Contact Information

  • Mickler & Associates
  • Vancouver, WA
  • Voice: 360.601.0818
  • Fax: 360.397.0468

BI on the Mind…

Written on February 11, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

From a student:

From: William BoebelSent: Thu 2/9/2006 10:30 PMTo: Russell MicklerSubject: RE: Individual Project – Last Assignment MIS370-0601A-01

Attached is my assignment. Thank you.

By the way…

In live chat you mentioned business intelligence as a primary part of your company’s business. I was curious what your opinion was on SQL Server 2005 from a business intelligence perspective.

I am interested in the closer integration of SQL Server with C# and VB.NET for stored proc’s, but I hear hype about the business intelligence aspect of the newer version. It seems to me that BI comes from the development of applications that process database data and provide information to users. So shouldn’t an RDBMS system stay out of that area, and just be real efficient at managing data? Let the IT staff or consultants be concerned with developing BI solutions since they will be very specific based on organizations anyway?

Billy

***

Hey Bill -

I’d have to suggest my experience with 2005 is nill; I’ve very familiar with SQL Server 2000, of course, but I think its ETL tools (Extract, Transform, and Load) are more comprehensive in 2005 than 2000. I think, like any _platform_, SQL Server’s use as a BI tool would be limited to the orchestration of its architecture (the schema development) and its reporting development (strong systems analysts who understand the business, its products, and its services). Out of the box, SQL 2005 may offer stock reports, but like anything, they’ll only be useful from the perspective that the data being populated conforms to the expectations of a “standardized” business model. And, in my experience, these tools must be customized to deviate from a preconception of “standard” business practices to meet the unique needs of any business to be really useful. So out of the box, SQL 2005 is probably a great platform to launch a BI initiative, but success utilimately depends on schema design and analytical prioritization in reporting.

And this touches on your conclusion that value of BI will come from the applications and customization of the platform to meet the user’s needs. I’d completely agree. Where SQL 2005 might offer stronger tools by which to develop and create these solutions, BI isn’t automatically “installed” with the upgrade to SQL 2005 as a product. If anything it introduces more risk for an indeterminant benefit that cannot be easily quantified (example: what _IS_ the ROI for upgrading to SQL 2005 if I’m unsure what BI benefits can be achieved from it? Am I prepared to risk a migration that could disrupt the existing business system for an undefined benefit?). I’d ask your developers/consultants, point blank:

1. Articulate the tools in the SQL 2005 platform that are not available on the SQL 2000 platform that would be beneficial to your constructing applications or reports that’ll improve my BI.

2. Give me an example of how those tools will be applied (give me an idea of the report, data, information, DSS, query, whatever).

This should allow you, as a manger, to weigh cost, risk, and benefit. Is the benefit of the example tool really worth the cost and risk of upgrading the platform? In other words, is there _really_ a benefit to the upgrade? Further, how does this balance out to the other IT priorities of your organization? Is there a demand from your internal or external customer base? Is it relevant to current business problems? Is there enough budget to accomplish what they want, or, is your team just “dreaming” about possible uses? I mean, let’s not upgrade because it’s fun… they should justify the risk for you.

Personall, I’d be concerned about a SOA (Service Oriented Architecture) and capitalizing on self-service functions. I’d be questioning the overall architecture of the BI layer in conjunction with the MIS layer. Are there opportunities to push reporting to the end-consumer of the data without having to draw on IT resources (like, can we have users use a DSS or reporting tool on their own to build BI… on their own… without us)?

Eh, my two cents. Good luck!
R

Doing More Evil Than Good?

Written on February 9, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Google, unlike many organizations, are very proud about the moral compus built into their mission: “Do No Evil”. However, the devil appears to be in the details for the $106.03 billion market-cap company.

Let’s not kid ourselves: the market perceives this company to be worth half of the total US cost of the Iraq war to date. Evil or not, peddling the personal private information of others – whether it be examining your email or the personal files on your computer – is apparently big business. Certainly, let’s examine their recent Desktop 3.0 release and it’s privacy statement to judge for ourselves – by installing Google Desktop, you allow:

1. Google to index and store versions of your files and your Internet activity and web history.

2. These versions include web searches and web hit results without your explicit permission.

3. Google serializes its installation with a unique number for each install, giving them the capability to relate your Internet activity, searches, browsing, and files back to _you_ as an individual, if so desired.

4. Google has the right to broadcast information to the Desktop product (as adware).

5. It also “collects a limited amount of non-personal information” and sends it to Google.

6. Searching Across Computers will send an index of your personal computer’s files “securely” to an index server ran by Google, so that others may also search your files.

