Friday, December 26, 2014

Getting People to Care About Security

I was going to write a blog post on the topic of getting people to care about security.

My notes included covering:

  • Quantifying risk
  • Quantifying cost 
  • Quantifying potential loss

A case study I wrote about the Target breach has some of that at the beginning, including cost to business itself, business leaders, board, customers, business partners and banks.

Given recent events, I think the world is starting to care. Sony was hacked by a foreign government. Movies were canceled. Kids' Christmas's were spoiled. Just think if this were an actual war and more than movies and games were at stake....

I think the Sony breach exemplifies the need to take security seriously and the precipice on which we are teetering because security is such an esoteric topic with many subtleties that people misunderstand - or can be fooled into underestimating the consequences. Not to mention the fact that many organizations are breached for periods averaging 11 months before they realize it according to a recent data breach report.

Just went to see The Imitation Game. It's a great movie based on a true story - and one those who tend to blow off the "crazy people" talking gibberish they don't understand might want to see to consider what they might not know and why they should listen.

Wednesday, November 5, 2014

Fix the Process, Not The People

Some interesting articles about how fixing the process, rather than the people, solves performance problems

Set my people free!

Fix the process, not the people:

Fix the machine, not the person:

Four Steps to Fix a Process

Fix a broken system before disaster strikes

Stop trying to fix people

Monday, September 22, 2014

Do Something Wrong and Fix It

I am reviewing discrete math videos. Because yes I am that nerdy.

The instructor made an interesting comment at one point.

Do something wrong and then fix it. 

This got me thinking about work and life. I get frustrated at times with limited thinking. Oh we can't do this. No we can't do that. People, let's do something. Let's at least try something new and see what happens.

Making mistakes helps us learn. But only if we learn from our mistakes. By taking a chance and trying something we at least learn what doesn't work which is better than learning nothing at all. Thomas Edison didn't come up with the light bulb on his first attempt. He tried many materials to find out which ones didn't work before he found out which one did.

Studies show how mistakes help us learn:

And how correct analysis of mistakes help us learn faster:

I have learned for myself over time, that sometimes rereading the first page of a complex topic I'm not getting over and over doesn't help. It helps to go quickly through the whole book, scanning the information to get the big picture. Then I review the material again for the fine grained details. I don't get hung up on every minute piece of information along the way. I want to get to what matters. I don't sit there stuck on page one I just keep going.

This reminds me of people who stall meetings arguing about semantics and the meaning of words and trivial details. They distract from the bigger problem you are trying to solve. In fact I am surprised how many meetings I attend with general discussion topics and circular conversation that have no real purpose or agenda. A meeting should have a problem to solve, a plan to get there, and a deliverable. There is a problem which has to be clearly stated at the start of the meeting - and it has to be the right problem. Instead of talking about all the problems and being afraid of making mistakes or wasting time on distracting tangents, stay focused on the real problem. Make a plan of actions to take to solve the problem. Then do it.

If the actions turn out to be wrong, so what. Cross them off the list and consider the accomplishment as having discovered and eliminated particular actions that did not solve the problem. Think about why they did not solve the problem and then try something else.

Thinking is key to this whole process. I don't want to sound like you should just flail around doing things for the sake of doing them. But taking some action is better than nothing. While working on something and after it fails, think about why and fix it.

I remember performance testing a complex new system and when it took over a day to run, a guy on my team turned to me (somewhat triumphantly as if he wanted to prove it wouldn't work) and said "Well now we are screwed." And I said, "No, now we fix it." Turns out they were running the app and database it two different data centers. Duh. Latency going over that network caused the problem. There was nothing wrong with the application.

This next article talks about the trade off of speed and accuracy. It seems that taking our time solving problems can help us improve the accuracy of our results. However the end of the article considers the cost of not taking fast action in the case of turning off a nuclear reactor:

This brings me to my last point. You have to think about what is really going to work. This can be based on research as opposed to pulling something out of thin air with no real basis for the decision. However there is a cost associated with thinking too long. In the case of a business loss of innovation might mean loss of market share -- and creative staff that can drive game changing products to market. The cost of rushing and bypassing security might lead to a Target or Home Depot scenario. But the cost of not taking any risks may put you out of business as the competition passes you by if you are paralyzed with fear of all the potential consequences.

