Friday, July 26, 2013

Handling BI Modernization in Secure Environments

During BI modernization initiatives, we work with a variety of firms with differing security concerns.

Our first step in our toll-gated DAPPER modernization methodology is to always perform a quick Legacy Assessment to evaluate the existing state of BI affairs. With this, we can better understand how we can automate its replacement and retirement.

Why do a Legacy Assessment? 

I like to say that with this simple step, you will spend a little to learn a lot.

You may already feel you have a good handle on your current legacy reporting environment. Unfortunately, I do not. Without a quick assessment, I cannot tell you how to save years and millions of dollars by automating the conversion of the applications.

In just a short time, we can tell you: 
  • How big and difficult is this BI modernization initiative? 
  • Where are the pitfalls that could cause this project to fail? 
  • How much money and time will we have to spend to modernize? 
  • Should we really do it? 
  • If we do decide to proceed, what is the best course of action? 

Our quick assessment creates a digital profile of your legacy reporting applications. With that picture, not only can we analyze the current state but we can better predict the future state and decide how to get there easiest.



Our software sifts through decades of legacy application code, assessing each individual file's purpose, complexity, grouping, redundancy, status (active or obsolete), and appropriate modernization approach.



Security Concerns about a Legacy Assessment

The first security concern is always data. At no time during the Legacy Assessment do we access our client's data; we only use legacy application code.

Many companies do not consider this source code to be highly secure and will transfer copies outside of their organization. We then need no access to the client's network whatsoever and can perform all work on our external computers that have the BI Modernization installed.

Not all firms view source code this way. If you work for a financial institution such as a bank, a healthcare provider, or an insurance company, you may not be allowed to share legacy source code. 

For clients who do consider legacy source code to be secure and not allowed to leave their environment, we can split the BI Modernization Workbench processing between the client's and our external computers. Unlike the scenario where we do all work remotely, we will now need access to the client's network to perform the scanning and subsequent analysis. 

On the client's computer, we install a small batch processing component that can read copies of the client's legacy source code. We scan on the client's computer and then transfers the results--load instructions of keyword counts--to the external BI Modernization Workbench computer. There, we will perform the subsequent processes of database loads and analysis.   

This model requires clients to agree that the scanning results are safe to copy externally to the BI Modernization Workbench. Prior to the Legacy Assessment, we can share examples to provide assurance of security compliance. These files basically contain only the names of legacy programs and associated keyword counts. 

Keep in mind that this model can cause the Legacy Assessment to take longer since we will not have easy access to the legacy source code while performing analysis on the external computer. Customizing the scanning module for a client could be difficult since the BI Modernization Workbench's development environment will have no legacy code for testing.  

You may be wondering about a third option: just do everything within the client's environment. If a client is secure enough that they will not transfer copies of legacy reporting code, then they are probably going to be adverse to having the entire stack of the BI Modernization Workbench installed on their network for use by external consultants.


Resource Concerns about a Legacy Assessment

Although not related to our topic of security, many firms are concerned that a Legacy Assessment might be resource intensive and their already over-worked technical staff will not have the time to devote to this engagement.

During a Legacy Assessment, we need very little time from the client's staff other than assistance with setup, pointing us in the right direction, and answering occasional questions. 

Don't Take the Hard Road

If you are converting legacy reporting tools such as SAP Business Objects, Crystal Reports, IBM Cognos, 4GLs (FOCUS, NOMAD, and RAMIS), or just plain old reporting tools to modern software products and want to do the initiative with the minimal time, cost, risk, and skill set requirements, contact me to discuss the best option. 

1 comment:

Peter Thomos said...

I'm very thankful to the author for posting such an amazing development post. Continuing to the post. Thanks.
Bi software

About Me

My photo

I am a project-based consultant, helping data-intensive firms use agile methods and automation tools to replace legacy reporting and bring in modern BI/Analytics to leverage Social, Cloud, Mobile, Big Data, Visualizations, and Predictive Analytics. For several world-class vendors, I led services teams specializing in providing software implementation and custom application development. Based on scores of successful engagements, I have assembled proven methodologies and automated software tools.

During twenty years of technical consulting, I have been blessed to work with smart people from some of the world's most respected organizations, including: FedEx, Procter & Gamble, Nationwide, The Wendy's Company, The Kroger Co., JPMorgan Chase, MasterCard, Bank of America Merrill Lynch, Siemens, American Express, and others.

I was educated at Valparaiso University and the University of Cincinnati, graduating summa cum laude. In 1990, I joined Information Builders, the vendor of WebFOCUS BI and iWay enterprise integration products, and for over a dozen years served in branch leadership roles. For several years, I also led technical teams within Cincom Systems' ERP software product group and the custom software services arm of Xerox.

Since 2007, I have provided enterprise BI services such as: strategic advice; architecture, design, and software application development of intelligence systems (interactive dashboards and mobile); data warehousing; and automated modernization of legacy reporting.