Feeds

Mashups haunted by past experience

User-generated IT support

3 Big data security analytics techniques

I have lived through re-orgs, outsourcing and off-the-shelf applications being shoehorned into niche markets by over-zealous management. The latest trend in software, though, is for user-generated mashups.

Recently Serena Software announced its user-friendly mashup tool. According to Serena, its tools will "let non-IT staff take care of tedious, line-of-business Office applications". I screamed. Serena is not the only IT vendor to make such noises.

Initially this sounds like a good idea - why shouldn't users be allowed to take charge of the "day to day" hassles, and short circuit the development process, leaving the IT staff to tackle really big projects?

The problem is, these pieces of code will make their way around an organization and while that can be good in some cases, inevitably pieces of unmonitored, unapproved code will be passed around from user to user with disastrous consequences. And, if - and when - something does go wrong, it will be the IT staff who have to go in and fix the problem. So much for easing the burden on IT.

Whether the mashup camp knows it or not, they still need the skills and support of experienced IT staff. Just because you know how to drive a car doesn't make you a race-driver. Neither does being able to do technical drawing qualify you as an architect.

To illustrate my point, let me share two real examples from my own IT experience.

Let's go back to the late 80s where a public-sector teacher got his hands on a programming manual for the language behind the school-automation system deployed in his area's public schools.

Hearing grumblings about the lack of decent library software in the school system, this person read the manual and wrote a piece of software that ultimately served the needs of his school, a DBQ database running on 486 PCs under DOS. Admirable. But now the problems began. His school librarian began to think of changes to the software and the teacher implemented them. Hearing of this system, librarians at other schools acquired copies of this software and began using it.

Pretty soon, the software had made its way around the state - more than 1,000 primary and secondary schools. And then someone phoned the Department of Education's IT help-line for help with the software. Frantic enquiries were made up and down the chain of command trying to figure out where the software had come from, and how it had spread to so many schools.

Eventually, the author was found, questions were answered and a compromise reached: the teacher was pulled from his teaching duties and moved to head office for the maintenance of the library software. The teacher was now folded into the IT team, which meant the maintenance of the software could be properly managed and documented should he ever leave or once he retired. It did mean, though, this one teacher never taught again.

Could this have been avoided? Very likely - the librarian could have contacted the IT department, the teacher could have passed his code to IT staff after it became apparent that it was useful - the points of recovery were there. But because the software was allowed to reach critical mass unchecked, it was too late to rein it in.

Skip forward almost a decade to another school system - a nationwide music academy responsible for overseeing the examinations of musicians and for awarding certificates.

Top three mobile application threats

More from The Register

next story
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.