Latest Entries »

One of most stressful processes in the life of any IT professional and especially in the level of architect is project migration and complete refactoring. It is needed and many times we see half done and failed attempts of migration with a large number of ruined careers. My view on why that happens I will try to explain in next few lines.

Initial idea. How to know that system migration is needed? Simple measurement is when system architecture and foundation is making system so hard to maintain and business to grow in the same time it makes it more and more expensive demanding more and more spending. But, do not forget that “old fashioned systems” weren’t built with idea and knowledge of current business that is as a live organism: changing and growing. Also, in the modern business we have completely different security knowledge we didn’t have before (XSS, etc), demand to have module applications and many other business needs created recently with advancement of technology and especially cloud computing and going mobile. As an architect and or manager, you have to guide business to have good understanding when and why this moment arrived and why investment in refactoring is saving money. You have to spend a lot of time to build trust with business intercepting and resolving of all issues before they reflect on migration process.

Plan. They worst plan you can do in any project planning is to have large switch. That is the last resort because it enormously increases the risk for business failure, data loss, systems outage and rolling back and forth. The most common strategy by IT is to plan a large jump in the distant future and hope that it will never come. The much wiser solution would be to plan gradual transition by using all architectural tricks to help separation of logical components and transition one by one of them. That will provide direct oversight by business owners and reduce risk to much more affordable level.

Roles. Because we are talking of very sensitive process, it is very important to understand roles boundaries between members of the team. In many situations you will have chaos in architecture with architects running after bugs in code, Data Developers installing and hosting servers, and overused managers doing code and testing strategy in the same time while half of team is free, etc. Management has to understand roles and to keep everyone in the scope of the specific position. Management has to “manage” resources and resources (IT professionals) have to behave as one. These rules are not without exceptions, but every exception has to be picked carefully, understood and well documented.

Implementation. The virtue in migration planning is how to migrate with a good control of migration risk. To do that, I like to use a proxy strategy and separation at front-end layer. You have to spend some time thinking about smallest steps you can do: smaller they are, lower is the risk. Proxy strategy means that you create front-end SPA-like integration (HTML+JavaScript) circumventing underlying website backend and instead communicating with a proxy API. Proxy API’s job is to send a request to back-end (for not transitioned items) or servicing them or forwarding to the new system if component is already transitioned. One of larger problems of spaghetti architecture of the enterprise application is integration through the database. That practice is unacceptable in the modern environment because it makes any scaling harder and creates large number points of possible failure. In the modern applications performance and clean verified data is a must so any kind of “database fixes” and other tricks are off the table.

Modular design. Modern architectural design demands separation between APIs and all types of front-end (web, mobile apps, import/export components, etc). Having APIs is helping in eliminating of need to have the same code in different places of the same system. Also, vertically, system has to be built in blocks or modular way. Modules as a building components have to be independent as much as they can be. This allows us to create much cleaner code easier to maintain and scale (both vertically and horizontally).

Final thoughts. Migration is very demanding process for complete business and it has to be conducted with clear understanding of the process. It is sensitive process, but having A player managers, architects and developers with knowledge and a vision is helping a lot. It doesn’t need to be a large drama for a business and if it is dome right it means reduction of costs and much more responsive system. After transition, architects have to intercept potential risk of need for complete refactoring soon again with building of strategy and creating of solid clean core of the system.

When I moved to the USA I was idealizing American system of capitalism. Now after some experience with great people I saw one pattern that is destroying the companies’ outlook from inside. There is a visible rift between owners and managers. Managers and less and less productive and owners more and more often have to intervene and to put their businesses back on track.

As I wrote in my previous article, managers job is to “manage resources and to increase their value”. But there is other part that says that “managers are executing their duties with power and in the name of owners by promoting of their benefits”.

I see that in many companies there are disconnected management from the owner. Bigger is the company, more you can see it. For example, in large banks associates approving loans will not even try to investigate assets for prospective customers and to try to “hunt them”. Their job today is only administrative “because they do not need to do other research”. The same with insurance, and any other service providers. Large companies are losing large amounts of money.

I think that the reason for that is a rift between management and owners. Owners have to hire managers that will be “their players”. They have to manage resources with high respect of owners’ interests. To motivate and increase that “connection” wise owners are giving shares to management to motivate them further.