It's a trade off. It brings me back to discrete math and algorithms. You don't want to sit around staring at a problem, thinking, talking and doing nothing. 

Unleash the potential of people to solve problems. Let them try things. If you can think ahead about how to do things faster using a reasonable algorithm that should give you accurate results, use it. If you want things to be faster but not sure what to do, try something that poses minimal risk. It the risk of doing or not doing something puts you out of business, consider of the potential loss is worth it and slow down a bit and think it through. But don't just do nothing.

If you are blocked, stuck or not sure what to do, do something wrong that moves you towards a final solution, and then fix it.

Sunday, September 14, 2014

Apple Pay and Transaction Rates

I'm reading some conflicting information on Apple Pay and the related transaction rates. There seem to be some contradictory articles about credit card transaction fees and some hype about Apple's cut.

To better understand the fees associated with Apple Pay it might be helpful to first understand who pays what in typical credit card transaction scenario. This is glossing over some details but here is the gist of it:

A merchant that wants to accept credit cards has to get a merchant account. This is a separate bank account just for credit card processing. The merchant account is linked to the  platforms that process credit cards, that ultimately get the money for the transaction from the POS machine, phone system, e-commerce web site, iPhone, etc. into the merchant account of the merchant. Then the money gets transferred, once settled, from the merchant account to the specified checking account.

Whenever a merchant accepts a credit card, they have to pay a fee. You are all happy that you don't have to carry cash around and get to use your credit card. Every time you swipe the merchant is paying a fee, unlike when you hand over your Benjamins.

The credit card companies and banks have set up this whole convoluted pricing structure for how much it costs a merchant when you pay using a card. For example a "card not present" transaction on the Internet costs more than a "card present" transaction where you swipe your card at a point of sale machine. Like in the store at Target or Home Depot. Because "card present" transactions are more secure and less risky.


Also processing a card on a web site or alternate transaction processing system might require a "gateway fee" for linking the alternate processing device to traditional processing platforms. Some well known gateways are Cybersource,, and Verisign. PayPal lumps all those fees together. Some merchant accounts do as well - they might raise the discount rate (the fee on each transaction) and eliminate the gateway fee.

Oh and you know that card you love that let's you get cool rewards? That's great that your credit card company does that for you. So nice of them. But actually depending on the type of card being used the merchant may pay a higher rate for those too. Different card brands, vacation cards and debit cards can all have different fees associated with them. So actually you should be thanking your local coffee shop along with the credit card company for you last vacation funded by credit card rewards - or wherever you spent the most money. The coffee shop paid a higher fee for your transactions most likely.

So along comes Apple Pay and the idea is to find ways to make transactions more secure and convenient for consumers. So you get your new iPhone 6 and you are like "Sweet now I can just use my fingerprint instead of pulling out my card and it's all way more secure."

But behind the scenes the credit card companies might be making your favorite coffee shop pay more to have that added convenience. (And that is why the coffee shop offers a discount for cash or have minimum amount for credit card transactions, which might not exactly be in line with their merchant agreement but nevermind that.)

So it was kind of a big deal for Apple to negotiate a low fee for merchants to pay in all this transaction business, besides implementing all the cool new technology. They had to do the same thing when they negotiated a low price with the record labels for single songs instead of a whole higher priced album on iTunes. The price has to be one that people will pay, and although you don't see that price the merchants see it when you swipe and it eats into their profits, and ultimately things cost you more. And who wins? The people getting the fees for processing the cards obviously.

There is a cost and a risk to processing cards but Apple has said it will assume some of the risk to lower these transaction fees. If the fees to merchants are too high they won't accept Apple Pay. It sounds like they have negotiated lower "card present" rates but found conflicting reports. Merchants will want to verify with their banks what they pay for and Apple Pay transaction.

Some other articles are stewing about all the money Apple will be making on these transactions. All they are doing is taking a cut of the fees merchants will pay anyway for helping to facilitate the transaction - and if all goes according to plan - make it more secure and convenient.

Additionally, everyone wants a cut of transaction revenue. The credit card processors and banks control the game. If an alternate payment source comes along that creates competition and lowers transaction fees, that's a good thing for merchants. It should in theory make all our stuff cost less and easier for small companies to accept credit cards (or tokens) for payment. 

