Category: IT

For engineers, in everyday experience you will have contact with information that someone is senior position and someone is not, but what does it mean? Of course, generally two positions have different pay-grade (not always), but is there any general rule to help us understand that piece?

Seniority in any profession represents “the amount of freedom to make a decision independently”.

In many companies you will have senior people without any freedom following strict rules and that have to get approval for even tiny decisions, in others you will have junior people completely independent. In one of my previous positions I asked about one colleague why he is junior developer and manager said: “because he is young”. I asked then: “so why he is in charge of many important roles” and the answer was: “because he is reliable and excellent professional”. That shows how managers make decisions based on wrong parameters which could lead to HR disaster, to leaving of great professionals and in the end to company/project value drop which in the end financially hits owners.

If you have more experience, especially full stack one, and you showed independent thinking and reliability you deserve more senior position. But you can be professional all your life and stay in junior role because you didn’t show the ability to make a reasonable decisions, good for project.

Other, not far from this one, is question what makes you an architect? If you check the book it says: “architect is role that have mutual understanding of development and infrastructure”. If you are great developer or if you are great infrastructure engineer you do not need to be architect. You need both to be one because of level of expected decisions you make. In building construction you cannot be an architect if you are only designer or if you are only construction professional. Again, you need both. Otherwise you are well-payed senior/lead developer or senior/lead infrastructure engineer.

What is after everything position of manager? By the book, manager is: “person in charge for managing of resources”. Managers position is responsible to do whatever he/she can to increase the value of resources he/she manage. The most important and valuable resource are human resources because they contain big value and they are very frequently grown in the company by education and experience. When you see “great work conditions” in Google or some other companies that is only because managers of those companies recognized that it will increase motivation and productivity of all workers and in the end increase more the value of the company than it is a cost.

With managers you have junior, senior managers (now you understand the rule) and top manager often called CEO that is entrusted by owners with a power to make all decisions independently.

I hope this short text will help you to be great in your position and to create more value to the company you are working in. Be productive, be innovative!

Too much security leads us to no security?

On each discussion including IT security we witness demanding more and more security. Someone may ask what is wrong with that, but if you have experience with delivering applications to technologically lay people you already know that sometimes books are one and reality something completely different.

The great example comes from my previous assignment as a Chief IT Officer for the largest dental clinic in Croatia. We had instruction by application architects that users have to have passwords with at least twelve characters in length, including uppercase and lowercase characters, numbers and special characters. Definitively in that case we are talking about high secure password, but after only few days of implementation more than half users printed their passwords and stick them somewhere around their monitors. Of course, that is security disaster.

Second example was when we wanted to protect access to only some users, but in that case (if you do not set it properly) assistants will know authentication information of their patrons and get all privileges. Especially because of HIPPA regulations, they will skip phase of asking for privileges and they will just “borrow” access through their colleagues.

In one last example, we had situation where doctors write medical histories and schedule patients for future encounters. After few days, they really enjoyed the system because it gave them quick access to patients’ records, but problem they had was authentication. We had limited number of computers and doctors waited for few seconds their colleagues to finish. In the end, they skipped the phase of logging off and on and just used one user for everything. How they resolve it in banks? McDonald’s? Social Security Administration offices? They use smart cards attached to the uniform of the employee or USB-key with client certificate. That is a good idea and definitively can bring more security.

After few examples, I want you to think about security and not to overdo it by setting it too stringent only because you think it is automatically better. You have to weigh both sides and to select the best level of security. Long story short: the best security is to turn off all servers and unplug them from power outlets, but how then to use them?

Have you ever had bad experiences with new employees? In everyday business I see many colleagues and managers that hire professionals with primary focus on education and experience. We all agree that those parameters are very important for most positions. But, it is very important not to miss the first important question: has that individual demonstrated enthusiasm and creativity in finding best solutions.
There are many great hidden people that can serve as more than great employees. When you compare different economies, you can find many differences and one of most noticeable ones is employment procedure. When you have strict rules and traditional views about employment you have high unemployment, old workforce and non creative employees performing their tasks with low energy. To beat that, in modern days, companies highly credit dedication and enthusiasm. Do not forget that if you have employee with lower level of education it can be resolved with extra time for adaptation and learning. But if you have employed well educated person without enthusiasm and without focus on solving company problems, you have a great problem. In some limited cases, when we are not talking about new employee you can motivate employee with additional benefits: adding better dental or/and medical insurance, etc. If you have that problem in the beginning of the employment, you’ve made a mistake hiring that individual.
You have to detect this problem before employment or at least in the first few days/weeks. In the interview, if potential employee asks you about benefits and salary before questions about assignments and expectations that can be the first sign. Additionally, if someone is not ready to work after official working hours, to be paged or called on demand and that position is connected to service reliability that has to be serious sign. In normal situations, those things should be declared. The best managers understand that company-employee relations are the most important thing in any company. Employees can make great things, they create new ideas, they help company increase its wealth. Because of noted, employees are the greatest asset of any company.

