Only Yahoos Work in an Office!?

Ok, so I think almost everybody has either slammed Marissa Mayer about the new Yahoo non-remote worker policy or said that it’s the medicine they have to swallow. Very few are actually pointing out however, that Yahoo was probably just really bad at managing their remote employees. In the end, I don’t care, that just means there are now going to be more people who are probably great that will be available in a tech market that is happy to hire the talent!

But I do digress, I have something else to talk about that is actually productive. I’m going to kick this off with a short story, that actually inspired me to write this post.

Remote Workers Unite!

I was in the office, a coworking office called NedSpace in downtown Portland with my fellow Bashoians Eric Redmond (@coderoshi) & Chris Tilt. Generally we all work remotely, because everyone at Basho is remote. The entire company, from CEO to HR to Marketing to Engineering, everybody is remote. Basho does a solid job of working like this, it is indeed, a modern Internet enabled software company. However today we were all in the office.

During the day I pulled up Scott Hanselman‘s Blog Entry “Being a Remote Worker Sucks“. I found this on twitter and shortly after reading it, tweeted,

Case Study Coffee
Case Study Coffee

Within a few minutes, lo and behold in the glare of my Apple Cinema Display I see Scott Hanselman walk up behind me! (Isn’t this building secure?!!? Scott’s name is now Hacker Hanselman!) Wow, that doesn’t happen everyday or does it? So Eric & Chris finished up some coding. Chris headed off to return home, where he remotely works from. However Eric, Scott & I headed out for a stroll through the city of Portland to Case Study Coffee. We had a great conversation, discussing all sorts of blog entry ideas, Node.js oddities, duplications between Rail & Node.js & Java & .NET and all sorts of other things. I mean, you probably know how it goes when you have three geeky people going on endlessly about awesome nerdy stuff. Simply put, we covered a lot of topics.

…that’s when I thought…

Offices Are Often The Worse Place to Cross Pollinate Ideas

Not a little bit, but likely the absolute worse places to cross-pollinate ideas. But then I got to thinking a little bit more. Is Yahoo on to something? Is there a need or a reason why people should be in a similar place? I mean, I know for a fact the most rapid learning I ever had was pair programming with other coders. But I’ve done this in an office and outside of the office, at coffee shops and hackathons, on the rooftop of buildings and in dark and dreary bars. I’ve paired with a lot of coders and learned a lot by doing that.

Another question came up, is it really important to be in the office or is it important to be near others you are working with? More of that thinking and remembering things and more experiences popped into my mind. Whew, this was becoming a serious thinking session. I’d also had a great experience working remotely and learning at practically the same rate with friends. We were all working on an open source project. We asked questions in general chat on IRC or other places, and got instant feedback and help when we needed it. We’d put ideas into chat and discuss them readily and sometimes excessively. We weren’t anywhere near each other, specifically we were about 1400+ miles from each other in different time zones. But it worked and it worked damn well!

My correlations in trying to figure out, should employees be in office or out of office could go on. As Eric said when we all returned form the coffee shop, “correlations do not show causation, but they sure as hell imply it“. Well, I didn’t want to just imply onsite or remote work is better I wanted to know what really works or doesn’t. More thinking ensued and then…

Freedom Punched Me In The Face

Then it hit me. Geographic location doesn’t make any difference. The difference, which also makes Yahoo’s demand for no more remote working, is again the freedom of the individuals involved. The freedom to work where we are needed with who we ought to and need to and when we are most efficient and capable of performing the work best. The key is this freedom is granted, and that driven self organizing individuals make use of this freedom. It may be that one day we might end up in the office while another day we end up in a park, at home or in some coffee shop.

So forget remote working or in office working. These things aren’t correlated to someone being productive or not, the core reasons someone is productive is the ability that they have the freedom to be productive in the way that best works for them and for the company they’re providing services for. The most important thing is being able to give freedom to those doing the work to be productive. Remote or not is pure distraction and in turn is bullshit.

Don’t get distracted by the remote or onsite worker debate, figure out the best ways to work with your employees based on individual freedom. You’ll have far more productive individuals than any existing hierarchical corporate structure nonsense.