How to know that there is a problem? One of signs, and I would say a major one, is when management plays as “union representatives”. They play as they are representing their people in the board and not representing the board and enforcing board’s decisions to the lowest level of hierarchy. Of course, there should be intensive communication from professionals at lower levels to upper management. As I already said: more than 50% of value of all resources of the company are people. You have to give space to people who have more energy and that are ready to help company to survive and to grow in very competitive environment. As management’s job is to increase the value of their resources (people), they have to do everything they can to select and push their top professionals up, they have to create simple to understand performance evaluation system and to try not to do anything that will demotivate people.

Finally, there is no progress without intensive work and adaptiveness. In everyday business we have to change nearly everything we are used to to new scientifically proven truths (methods). Today, everything has to be quicker and to have better quality than ever.


For engineers, in everyday experience you will have contact with information that someone is senior position and someone is not, but what does it mean? Of course, generally two positions have different pay-grade (not always), but is there any general rule to help us understand that piece?

Seniority in any profession represents “the amount of freedom to make a decision independently”.

In many companies you will have senior people without any freedom following strict rules and that have to get approval for even tiny decisions, in others you will have junior people completely independent. In one of my previous positions I asked about one colleague why he is junior developer and manager said: “because he is young”. I asked then: “so why he is in charge of many important roles” and the answer was: “because he is reliable and excellent professional”. That shows how managers make decisions based on wrong parameters which could lead to HR disaster, to leaving of great professionals and in the end to company/project value drop which in the end financially hits owners.

If you have more experience, especially full stack one, and you showed independent thinking and reliability you deserve more senior position. But you can be professional all your life and stay in junior role because you didn’t show the ability to make a reasonable decisions, good for project.

Other, not far from this one, is question what makes you an architect? If you check the book it says: “architect is role that have mutual understanding of development and infrastructure”. If you are great developer or if you are great infrastructure engineer you do not need to be architect. You need both to be one because of level of expected decisions you make. In building construction you cannot be an architect if you are only designer or if you are only construction professional. Again, you need both. Otherwise you are well-payed senior/lead developer or senior/lead infrastructure engineer.

What is after everything position of manager? By the book, manager is: “person in charge for managing of resources”. Managers position is responsible to do whatever he/she can to increase the value of resources he/she manage. The most important and valuable resource are human resources because they contain big value and they are very frequently grown in the company by education and experience. When you see “great work conditions” in Google or some other companies that is only because managers of those companies recognized that it will increase motivation and productivity of all workers and in the end increase more the value of the company than it is a cost.

With managers you have junior, senior managers (now you understand the rule) and top manager often called CEO that is entrusted by owners with a power to make all decisions independently.

I hope this short text will help you to be great in your position and to create more value to the company you are working in. Be productive, be innovative!

Too much security leads us to no security?

On each discussion including IT security we witness demanding more and more security. Someone may ask what is wrong with that, but if you have experience with delivering applications to technologically lay people you already know that sometimes books are one and reality something completely different.

The great example comes from my previous assignment as a Chief IT Officer for the largest dental clinic in Croatia. We had instruction by application architects that users have to have passwords with at least twelve characters in length, including uppercase and lowercase characters, numbers and special characters. Definitively in that case we are talking about high secure password, but after only few days of implementation more than half users printed their passwords and stick them somewhere around their monitors. Of course, that is security disaster.

Second example was when we wanted to protect access to only some users, but in that case (if you do not set it properly) assistants will know authentication information of their patrons and get all privileges. Especially because of HIPPA regulations, they will skip phase of asking for privileges and they will just “borrow” access through their colleagues.

In one last example, we had situation where doctors write medical histories and schedule patients for future encounters. After few days, they really enjoyed the system because it gave them quick access to patients’ records, but problem they had was authentication. We had limited number of computers and doctors waited for few seconds their colleagues to finish. In the end, they skipped the phase of logging off and on and just used one user for everything. How they resolve it in banks? McDonald’s? Social Security Administration offices? They use smart cards attached to the uniform of the employee or USB-key with client certificate. That is a good idea and definitively can bring more security.

After few examples, I want you to think about security and not to overdo it by setting it too stringent only because you think it is automatically better. You have to weigh both sides and to select the best level of security. Long story short: the best security is to turn off all servers and unplug them from power outlets, but how then to use them?

One friend gave me an idea to investigate opportunities for EU doctors and other professionals in the Caribbean region. In this post I will share few informations I found initially and that could be interesting for you.