I don't know all the details of the Apple deal or who is paying what fees or how much each player is making. I just read some articles that didn't really explain the fee structure or were making a big deal about the fees Apple was getting, so thought would shed some light on how the fee structure typically works.

Tuesday, July 1, 2014

Peer to Peer Lending - Lending Club

I am very curious about peer to peer lending as a potential investment strategy. I have wondered a few times in the past why investors don't make loans as part of an investment strategy.

When I bought my house I found some people who were doing just that - I think it was like an investment company that invested in home loans. In this case I went with this alternative based on personal recommendations and the fact that I could get the deal done quickly. They gave me a good rate with no schmoozy sales pitches and made the lending process very easy. They turned around and sold all the loan to a bank within a month of the sale of the house.

Lending to a person vs. investing in stock seems more tangible to me for some reason, but it could be just as or more risky depending on the person. But it's like a dividend - it's pure money not something that may or may not go up in value like a stock or a house. There are pros and cons to every investment strategy but I decided to do some research in this area.

Here are some links with more information:

CBS Review of Lending Club

Growth of Peer to Peer lending - a market place which removes some of the traditional risk of a bank:

Lending Club CNBC Top 50 disruptor

NASDAQ says good addition to lending portfolio (wondering if and how this endorsing post may be related to upcoming IPO...)

Google invests in Lending Club

Hedge Funds and Banks Taking Investment Away From Peer Investors

Wells Fargo Bans Staff From Investing in P2P Lending

Loss rate on verified and non-verified income

Defaulted Loans



American Household Credit Card Debt Statistics 2014

Various Lending Club Strategies and Results (web search, not verified):

Lending Club Going Public

Sunday, June 22, 2014

Beautiful Things

Before I worked at Real Networks, signed up for this music service that would let you listen to unlimited songs from unheard of artists for $5 per month. I thought this was a really cool concept. To be honest, I just wanted to find something to fill the headphones I wore to avoid strangers bugging me while I was trying to work in coffee shops. I found copying music from CDs to computers too time consuming and not high enough on my priority list. Plus I hate buying it because I get bored and switch things up a lot. This service was great.

Later I ended up working at Real Networks. Rhapsody had a similar model which I actually liked better than iTunes. I think they ended up buying that service I listened to with the unknown artists. Someone referred to Rhapsody as a jukebox in the sky. I thought it was a really cool service in concept.

What I noticed, however, while creating the web pages for devices that worked with Rhapsody, was that they were not as sleek and cool as an iPod (iPhone had not yet been announced). I thought to myself that Real Networks would lose the music service battle unless they could get better looking, easier to use devices. 

To me the beauty of the device was an important package and critical to the success of the music service they were trying to sell.

I also found it interesting that there was a massive cool looking billboard right down the street from our office advertising an iPod. I wondered, knowing very little about Steve Jobs or Apple, if that billboard was placed there intentionally to taunt Real Networks.

After reading the Steve Jobs book, I am pretty sure I was right on both counts.

While working at Real Networks news came out that Apple was going to release  a new product. The buzz was everywhere. I told my boss they were going to release a phone that plays music. Obviously - what else would it be? He went into a long spiel about how it wasn't technically possible. 

This reminded me of when I told the venture capitalists I was working for that it was ridiculous to carry a PDA and a phone. I said they should look for a company that was combining the two. They explained to the silly girl in the room how that wasn't going to happen.

The iPhone was announced. It played music. It displayed the whole Internet on your phone. It was revolutionary. Despite the debate I had last night with my ex-professional musician lawyer friend, I think it was beautiful.

Even though intrigued by the iPhone, I didn't buy one for a long time because I liked the feel of tactile keyboards. Eventually I succumbed after going through three menus to dial a phone number on a Windows phone, and noticing that Microsoft and Google employees I knew had iPhones. I walked into AT&T and said , "Let me see if I can make a call on that thing". They handed me the phone, I pushed the icon with the phone on it which appeared on the first screen and the keypad to dial the number popped up. I said "I'll take it."

Whatever fancy stuff your device can do, in the end it's a phone. If you can't make a phone call easily, that's annoying.

Beautiful = form + function

I just finished reading the Steve Jobs book by Walter Isaacson. As per usual I don't rush out to get the latest of anything. It's been out for a while.