We are frightened and bombarded with news in everyday basis that data collected in medical or dental procedures could be compromised. That is true, but that was also true in the time of paper medical charts. Today, I want to emphasize few important security tips.

When we organize access for doctors, nurses and administrative personnel, we have to select their rights wisely. It is not needed for one nurse to see doctor’s professional memo on patient condition and it is not needed for one administrative officer to see if the patient has genital herpes in the medical history. As a doctor and a professional developer I work on both sides so I see many not needed security restrictions that influence productivity but also many freely available information which is not needed and could lead to data breach.

Many medical and dental programs have a problem with separation of data and data access. In most cases it is because of wrong approach toward planning where developer wants to satisfy all requests. By interviewing users we do collect very important information about needs, but also we can expect from all parties to express their need for accessing all data. Of course that we should take care on user’s needs, but access rights should be properly fine tuned and adjusted by following rules of good practice and after talks and understanding with management.

Second, but not less important is to be aware that there could not be successful separation of rights if we employ people without awareness that they are working with sensitive and confidential data. For example, I have had requests from my managements to limit IT administrator’s rights or to limit developer’s rights, but it is not possible. You cannot take someone without professional attitude and to employ him/her as a chief database administrator and after that to ask if there is any way to limit his/her access to the database. That would definitively prevent him/her to do anything, even good. The same thing is with users like doctors, nurses and administratives.

Statistically, the highest risk of data breaches occurs because of users. It cannot be eliminated, but it can be effectively decreased by security controls, by logging and by assigning of patients. For example, doctor needs to see data only for patients that he administers. When patient arrives the receptionist assigns him/her to first available doctor and from that time doctor sees all data related to that patient. There is some modern ideas that the system should not be very restrictive on access rights but to inform all employees that everything done is logged and to monitor their activity in regular intervals. That could be even more successful than restrictions without logging.

To summarise all: you cannot project a secure system if it will be used by people without any trust from the management. If you do have some level of trust, you have to adjust personal access level accordingly to that trust and to person’s professional needs.


We can read every day that there is a great discrepancy between creation of new professionals and demand. It is one of most influencing factors responsible for this slow crisis resolution.

In the United States there are many extremely good and very attractive programs that produce innovative young engineers such as Massachusetts Institute of Technology, California Institute of Technology and many others. But, today we see that there is a problem because many employers cannot find them enough. Why to oppose the idea to find them outside USA?

There are some countries with long experience in education of highest educated professionals. In many such countries that individuals cannot find appropriate employment and are thinking to emigrate. If they are not seeking a job in their region, the first distant site for the most of them is USA. From outside perspective, USA are impenetrable for skilled highly educated professionals of any type. No one knows why. In the other hand, we see in everyday basis that successful multinational companies are opening corporate offices in India, China, Hong Kong, Russia, etc. The first reason is because they cannot find enough needed professionals and the second is that in the most cases they can pay them less.

There is something that is unknown to many US employers. In many countries people have cheap but good education system. The example is Croatia (Europe) a home of many leading institutions of higher education in Eastern Europe. In the other hand, all education is totally free for all citizens. I do not want to enter into details, but the known fact is that Croatian system of higher education have produced many largest ships captains, many chief engineers on many projects in Latin America, Northern Africa, Singapore, Middle East, etc.

If you are a recruiting officer or manager in the USA, you should ask yourself why you do not use a personnel from a country like Croatia, a personnel without any bonds or loans? A personnel from a country with long European culture, very creative, well-educated and very talented. Croatia is only one example, and there are many countries alike, especially in Europe. Today we see that trends are in opposite direction: USA need more educated professionals and in the same time they fortify their immigration rules.

I like USA, especially its idea of free business, but as time goes by I see that USA are going far from its roots, far from something that made USA so attractive to all people. To paraphrase President Reagan’s sentence from Berlin: “President Obama, tear down this immigration wall!”

Whatever you do or sell you will have somebody unsatisfied with your performance or product. That complaint must not be on real basis, but you should know how to react. What to do specifically after customer tells you that he/she is not satisfied with your performance or your product?

