Friday, March 28, 2014

Prolifics Employee Showcase: Handly Cameron

Handly Cameron is a Software Architect for IBM Collaboration Solutions (ICS) and Mobile at Prolifics and an IBM Champion for ICS. He has over 20 years of experience in enterprise collaboration and application development and is passionate about helping companies leverage social and collaboration technologies to drive business value.

We recently caught up with Handly to learn more about his time at Prolifics and some of the exciting initiatives he has worked on.

Joining Prolifics
Handly joined the Prolifics team over two years ago, stating that he saw great potential to grow in the IBM space and was impressed with Prolifics’ depth and breadth of experience across the IBM portfolio.

Technical Expertise and Becoming an IBM Champion
Handly was named an IBM Champion for ICS in the first group of Champions in June 2011. Since then, he has been selected as an IBM Champion each year and has earned 43 IBM certifications. In fact, he even helped the IBM team write 3 certifications, the most recent of which for the Worklight and WebSphere Portal developer exam. Currently, he holds 11 active certifications and continues to update them as product versions progress and expire.

Handly sees a lot of value in the IBM Champion program and has remained an advocate of the program since it was created. An IBM Champion is defined as an individual who leads and mentors others in making the best use of IBM solutions and services. Champions are typically evangelists who run user groups, are active in the blog community, help others in online spaces such as Skype or StackOverflow, present at conferences, and generally participate in the broader IBM community. Some of the benefits you can receive as an IBM Champion include:
  • Access to IBM Executives 
  • Opportunities to participate in community activities (i.e. Team Social and interviews at IBM Connect)
  • Free invitation to the ICS Leadership Conference
Handly encourages anyone wanting to become an IBM Champion to talk with him or another one of Prolifics Champions and find out how you can get involved!

Going Mobile: The Prolifics Connect App
Before joining Prolifics Software Group last year, Handly led the team that developed the Prolifics Connect mobile app that is used to support activities at large IBM conferences such as Connect and Impact. This particular project included helping several members of the Prolifics team learn mobile app development with IBM Worklight and integrating the app with back-end systems such as IBM’s sessions data, Twitter, and our blog feeds. Handly is currently updating the app for iOS7 and the upcoming Impact conference in late April. Click here to see the full story of the app.

Client Success
When asked about a recent client engagement he is most proud of, Handly recounted the planning and implementation of IBM Connections Content Manager (CCM) at Mizuno. Handly explains, “We were able to take a lead from IBM, demonstrate how the solution helped solve specific business needs, and sell the software and implementation services. Mizuno became the first customer to install CCM, with Mike McReady standing by to download the software the minute that IBM released the eGA. Following from this success, the customer was so happy with the results that they joined us in an IBM webinar last September that has been seen by hundreds of people. New leads are still coming in for customers who saw that webinar and want to hear more about how they can get similar results with Prolifics”. To listen to a Webcast replay, click here.

Interested in Hearing More from Handly?
He was recently interviewed by Sandy Carter at IBM Connect 2014. At the start of the video, you can see the blazing yellow Mizuno shoes Handly is wearing.



Connect with Handly Today!
www.twitter.com/handly
www.linkedin.com/in/handlycameron
handly.cameron@prolifics.com




Handly Cameron is an Enterprise Architect in the IBM Software Group at Prolifics and an IBM Champion for IBM Collaboration Solutions. He has over 20 years of experience in enterprise collaboration and application development and loves to help companies leverage social and collaboration technologies to drive business value. Handly is the Leader of the Atlanta WebSphere Users Group, recently finished 5 years as the president of Agile Atlanta, and holds 25+ industry technical certifications. He blogs at http://handly.org and is on Twitter as @Handly.



Friday, March 21, 2014

Prolifics Accelerator Approach: Driving Security Implementation Success with Identity and Access Management Power Tools

A good Systems Integrator knows how to create powerful technical and business solutions for their customers. A great one can assemble solutions and collate the technical and business knowledge from their work at many customers for the benefit of the rest. Over the years of performing superb Security services for our customers, Prolifics has created numerous implementation accelerators that we bring, often at no cost, to our new customers.