There is something unknown for many Europeans and that is the fact that EU has many overseas territories abroad considered parts of some member-states and ipso facto parts of European Union. That means if you are a citizen of EU member state you can settle in any described territory and be treated like local inhabitant. All diplomas and licenses recognized in EU states is recognized here too.

Many Europeans think that if we talk about Caribbean we are talking about very poor regions with low income and great social problems. In some of them it is a case, but some of them will really surprise you. The great examples are Martinique, Guadaloupe and Saint Martin/Sint Maarten.

Martinique is small island with near 400k of inhabitants and GDP per capita 19600Γé¼. They are considered as a part of Republique Francaise and therefore they accept all EU treaties and legal documents. Guadaloupe is other French territory with 403k of inhabitants and GDP per capita 19200Γé¼. Saint Martin is sharing an island with Sint Maarten. First one is French and second Dutch territory and therefore whole island is inside EU. It has only 80k inhabitants. For correlation, Croatia has 13200Γé¼ of GDP per capita and 4230k inhabitants and Germany 29200Γé¼ of GDP per capita and 80500k of inhabitants.

Apart from already mentioned, there are other small countries especially under the Crown of Queen Elisabeth of England, but nearly all of them have much lower financial attractiveness. One of them, Cayman Islands is an exception and has 56k of inhabitants but GDP per capita is 34000Γé¼ which is really high. You can start easily by searching Wikipedia. Main article can be found HERE.

All these small countries are situated not far from USA and have very intense economy linkage with both EU and USA. There you can invest or you can open dental clinic and provide much cheaper service for Americans and easily combine it with weekend tourism. Furthermore, you can produce something and create import/export network in the region that can became very lucrative business.

In days of high unemployment in some EU countries many young professionals are considering to try their luck in more perspective parts of EU. In that consideration do not forget these overseas territories considered as a parts of EU where you can settle without problems with work permits. Do not forget that there you will find the most beautiful tropical beaches and untouched beauty. The only question is: “What are you waiting for?”

Have you ever had bad experiences with new employees? In everyday business I see many colleagues and managers that hire professionals with primary focus on education and experience. We all agree that those parameters are very important for most positions. But, it is very important not to miss the first important question: has that individual demonstrated enthusiasm and creativity in finding best solutions.
There are many great hidden people that can serve as more than great employees. When you compare different economies, you can find many differences and one of most noticeable ones is employment procedure. When you have strict rules and traditional views about employment you have high unemployment, old workforce and non creative employees performing their tasks with low energy. To beat that, in modern days, companies highly credit dedication and enthusiasm. Do not forget that if you have employee with lower level of education it can be resolved with extra time for adaptation and learning. But if you have employed well educated person without enthusiasm and without focus on solving company problems, you have a great problem. In some limited cases, when we are not talking about new employee you can motivate employee with additional benefits: adding better dental or/and medical insurance, etc. If you have that problem in the beginning of the employment, you’ve made a mistake hiring that individual.
You have to detect this problem before employment or at least in the first few days/weeks. In the interview, if potential employee asks you about benefits and salary before questions about assignments and expectations that can be the first sign. Additionally, if someone is not ready to work after official working hours, to be paged or called on demand and that position is connected to service reliability that has to be serious sign. In normal situations, those things should be declared. The best managers understand that company-employee relations are the most important thing in any company. Employees can make great things, they create new ideas, they help company increase its wealth. Because of noted, employees are the greatest asset of any company.

If you are a professional, you have experienced the scenario when someone is doing your job instead of you. Here we are not talking about others with equal credentials but about those that do not have them. Good model to explain the issue is relation between general dentists and orthodontists/dental surgeons in which first party plays a role of outsourcer and last one is outsourcee.

Yesterday I attended a meeting of General Assembly of European Federation of Orthodontic Specialists Associations – EFOSA. That body is top organization in Europe that represent orthodontic specialists. Among other topics, we have discussed about dealing with General Dentists that are practicing orthodontics. We have heard that in┬áCzech┬áRepublic orthodontic therapy is protected by the law, but this is not the case in other countries. There are countries where insurance companies do not want to pay orthodontic therapy to others but orthodontists and also those (like UK) where insurance will pay┬áwherever┬ápatient finds a therapist.

