Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
  • Developer Velocity Index - one-sided nonsense or useful? | jimiwikman.se
    Jimi Wikman

    Jimi Wikman is an experienced and much appreciated consultant that have worked as team lead, scrum master and project manager for many years. He is also a popular work process designer and educator with a specialty in the Atlassian products. With more than 25 years practical experience as a frontend developer, graphic designer, tester and requirement analyst he knows the pain and pleasures of what the teams face on a daily basis.

    Developer Velocity Index - one-sided nonsense or useful?

    Posted , 65 views, 0 comments License CC-BY-4.0

    Developer Velocity Index, or DVI for short, is pushed hard by Microsoft right now as a way to sell Azure DevOps as I see it. So what is it and is it just another pointless measurement tool that does not address the big elephant in the room, or can it actually be useful? Let us dig into it and find out.

    So Developer Velocity Index is a tool for measuring, well, quite a lot actually. At first glance we see a lot of focus on tools, which of course is the main goal for Microsoft as they need to get more clients for Azure Devops that is trying to challenge prominent actors such as Atlassian.

    If you look a bit deeper however you will see that the DVI is pretty extensive. While focus is on tools it seems to look at these from a perspective that is not just focused on the development discipline. DVI claim to involve 46 different drivers across 13 dimensions and that is pretty good. I say claim because I have not tried this yet, so I do not know to what extent this is actually true.

     

    Developer Velocity:  How software excellence fuels business performance - by McKinsey & Company

     

    The DVI is based on self-assessment through questionnaires, which is not a bad way to do this honestly. It will ensure that the introverts also get a say, which is not always the case in verbal situations where the extroverts are always loudest.

    I see the tool angle a lot when reading about DVI, but when you dig down you see that what that almost always mean is that the tools in question bridge the gap between business and IT. Tools that help manage inflow, portfolio management and of course tools to help with clarifying need, especially in Agile teams. I think Tibi Covaci from Microsoft express this best:

    Quote

    - Organizations where developers have access to better tools are also organizations where developers enjoy greater trust and can choose their tools themselves. It is not the tools themselves but the organization that gives success, concludes Tibi Covaci.
    https://computersweden.idg.se/2.1085/1.744767/sa-blir-systemutveckling-effektivare-och-mer-lonsam-for-foretag

     

    I think this is profoundly true. Like my former colleague Eva Nordstrom would say "A fool with a tool is still a fool".  Good tools with a good and well-educated organization however, that will truly generate magic. It is my hope that DVI can help illustrate the need for organizational change to help facilitate that. This is often the biggest issue in my experience and one that is very hard to overcome.

    It is also no big revelation that most organizations find the funnel between business and IT to be lacking or that this is where most organizations fail. The introduction of Agile often make this worse, which is not the fault of Agile, but the way it is implemented in organizations. Hopefully DVI can illustrate the need to have a proper portfolio management on the operative level and that even in Agile work teams you need to ensure that demands are evolved.

    Ad-Hoc and shooting things from the hip are sure ways to make any developer sad after all, and we all want some form of structure to our chaos to ensure we know what to do, yet remain flexible...

    Developer Velocity Index is interesting, but it is still a stick that should not be needed in mature organizations. Sadly there are very few mature organizations out there, so I think this is very interesting for many reasons. I will dig into it some more and see what I can learn.

    What do you think?

    Is it just a selling tool for more tools you don't need, or something that can drive actual change?

    • Interresting 1

    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

  • Similar Content

    • By Jimi Wikman
      Microsoft accidentally exposed nearly 250 million Customer Service and Support records on the web. The records contained logs of conversations between Microsoft and customers from all over the world. This data is spanning a 14-year period from 2005 to December 2019. All of the data was left accessible to anyone with a web browser, with no password or other authentication needed.
      The Comparitech security research team led by Bob Diachenko uncovered five Elasticsearch servers, each of which contained an apparently identical set of the 250 million records. Diachenko immediately notified Microsoft upon discovering the exposed data, and Microsoft took swift action to secure it.
      Despite swift action from Microsoft the data was exposed for 25 days during the holidays. The information exposed includes Customer email addresses, IP addresses and physical locations, descriptions of customer service claims and cases, case numbers, resolutions and remarks, and internal notes marked "confidential". This information, which is in plain text, is prety much all you need for a full scale fraud attack as Paul Bischoff explain in his post.
      Microsoft has begun reaching out to the millions of customers affected and they urge users to stay alert should anyone contact them under the guise of being a representative from Microsoft in their official response to the incident.
      With this error some are questioning the security measures in place at Microsoft. Fausto Oliveira, principal security architect at Acceptto gave this statement to threatpost:
       