Then, there’s apparently the “full” privacy policy (http://www.google.com/privacypolicy.html); apparently the one they provide just isn’t specific enough.

Doing “Evil”, in my book, is emulating the function of spyware, virusi, or trojan horses. I’d have to say that, if I saw this thing running on my corporate network, so pleasantly indexing the private files of my organization, I probably wouldn’t hesitate to completely remove it from the system. And I couldn’t imagine an index of my financial data and files being floated around a Google server – that seems ridiculous.

Evil or not, Google Desktop sure looks like what we’re constantly defending our computers and networks against.

R
www.micklerandassociates.com

What are Rootkits?

Written on February 5, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

A lot of buzz about rootkits recently so I thought I’d join-in on the bandwagon. Sony recently came under controversy for their XCP (Extended Copy Protection) Rootkit (http://searchsecurity.techtarget.com/
originalContent/0,289142,sid14_gci1140633,00.html)

Defining Rootkits

First, the concept of “root” comes from the golden days of UNIX where the “root” was the beginning point of the system’s understanding of file-level security. Root can be described in two contexts: one, inheriting super-user security permissions within an operating system, or two, the macro beginning of a directory structure.

Second, a “rootkit” is a suite of binary tools that can be used to maliciously infect a target computer to gain unauthorized access to the host – perhaps in terms of administrative authority, or, to the native file system (example: c:\). If that doesn’t unnerve you enough, rootkits can be downloaded for free or at cost from various locations, the most notorous being the Hacker Defender Project (hxdef.czweb.org); the rootkit for the Windows platform can be downloaded for free at http://www.megasecurity.org/trojans/h/hackerdefender
/Hackerdefender1.00.html. They are common instruments and some would argue that a rootkit is an effective tool in an arsenal needed to protect a corporate security environment.

What Does a Rootkit Do

Once installed, rootkits attempt to mask their presence from antivirus scanners by renaming components of themselves and critical system files. They will then attempt to load programs into runtime memory (RAM) with administrative priviledge. This access can service the hacker in a myriad of ways: executing in-state processes that cause harm to the computer, or, may serve as a back door for remote control attacks, or, it may allow the hacker to use the host as a zombie to perform some undesirable function (example: hosting porn files without the owner’s knowledge or permission).

Because they attempt to mask their presence, rootkits are sometimes difficult to find with traditional antivirus mechanisms. Some sites recommend performing a port scan on suspect hosts to see if new services are running on a computer that shouldn’t be (http://bagpuss.swan.ac.uk/comms/hxdef.htm); the same site also makes recommendations for examining a registry location for references to executables launched in a suspect area. There are also software tools – http://www.snapfiles.com/get/unhackme.html or http://www.sysinternals.com/blog/
2005/03/updated-rootkitrevealer.html- that can be used to detect the presence of a rootkit and eventually delete it.

How to Protect Yourself

Rootkits must be installed. The NT (Windows) Rootkit from holy_father, for example, uses two components: an executable that must be ran on the suspect host in conjunction with an *.ini file; the executable processes the instructions provided by the hacker in the *.ini file. That means that the hacker must first have this kind of access on the target computer, or, the legitimate user with appropriate access permissions is tricked into executing the code on their behalf, or, the installation is batched without legitimate user knowledge.

Practicing good computing practices – avoid visiting websites you’re entirely unfamiliar with, avoid double-clicking on questionable email attachments, avoid downloading free applications that haven’t been expressly compiled without spyware, installing a good firewall and anti-virus and anti-spyware products – are the best routes for protection. Detection and elimination are another thing – you may want to find a responsible technology professional to assist in detecting and removing rootkit malware.

R
www.micklerandassociates.com

Political Cartooning

Written on February 5, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share



Long, long ago, in a galaxy far, far away, I was going to be an artist before I went into business and technology. I hope not to offend anyone with real talent…

R
www.micklerandassociates.com

National DO NOT CALL Registry… a Hoax?

Written on February 4, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Interestingly enough, somebody reads my blog! Actually, a very attentive student of mine, one Mr. Padgett (and you know who you are!), striving to keep me accurate and honest, provided a Snopes article concerning this subject:

http://www.snopes.com/politics/business/cell411.asp

It’s apparently very likely that I’ve been played on this – and you shouldn’t be! My thanks to Mr. Padgett for his dogging my blog for a fact-check!!

R
www.micklerandassociates.com

The Last Telegrams…

Written on February 2, 2006  |  by RP Mickler  |  Leave a Comment Leave a Comment  |  Bookmark and Share

Western Union has ended its historical role in issuing telegrams. An interesting milestone in telecommunications history….

http://msnbc.msn.com/id/11147506/

R
www.micklerandassociates.com