Capturing Value From Business Process Improvement

“Business processes occupy the middle ground of enterprise architecture:  They are driven by the business model and in turn, drive the technology model.  Although business processes are well positioned to be a source of significant value, you need to take a holistic approach to understand their impact.”

Baseline’s Jeff Bruckner ‘s Workbook has provided another thought provoking article that outlines a 5 step BPI metrics development and gathering process:

  1. Assessment
  2. Road Map
  3. Analyze & Select Scenarios
  4. Develop & Implement Programs
  5. Track Performance

Although the article is only a single page, there is enough food for thought here to feed and grow a working methodology.  Read the article here:  BaselineMag

Advertisements

7 Steps To Making Better Decisions

A couple of weeks ago I read an article in Information Week entitled 7 Steps To Making Better Decisions.  In the article, Gary Smith outlines a no nonsense approach to adopting an analytics methodology to decision making.  The steps seem intuitive and simple, however it is amazing how often basic fundamentals are overloked in modern business.  I like a flexible but structured approach to my process/procedure/standard and other collateral development efforts.

The Seven Steps:

  1. Define the problem
  2. Identify relevant factors
  3. Focus on data collection and preparation
  4. Model the solution
  5. Report the results
  6. Implement the decision
  7. Follow-up

Read the article here:  InformationWeek

Canada Investigates Google Wi-Fi Data Gathering

Canada has joined Germany, Italy and France in launching investigations into Google’s inadvertent collection of data from unsecured wireless networks. Google collected the data by accident while gathering images for its Street View service.  In April, Google said it was collecting only wireless network names and media access control (MAC) addresses, but an audit requested by German authorities proved they were collecting payload data as well.  Google acknowledged the issue in May.

The US Federal Trade Commission (FTC) has also begun an informal investigation.  Several countries have asked that Google be barred from destroying any of the data it has collected while they investigate the potential for criminal prosecution.  Google has provided all the collected data to a third party company, ISEC Partners, for safekeeping.  Google is facing several lawsuits as well.

http://www.computerworld.com/s/article/9177583/Google_faces_privacy_investigation_in_Canada?taxonomyId=84
http://www.msnbc.msn.com/id/37455927/ns/technology_and_science-security/
http://lastwatchdog.com/googles-wifi-data-harvest-draws-widening-probes/

10 Microsoft Patches in June

On Tuesday, June 8, Microsoft will issue 10 security patches.  Three of the pateches have severity ratings of critical, the rest are rated important.

The vulnerabilities could be exploited to allow remote code execution, elevation of privileges and tampering.  The updates will address a total of 34 vulnerabilities in Microsoft Windows, Internet Explorer (IE), Microsoft Office and Microsoft Server Software.   Examples of flaws for which fixes will soon be available include:

  1. A flaw in SharePoint that was disclosed late last April and that could be exploited to allow elevation of privileges
  2. An information disclosure flaw in IE that was disclosed last February.

http://www.zdnet.com/blog/security/patch-tuesday-heads-up-10-bulletins-34-flaws-ie-windows-affected/6593
http://www.scmagazineus.com/sharepoint-ie-part-of-microsoft-patch-plans/article/171660/

Adobe Flash, Reader & Acrobat 0-day

A Security Advisory has been posted regarding a new Adobe Reader, Acrobat and Flash Player issue (CVE-2010-1297).   A critical vulnerability exists in Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris, involving the authplay.dll component.  This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.  There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

The Flash Player 10.1 Release Candidate available on http://labs.adobe.com/technologies/flashplayer10/ does not appear to be vulnerable.

Adobe Reader and Acrobat 8.x are confirmed not vulnerable.  Mitigations for Adobe Reader and Acrobat 9.x are included in the Security Advisory.

 Watch for updates on this issue via the Security Advisory section of the Adobe website, as well as the Adobe PSIRT blog.

 http://www.adobe.com/support/security/advisories/apsa10-01.html