We are witnessing that in modern times we are deregulating many things. Perhaps we must not deregulate this issue, but to put it in the protected list you have to find a good reason. In USA, American Association of Orthodontists have done a survey where they wanted to show that the result of therapies done by general practitioners statistically differ from those done by orthodontists. The result showed difference, but without accepted significance. But that does not mean anything because in USA anyone that does orthodontic therapy is very careful because of the American legal system. Doctors that are not┬áofficially┬áeducated in residence programs are very careful: they choose only simple cases, they invest large sums to their education, they follow┬áscientific┬áliterature and they are counselling with orthodontists. All because of fear of mistake and in the end because of legal and financial consequences. We can see that effective legal system protects patients in this matter. In other parts of the world it is more complicated to determine doctor’s responsibility.

My opinion is that┬áthere is no legal instrument that can solve the problem. You can try to solve it by fighting it’s roots: to care about feasibility.

Why/where/when general practitioners are practicing orthodontics or dental surgery? After profound consideration you will see that in every case it is well linked to price levels. Everyday we can see more and more simplified approaches to medical and dental procedures. That is forcefully introduced by sellers of dental materials and equipment because they want to extend number of their customers to a larger group so they want to include general dentists to the business. New procedures help doctors to be quicker and to have better results in the end of any procedure. But, they also help general dentists to perform tasks previously reserved to specialists not because they are mean, but because they want to decrease their costs and to increase income, too.

In my experience, general practitioners basically do not want to do procedures reserved for specialists, otherwise they would finish a residence program. They only want to have excellent interdisciplinary team and not to lose money in vain. Specialists have to be aware that their services are required and that they have to be realistic and to adjust their fees. If your procedures simplify and/or your costs decrease, you have to consider changing of your prices, especially in the time of crisis. You have to be more reasonable and to offer good prices which will satisfy yourself, but which will not attract other dentists to start this unwanted behavior.

Be quick and well-informed. Be ready to make suitable deals for yourself, for patient but also for general practitioners. If you let them do easy procedures reserved to specialists, they will do more and more. That happened with dental implants and now everyone is inserting them. It is hard and very demanding to be a specialist. Specialists were educated to do complicated procedures and because of that they are recognized and well paid. But if they start to be overpaid, their dominion will decrease or in the extreme they will seize to exist.

The same story can occur in every other profession. What will happen if changing the wristwatch strap will cost you 100$ or if newspaper delivery 50$ daily? You know the answer: watch repairers and deliverers will be out of business!

We are frightened and bombarded with news in everyday basis that data collected in medical or dental procedures could be compromised. That is true, but that was also true in the time of paper medical charts. Today, I want to emphasize few important security tips.

When we organize access for doctors, nurses and administrative personnel, we have to select their rights wisely. It is not needed for one nurse to see doctor’s professional memo on patient condition and it is not needed for one administrative officer to see if the patient has genital herpes in the medical history. As a doctor and a professional developer I work on both sides so I see many not needed security restrictions that influence productivity but also many freely available information which is not needed and could lead to data breach.

Many medical and dental programs have a problem with separation of data and data access. In most cases it is because of wrong approach toward planning where developer wants to satisfy all requests. By interviewing users we do collect very important information about needs, but also we can expect from all parties to express their need for accessing all data. Of course that we should take care on user’s needs, but access rights should be properly fine tuned and adjusted by following rules of good practice and after talks and understanding with management.

Second, but not less important is to be aware that there could not be successful separation of rights if we employ people without awareness that they are working with sensitive and confidential data. For example, I have had requests from my managements to limit IT administrator’s rights or to limit developer’s rights, but it is not possible. You cannot take someone without professional attitude and to employ him/her as a chief database administrator and after that to ask if there is any way to limit his/her access to the database. That would definitively prevent him/her to do anything, even good. The same thing is with users like doctors, nurses and administratives.

Statistically, the highest risk of data breaches occurs because of users. It cannot be eliminated, but it can be effectively decreased by security controls, by logging and by assigning of patients. For example, doctor needs to see data only for patients that he administers. When patient arrives the receptionist assigns him/her to first available doctor and from that time doctor sees all data related to that patient. There is some modern ideas that the system should not be very restrictive on access rights but to inform all employees that everything done is logged and to monitor their activity in regular intervals. That could be even more successful than restrictions without logging.

To summarise all: you cannot project a secure system if it will be used by people without any trust from the management. If you do have some level of trust, you have to adjust personal access level accordingly to that trust and to person’s professional needs.


