Monday, September 27, 2010

PCI Compliance - resistance is futile.

The PCI Compliance talk at PTI’s Back to School event was given by Kyle Neier.  He’s a very experienced database administrator and also a leader at IndyPASS.  He’s a cool guy.  Unfortunately his PCI expert didn’t make it.  That was perfectly ok because I wanted to focus on the SQL Server 2008 R2’s feature called SQL Audit.
The good ole days?  Seriously? Back before SQL Audit it was a pain in the rear to audit at the database level.  Kyle went into this and reminded us all the pains of what we had to architect in the past decades.  I remember them well,  SQL Audit is much better than those old hacks.
I don’t have to be PCI compliant in my current function but HIPAA is similar in terms of SQL Server and SQL Audit.  The things I took from this is that any column that contains PHI I could audit, if I used Enterprise or DataCenter edition of SQL.  It’s on the list for SQL Azure features but only has 17 votes.  If you think that Audit would be useful in your SQL Azure instances like I do.  Go to the SQL Azure Feature Voting website and vote now.

A Directed and Guided Discussion with Dave Leininger

I sat in on Dave Leininger’s talk about Business Intelligence Architecture. He covered a lot of the soft skills that you need or at least should look into obtaining.  I think that out of all those skills communication and documentation were what I focus on and will continue to focus on.  Dave reminded me that talking is the best form of communication.  As a developer (some people call me an architect) I would rather code than talk about coding.  I do appreciate good communications.  I would say that half of my unproductive hours are due to being unsure about what direction to go next.  The other half of my unproductive hours are due to thrashing.  Getting stuck trying to make some piece of code, framework, or sdk do something I want it to but it resists doing.  Dave was right communication is a great asset to an organization.
What is Business Intelligence?  Dave was a bit like a preacher talking to the choir about what BI is.  I did enjoy all the real world stories.  The crowd was very diverse, filled with developers, database administrators, project managers, and business analysts.
How do we not fail?  Dave brought up some great slides about all the failed BI projects.  I was the butt of a few jokes on this subject.  Deservedly so.  I’ve failed delivering better business intelligence to several organizations in the past.  It wasn’t because I didn’t know the how.  I didn’t figure out the what. 
Today I focus more on getting iterations in front of the users. I don’t even want the iterations accepted.  I want feedback.  I want to know what is wrong as much as what is right.  Because after all those iterations a successful solution will just happen.  I’ll be done and successful with out even knowing.  It’s just like falling in love.  You can’t push a successful relationship between BI and your organization.  The relationship just happens. 
Those are just my opinions, I welcome yours.