Introduction to Shift Left Testing

Abdul Riyaz

Never stop until the very end.

The above statement encapsulates the essence of Shift Left Testing.

Quality Assurance should keep up the momentum of testing during the end-to-end flow. This will ensure Quicker Delivery, Quality Product, and Increased Revenue with higher Profitability. This will help transform the software development process. Let me elucidate how it helps.

Traditional Testing vs Shift Left Testing

For several decades, Software Development followed the Waterfall Model. In this method, each phase depends on the deliverables of the previous phase. But over time, the Agile method provided a much better delivery pattern and reduced the delivery timelines for projects. In this Software Development model, testing is a continuous process that starts at the beginning of a project and reduces the timelines. If we follow the traditional way of testing after development, it eventually results in a longer timeline than we imagined.

Hence, it is important to start the testing process parallel to the development cycle by using techniques such as ‘Business-Driven Development’ to make it more effective and reduce the timeline of delivery. To ensure Shift Left Testing is intact, AUT (Application Under Test) should be tested in an automated way. There are many proven Automation Testing software available in the current world of Information Technology which help better address this purpose.

AI Devops Automation Service Tools
AIOps Artificial Intelligence for IT Operations

End-to-End Testing Applied over Shifting Left!

Software Testing can be predominantly classified in 3 categories – Unit, Integration and End-to-End Testing. Not all testing correspondingly shifts left from Unit test to System test. But this approach is revolutionized by Shift Left Testing. Unit Testing is straightforward to test basic units of code, End-to-End Testing is based on the customer / user for the final product. But if we bring the End-to-End testing to the left, that will result in better visibility of the code and its impact on the entire product during the development cycle itself.

The best way we could leverage ML (Machine Learning) and achieve a Shift-Left towards design and development with testing is indicated by continuous testing, visual testing, API coverage, scalable tests and extendable coverage, predictive analytics, and code-less automation.

AIOps Digital Transformation Solutions

First Time Right & Quality on Time Shift Left Testing not only reduces the timeline of deliveries, but it also ensures the last minute defects are ruled out and we get to identify the software flaws and conditions during the development cycle and fix them, which eventually results in “First Time Right”. The chance of leaking a defect is very less and the time spent by development and testing teams towards fixing and retesting the software product is also reduced, thereby increasing the productivity for “Quality on Time” aspects.

I would like to refer to a research finding by the Ponemon Institute. It found that if vulnerabilities are detected in the early development process, they may cost around $80 on average. But the same vulnerabilities may cost around $7,600 to fix if detected after they have moved into production.

Best AI Auto Discovery Tools

The Shift left approach emphasizes the need for developers to concentrate on quality from the early stages of a software build, rather than waiting for errors and bugs to be found late in the SDLC.

Machine Learning vs AI vs Shift Left Testing There are opportunities to leverage ML methods to optimize continuous integration of an application under test (AUT) which begins almost instantaneously. Making machine learning work is a comparatively smaller feat but feeding the right data and right algorithm into it is a tough task. In our evolving AI world, gathering data from testing is straightforward. Eventually making practical use of all this data within a reasonable time is what remains intangible. A specific instance is the ability to recognize patterns formed within test automation cycles. Why is this important? Well, patterns are present in the way design specifications change and, in the methods, programmers use to implement those specifications. Patterns follow in the results of load testing, performance testing, and functional testing.

ML algorithms are great at pattern recognition. But to make pattern recognition possible, human developers must determine which features in the data might be used to express valuable patterns. Collecting and wrangling the data into a solid form and knowing which of the many ML algorithms to inject data into, is very critical to success.

Many organizations are striving towards inducting shift left in their development process; testing and automation are no longer just QA activities. This certainly indicates that the terms of dedicated developers or testers are fading away. Change is eventually challenging but there are few aspects that every team can work towards to prepare to make this shift very effective. It might include training developers to become responsible for testing, code review quality checks, making testers aware of code, start using the same tools, and always beginning with testability in mind.

Shifting left gives a greater ability to automate testing. Test automation provides some critical benefits;

  • Fewer human errors
  • Improvised test coverage (running multiple tests at same time)
  • Involvement and innovative focus of QA engineers apart from day to day activities
  • Lesser or no production defects.
  • Seamless product development and testing model

Introducing and practicing Shift Left Testing will improve the Efficiency, Effectiveness and the Coverage of testing scope in the software product which helps in delivery and productivity.