Prolifics has proprietary tools built for IBM Identity and Access Management (IAM) that simplify upgrades and operational maintenance by up to 40%. The “IAM Power Tools” provide specialized capabilities in:

Automated Regression Testing
Our Power Tools leverage our unique knowledge of IBM Security Identity Manager (ISIM) Workflows, customization and APIs. They utilize the keyword-driven testing approach to support Test Driven Development and complete path for testing – from an ISIM request to a change on the end system. They provide regression, functional, unit testing and UI testing. They also uses a generic free and open source test automation framework (Robot Framework), GUI and test case creation and provide test result clear reports.



IAM Configuration Management and Migration
A set of automation tools written as SDI assembly lines to operate and manage any number of ISIM customizations. It simplifies backup, version control and en-masse changes to customizations in workflows, provisioning policies, forms, mail templates, ACIs and other forms of ISIM customizations.

Automatic Workflow Analysis and Documentation (AWD)
AWD creates automatic maps of all identity workflows, generic and customized in one unified view. It can make even the complex 'spaghetti' workflows manageable and maintainable by providing printable PDF's of all nodes, connections, flows and invocations. It is easier and more intuitive to understand than the internal ISIM workflow editor with more relevant information in plain English, rather than javascript. Color coded and carefully laid out automatic documentation makes it possible to keep up to date architecture documentation, easy to understand by business and technical users. Combined with the customization export PowerTools AWD takes operational support and issue tracking to the next level.

ISAM Script Automation
IBM Access Management appliances, both physical and virtual eschew the pdadmin scripting for integrity reasons. Yet, pdadmin scripting is one of the oft used low level automation mechanisms that many of our our customers use. We had created a translation interface that allows existing pdadmin scripts to run on the new IBM Access management appliances, allowing our customers to retain their existing administration and configuration techniques and procedures and thus ease migration to the appliances.

In addition to the PowerTools that our consultants use and train our customers on, Prolifics owns an IAM Adapter & Profile Library that extends the reach of IBM’s portfolio to a wide range of common and specialty applications. The library includes dozens of adapters to connect, provision to and reconcile from a multitude of enterprise ERP, CRM, Financial, HR, IT and line of business systems that we had encountered over the years.

Inviting a security integrator like Prolifics, that packages solutions and assembles accelerators for the customers, helps you reap the rewards of faster implementations, simpler maintenance projects and proven processes. Our clients benefit not just from direct expertise that we bring with our knowledge and experience, but also from the powerful assets that we created over the years in the industry.

To learn more about Prolifics' security solutions, visit www.prolifics.com.



Alex Ivkin is the Vice President of the Security practice at Prolifics. With a deep understanding of compliance, governance and risk management, Alex brings more than 15 years of experience in a broad array of computer security domains. Alex has worked with large and small organizations to help drive security initiatives and deploy various types of enterprise-class identity management and application security systems. In a Security Architect role, he has helped companies succeed in attaining regulatory compliance, improving business operations and securing enterprise infrastructures. As the head of the Security Practice, Alex leads a team of highly skilled consultants to deliver comprehensive security solutions to our clients. Alex is an established and recognized security expert, a speaker at various industry conferences, holds numerous security certifications, two bachelor’s degrees and a master’s degree in computer science with a minor in psychology.


Thursday, March 20, 2014

Workplace Communication: Too Much, Too Little, Just Enough

How many times have you walked away from a meeting thinking to yourself that you don’t have enough information to perform the tasks at hand? Or maybe you sat through a long stretch of discussion in the meeting where a lot of information was shared by the team but none was relevant to you.

Communication, we all acknowledge, helps us perform better, but the corollary to the fact is that when there’s too much or too little of it, there are breakdowns in overall productivity. Too much communication is a general pain point these days, but what most people don’t realize is that, with the wealth of information around us these days, we may exchange a lot of information but it may not necessarily be effective communication.

In the case of client-service provider relationship, the role that communication plays becomes pivotal. Add to that an onsite-offshore delivery model and the communication lines become even more complex. Over the years, many benchmarks have been set up for such settings, but the process and channels continue to stay riddled and prone to errors caused by too much or too little communication. Some ground rules can be established in order to set the tone for a good relationship.

