The mainstay of a corporation is the data that it possesses. By data, I mean its customer base, information about the use of its products, employee roles and responsibilities, the development and maintenance of its product lines, demographics of supporters and naysayers, financial records, projected sales ... It is in the organization of this data that advancements to the bottom line are often realized i.e. the nuggets of gold are found. Defining what is important, properly cataloging the information, developing a comprehensive protocol to access and update this information and discerning how this data fits into the corporate venacular is basis of this data organization and may be the difference between moving ahead of the competition or being the one to fall behind.

Whenever we attempt to develop an Enterprise Rule Application, we must begin by harvesting the data upon which those rules are built. This is by no means an easy feat as it requires a thorough understanding of the business, industry, the players and their respective roles and the intent of the application. Depending upon the scope of this undertaking, it is almost always safe to say that no one individual is completely knowledgeable to all facets needed to comprise the entire application.

The intial stage of this endeavor is, obviously, to decide upon the intent of the application. This requires knowledge of what is essential, what is an add-on and which of all these requirements/options can be successfully implemented in the allotted period of time. The importance of this stage cannot be stressed enough; if the vision/goal cannot be articulated in a manner that all can understand, the knowledge tap will be opened to become the money drain. Different departments may compete for the same financial resources; management may be jockeying for their day in the sun; consulting corporations, eager to win the bid, may exaggerate their level of competency. These types of endeavors require those special skills of an individual or a team of very competent members to be/have a software architect, subject matter expert and business analyst.

Once the decision has been made and the application development stages have been defined, the next step is to determine which software development tools to employ. For the sake of this article, we will assume that the team has chosen an object oriented language such as Java and a variety of J EE components, a relationsional database and a vendor specific BRMS such as Blaze Advisor. Now, onto the point of this article.

With stiff penalties for being caught and the whiff of secretive underground or even nefarious acts, computer hacking can be seen as a somewhat dubious pursuit. Not all hackers operate with the motive of emptying your Paypal account, however; there are many hackers who utilize their skills to aid companies in locating security flaws ("penetration testing") or engage in hacking with the goal of becoming cyber-freedom-fighters that champion simple human freedoms, such as the right to free speech.

Computer hacking is as much an art as it is a skill. At its simplest distillation, hacking is the systematic search for chinks in programming armor. While advanced problem-solving, intuition and sophisticated understanding of programming languages are a distinct advantage, there does exist a number of push-button programs that computing wizards have written allowing those less sophisticated in the art of hacking to break into remote computers in a variety of ways. Because of this new ubiquity, today's hackers no longer need to be a programming Wunderkind; they simply need to know where to download software and be able to turn on a computer. It really is that simple and the implications can be disturbing.

Phishing, Push-Button Programs and Brute Force Tactics

There's no need to crack a company's firewall if you have direct physical access to their computers. One aspect of hacking is the impersonation of an employee or service worker with the goal of gaining access to a company's database, where the hacker can then unleash whatever havoc he or she has planned into the system. Another is to engage in simple phishing techniques, such as impersonating an employee who forgot their password and needs help logging into the system.

Because such impersonations often fail thanks to companies becoming more security-conscious, taking over operations of a computer remotely is often the preferred method of gaining access. Such attempts can be facilitated in a variety of ways. One is the brute-force method, in which a program such as SQLmap, Nmap or Burpsuite is used; running one of these programs is analogous to trying every doorknob in a neighborhood to see which house is unlocked. Using a variety of different parameters, these programs can find access to a vulnerable computer or network in less than a minute.

Hackers can also attempt to gain access with a program like Metasploit. With literally a few clicks of a mouse, access to a remote and vulnerable computer can be achieved by a relative newbie. With a related hacking aid, called Meterpreter, a backdoor is created that allows access into an operating system. It does not install itself onto the remote computer, running instead using the computer's memory; in fact, Meterpreter can hide itself inside the operations of a perfectly valid program, so it cannot be detected even by sophisticated programmers. Once engaged, it allows a remote user carte blanche access to the system in question.

Where to Learn the Art of Hacking

Of course, for those who wish to learn the actual skills rather than download someone else's hack, there are a number of practice sites that pose an increasingly difficult set of challenges intended to train neophytes in the art of hacking. For example, Hack This Site starts beginners with the goal of cracking simple flaws in coding scripts or software such as HTML, Unix, Javascript and Apache. Their structured series of tests increase in complexity, incorporating real-word scenarios and even old-fashioned "phone phreaking" challenges that recall the bygone golden age of hacking skills displayed by Matthew Broderick in "WarGames."

Using just these simple tools and free practice sites, beginners have a powerful array of hacking resources just a simple mouse click away.