References

About the Author –

Riyaz heads the QA Function for all the IP Projects in GAVS. He has vast experience in managing teams across different domains such as Telecom, Banking, Insurance, Retail, Enterprise, Healthcare etc.

Outside of his professional role, Riyaz enjoys playing cricket and is interested in traveling and exploring things. He is passionate about fitness and bodybuilding and is fascinated by technology.

Understanding Data Fabric

Srinivasan Sundararajan

In the recently announced Technology Trends in Data Management, Gartner has introduced the concept of “Data Fabric”. Here is the link to the document, Top Trends in Data and Analytics for 2021: Data Fabric Is the Foundation (gartner.com).

As per Gartner, the data fabric approach can enhance traditional data management patterns and replace them with a more responsive approach. As it is key for the enterprise data management strategy, let us understand more about the details of data fabric in this article.

What is Data Fabric?

Today’s enterprise data stores and data volumes are growing rapidly. Data fabric aims to simplify the management of enterprise data sources and the ability to extract insights from them. A data fabric has the following attributes:

  • Connects to multiple data sources
  • Provides data discovery of data sources
  • Stores meta data and data catalog information about the data sources
  • Data ingestion capabilities including data transformation
  • Data lake and data storage option
  • Ability to store multi-modal data, both structured and unstructured
  • Ability to integrate data across clouds
  • Inbuilt graph engine to link data for providing complex relationships
  • Data virtualization to integrate with data that need not be physically moved
  • Data governance and data quality management
  • Inbuilt AI/ML engine for providing machine learning capabilities
  • Ability to share the data both within enterprises and across enterprises
  • Easy to configure work-flows without much coding (Low Code environment)
  • Support for comprehensive use cases like Customer 360, Patient 360 and more

As evident, Data Fabric aims to provide a super subset of all the desired data management capabilities under a single unified platform, making it an obvious choice for future of data management in enterprises.

Data Virtualization

While most of the above capabilities are part of existing data management platforms for the enterprise, one important capability that is part of data fabric platform is the data virtualization.

Data virtualization creates a data abstraction layer by connecting, gathering, and transforming data silos to support real-time and near real-time insights. It gives you direct access to transactional and operational systems in real-time whether on-premise or cloud.

The following is one of the basic implementations of data virtualizations whereby an external data source is queried natively without actually moving the data.  In the below example, a Hadoop HDFS  data source is  queried from a data fabric platform such that the external data can be integrated  with other data.

AI Devops Automation Service Tools

While this kind of external data source access it there for a while, data fabric also aims to solve the performance issues associated with the data virtualization. Some of the techniques used by data fabric platforms are:

  • Pushes some computations to the external source to optimize the overall query 
  • Scales out computer resources by providing parallelism

Multi Cloud   

As explained earlier, one another critical capability of data fabric platforms is its ability to integrate data from multi cloud providers. This is at the early stages as different cloud platforms have different architecture and no uniform way of connectivity between them. However, this feature will grow in the coming days.

Advanced Use Cases 

Data fabric should support advanced use cases like Customer 360, Product 360, etc. These are basically comprehensive view of all linkages between enterprise data typically implemented using graph technologies. Since data fabric supports graph databases and graph queries as an inherent feature, these advanced linkages are part of the data fabric platform.

Data Sharing  

Data fabric platforms should also focus on data sharing, not within the enterprise but also across enterprise. While focus on API management helps with data sharing, this functionality has to be enhanced further as data sharing also needs to take care of privacy and other data governance needs.

Data Lakes 

While the earlier platforms similar to data fabric have worked on the enterprise data warehouse as a backbone, data fabric utilizes a data lake as it is the backbone. A data lake is a centralized repository that allows you to store all your structured and unstructured data at any scale. You can store your data as-is, without having to first structure the data, and run different types of analytics – from dashboards and visualizations to big data processing, real-time analytics, and machine learning to guide better decisions.

Data Fabric Players

At the time of writing this article, there are no ratings from Gartner in the form of magic quadrant for Data Fabric Platforms. However, there is a report from Forrester which ranks data fabric platforms in the form of a Forrester Wave.

Some of the key platforms mentioned in that report are:

  • Talend
  • Oracle
  • SAP
  • Denodo Technologies
  • Cambridge Semantics
  • Informatica
  • Cloudera
  • Infoworks

While the detailed explanation and architecture of these platforms can be covered in a subsequent article, a sample building blocks of Talend data fabric platform is illustrated in the below diagram.