We can read every day that there is a great discrepancy between creation of new professionals and demand. It is one of most influencing factors responsible for this slow crisis resolution.

In the United States there are many extremely good and very attractive programs that produce innovative young engineers such as Massachusetts Institute of Technology, California Institute of Technology and many others. But, today we see that there is a problem because many employers cannot find them enough. Why to oppose the idea to find them outside USA?

There are some countries with long experience in education of highest educated professionals. In many such countries that individuals cannot find appropriate employment and are thinking to emigrate. If they are not seeking a job in their region, the first distant site for the most of them is USA. From outside perspective, USA are impenetrable for skilled highly educated professionals of any type. No one knows why. In the other hand, we see in everyday basis that successful multinational companies are opening corporate offices in India, China, Hong Kong, Russia, etc. The first reason is because they cannot find enough needed professionals and the second is that in the most cases they can pay them less.

There is something that is unknown to many US employers. In many countries people have cheap but good education system. The example is Croatia (Europe) a home of many leading institutions of higher education in Eastern Europe. In the other hand, all education is totally free for all citizens. I do not want to enter into details, but the known fact is that Croatian system of higher education have produced many largest ships captains, many chief engineers on many projects in Latin America, Northern Africa, Singapore, Middle East, etc.

If you are a recruiting officer or manager in the USA, you should ask yourself why you do not use a personnel from a country like Croatia, a personnel without any bonds or loans? A personnel from a country with long European culture, very creative, well-educated and very talented. Croatia is only one example, and there are many countries alike, especially in Europe. Today we see that trends are in opposite direction: USA need more educated professionals and in the same time they fortify their immigration rules.

I like USA, especially its idea of free business, but as time goes by I see that USA are going far from its roots, far from something that made USA so attractive to all people. To paraphrase President Reagan’s sentence from Berlin: “President Obama, tear down this immigration wall!”

Whatever you do or sell you will have somebody unsatisfied with your performance or product. That complaint must not be on real basis, but you should know how to react. What to do specifically after customer tells you that he/she is not satisfied with your performance or your product?

Prevention is the most helpful thing. You should not think: “I will promise everything and I will deal with problems in the end”. When you take the order, you have to detect what a customer wants and that must not be equal with what customer says he/she wants. To deal with that, learn from the best and try to practice it in every occasion. Do not force customer to take what he/she does not want. Instead, try to develop a need for something in customers perspective. That is a good practice.

If a customer comes with a complaint, first do not panic! At first, listen carefully all that other party is trying to say to you. You should detect is there objective reasons for a complaint. Sometime you will find it, sometime you will not.

The worst thing you can do is to argue with a customer. Even if a customer elevates his voice you should rest calm. Why? Because if you adjust your voice with a customer you help development of the affect inside his head and the main reason to even talk with a patient is to decrease or to eliminate that affect. In psychology, affect is short-term emotion caused by something. People think much different in the state of affect and are ready to do many things that they will not do without it.

If a customer has no objective reason for a complaint, you have to try to explain whole process and to try to find potential other reason for that complaint. We can see often that after we do our business correctly, our customer tries to avoid paying or to get lowered price. Of course, if you have done your job professionally the only reasonable time for price negotiation initiated by customer is before any procedure. If you are forced to negotiate price after procedure it should be only damage control negotiation because it is better to get anything rather than nothing.

If a customer has objective reason for a complaint, first tell that you will try to investigate what happened. If it is your fault or not, next thing you must do is to apologize and to say that you will do anything possible to quickly correct the problem and if it is not possible that you will find the way to compensate him/her. In this case you should think about something. This customer is not satisfied with your performance because you have done something wrong. Here you should try to decrease negative advertisement and not to be tight on compensation because customers love to see that if it was your fault you are ready to play fair. It was your fault and it is cheaper to pay slightly higher compensation then to have person that will share his experience wherever he/she can.

One additional thing: In whole conversation you have to take care on many nonverbal messages you are giving. If a customer does not want to feel your sentiment he/she will send you a written complaint. But you will see that among all complaints oral ones are the most frequent. Why? The customer is trying to detect whether you understand his/her problems and how you will take it seriously. If you succeed in that interview you will leave good impression toward a customer and that will be the strongest impulse that will cancel any further problem.

Do not misunderstand me: you must not be a good man if that is not your style, but this kind of behavior is good for a business and positive cash flow which is in the end very important!