Yair Alan Griver

COO of EC Wise

Group Program Manager for the Online Billing System at Microsoft

Group Manager for the Visual Studio Data team at Microsoft

Chief Information Officer at GoAmerica

Founder at Flash Creative Management

Author of five books

International speaker

Creator of various development frameworks

 

PCI Compliance and the Cloud 

Posted by Yair Alan Griver Thursday, July 26, 2012 3:17:00 PM Tag: Compliance

One of the things that I've heard a lot is that you can't have a PCI compliant system in the cloud. This article from RightScale does a good job of going through the issues that are involved. In essence, think of dividing your compliance efforts into two parts:

1. The good data practices (including keeping specific information off dev/qa machines, encryption, etc.) - these you have to own in any case.

2. The physical security (access to hardware, etc.) - these will be up to the cloud provider

By having a cloud provider that either has PCI accreditation already, or that will work with you to document these practices you shouldn't have an issue getting your certification.  

  •  

How long till I get it right? A Time Traveller’s Lament 

Posted by Yair Alan Griver Tuesday, February 14, 2012 12:38:00 PM

I could have titled this entry “Don’t let the perfect be the enemy of the good”, but that’s too boring. I’ve written before about serendipity and hit it again in the past week. At work, I’m looking at modeling and enhancing our processes in the large. By this I mean that as part of getting a handle on the organization, I’m putting together a diagram and description of our core process from acquiring prospects, through turning those prospects into customers, through starting and completing the project and billing those customers. Basically, the lifeblood of the consulting firm.

As I’m doing so, I’m looking at ways to optimize different parts of the process, and coming across a typical issue: that of building a plane while it’s in the air. <g> My default approach is to put together a team of people from across the company and work with them to put together any changes, and then roll it out across the company. However, we have a number of projects (thankfully) that are in flight and finding people with the time right now is hard. That leaves me with two choices – wait till some people can be freed up, or write up the new approach myself, set up the templates, systems, etc., and then have some people review it and roll it out knowing that it won’t benefit from the buy-in and extra eyes that doing it my preferred way would bring, but that it will provide some real benefits at the same time.

On the serendipity front, I went to the Seattle Science Fiction and Fantasy Short Film Festival this weekend. My favorite film (and the one that won the audience favorite award) was called Time Freak. It was about a guy who was so caught up in making the day before he invented his time machine perfect, that he’s been reliving that day over and over for weeks, just trying to get everything right.

At the same time, I finally got around to reading and finishing Stephen King’s latest book: 11/22/63 on my Kindle. In the book, a person is given a way to go back in time to the same moment in the late 50s. He can change history, but if he goes back in time again, it all resets. He decides to try to change the Kennedy assassination (among other things), but each time he goes back, it will cost him at least 5 years. He is continuously wrestling with the same issue – get it perfect, or good enough? And what, exactly, is “good enough”?

Anyway, as you can probably tell, working with some of the folks at ECWise, I’ve put together a set of strawman documents, and we’ll be getting the leadership together to look at them and make changes before presenting them to the larger company. As part of it, I’m going to make a commitment that as certain things happen, we’ll move to a more inclusive design process for these things across the company.

My basic belief is that while I’m a fairly smart guy, the massed brain power at ECWise is so much smarter than I am, that the goal is to unleash it not just for our customers, but continuously for ourselves as well.

Anyway, just a quick “lift my head up and tell you what’s going on” type of post…

NY Times discusses Big Data and Analytics 

Posted by Yair Alan Griver Monday, February 13, 2012 12:36:00 PM Tag: Big Data

Now when someone asks what ECWise does, I can point them to this NY Times article for a quick overview.

Freaky Friday Management Technique 

Posted by Yair Alan Griver Thursday, January 19, 2012 12:34:00 PM

I love this blog post by Ben Horowitz. Like all great things, it is simple, understandable, and pushes the solution to those that are most affected by it. I’m a big believer in standing in someone else’s shoes – but hadn’t thought of doing it so literally.

I remember working on a cross-division initiative at Microsoft. The divisions had not been happy with each other for a while. Being new to the role, I went over to my counterpart and said “I hear that you feel we haven’t been working well with you. Tell me about it.” He vented for a while, then ran down. I then described my work history, and how I understood where they were coming from. I explained what I understood the problem was from our division’s side and how we could work together to fix both. When he saw that I was able to stand in his shoes, and I helped him stand in mine, we came to an agreement fairly quickly on a path forward, and worked together to push things through with our various VPs.

Sometimes a bag is just a bag 

Posted by Yair Alan Griver Tuesday, December 06, 2011 12:29:00 PM

I believe that things happen for a reason – and if you are able to actually notice them, you can learn something. I also believe that when serendipity hits, it’s like being hit by a 2×4 that is urging you to PAY ATTENTION!

So today, I’m looking at my RSS feeds and see these two articles:

  1. Rands in Repose: A Bag of Holding
  2. Sara Ford: What a backpack can teach us about software design and usability

Great examples of how you can take an everyday thing or occurrence and really use it to understand something about a greater picture. The fact that they’re both talking about bags just makes it sweeter, IMO.

Thoughts?

Papers and Presentations