What intrigued me reading about Steve Jobs was the intersection of creative genius, motivation and personality. Although nowhere near his creative genius (can anyone be?) I felt like I could relate to some things that other people probably write off as terrible personality traits. I thought I might attempt to explain that statement a bit.

Motivation ~

Different things motivate different people. Sales people are motivated by money. Professional musicians are probably motivated by love from adoring fans and being the center of attention. Politicians, such as those working their way up the corporate food chain based on scheming rather than tangible business deliverables, probably want power.

Steve Jobs was motivated by building beautiful things. 

This is what motivates me as well. I just understand, I think, some of the feelings he might have had and why he was at times temperamental. He wanted to build beautiful things, and when things were not as beautiful as they could be, he pushed for more. He knew it could be better. He wasn't driven by money he was driven by the process of creating products. That ultimately led to money because his products were great but the motivation was the creating and building and the thing of beauty at the end.

The desire and motivation to build beautiful things, how it occurs and how it affects people, is something not everyone understands, comprehends or appreciates. They think a product is a means to an end - money. Yes in a way, and in business what you build ultimately has to make money, but to the builder of beautiful things that is not the motivation. It is the process and act of creating and perfecting and building things and the feeling of getting it just right. It is the belief that anything is possible (or the disbelief of all the people explaining why it cannot be done). It is about building something and being able to savor the creation after it is complete - how it looks, feels. It could be a meal, a painting, a phone, a poem, a well written piece of software. 

For the inventor it is also about fixing problems, such as having to carry two devices when one will do, or a vehicle that gets you somewhere faster than a horse. It's not about some marketing doodad like pet rocks. It's about something tangible that makes people's lives better.

The most beautiful things, to me, are those that combine form and function and are as simple as possible. But not too simple, in the words of Einstein.

Creative Vision ~

When I was in fine art classes in college I learned to see things differently. If you are going to draw or paint something you have to notice all the intricate details. I started to notice the different colors of gray in the shadows, the spots of light, the reflections of things in shiny objects. Once when in London with a boyfriend I took a photo of the side of a building. He said what are you doing? I said I was taking a photo of the reflection of building on the other side of the street. He was surprised. He hadn't even noticed the reflection until I explained what I was doing. I know this is not amazing to some creative people out there but it is simply an example to demonstrate how one person might see something another doesn't even though they are looking at the same thing.

This propensity to see things other people don't see - can cause conflict and frustration at times. The person who wants to build and create beautiful things by fixing all the intricate details, who also has the big picture vision to complete the whole thing from start to finish may be frustrated having to explain all of this just to get something done. It seems so obvious and the time it takes to explain can be tiring. In some cases the people you are explaining it to don't have the capacity to see the things you see or just don't care. Some people only see the big picture and want to skim over the steps to get there. Some people pontificate about the details and don't understand how to take all the steps required to get to the end result. Some people don't want to put in the effort to get it done and some just want a paycheck. Some people just want to foil your efforts for egotistical reasons - that is probably the worst of all worlds as it is malicious, while the former scenarios are simply lack of understanding.

Some minds are capable of seeing a whole project end to end with all the architectural components plus all the small tasks that need to be done in between and in what order to get things done efficiently. It is frustrating when you can see all these things and you know how to get it done but you can't - for whatever reason - and you just want to find a way to make it happen. You know that if you can get it done it will be great. Whether or not you can is a product of your environment and the people you work with. Sometimes this frustration can make itself apparent in unintended ways and it feels at times that it cannot be helped when frustrations reach a boiling point. 

Personality ~

Jobs had some personality traits which were not admirable. He could have and probably should have said things in a nicer way much of the time. But what people don't understand was the lashing out was most likely due to intense sensitivity. This extreme sensitivity and a vision for what he was trying to build is what drives some personality types to be both genius and visionary - and prickly and annoyed because they see things other people can't see. They are obsessed with building things that are extraordinary, while most people couldn't be bothered to put out that much effort. It is time consuming and frustrating to explain things to people who don't understand. It is almost painful when things are not right. It is like nails on a chalkboard when things get in the way of creating beautiful things. The ones who change the world don't accept things that aren't as good as they can be, and have the guts to speak up despite the world being against them. They are not easy-going, complacent, OK with mediocrity and status quo. They are not patient with people blocking progress and success.