Prevention is the most helpful thing. You should not think: “I will promise everything and I will deal with problems in the end”. When you take the order, you have to detect what a customer wants and that must not be equal with what customer says he/she wants. To deal with that, learn from the best and try to practice it in every occasion. Do not force customer to take what he/she does not want. Instead, try to develop a need for something in customers perspective. That is a good practice.

If a customer comes with a complaint, first do not panic! At first, listen carefully all that other party is trying to say to you. You should detect is there objective reasons for a complaint. Sometime you will find it, sometime you will not.

The worst thing you can do is to argue with a customer. Even if a customer elevates his voice you should rest calm. Why? Because if you adjust your voice with a customer you help development of the affect inside his head and the main reason to even talk with a patient is to decrease or to eliminate that affect. In psychology, affect is short-term emotion caused by something. People think much different in the state of affect and are ready to do many things that they will not do without it.

If a customer has no objective reason for a complaint, you have to try to explain whole process and to try to find potential other reason for that complaint. We can see often that after we do our business correctly, our customer tries to avoid paying or to get lowered price. Of course, if you have done your job professionally the only reasonable time for price negotiation initiated by customer is before any procedure. If you are forced to negotiate price after procedure it should be only damage control negotiation because it is better to get anything rather than nothing.

If a customer has objective reason for a complaint, first tell that you will try to investigate what happened. If it is your fault or not, next thing you must do is to apologize and to say that you will do anything possible to quickly correct the problem and if it is not possible that you will find the way to compensate him/her. In this case you should think about something. This customer is not satisfied with your performance because you have done something wrong. Here you should try to decrease negative advertisement and not to be tight on compensation because customers love to see that if it was your fault you are ready to play fair. It was your fault and it is cheaper to pay slightly higher compensation then to have person that will share his experience wherever he/she can.

One additional thing: In whole conversation you have to take care on many nonverbal messages you are giving. If a customer does not want to feel your sentiment he/she will send you a written complaint. But you will see that among all complaints oral ones are the most frequent. Why? The customer is trying to detect whether you understand his/her problems and how you will take it seriously. If you succeed in that interview you will leave good impression toward a customer and that will be the strongest impulse that will cancel any further problem.

Do not misunderstand me: you must not be a good man if that is not your style, but this kind of behavior is good for a business and positive cash flow which is in the end very important!

Giving information or advertising?

Many people do not understand the difference between informing and advertising. Even some regulators are trying to mix things up because then they can play as arbiters guided with rules that are not clear.
Giving information is “emission of related data about requested subject”. That means that if you want to change your cable provider and go or call one of companies that should be considered as informing and not advertising. But, if you get information about some product or service without your initiative, that is advertisement.
In the Internet, having a website is considered generally as informing because people have to enter correct address or to search for your firm. But what happens if you search for a word “water” to find information about chemical properties or pollution and you get water prices and pages that offers you to buy their bottled product? Now you can see that it can be legally complicated.
To solve that issue guide yourself with a simple rule that if your website is indexed by third-party search provider without payment for “special position in the index”, then you do not advertise, but inform.
It is good to be available for information about your products or just about things that you do. The best advertisement would be one that is seen when the customer needs it, but that is not possible. Because of that avoid spamming people with your offers and instead attract them to follow you. That creates much better satisfied customers that are interested and well informed about you.
You should never forget that satisfied customer is the best advertisement you could get!

Many people think that the main issue with software development is about how to make it. OK, that is hard, but can be learned. But what about users? In my experience many systems were developed to satisfy IT department perspective or to accommodate developers view and that can lead us to bad UI experience. Why? Because something logical for IT professional isnΓÇÖt often logical for others.

As chief architect I have been examining diverse systems. Some of them were very user friendly (lay people user friendly) and some of them were not. When I tried to correlate that to the price there were many non-logical conclusions. Unfortunately, there are many systems that try to force users to accommodate their logic. Somewhere it goes OK, and somewhere they have great problems. That occurs specially in heath software that has to be created to help medical professionals by giving them good tool for producing medical data and to quickly retrieve it for making medical decisions and conclusions. If they have to loose time to find something in the software, we havenΓÇÖt done a good job in development.

How to avoid such problems? My way is to spend more time with users. For example, I have been developing software for university admissions. After first version of software was in release I have been sitting in the reception desk and trying to do all jobs as a new one in the reception. I have entered data to the system as a user and talked whole day with others in the reception. What was the outcome? I wrote several full pages of seen non-logical procedures, bugs, and needed software extensions. Every day after working in admissions reception I was trying to change software to be ready for the next day. The result was very usable software, satisfied reception workers, satisfied management and dramatically lowered error in processing in the same time with time shortening. The same job that have been doing in few days, now is done in one-two hours.

