classify Information Assets
(iii) Risk Assessment of Information Assets
Step 2 – Network and Physical Access Security Controls
(i)Network, Computer, and Email Access Controls
(ii)Review of Access Controls
Step 3 – Network and Personal Computer Security Controls
(ii) Anti-Virus/Anti-Spyware
(iii)Downloads and System Acceptance
(iv) Firewall and Internet Connection
Step 4 – Paper document controls
(i)Information Classification Policy
(ii)Shared Documents
(iii)Filing Cabinets
Step 5 – General security controls
(i)Employee Background Checks and Training for new Hires
(ii)Third Party Review
(iii)Visitor Policy
(iv)Incident Management System
(v)Emergency Response Plan

For more details and consulting, contact


September 2017
« Mar