One of the biggest challenges faced by senior IT professionals in organizations is the choice of the right software vendor. In the highly competitive enterprise software industry, there are lot of vendors who claim to offer the best software for the problem and it can be really daunting to narrow down the best choice. Additionally, enterprise software costs can often run into millions of dollars thereby leaving very little margin of error. The real cost of choosing a wrong software can often result into losses much more than the cost of the software itself as highlighted by software disasters experienced by leading companies like HP, Nike etc. In such a scenario, senior IT professionals despite years of expertise can find it very difficult to choose the right business software vendor for their organization.

Here are some of the proven ways of short-listing and selecting the right business software vendor for your organization,

·         Understand and Define The Exact Need First: Before embarking on a journey to select the software vendor, it is critical to understand and define the exact problem you want the software to solve. The paramount question to be asked is what business objective does the software need to solve. Is the software required to “reduce costs” or is it to “improve productivity”? Extracting and defining this fundamental question is the bare minimum but necessary step to go searching for the right vendor. It will then form the basis of comparing multiple vendors on this very need that your organization has and will help drive the selection process going forward. The detailed approach involves creating a set of parameters that the software needs to meet in order to be considered. In fact, consider categorizing these parameters further in “must-haves”, “good to have” etc. which will help you assign relevant weights to these parameter and how the software’s fare on each of these parameters

·         Building The List of Vendors Who Meet The Need: Once you have defined your need and distilled that need into various parameters, it’s time to built the list of vendors who you think will meet the need. This is akin to a lead generation model wherein you want to identify a large enough pool and then filters your list down to the best ones. There are multiple ways of building a list of vendors and more often than not, you must use a combination of these methods to build a good enough list.

o   Use Industry Reports: We discussed the IT intelligence offered by leading industry firms Gartner and Forrester in How To Keep On Top Of Latest Trends In Information Technology. These firms based on their access to leading software vendors and CIO network publish vendor comparison research reports across specific verticals as well as specific technologies. Gartner’s Magic Quadrant and Forrester’s Wave are a very good starting point to get an insight into the best software vendors. For example, if you were looking for a CRM solution, you could look for Gartner’s Magic Quadrant for CRM and look at the vendors that make the list. These reports can be pricey but well worth the money if you are going to invest hundreds of thousands in the software. Having said that, you don’t have to trust these report blindly because how these firms define the best software may not match how you define the best software for your organization

o   Competitive Intelligence: If you are a smart professional, you are already keeping tabs of your competition. Chances are that if you are a big organization, you might see a Press Release either from your competitor or their vendor announcing the implementation of new software. Extrapolate that across 5-10 key competitors of yours and you might discover the vendors that your competitors are choosing. This gives you a good indicator that the vendors used by your competitors must be offering something right.

IT Outsourcing came to foray as a means for corporations to focus on critical business operations while having a specialized IT company take over the responsibility of managing the IT infrastructure and application development. For corporations especially in the developed countries, IT outsourcing provided two fold advantages, one was access to a highly talented pool of engineers and that too at a lower cost since countries like India were quickly growing their stature as an IT outsourcing hub.

IT Outsourcing is now as mainstream as ever and almost every leading organization outsources some or all parts of its IT infrastructure to a specialized company. It makes pure business sense and with tightening budget controls, IT outsourcing has become one of the strategic cost reduction driver for most organizations. Moreover, IT outsourcing is no more restricted to companies in USA & Europe outsourcing their IT projects to countries like India. Domestic companies within India itself actively use IT outsourcing including the Indian government like the India Post project given to TCS.

Is it then a no brainer that IT Outsourcing is critical to your business? Well, if it is cheaper and does not seem to have any inherent disadvantages why not!! Not really, IT Outsourcing despite proven benefits has its limitations and you should be cognizant be of the same before considering outsourcing your IT operations.

·         Limitations in estimating the actual cost of IT outsourcing:Let’s tackle the biggest driver of IT Outsourcing-Cost Savings. For anyone to estimate the cost savings from IT Outsourcing one needs to be able to predict the cost of outsourcing which then helps understand the cost savings from the same. Yes, at a higher level it is a matter of a simple $ per man-hour costs and IT outsourcing will appear to be cheaper in almost all cases. However, “hidden costs” are commonplace with IT outsourcing and it can be immensely difficult to accurately predict these hidden costs. For example, you need to be able to identify the costs of transitioning your in-house IT to an outsourcer, management overhead needed to manage the outsourcing relationship etc. In addition, IT outsourcing contracts are fixed at the start of the contract and as a result any additional requirement/change tends to be charged additionally. It is no surprise that IT requirements can change frequently and if your outsourcing contract doesn’t account for flexibility, you might be limited in the actual cost savings you might make. There is no surprise that there have been so many instances of IT outsourcing projects overshooting their budgets by a huge margin such as the one government shared services project going 500 million pounds over budget