  • Establish rules of communication after a formal discussion with the client. Once the process is formalized, it offers the advantage of no longer being prone to the variations of individual styles.
  • Conclude on what needs to be communicated in status reporting, including all stakeholders that need to be copied on the daily/weekly/monthly statuses and emails.
  • Formalize a format of communication, for instance the communication of questions during the planning phase of a project to be logged in a tool or sent across to business team directly.
  • Once the process has been established stick to it by any means, say the monthly metrics for all projects are communicated on a quarterly basis, then this schedule must never get disrupted without prior notification.

Where too much communication can hurt productivity, too little communication can lead to an array of disasters like unclear expectations and low team morale followed by gossip and rumours. Withholding pertinent information from anyone, be it superiors, peers or subordinates, results in them feeling disregarded and many times leads to them inferring assumptions from the lack of information. A common mistake made by a lot of people is being afraid of asking for help at work. It is very important to communicate with your team/manager and ask specifically for what you need in order to get the job done right. When unclear on whether you have provided enough information, make sure that you leave the door open for further conversation by mentioning “you can get in touch with me whenever you need” or “please feel free to ask questions”.

In order to make your communication effective focus on these areas:

Verbal communication

  • Listen well
  • Do not make assumptions
  • Ask for feedback
  • Practice your presentation skills
  • Ask questions wherever you need clarification
  • Always check with the other person if they have a few minutes when you call


Non-verbal communication

  • Work on having a confident body language
  • Display interest in what the other person is saying
  • Learn about the cultural differences when working with people across different cultures


Written communication

  • Always perform a grammar and spell check before sending out any document/email
  • Always provide a relevant subject line to the emails
  • Always double check the attachments or links provided in the email


Teleconference/Videoconference calls

  • Keep up time
  • Announce yourself when you join the meeting
  • Mute your phone if you’re not the speaker
  • Take notes
  • Ask questions whenever you need more clarification


We can improve our communication and ensure getting the right message across by being clear, concise and precise. Having an agenda for a meeting, sticking to it and including only the people related to the agenda helps in furthering the effectiveness of communication and helps maintain good productivity levels. Similarly, keeping your email and phone conversation brief and to-the-point saves valuable time for everyone.

Think of your team/workplace as a network where all individual systems work together in coordination. If there is lack/delay/overflow of load then it is bound to crash. Beat the issue of over or under communication by constantly assessing the amount of emails, teleconferences/videoconferences, and phone calls against your productivity. Over time you will be able to figure out the middle path where you will communicate just right.

It was previously thought that that you either have communication skills or you don’t. We now know that communication is a skill that needs constant honing.





Farhat Afridi is a Test lead at Prolifics having over 10 years of experience in testing, with extensive experience in Retail domain. She specializes in Oracle retail suite of applications. She holds a bachelor's degree in Electronics Engineering from Bangalore University.

IBM Business Process Manager Integrations: Designing SCA Based MQ Integration for BPM

Problem Statement:
For integrating IBM WebSphere MQ with IBM Business Process Manager (BPM) applications, solutions can be built using SCA components bundled into main business process applications to consume messages from external messaging systems when BPM Advanced edition is used. If the business requirement is to have multiple active snapshots then IBM BPM deploys separate SCA Modules for each snapshot. Though the solution works, it is not an elegant solution because as the number of snapshots increases, the number of listeners (SCA Modules) on MQ will continue to increase.

Solution:
The solution is to separate SCA modules from main business process application by creating a lightweight standalone process application with SCA components which in turn routes the incoming message to the main business process which is expecting the message from the external system. Use the MQ export component to listen on MQ and trigger short process using one-way interface, the short process will have all system activities to digest incoming message and route it to appropriate messaging event (ME) of main business process using UCA components.

Assumptions
To explain the design, assuming the following:
  • Input messages are XML messages over MQ and IBM BPM Advanced 8.0 environment. 
  • External Message is expected after business process has been started, i.e. external message event is not used to trigger the business process instead used within the process.

Process Designer Components
  • Create Process App “MQ Integration” with BPD called “Process MQ Message” which needs to be triggered when the MQ message arrived in queue using SCA component in IID. This process should have all required logic to send the message to appropriate main process with correlation information.