You ask why donΓÇÖt developers do that? Well they are engineers and they do not want to mix themselves with reception desk workers. I am orthodontist with PhD and certified professional developer, but when I do development the main goal is to make better product and to succeed in that mission I am ready to do whatever is needed. In development you have to forget your ego and to focus on making good and usable software. That is the reason why I have earned such great respect both from top management and the lowest wage workers. I assure you that that approach is a winning one.

If you are serious businessman, you should already know what is Customer Relationship Management – CRM. Customer Relationship Management is a way to keep our customers in thinking that they are special and that we are taking care about their problems.

What is the chief problem? When customer contacts us we have to make an impression that we have been thinking on his/her problems all the time and not only when they are present. That give us good reception and our customers are more satisfied with our performance.

The best implementation practices are to use it in everyday basis and to enter data in every contact with a customer, in every job done or request from customer and in the end whenever we think something about customer. It has to be used both by top management and reception desk. You do not need to use something too complicated. You do not even have to use computerized version, but you have to be aware that doing business without CRM can destroy your rating and finally leads us to a disaster. Customers do not like when they have to repeat things to us and that leaves an impression that we are bad and not-caring business. Perhaps you can think that it is only a first impression and that they will see your valuable product, but thatΓÇÖs not the case. Do not forget that customers donΓÇÖt know much of our work, because if they do our services wouldnΓÇÖt be needed.

I have received many questions about CRM. There are businesses that want to start using CRM and were asking me where to start. After few questions, I see that they have organized something. One client told me that he creates notes on every customer in his archive. Data including birthday, marriage status, attitude, potential relationship problems, etc. If that isnΓÇÖt CRM, what is? He needed only to have that data properly organized and available to all firm personnel.

Finally, if you have customers, you have to have some level of CRM. It is best practice when a customer arrives and after hello you ask him/her: ΓÇ£How is your leg?ΓÇ¥. Of course, that can happen only if you have done homework writing specific data after last session. Person will have a feeling that we care about him, and will transfer that positive attitude to all his friends. In my experience, that sort of relationship does not make you only better person, but it makes you money, and if it is not main objective doing a business, what is?

Have you ever had problems in your business? I have many friends among medical and dental professionals, but also among business managers and other professionals. When you evaluate their business as a third-party you can easily find that the major part of their business is often limited with misunderstanding with IT. They growth speed is equal to growth of IT support efficiency.

Nearly all IT schools educate their students how to perform specific tasks, but they forget to tell them that they will not work with other IT professionals. It is most often scenario that they will work with other professionals, but a lot of them will not be IT professionals. That is the greatest error in education because we have to educate ΓÇ£workingΓÇ¥ professional and not professional that will not be able to integrate himself to prospective firm.

You have to understand that the same problem is in other education programs. In everyday lecturing in School of Dental Medicine I emphasize importance of creating a ΓÇ£user interfaceΓÇ¥ in every dental professional. I learn them many subjects, but in every topic I try to help them gain experience that will allow them to function. They have to know how to do a triage of problems, to learn how to plan and how to use available time with patient and the most important to take good ΓÇ£problem historyΓÇ¥. By talking with their client, in this case a patient, they have to know how to meet patient expectations and how to give an advice to the client what is needed and perhaps to correct their expectations.

Contemporary IT professional have to be able to do the same thing: to talk with colleagues and others in the company and to adjust his language to every personΓÇÖs technical knowledge. For example: accountants and managers do not know what is better to do in networking IP v4 or v6, or is it better to use ASP.NET or Python or Visual Basic or Visual C#. If they know, it is OK, then you can advice them, but if not you have to make that decisions for themselves. The major task is better productivity and nothing else.

All noted is  one of reasons that forced me to start programming. I have had the same problem with my IT professionals. They knew every topic and every piece of technology better than everyone possible can know. But they cannot employ that knowledge to help other systems. They expect someone to draw to them what to do and by using what technology, and that is not acceptable in doing modern business.

I remember one occasion when I have selected one Database Developer to start organizing one of last parts of our library that is organized only with book identification cards. And after three weeks I asked him what is the status of ΓÇ£our projectΓÇ¥ and he told me that he cannot do anything because Director of Library does not know ΓÇ£what data types to use in some data fieldsΓÇ¥. That example can demonstrate the chief problem. He had to invent a solution, to adjust all systems to accept that data and not to expect that from ΓÇ£lady chief of the libraryΓÇ¥.