When the thing you are trying to build is not right, it creates a disharmony that is almost, if not literally, painful. It is angst that drives you to want to fix it and get it right. Things that get in the way create additional pain points. People often lash out when they are in pain. They want the pain to go away and that's when things get ugly. I've seen people go through debilitating diseases like cancer that create a lot of pain - and it changes people's personalities. When you are hurting you tend to claw and scratch at the world. This is what it's like when you're trying to build something beautiful, you are highly sensitive, you have a vision, you know it can be done, and things are getting in the way.

Jobs didn't build all these beautiful things alone. Was he a terrible person as some try to make him out to be? Although he was temperamental, he was able to build a following of people that wanted to go with him when he was fired at Apple. He knew how to pick the right people. He could cut out people brutally when they didn't produce results. He pushed people that worked for him to their limits (sometimes with overly harsh remarks). He knew how to pick A players and he didn't put up with C players. The C players weren't deemed C players based on personality traits such as "being difficult" - they were the people who didn't produce the results Jobs wanted. The A players hotly debated and argued about the best way to build things - which led to superior products.

At times, smear campaigns prevail over a person's amazing accomplishments. In Jobs' case various magazines wrote articles about his character flaws. It seems that people seek to harm and undermine other people at times, rather than try to understand what the person with pure intentions and amazing ability is trying to accomplish. If you believe Steve Jobs' statements his intentions were good. He was self aware and couldn't seem to control his personality flaws, though many people wanted him to change. His means of getting to an end were admittedly sometimes mean and inconsiderate. Although still not acceptable behavior in many cases, I'm sure in a way it was just his way of dealing with things that he was not equipped to deal with in a better way. I'd guess a lot of people didn't like Steve Jobs or approve of his behavior, but in 2011 Apple was rated one of the top 20 places to work and Steve Jobs had a 97% approval rating on

Here's to the crazy ones ~

In 1997 Apple came out with the Think Different ad campaign. It included a commercial about the "crazy ones". The people who changed the world. The people who "think different". It ends with "the ones who are crazy enough to think they can change the world are the ones who do." This line was added by Jobs himself.

The world reacts in strange ways to people who are trying to make it a better place sometimes. Perhaps it is the nature of the delivery or the fear of change, but you would think by now people would have learned some lessons about not making emotional judgements about other people or basing a negative evaluation of a person on the passion they have for their ideas or quirky personalities. Here are some examples:

At times, people who buck the system and create new ways of doing things are vilified or robbed of their inventions. Armstrong, creator of FM radio, was apparently a bit difficult. He ended up committing suicide after battling with RCA for his invention. You can read his story in the book Iconoclast or here:

Sometimes highly sensitive, creative people with good ideas don't speak out at all. This could be not wanting to deal with the political ramifications of such actions, or after having been beaten into submission by a world that is not too keen on alternate points of view. They may find other outlets for their creativity which otherwise could benefit their employers. For example Steve Wozniak tried to show his invention that ultimately became an Apple product to HP and they brushed it off. Susan Cain wrote about the propensity of companies to create environments that are hostile to introverted personalities in her book: Quiet: The Power of Introverts in a World That Can't Stop Talking:

At times, emotional decision making and judgements are made criticizing character rather than making logical decisions based on quantifiable facts. It is sad that people who are correct in their analysis or are trying to make things better are demonized when they get frustrated with people who don't see what is so obvious to the person who has the most knowledge in the matter. Michael Burry, who foresaw 2008 crash, was sued by investors to get their money out. Lucky for them, they were unsuccessful. They made a lot of money. After all said and done, no one thanked Burry. See The Big Short, Michael Lewis -

In the end many people can criticize those who have to make the tough decisions to get things done. As Steve Jobs asked one angry blogger "What have you done that is so great?" It's easy to be an arm chair quarterback. What's not easy is to stand up and do something amazing when the rest of the world is trying to bring you down.

There is a passage near the end of the book about how the politically savvy smooth talkers who don't want to ruffle any feathers are generally are not the ones to make the dramatic changes needed for truly innovative companies. I will let others debate the tendency for Corporate America to promote and praise the political game players and those who "don't make waves" vs. the people that can truly drive innovation.

For myself, I will simply keep trying to create beautiful things, one way or another.


Related reading and references

The Imitation Game (A later addition, completely supporting this blog post) -

Steve Jobs  by Walter Isaacson -