Your Cloud, My Cloud, Security in the Cloud

I had a great conversation the other night while at the Seattle Web Analytics Wednesday (#waw) with Carlos (@inflatemouse) and a dozen others.  @inflatemouse brought up the idea that an analytics provider using the cloud, increases or at least possibly increases the risk of security breach to the data.  This is, after all a valid point, but because of the inherent way web analytics works this is and is not a concern.

Web Analytics is Inherently Insecure

Web analytics data is collected with a Javascript Tag.  Omniture, Webtrends, Google, Yahoo, and all of the analytics providers use Javascript.  Javascript is a scripting language, which is not compiled, and stored in plain text in the page or an include, or passed into the URI when needed.  This plain text Javascript is all over the place, and able to be read merely by looking at it.  So the absolute first point of data collection, the Javascript tags, is 100% insecure.

The majority of data is not private.  So this insecurity isn’t a huge risk or at least should not be.  If it is, you have larger issues before you even contemplate using an on-premise and cloud solution to bump up your compute and storage capabilities.  Collecting data that needs to be secure via web analytics is an absolute no.  Do NOT collect secure, private, or other important pieces of data this way.  If you have even the slightest legal breach in this context, your entire analytics provision could have this data scraped, possibly used in court in a class action suite, or in other ways even.

For the rest of this write up, I will assume that you?ve appropriately encrypted, or enabled SSL, or otherwise secured your analytics or data collection in some way.

Getting that Boost on Black Friday

eE-commerce has gotten HUGE over the last decade.  The last Black Friday sales and holiday season saw the largest e-commerce activity in history.  Omniture, Webtrends, and all of the other web analytics providers often see a ten fold increase in web traffic over this period of time.  Sometimes, for some clients, this traffic is handled flawlessly by racks and racks of computers sitting in multiple collocation facilities around the world.  However, for some clients that have exceedingly large traffic boosts, data is lost.  (yes, ALL the providers lose data, more so during these massive boosts)  The reason is simple, the machines can?t process in time or handle the incoming traffic because the extra throughput isn?t available to scale.

Enter the cloud.  The cloud has vastly more scalability, almost an infinite supply by comparison, to any of the infrastructure available to the analytics providers.  Matter of fact the cloud has more scale available than all of the analytics providers.  This is actually saying a lot, because Webtrends (and maybe some of the others) I know does an amazing job with their scalability and data collection, arguably more accurate and consistent than any of the other providers (especially since many of them just sample and "guess" at the data).

So when you extend your capabilities to the cloud for web analytics do you really increase your security vulnerability?  Most of the providers of web analytics have their own array of security measures, that I won’t go into on levels of security.  However, does introducing the cloud change anything?  Does it alter the architecture so significantly as to introduce legitimate security concerns?

Immediately, from a functional point of view, assuming good architecture, intelligent system design, and good security practices are in use already, introducing the cloud should and is transparent to clients.  For the provider it should not increase legal concerns, functional concerns, or otherwise pending the aforementioned items are taken care of appropriately.  But that is just it, every single current provider has legacy architecture, various other elements that do not provide a solid basis for a migration to the cloud for that extra bump of power and storage.

So what should be done?  What if a provider wants that extra power?  Can the technical debts be paid to use the awesome promises of the cloud?  Is the security really secure enough?

Probably not.  Probably so.  But . . .

This provides a prospective opportunity for a new solution for web analytics to be provided.  It provides a great opportunity for a modern cloud based solution, that provides more than just a mere Javascript tag and insecure unencrypted data to be collected for analysis.  It provides the grand opportunity to design an architecture that could truly lead the industry into the future.  Will Webtrends, Omniture, Unica, or someone else step in to lead the analytics industry into the future?

At this point I’m not really sure, but it definitely is an interesting thought and a conversation that I have had a lot of people at #altnet meetings, cloud meetups, and with cloud architects, engineers, and others that have similar curiosities.  I await impatiently to see someone or some business take the lead!