Posted by Jeff Papows on Mon, Jan 18, 2010 @ 03:47 PM
By now, I assume that everybody in the industry is aware of Google potentially ceasing operations in China. Given the cyber attacks on gmail accounts that were supposedly initiated by the Chinese government, it's clear that this story will continue to play out over the next several months. We've already heard from Secretary of State Hilary Clinton stating that the issue has "raised very serious concerns" along with other daily reports on the topic.
While there are many different ways to view this evolving story, the piece that I find most troubling is today's news that indicates that Google insiders may have aided the Chinese government in hacking the gmail accounts of human rights activists.
The tech crowd is pointing to vulnerabilities in Internet Explorer and there is a solid argument about the ability to use IE to hack into the gmail accounts. However, blaming Microsoft technology for the security compromises is about as productive as blaming the gasoline after the arsonist has set the fire.The issue that this whole Google China incident raises in my mind is the role of the government in the Internet and where IT governance intersects the two.
Now I don't expect nor do I want any government to step in and start overseeing the usage of the Internet and search engine results. Yet with the latest news that the cyber attacks are being traced back to insiders, it calls into question the amount of IT governance that was in place.
Could governance have prevented the attacks? No, as that's a far-fetched and unrealistic claim. However, with the right amount of governance in place, rogue applications and activities may not have been allowed to infiltrate the infrastructure. In this instance, it may have been able to alert Google China's managers to potentially compromising behavior before it put the entire operation at risk including the 700 employees in the country.
If Google does cease operations in China, the implications will be pretty far reaching given the search engine giant's presence in the country and its recent expansion into music and the mobile device market. It would be a shame for the company to lose the momentum it's been building in China over since 2005 yet it would be an even bigger shame if it was forced to compromise it's "Do No Evil" mission statement.
I'm going to keep watching this story, as there's likely to be more that unfolds. Meanwhile, I can't help but wonder how much of a difference governance would have been able to make in minimizing the impact of the situation.
Posted by Jeff Papows on Mon, Jan 04, 2010 @ 04:12 PM
After a few days away from the office, I came back with renewed enthusiasm for 2010.
As I made my way through my inbox and got caught up on the latest industry news, I was surprised by David Linthicum's Infoworld blog entry titled, "Cloud Computing Will Kill These 3 Technologies." In his post, Linthicum states that cloud computing will kill design time governance.
What makes the blogosphere so great is that we're all entitled to voice our opinions. So I will now share mine in response to Linthicum's post because his view is a bit askew from what I know is happening in the real world.
Now if you've been reading any of my previous blog posts, you'll know that I believe nothing could be further from the truth. In fact, right before Thanksgiving I blogged about the importance of design time governance for cloud computing in the entry titled, "Governance: A cloud computing strategy's silver lining."
The bottom line is this: if we cut corners at the beginning of the development process, we will almost always create gaps in the cloud resulting in the proliferation of bad code and applications. If in fact more services are accessed, sometimes anonymously, from God knows where, in fact the quality of those services now destined to be used and reused must in fact of an even higher quality. Sounds like design time governance to me.
Now you're probably thinking, ‘of course he's going to push design time governance.' And that's true to a certain extent from the perspective of creating and distributing better software throughout our infrastructures especially as services make their way into the cloud. From a practical point of view, I'd tell anybody purchasing technology to select the vendor that's best suited to addressing his or her particular business needs.
But when it comes to the statement that cloud computing is the death knell for design time governance, I simply have a hard time believing this. Especially coming from Linthicum, the pragmatist.
Sure, aspects of design do go away by using cloud-related resources but it's unimaginable that most serious organizations will believe that run time is enough. On the contrary, utilization of cloud resources brings forward new design governance challenges. For example, when and how should cloud resources be used, do they support the proper technologies, functionality and performance we expect?
I'm not sure which ‘runtime SOA players' David is referring to when he says ‘many of the existing runtime SOA governance players support enough design and implementation capabilities that separate design-time tools are not required.' I'm quite frankly shocked at this statement because to the best of my knowledge, most of those runtime SOA governance players support little to no automated design time governance.
I suspect the theory that cloud computing will kill design time governance is up there with other marketing campaigns that declared XYZ technology is dead. Sure, they make great headlines and get some of us all worked up but they're not very practical or realistic.
If anybody knows who those existing runtime SOA governance vendors are that can supposedly obliterate separate design tools, please drop me a line at jeff@weblayers.com or comment below on whether or not you think the cloud will kill design time governance.