Implementing Zero Trust: Best Practices and Key Areas for Success

In an increasingly interconnected digital world, the traditional network perimeter security model is proving to be inadequate. With mobile devices, cloud services, and remote work being the norm, organizations can no longer rely on the assumption that everything within their network is inherently secure. Combine this with cybersecurity threats growing in sophistication, and the surface Read more about Implementing Zero Trust: Best Practices and Key Areas for Success[…]

Protecting against the biggest security vulnerability

First off, do you know what the biggest single cause of security vulnerabilities and successful attacks against computer systems is? A lot of people think of insufficient access controls, a lack of process, SQL injection, etc but there is something more fundamental sitting behind a lot of these that often gets overlooked. I’m talking about Read more about Protecting against the biggest security vulnerability[…]

First book published

This a quick post to say that my first book has now been published on Amazon. In total its taken a good 9 months from the initial idea. The book focusses on Personal Information Security and how in business personal information needs to be secured and protected. The book is full of lots of practical Read more about First book published[…]

API Security – Carefully does it!

API’s are a convenient and handy way to get different computers systems to talk to each other, but often they are also an easy way to get in by the backdoor deep into computer systems. In this article, we look at few of the most common mistakes made and what you can do about it. Read more about API Security – Carefully does it![…]

User Authentication, you must do it right!

I must admit, one of my all time pet peeves is when engineers do not implement their user authentication service in the right way to be defendable against an attack. Take for the instance the recent hack against Zomato in which they had 6.6m hashed user passwords stolen. The real problem here is not that the Read more about User Authentication, you must do it right![…]

The Evils of Technical Debt

Technical Debt – A phrase that brings shiver to any experienced engineer or software architect. In this article I’ll explore why it is so Evil and a few basic things you can do to stop it bringing your whole business to a go slow state. (This is a follow-up article from my talk on Technical Read more about The Evils of Technical Debt[…]

software architecture skills, top 5

Software Architect skills, the top 5

Software Architects need a combination of skills to be able to succeed and deliver designs that are long lived and able to provide strong commercial value to a business. Below I list what I consider to be the top 5 skills in order to be a good Software Architect. #1 Able to listen and confirm Read more about Software Architect skills, the top 5[…]

Systems Architecture & Security, winning at both

Online systems need to be both secure and designed to last, so how can you achieve both and not blow the budget? This article covers a few simple principals you can adopt which are both good for your systems architecture and good for your security. #1 System Components should only do what they say on Read more about Systems Architecture & Security, winning at both[…]

What is a software architect, really?

Software/Enterprise/System/X Architect all seem to be pretty much interchangeable titles these days – the trouble is for most people it’s hard to exactly pin down what a X Architect is and what they are expected to do on a day to day basis. Well you are in luck, this article will shed some light on Read more about What is a software architect, really?[…]

Why do cloud services fail?

Given the recent outage with AWS and how some bad typing could bring down a large part of the cloud infrastructure of Amazon I thought it might be informative to pull the veil back a bit on how cloud systems work and what are the common failure modes and how to guard against it. A Read more about Why do cloud services fail?[…]

Should API’s provide Client Libraries?

This question was recently put to me by an architect at a Sydney based cloud SAAS business I have done Architectural consultancy with, and I thought it would be good to publish my answer, as this impacts quite a lot of businesses and systems architecture decision making all over the place. The question is an Read more about Should API’s provide Client Libraries?[…]

How Off The Shelf (OTS) Solutions ruin Data & Business Integration efforts

It is often the case that in an attempt to quickly set up business services and scale that people will turn right away to Off The Shelf (OTS) solutions, usually zeroing in what they have used before and just buying in and applying. The idea being to forego development costs of an in-house system in Read more about How Off The Shelf (OTS) Solutions ruin Data & Business Integration efforts[…]

Software Architecture Really Matters to Business Success

Software Architect unfortunately is often seen as one of those ‘nice to do’ things by many businesses. Typically the architecture of a business system (especially in a start-up or online business) tends to ‘evolve’ (putting it nicely) over time – there is usually no unified attempt to create an architecture until you realise you have Read more about Software Architecture Really Matters to Business Success[…]