Tuesday, March 21, 2017

7 Year gap in blogging

I was reviewing my linkedin profile and noticed a link to my blog ...can't believe my last post was in June 2010.Where did 7 year go??wondering,sent 2 kids off to university,aged more,communication and writing slowly and steadily changed from blogging to Instagram,snap-chat,twitter,Facebook messenger,whatsapp. Facetime, skype took over need of in person meetings. We are getting technologically advanced but in this advancement loosing personal connectivity,talk over the phone has become thing of yesteryear.This loss of personal connectivity is impacting all of us alike we are living in our own world which doesn't even have room for constructive feedback.While I appreciate all technology advancement and have adapted few of them I appreciate in person meeting more,I still prefer phone over snapchat,beautifully crafted email over instant messenger.Call me old school-probably ....:)

Cloud Technology & Quality -How does it go side by side?

Cloud has become the latest buzzword in Technology. In an effort to reduce the operational costs, many companies are moving to Cloud providers such as Microsoft, Amazon or IBM. All of these providers are expending lot of effort to capture Cloud market share as much as possible. Many startups are already preferring cloud based solutions to meet the need of fast product development and quick time to market. They are hosting cloud in-house  or renting an instance on public cloud to meet the need of operational, product and service offerings.With all these wind of change coming to technology industry question quite often come to mind is where does quality fit into this picture?

From my point of view, one of the important factors is quality and its management,keeping up with quality goals and objective,cost of product and infrastructure availability for the smooth operation of a company’s day-to-day business.

Many of the questions listed below must be answered when infrastructure and products are hosted outside of your control limit:

  • What happens when server loses the connectivity? Who will be first point of contact ?Cloud provider or in-house tech support ?
  • How does Service level Agreement with Cloud provider will impact companies ?What happens to Service Level Agreement with customer?
  • How do we intend to protect the IP.In the order of priority actions must be taken to smoothly transition to Cloud?
  • What actions are required to secure your application from cyber attack?
  • What kind of control is required for the supplier management?
  • Do you have formal Risk Management in place?
  • How to protect the application,infrastructure from external attack ,such as data spoofing,denial of service attack etc?

To address the concerns above, the following actions can be taken:

Plan:This is one of the important steps to take. One must spent enough time to plan for migration, deployment of new product,timeline,resources required,training requirement,risk and mitigation,identify stakeholders, rollback strategy in-case migration or new deployment to cloud fail.

Quality Metrics: Identify the quantitative metrics which will help you to track the progress of cloud initiatives. Some of the Key Performance Indicators could be number of applications to be migrated,planned vs complete,number of new deployments plan vs complete,
incident and defect by type,severity and priority.Analysis of most common issues and actions taken to address those.

Alignment with standards: These are company specific requirements. Many companies comply with ISO standard,CMMI or internally established standard. Cloud migration or deployment needs to make sure move is in accordance with these standard and any deviation is properly signed off by Leadership or Management.

Risk Management: All risks must be identified and documented as and when they are identified and must have a mitigation plan in place to address the risk. Acceptance,Transfer,Avoidance are few of the risk response type which companies can use to stay on top of the risks.A proper Risk Management Tool such as Risk Log,Risk Matrix,will help in tracking these risks to closure in timely manner.

Supplier Management: Since cloud providers are an external vendor supplier management process must be established and suppliers should be audited to make sure they are
in compliance with standards and requirements mandated by the receiving organization.Quality should be clearly outlined in contract with supplier in accordance with overall quality goals and objective of the company.

Hardening the Cloud hosting:When you put infrastructure or application on the cloud, you are susceptible for external hacking,spoofing,data loss and interception during data transfers.This can be alleviated  through proactive measure of setting up the Intrusion Detection System,diverting the attackers from real data.Public Key Infrastructure establish certificates and digital signatures with pre-set validity period.

I am all for latest technology usage however change must be controlled,success and quality  must be measurable to validate the objective of Cloud initiative.At the end I would like to mention that though Cloud seems like you  are transitioning the company’s operations and infrastructure management to some third party at the end of it Quality,Customer Satisfaction,Security and IP protection is sole responsibility of companies providing the product,services or infrastructure.

What Is the ISO 9000 Standards Series? http://asq.org/learn-about-quality/iso-9000/overview/overview.html

Friday, July 16, 2010

Manual or Automated testing

I have done several years of Quality Assurance of Enterprise software and have experienced all common or not so common blocker in software development life cycle.I often encounter a question how much testing we can automate and how much can be done manually.Automated and manual has their own advantage and disadvantage.Automated testing are really helpful to make regression cycle shorter when used for mature product however they can't be used in the product which still going through frequent development process.Automated testing helps to avoid human error and omission .Manual testing are really helpful when used in testing new feature or functionality in a software,however in manual testing a tester or QA person can skip or forget the test step which may generate false positive test defect.

In my opinion automated and manual testing compliment each other they are not mutually exclusive to each other.

Wednesday, August 27, 2008

Data protection

I read a news article at http://ca.news.yahoo.com/s/afp/080826/world/britain_us_banking_internet_company_rbs_ebay_data_1.These kind of articles are making headline and reminding us that we need to handle our Information Technology infrastructure with more care and strong policies. After reading the complete article, I think it is high time we should review Information Technology Best practices regarding the acquisition and access of assets till its disposal. In today’s world when we are storing everything in computer, which includes but not limited to source code for s/w program, customers demographic details, personal details, trade secrets, business model, its security should be first priority for every company. When we dispose off our computers/servers/hard disk special care about data erase should be mandatory. When we don't need computers/servers/hard disk, data should be backed up to the active server (Data retention Policy) and data should be cleaned from the computer asset we are going to dispose. A strict policy regarding asset disposal and handling should be in place in every organization to avoid the mistakes like this in future.Not doing so is like giving our home key to intruder.

Friday, August 1, 2008


Virtualization is a new buzz word in the technology industry. It helps in the full utilization of the current hardware resources, with the help of virtual software; single machine can host number of virtual machine. Virtual machines have their own OS, Software environment etc and don’t interfere with other Virtual Machine on the Host server. Virtualization is advantageous especially in software testing and development environment. A backup copy of production server environment can be maintained on Virtual Machines to make system up and running fast in case of disaster recovery. In virtualization if virtual machine stops working it can be restarted or fixed without affecting other Virtual Machine on the Server. However if server hosting Virtual Machine crashes its fix is more involved. However Virtual machines can’t be relied upon for mission critical and production data’s.

Tuesday, June 17, 2008

IP Address crisis- IPv6 comes to the rescue

IPv4 is a 4 bytes or 32 bit internet address,which is widely used today.IPv6 is a 16 bytes or 128 bit internet address,which is going to be standard for next generation IP addresses.Given the increase in the use of mobile devices,sensor devices,internet enabled devices and services we need more and more IP addresses.According to a report published by Organization for Economic Co-operation and Development we have already used up 85 percent of IPv4 address,and by 2011 we are going to run out of IPv4 address.,some countries like Japan,USA,Europe have already taken an initiative to make their network IPv6 compatible.Its about time to move to IPv6 to make your business competitive and current in technology.However some organization are still reluctant to deploy IPv6 given the cost involved in deployment.

Wednesday, June 4, 2008

What is social engineering ?

Social engineering is an unauthorized gathering of personal information from peoples which later on used by social engineers for their own benefit.Like what they do,where they work,date of birth etc.Due to lack of security awareness people fall victim of identity theft.People should restrict themselves from disclosing any personal information over the telephone,internet or email.Telephone,email and website are frequently use tool in social engineering.