Archive for November, 2009

Microsoft Releases Security Guidelines for Agile

security-report

Microsoft will release guidelines for developers building online applications and for those utilizing the Agile code-development process.

The Agile guidelines apply principles from Microsoft’s Security Development Lifecycle (SDL) to Agile, an umbrella term for a development model frequently used for Web-based applications released under short deadlines, called “sprints.”

Microsoft adopted the SDL following the company’s pledge in 2002 to build more secure code after several high-profile worms and other malicious software posed dangerous risks to its customers.

But the original SDL doesn’t fit the Agile process. Agile differs in that developers have a set time in which to develop certain features, after which the application is immediately released in order to get customer feedback, said Bryan Sullivan, security program manager for Microsoft.

The SDL was originally designed for products, such as the Windows OS, that are non-iterative, meaning that there aren’t frequent releases of the product that add just a feature or two. However, all of the SDL requirements have been adopted for the Agile process, but implemented differently, Sullivan said. Agile is used by 85 percent of technology industry professionals, according to Forrester.

Microsoft breaks the SDL down into three requirements: one-time only tasks, those that need to be done for every sprint, and finally “bucket” tasks, which need to be repeated periodically — such as every six months — but not for every sprint, Sullivan said. The Agile guidelines will be available on Tuesday on www.microsoft.com.

Microsoft is also releasing a white paper on security for online Web applications. As those applications are increasingly interacting and exchanging information, security is paramount, said Steve Lipner, senior director of security engineering at Microsoft’s Trustworthy Computing Group.

The white paper outlines key security issues that developers should consider for Web applications, Lipner said. It also discusses security issues that developers should think about when choosing a hosting provider, such as data and physical security.

Copyright 2009 IDG News Service, International Data Group Inc. All rights reserved.

To read more, click here.

Tags: , , , ,

This entry was posted on Sunday, November 29th, 2009 at 3:30 pm and is filed under Agile Development. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Organisational issues that get in the way of effective project delivery

calendar-de

As another year passes it is time to reflect on company success, or in some cases the obstacles companies put in the way of their success. The list includes:

  • No project management system and people can ‘do their own thing’…and no one does
  • Having overly-complex decision making processes
  • Large project boards
  • Ill-trained or no training
  • No ownership of project management
  • Several risk management processes within the business
  • Project managers having no authority
  • Training those who are not engaged in project work
  • Senior managers who fire off delivery dates and budgets, without any thought as to whether the project can be delivered

    •  

    - Kari Marrs

    To read more, click here.

    Tags: , , ,

    This entry was posted on Tuesday, November 17th, 2009 at 3:16 pm and is filed under Project Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    The Follow-up Phase in Project Management

    followup_en

    The project follow-up phase can often lead to a grey area in the project, unless clearly defined at the beginning of an agreement, some of the issues arising can include:

  • How long should the follow-up last?
  • What does the follow-up entail?
  • How quickly must errors be repaired?
  • Is there a guarantee on the project result?
  • Who is responsible for bugs that are found after the project?
  • Should documentation be delivered along with the project result?
  • Will the users require training, schooling or both?
  • Who is responsible for updates?
  • Who will own the code, and who will be authorized to change it?
  • Who will pay for the above-mentioned points?

    • To read more, click here.

    -  Tom Streveler

    Tags: , , , ,

    This entry was posted on Monday, November 16th, 2009 at 1:49 pm and is filed under Project Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    Understanding the Customer vs Customer Value

    24kt_Gold-Plated_Macbook_Pro_Laptop1[2]

    It is often claimed that Agile software development is flawed because it focuses on improving the processes of the team developing the software;  is that really a bad thing. But there is a difference between understanding the customer and focusing on delivering customer values. Agile methods don’t allow for specific improvements to be focused on, as a result the developer doesn’t see the minimum that is required, but rather goes for the less cost effective ‘gold plated’ option.

    To read more, click here.

    - Michael Grollman

    Tags: , , ,

    This entry was posted on Monday, November 9th, 2009 at 2:17 pm and is filed under Agile Development, Business Drivers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    Project Scope – Customer needs to be shown the right path

    upside-down-house-poland

    Setting up a project plan and locking team members into their roles sets a good basis for project success. But once the details have been ironed out and the project is nearing completion the customer may come back with major additions turning the project upside down. Instead of pulling the project team off task, go back to the client and explain the situation. Work out ways of breaking the project into phases, this will give the client physical results that they can then build on.

    To read more, click here.

    Tags: , , , , ,

    This entry was posted on Thursday, November 5th, 2009 at 8:15 am and is filed under Project Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    Project managers need to put their head above the parapet.

    head-above-water

    Put your head above the parapet, what does that mean? It means you really need to plan how to deal with the responses you receive otherwise you could well get trampled upon! There is little point standing back and and complaining about the lack of support from senior management and sponsors, it is the project managers job to get them involved and get them excited. Without their held interest, getting approvals and driving the project forwards can be a slow anddifficult task.

    To read more, click here.

    Tom Streveler

    Tags: , , , ,

    This entry was posted on Tuesday, November 3rd, 2009 at 2:41 pm and is filed under Project Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    Project team member breaks leg – what next?

    broken_leg_kitten

    Just when you think you have planned for every possible outcome, the unexpected happens and a key part of the project team is out of action, possibly for months. Bringing a new team member in can be difficult for not on the team, but the new member, but there is some key steps to take to bring that person up to speed as quickly as possible. Not only should the project manager brief the new member, but also consider the other people that have a different view of the project, including the team and stakeholders.

    To read more, click here.

     

    - Michael Grollman

    Tags: , , ,

    This entry was posted on Tuesday, November 3rd, 2009 at 2:13 pm and is filed under Project Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    You’ve never failed a major milestone? Too bad.

    traffic_light_d1

    Is under promising and over delivering really the best way to run a project and drive a team. To drive a team towards success they need to be challenged and a successful project manager needs to take calculated risks to continually motivate their team. By employing successful milestone management the project manager can rate each milestone as a pass/fail rating. By having this easy gauge at hand, the whole team can understand the status of the project and additionally be held accountable for their contribution, or failings in the tasks.

    To read more click here.

    - Michael Grollman

    Tags: , , ,

    This entry was posted on Monday, November 2nd, 2009 at 10:47 pm and is filed under Project Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.