AIOps Artificial Intelligence for IT Operations

Enterprises can also think of building their data fabric platform by combining the best of features of various individual components. For example, from the Microsoft ecosystem perspective:

  • SQL Server Big Data Clusters has data virtualization capabilities
  • Azure Purview has data governance and metadata management capabilities
  • Azure Data Lake Storage provides data lake capabilities
  • Azure Cosmos DB has graph database engine
  • Azure Data Factory has data integration features
  • Azure Machine Learning and SQL Server have machine learning capabilities

However, as evident, we are yet to see strong products and platforms in the areas of multi cloud data management, especially data virtualization across cloud providers in a performance focused manner.

About the Author –

Srini is the Technology Advisor for GAVS. He is currently focused on Healthcare Data Management Solutions for the post-pandemic Healthcare era, using the combination of Multi-Modal databases, Blockchain, and Data Mining. The solutions aim at Patient data sharing within Hospitals as well as across Hospitals (Healthcare Interoperability) while bringing more trust and transparency into the healthcare process using patient consent management, credentialing, and zero-knowledge proofs.

Moving Ahead as Managers

Bindu

Bindu Vijayan

When I was recently asked to drive employee experience at GAVS, I thought, what an opportunity to support a group who are deliverers of high-value systems! I have personally seen the Leadership’s wisdom and the passion to drive GAVS forward as a meaningful and purposeful company. This is an opportunity to help deliver fine-tuned responses through earnest feedback.  And thus, started a somewhat ministerial role – listening truly, relating to what is being heard, because we believe there is a huge potential to strengthen bonds.

Operational execution takes place from the Managers, and here at GAVS, the value system is entrenched in the belief that seniors serve the needs of others; the inverse pyramid.  I have seen our CEO, Sumit Ganguli, treating everyone like a Leader, and everyone is given the responsibility to know and understand the company and the business. The earnest attempt is to have employees relate to GAVS, be the best brand ambassadors for the values and culture we stand for. 

Often times, we as Managers are going through the stress from genuinely caring to get everything right and move projects and teams forward along with the company, but it might be a totally different story with the teams we are managing – things aren’t going too well, and even before we realize what is going on, people leave us.

This points us to a need to recalibrate ourselves and our managerial style, and sometimes our self-calibration can have profound implications for the organization.

Was it a single event that had team members leave? It most times isn’t, it is a collection of problems…no quick fixes or silver bullets, but let’s take the medicine, the whole course, that would turn things around. We have all been on both sides and know what it is to open up and give honest feedback, the genuine hope and excitement about change, and as Managers today, we are happy to actually have individuals open up.   

Who am I as a Manager?

Ed Catmull, President, and co-founder of Pixar writes, “We acknowledge we will always have problems, many of them hidden from our view; that we work hard to uncover these problems, even if doing so means making ourselves uncomfortable

As a Manager, let me take a real hard look at myself in the mirror to see what I might be doing wrong.  Why are my team members quitting? How do I lead? Is it through ‘Power’, as in our real inner power to lead with positivity and assertiveness, or is my leadership about ‘force’, where my authority, screaming, bullying, manipulating, sycophancy that drives my team along with me?

Making time for everyone

Let us make time to meet every single person in our team even when we are managing large teams. Scheduling that one crucial hour with each team member is giving them the opportunity to be a reviewer, exchange seats with them, and see it through their eyes.  Keep the agenda for the meeting to speak only about how we can improve managing them, all defenses down.

Demonstrate we see them as our peers, listen…

Listen to everything they have to say, without interrupting. Be a true listener, and promises are to be made and to be kept. The worst thing for us to do is to have that ‘excellent chat’ and go back to the ‘same old’.

Get straight forward feedback from the team and give them immunity for saying it the way it is

Sometimes we need to hear the little harsh truths about ourselves. And the team doesn’t want to see us defensive about our ways of impacting them wrong. We have to hear them out, and everything they want to say, and that’s the first step for them to choose to stay. People should feel safe to talk about things they want as improvements, and to be heard on what is working vs things that are not working.

Don’t wait on actions

Unless commitment is made, there are only promises and hopes, but no plans” – Peter Drucker

I don’t mean there is a magic wand that we can use for everything to turn good overnight. But continuous improvements, by way of small consistent steps, should be visible, and getting everyone involved in it would be a great way to get it right. Everybody wants to see progress.