  • The BPD should have appropriate input variables based on payload.
  • The BPD should also have service to send the message (payload) to main process using UCA. Use correlation id such as Instance Id to send the payload to correct process which is expecting the payload.
  • Create a toolkit for UCA to send the message from “Process MQ Message” to actual (main) BPD and include this UCA tool kit in both main process app and Integration process app.
  • Another option is to drop the message with UCA format into SIB (event queue) which would automatically triggers waiting IME based on correction id. In both approaches, payload should have correlation id or any other data which can be used to derive actual correlation information.
Integration Designer Components
  • Create MQ Export one-way invocation style to start BPD “Process MQ Message”.
  • Configure MQ Export to listen on MQ queue using appropriate connection details.
  • Configure data handler based on payload, OOB data handler UTF8XMLDataHandler is used in this case as payload is XML.
When the message arrives in the MQ queue, SCA component will trigger BPD “Process MQ Message” in “MQ Integration” application with payload as input. The BPD in turn sends the message to actual process using UCA with correlation information available in payload.

When multiple main process snapshots are active on process server, there will be only one SCA module from Integration application “MQ Integration” listening on MQ Queue and routing the messages to all active snapshots of main process.

Advantages
  • As the SCA components are not bundled with main business process app, only one instance of SCA component (one listener) will be deployed on process server
  • Easy to maintain as it is not tightly coupled with main business process application.
Disadvantages
  • It needs to be deployed separately.
Conclusion
Decoupling SCA Modules from business process application will allow changes to integration logic and routes the messages to appropriate process without impacting main business process application much when production environment expect to have multiple active snapshots.





Shanmugam Golla is Solution Architect proficient in developing web-based enterprise applications using JEE, BPM, and SOA technologies. Possesses over 11 years of experience in all phases of software development, with exposure to all aspects of project life cycles, from inception to production support. Shanmugam has lead teams for top-tier consulting firms providing multifarious and complex IT business solutions to prestigious firms in banking, finance, securities, and insurance brokerage.



Wednesday, March 19, 2014

IBM Pulse Session Recap: Prolifics Identity Intelligence: Threat-Aware Identity and Access Management

At IBM Pulse 2014, Russell Tait was selected to speak on a panel with other security experts to highlight Prolifics' Identity Intelligence solution.

During this session, Russell shared how integration with key areas of the IBM Security portfolio can increase solution value for customers. The panel discussion covered strong authentication, mobile, cloud, and security intelligence use cases.

View the session presentation below!



Identity is the New Perimeter
Prolifics’ Identity Intelligence solution with IBM QRadar delivers a comprehensive solution with actionable insights and has been recognized by IBM with the Ready for Security mark. This solution is uniquely positioned to extend the integration of traditional Security Information and Event Management (SIEM) to identity systems to more intelligently manage security risks from user activity in real time and provide continuous control of insider threats through identity analytics.





















To learn more about Prolifics' Identity Intelligence solution, view our solution brochure.

Want to connect with Russell?
Russell Tait on LinkedIn
Russell.Tait@prolifics.com

For more information about Prolifics, visit www.prolifics.com.

Thursday, March 13, 2014

A Closer Look at Outsourcing Contracts: Common Challenges and Proposed Solutions

Software engagements can often be met with many challenges and problems. These challenges can arise during outsourcing, advanced technology and services, application deployment and maintenance, software development, business services, IT disputes, cloud computing and more. In this article I would like to share some of the typical challenges surrounding outsourcing contracts and make a case for learning from these challenges so that they can be avoided in the future.

Taking the Initiative on Provisions to Solve Outsourcing Contract Problems
Outsourcing suppliers frequently face issues that can cause significant damage but are not grave enough to virtue using contractual preparations, which are typically confined to termination of the contract or even in some cases customer claims the damage.

The traditional contractual preparations fail to take into account how reliant a business is on their contractors. Simply ending an association could be incapacitating – the businesses require an alternative way of addressing glitches.

Taking the initiative on provision also known as “Proactive Preparations” is one possible solution for this challenge in an organization. This solution drives a framework in habitation that establishes a comprehensive assortment of events or conditions that could cause problems, and provides a structure for managing the risks involved in business by using various tools other than contractual remedies such as termination or damages. It also identifies that problems can occur that are not the fault of both the parties, and that these problems still have to be resolved.

