There is an article on HBR called “Does Hardware Even Matter Anymore?” which discusses product development and how new systems/solutions/apps are all software related. It reminded me of 2013 blog post entitled, “Don’t call it ‘the cloud’. Call it ‘someone else’s computer.‘”
I get the abstraction idea in the first article and firms like Google and Salesforce.com deliver amazing capabilities where the hardware is hidden behind the scenes. However, don’t forget that all these amazing systems/solutions/apps are running on hardware behind the scenes (or in your hand). Companies like Google and Salesforce.com lull you into thinking they are software companies, but don’t forget that they are huge hardware companies with data centers located somewhere. Systems/solutions/apps are running on your smartphone (hardware) and then likely connected to some ‘cloud’ systems running on Amazon’s cloud or another ‘cloud’ somewhere else in the world (more hardware).
Servers, storage, networking and related are the backbone behind all these things.
There is hardware somewhere in the stack.
I read years ago that if enough computers in an organization have anti-virus software installed, then the chance of a really bad virus outbreak in the organization is greatly diminished just by the fact that the virus won’t enough hosts to spread to inside the organization.
An article about this very point caught my eye this week and I wanted to share it here and elsewhere. The article says:
The success of his vaccine (it resulted in the virtual eradication of polio in the U.S.) was due to a phenomenon called (sic) Herd Immunity. In short, as more people were vaccinated against the virus, it had less and less places to spread, and that meant less places to spread from, until finally the disease was eliminated.
IT shops need to invest it technology solutions to prevent, detect and eradicate malware. At the same time, organizations must continually educate their employees about risk and vulnerabilities that can be minimized with good behavior, good decision making and discipline. A service like phisme.com can help with the later.
Both are needed.
Did you realize that the disc drive industry is adding 10 Exabytes of storage per week to the world?
My iPhone has 128GB of storage on it which is a lot for a phone.
My Mac has 3TB or 23 times that amount of space.
I recently learned of a large, high-tech firm that has about 95 Petabytes of storage in their entire IT infrastructure. That is 32,000 times the amount of storage on my Mac.
The disk drive industry is shipping 7 times that amount every single day.
These numbers surprised me.
I finally worked all the way through Antifragile: Things That Gain from Disorder by Nassim Taleb.
An amazing book. Amazing obvious ideas.
I’m now thinking about how to apply this in IT. How do we build processes and IT infrastructures that gain from disorder. Systems that don’t fail from stress, but instead get stronger.
I’m thinking that the redundancy we’ve put into our network structures might get stronger over time due to disruptions. Over time, we adapt, put in more capacity, more redundancy, work out triangle WAN links between sites, design in excess capacity, etc. as a direct result of events that hurt the network. The net impact of the negative events is that the whole gets stronger. Does that count as one way antifragility increases in the system? We do seem to have less negative impact from outages because the ‘whole’ is more capable of adapting to outages.
Do our information systems get more antifragile over time as we experience issues, problems, outages, etc. and then adapt and improve and improve the ‘whole’ to lessen the impact of those events? Are we learning from these events and getting stronger as a result? Are our management teams getting more antifragile as we learn, adapt and improve over time?
Think about storage and how it used to be the drive failures resulted in outages in the data center. Such outages are hardly an event at all any more due to much higher MTBF on drives and due to RAID and other technologies that have been honed and improved over the years. Fragility has been reduced in our storage systems.
Lots to think about here.
I heard of a place where internal audit was told to do a comprehensive security of all aspects of an organization. All aspects.
How is that possible?
The IT organization is likely working at 110% with all their energy and effort to manage, monitor, invest and improve an organizations security so how can a short audit effectively grade how they are doing? Now I suppose that if the auditors were knowledgeable about security aspects and if there were huge gaps in what IT was doing then those would surface in the audit. But how could an audit detect deep matters in the enterprise in a short audit?
Further, how can an IT organization comprehensively know that all is in control? Further, how can a CIO assure a board that everything is under control?
They can only attest that they are doing all they know to do, they are vigilant and they are working to set the tone across the enterprise that all must work together to secure the organization.
They can only assure that they are doing all they know to do.
These are difficult times for CIOs.