Here are some toxic traits that call for recalibration;

  • Highly irritable, short-tempered
  • Arrogant, unapproachable
  • Getting defensive about constructive criticism
  • Overtly dominant
  • Belittling other people’s feelings
  • Highly controlling
  • Manipulative

Today, it is interesting to see lots of new-age companies where there are zero hierarchies, employees and leaders are like family. The millennials and the Gen Z are comfortable being who they really are, and we Managers from different demographics must simply jump in and learn from their signature authenticity.

About the Author –

Bindu Vijayan takes care of Employee Experience at GAVS, she works towards creating an environment that’s conducive to passion and make employees feel valued as individuals. She is an avid reader, enjoys music and poetry, and is a devoted mother and a grand-mother. An ardent Kafka fan, she relates to his famous quote, “Don’t bend; don’t water it down; don’t try to make it logical; don’t edit your own soul according to the fashion. Rather, follow your most intense obsessions mercilessly.”

#EmpathyChallenge – 3 Simple Ways to Practice Empathy Consciously

Padma Ravichandran

A pertinent question for the post COVID workforce is, can empathy be learnt? Should it be practiced only by the leaders, or by everyone – can it be seamlessly woven into the fabric of the organization? We are seeing that dynamics at play for remote teams is little unpredictable, making each day uniquely challenging. Empathy is manifested through mindful behaviours, where one’s action is recognized as genuine, personal, and specific to the situation. A few people can be empathetic all the time, a few, practice it consciously, and a few are unaware of it.

Empathy is a natural human response that can be practiced by everyone at work for nurturing an environment of trust. We often confuse empathy for sympathy – while sympathy is feeling sorry for one’s situation, empathy is understanding one’s feelings and needs, and putting the effort to offer authentic support. It requires a shift in perspective, and building trust, respect, and compassion at a deeper level. As Satya Nadella, CEO, Microsoft says, “Empathy is a muscle that needs to be exercised.”

Here are three ways to consciously practice empathy at work –

  • Going beyond yourself

It takes a lot to forget how we feel that day, or what is priority for us. However, to be empathetic, one needs to be less judgemental. When one is consciously practicing empathy, one needs to be patient with yourself, your thoughts, and not compare yourself with the person you are empathizing with. If we get absorbed by our own needs, it gets difficult to be generous and compassionate. We need to remember empathy leads to influence and respect, and for that we should not get blind sighted by our perceptions.

  • Being a mindful and intentional listener

While practicing empathy, one has refrain from criticism, and be mindful of not talking about one’s problems. We may get sympathetic and give unsolicited advice. Sometimes it only takes to be an intentional listener, by avoiding distractions, and having a very positive body language, and demeanour. This will enable us to ask right questions and collaborate towards a solution.

  • Investing in the person

Very often, we support our colleagues and co-workers by responding to their email requests. However, by building positive workplace relationships, and knowing the person beyond his/her email id, makes it much easier to foster empathy. Compassion needs to be not just in words, but in action too, and that can happen only by knowing the person. Taking interest in a co-worker or a team member, beyond a professional capability, does not come out of thin air. It takes conscious continuous efforts to get to know the person, showing care and concern, which will help us to relate to the myriad challenges they go through – be it chronic illness, child care that correlates to his/her ability to engaged at work. It will enable us to personalize the experience, and see the person’s point of view, holistically.

When we take that genuine interest in how we make others feel and experience, we start mindfully practicing empathy. Empathy fosters respect. Empathy helps resolves conflicts better, empathy builds stronger teams, empathy inspires one another to work towards collective goals, and empathy breaks authority. Does it take that extra bit of time to consciously practice it? Yes, but it is all worth it.

References

About the Author –

Padma is intrigued by Organization Culture and Behavior at workplace that impact employee experience. She is also passionate about driving meaningful initiatives for enabling women to Lean In, along with her fellow Sheroes. She enjoys reading books, journaling, yoga and learning more about life through the eyes of her 8-year-old son.

Balancing Management Styles for a Remote Workforce

Ashish Joseph

Operational Paradigm Shift

The pandemic has indeed impelled organizations to rethink the way they approach traditional business operations. The market realigned businesses to adapt to the changing environment and optimize their costs. For the past couple of months, nearly every organization implemented work for home as a mandate. This shift in operations had both highs and lows in terms of productivity. Almost a year into the pandemic, the impacts are yet to be fully understood. The productivity realized from the remote workers, month on month, shaped the policies and led to investments in different tools that aided collaboration between teams. 