Not only are traditional remedy arrangements of small practical use in many situations, they also lean towards to be reactive rather than proactive – the client has to wait until it can establish that there has been a contractor default before it is able to trigger what groundwork are available within the agreement or the contract.

By difference, proactive preparations are designed to avoid key business and also prevent service risks from becoming realities. The preparations are designed to focus the parties' minds on good contract and risk management before things go horribly wrong.

Such issues can likely affect the client's business or the outsourcing relationship between supplier and client - a corruption scandal affecting a key sub-contractor; an important profit warning; a large scale severance program. Each party consequently gains benefit from an intensified level of attentiveness and preemptive or proactive management by both client and service provider.

Proactive Preparation is “Good Governance”
Contracts, however, sometimes pay lip service to governance and contain little more than a list of governance bodies, terms of reference and meeting schedules. Everybody agrees that robust and strong contract management, which is generally known as Service Level Agreement or governance, is censoriously vital to the successful delivery of the outsourced services and to the health of an outsourcing service association. It is all too common for the parties, over time, to if the essentials of good contract governance are disregarded, the unavoidable result is that poor performance goes unaddressed and real business risks, perhaps unrelated to outsourcing service provider performance, are not anticipated and managed.  With all good proactive preparations mechanism, the parties will have a pre-agreed process for keeping an eye on the issues that substance furthermost to the business.

How does the “Proactive Preparation” Work in an Organization?
We can define the proactive preparations in such a way so that the external risks can be controlled by both parties before they become problems for the organization. At the same time, we can also have a structure that addresses minor loopholes, predominantly where it is convenient to overlook a circumstance which can ultimately impact on the association or relationship in a significant way if it is not addressed.

How to Organize Proactive Remedies
To be useful, proactive preparations must be tailored to the customer's business - they should be industry and context specific. Proactive preparations are usually drafted collectively as a schedule to the contract or can be built into the contract governance or like the performance management system / regime.  To ensure the regime leftovers relevant to the client's business, at that point there should be a mechanism for review and updating on a regular basis.

The contract should set out the following:

Elicit Events
Thinking about which risk procedures to pay attention to, clients often ask: In addition to service breaches, what events would significantly impact on our business? For example, consider negative media that impacts reputation.

Risk Levels
We must set the proactive remedy in proportion to the level of risk the trigger event exposes the customer. The preparations to address particular risks when they are still at a relatively low level may be as simple as enhanced monitoring or an investigatory report, perhaps at the customer's cost. If those risks escalate, however, the risk level may increase to the next level. The contract should identify the circumstances that will constitute the different risk levels for the purposes of the regime.

Preparation Points
The preparations that apply in a proactive preparations regime should be tailored so that they are effective to address the risks that are identified by the parties. They may include:
  • The supplier provides requirements as a detailed information and/or plans about the trigger event
  • Allow client to choose an independent third party consultant to audit the supplier's business in relation to the event if they wish
  • The initialization of an additional benefit scheme in lieu of named members of the supplier's workforce to incentivize swift resolution of the situation
  • High level risks related to service delivery that have not been addressed and the necessary termination or step-in rights for the customer.

Proactive preparations can help the customers and the suppliers focus on risk management as part of the contract governance regime and allow them to address the general concern that contracts focus on mechanistic and legalistic preparations. They are tools which supplement traditional contractual preparations rather than replacing them and can be useful in highlighting issues that could impact on a customer's business beyond service breaches.

For more information about Prolifics, visit www.prolifics.com




Dhanraj Dadhich is Technical Architect at Prolifics. He has 14+ years of experience in design and development of applications and has designed various Banking, Security, Social Media, Mortgage and Payment Gateway applications. With Prolifics, he is promoting the use of technology, and of specific products, to help enterprise management and IT communities meet their business needs. He specializes in selecting, defining and enforcing a consistent, uniform set of products, vendors, methodologies and standards throughout the IT organization. His current role has given him the opportunity to develop creative ideas to realize significant cost and head count savings whilst still maintaining good service levels to build on this experience.