    • By Jimi Wikman
      Microsoft accidentally exposed nearly 250 million Customer Service and Support records on the web. The records contained logs of conversations between Microsoft and customers from all over the world. This data is spanning a 14-year period from 2005 to December 2019. All of the data was left accessible to anyone with a web browser, with no password or other authentication needed.
      The Comparitech security research team led by Bob Diachenko uncovered five Elasticsearch servers, each of which contained an apparently identical set of the 250 million records. Diachenko immediately notified Microsoft upon discovering the exposed data, and Microsoft took swift action to secure it.
      Despite swift action from Microsoft the data was exposed for 25 days during the holidays. The information exposed includes Customer email addresses, IP addresses and physical locations, descriptions of customer service claims and cases, case numbers, resolutions and remarks, and internal notes marked "confidential". This information, which is in plain text, is prety much all you need for a full scale fraud attack as Paul Bischoff explain in his post.
      Microsoft has begun reaching out to the millions of customers affected and they urge users to stay alert should anyone contact them under the guise of being a representative from Microsoft in their official response to the incident.
      With this error some are questioning the security measures in place at Microsoft. Fausto Oliveira, principal security architect at Acceptto gave this statement to threatpost:
       

      View full blog article
    • By Jimi Wikman
      In this video we're going to look at a couple of updates to Tasks in Teams on desktop and mobile.
    • By Jimi Wikman
      In this step-by-step tutorial, learn about the top new features in Microsoft Teams, including Noise Suppression, Teams for personal use, Polls during meetings, Insights, and much more.
      ⌚ Timestamps
      00:00 Introduction 00:27 Noise suppression 02:31 Transfer meeting devices 03:35 Teams for personal use 04:40 Switch accounts 05:07 Polls during meetings 06:28 Pin posts 07:29 Additional status controls 08:28 Improved notifications 09:06 Mute attendees 10:52 Insights 12:29 Templates 13:27 Emojis in Teams & Channels 14:00 Wrap up
    • By Jimi Wikman
      In the wake of Covid-19 and the increased need for communication for people working from home it comes as no surprise that Microsoft Teams are targeted by malicious people. This week we see both CISA and Abnormal security reporting on targeted phishing campaigns that have affected more than 50.000 users so far.
      With so many starting to work from home due to the Covid-19 situation invites to different Microsoft Teams are very common. This is something that malicious people have started to take advantage of. Since many organizations are still a bit new to the situation of many employees working from home, this also mean that security is not always up to par with the situation.
      The tactic is rather simple, but sadly also effective. One example is that a mail that seems legit are sent out with a link to a document on a Microsoft Team. If the link is clicked the user is asked to login and if that button is clicked, they’re taken to a malicious page which convincingly impersonates the Microsoft Office login page in order to steal their credentials
      Another example include an email link that points to a YouTube page.  From there the users are redirected twice to finally land on another Microsoft Office login phishing site which convincingly impersonates the Microsoft Office login page.
      This is even more effective on mobile according to the articles. This is because the images take up most of the space and because domain links are more difficult to see and therefore identify.  These phishing attempts are however very convincing even on desktop, which makes it more likely that someone will get caught in the phishers net.
      As Microsoft Teams are integrated with Office 365 single sign on it means that if compromised the phisher will have access to other, possibly much more damaging, areas.  This is not the only issues facing office 365 users however and Sway got a bit of heat earlier this week as well.
      Microsoft is not being idle however and this week they patched a nasty subdomain takeover vulnerability in Teams that could have allowed an inside attacker to weaponize a single GIF image and use it to pilfer data from targeted systems and take over all of an organization’s Teams accounts.
      As always, be careful with email links and make sure you vet the urls carefully before submitting any user information online.

      View full blog article
×
×
  • Create New...