Impact on Delivery Centers

Technology companies have been leading the charge towards remote working as many have adopted permanent work from home options for their employees. While identifying cost avenues for optimization, office space allocation and commuting costs are places where redundant operational cash flow can be invested to other areas for scaling.

The availability and speed of internet connections across geographies have aided the transformation of office spaces for better utilization of the budget. Considering the current economy, office spaces are becoming expensive and inefficient. The Annual Survey by JLL Enterprises in 2020 reveals that organizations spend close to $10,000 on global office real estate cost per employee per year on an average. As offices have adopted social distancing policies, the need for more space per employee would result in even higher costs during these pandemic operations. To optimize their budgets, companies have reduced their allocation spaces and introduced regional contractual sub-offices to reduce the commute expenses of their employees in the big cities. 

With this, the notion of a 9-5 job is slowly being depleted and people have been paid based on their function rather than the time they spend at work. The flexibility of working hours while linking their performance to their delivery has seen momentum in terms of productivity per resource. An interesting fact that arose out of this pandemic economy is that the number of remote workers in a country is proportional to the country’s GDP. A work from home survey undertaken by The Economist in 2020 finds that only 11% of work from home jobs can be done in Cambodia, 37% in America, and 45% in Switzerland. 

The fact of the matter is that a privileged minority has been enjoying work from home for the past couple of months. While a vast majority of the semi-urban and rural population don’t have the infrastructure to support their functional roles. For better optimization and resource utilization, India would need to invest heavily in these resources to catch up on the deficit GDP from the past couple of quarters.

Long-term work from home options challenges the foundational fabric of our industrial operations. It can alter the shape and purpose of cities, change workplace gender distribution and equality. Above all, it can change how we perceive time, especially while estimating delivery. 

Overall Pulse Analysis

Many employees prefer to work from home as they can devote extra time to their family. While this option has been found to have a detrimental impact on organizational culture, creativity, and networking. Making decisions based on skewed information would have an adverse effect on the culture, productivity, and attrition. 

To gather sufficient input for decisions, PWC conducted a remote work survey in 2020 called “When everyone can work from home, what’s the office for“. Here are some insights from the report

IT Infrastructure Managed Services

IT Operations Management Software

Many businesses have aligned themselves to accommodate both on-premise and remote working model. Organizations need to figure out how to better collaborate and network with employees in ways to elevate the organization culture. 

As offices are slowly transitioning to a hybrid model, organizations have decentralized how they operate. They have shifted from working in a common centralized office to contractual office spaces as per employee role and function, to better allocate their operational budget. The survey found that 72% of the workers would like to work remotely at least 2 days a week. This showcases the need for a hybrid workspace in the long run. 

Maintaining & Sustaining Productivity

During the transition, keeping a check on the efficiency of remote workers was prime. The absence of these checks would jeopardize the delivery, resulting in a severe impact on customer satisfaction and retention.

Managed Security Services Providers USA

This number however, could be far less if the scale of the survey was higher. This in turn signifies that productivity is not uniform and requires course corrective action to maintain the delivery. An initial approach from an employee’s standpoint would result in higher results. The measures to help remote workers be more productive were found to be as follows.

Master Data Management Software Tools

Many employees point out that greater flexibility of working hours and better equipment would help increase work productivity.

Most of the productivity hindrances can be solved by effective employee management. How a particular manager supervises their team members has a direct correlation towards their productivity and satisfaction to the project delivery. 

Theory X & Theory Y

Theory X and Theory Y were introduced by Douglas McGregor in his book, “The Human Side of Enterprise”. He talks about two styles of management in his research – Authoritarian (Theory X) and Participative (Theory Y). The theory heavily believes that Employee Beliefs directly influence their behavior in the organization. The approach that is taken by the organization will have a significant impact on the ability to manage team members. 

For theory X, McGregor speculates that “Without active intervention by management, people would be passive, even resistant to organizational needs. They must therefore be persuaded, rewarded, punished, controlled and their activities must be directed”

Microsoft Cloud Solution Provider

Work under this style of management tends to be repetitive and motivation is done based on a carrot and stick approach. Performance Appraisals and remuneration are directly correlated to tangible results and are often used to control staff and keep tabs on them. Organizations with several tiers of managers and supervisors tend to use this style. Here authority is rarely delegated, and control remains firmly centralized. 

Even though this style of management may seem outdated, big organizations find it unavoidable to adopt due to the sheer number of employees on the payroll and tight delivery deadlines.

When it comes to Theory Y, McGregor firmly believes that objectives should be arranged so that individuals can achieve their own goals and happily accomplish the organization’s goal at the same time.

Remote Infrastructure Monitoring Services

Organizations that follow this style of management would have an optimistic and positive approach to people and problems. Here the team management is decentralized and participative.

Working under such organizational styles bestow greater responsibilities on employees and managers encourage them to develop skills and suggest areas of improvement. Appraisals in Theory Y organizations encourage open communication rather than to exercise control. This style of management has been popular these days as it results in employees wanting to have a meaningful career and looking forward to things beyond money.

Balancing X over Y

Even though McGregor suggests that Theory Y is better than Theory X. There are instances where managers would need to balance the styles depending upon how the team function even post the implementation of certain management strategies. This is very important from a remote working context as the time for intervention would be too late before it impacts the delivery. Even though Theory Y comprises creativity and discussion in its DNA, it has its limitations in terms of consistency and uniformity. An environment with varying rules and practices could be detrimental to the quality and operational standards of an organization. Hence maintaining a balance is important.

When we look at a typical cycle of Theory X, we can find that the foundational beliefs result in controlling practices, appearing in employee resistance which in turn delivers poor results. The results again cause the entire cycle to repeat, making the work monotonous and pointless. 

Rpa in Infrastructure Management

Upon the identification of resources that require course correction and supervision, understanding the root cause and subsequently adjusting your management style to solve the problem would be more beneficial in the long run. Theory X must only be used in dire circumstances requiring a course correction. The balance where we need to maintain is on how far we can establish control to not result in resistance which in turn wouldn’t impact the end goal.

Security Iam Management Tools

Theory X and Theory Y can be directly correlated to Maslow’s hierarchy of Needs. The reason why Theory Y is superior to Theory X is that it focuses on the higher needs of the employee than their foundational needs. The theory Y managers gravitate towards making a connection with their team members on a personal level by creating a healthier atmosphere in the workplace. Theory Y brings in a pseudo-democratic environment, where employees can design, construct and publish their work in accordance with their personal and organizational goals.

When it comes to Theory X and Theory Y, striking a balance will not be perfect. The American Psychologist Bruce J Avolio, in his paper titled “Promoting more integrative strategies for leadership theory-building” speculates, “Managers who choose the Theory Y approach have a hands-off style of management. An organization with this style of management encourages participation and values an individual’s thoughts and goals. However, because there is no optimal way for a manager to choose between adopting either Theory X or Theory Y, it is likely that a manager will need to adopt both approaches depending on the evolving circumstances and levels of internal and external locus of control throughout the workplace”.

The New Normal 3.0

As circumstances keep changing by the day, organizations need to adapt to the rate at which the market is changing to envision new working models that take human interactions into account as well. The crises of 2020 made organizations build up their workforce capabilities that are critical for growth. Organizations must relook at their workforce by reskilling them in different areas of digital expertise as well as emotional, cognitive, and adaptive skills to push forward in our changing world.

About the Author –

Ashish Joseph is a Lead Consultant at GAVS working for a healthcare client in the Product Management space. His areas of expertise lie in branding and outbound product management.

He runs two independent series called BizPective & The Inside World, focusing on breaking down contemporary business trends and Growth strategies for independent artists on his website www.ashishjoseph.biz

Outside work, he is very passionate about basketball, music, and food.

Gender Microaggressions: Invisible Discrimination at Workplace

Priyanka Pandey

A 2020 headline read, ‘The number of female CEOs in the Fortune 500 hits an all-time record’. It sounds like a great news until you start reading further. Only 37 of the 500 companies on the list were led by female CEOs which is just 7.4%. But it also marks a considerable jump from its preceding years’ rates which were 6.6% in 2019 and just 4.8% in 2018, i.e., 33 and 24 companies respectively. Another report by McKinsey & Co. on the advancing of women’s equality in the Asia-Pacific region, tells us that just around 25% of India’s workforce is female, and only 5% of them make it to the top. This decline in percentage is due to many women dropping out of their jobs. One of the major factors for women to take this decision is ‘sexism at the workplace’.

It has made its way into the ‘work-from-home’ world as well. Imagine this scenario: In a discussion about hiring employees for a new project, a male committee member says, “I think we should hire more men as this project requires spending extra time and effort“. In this case, it is not very difficult to identify the prejudice. But let’s consider another scenario- there is a need to move some machines for which a person asks for help saying, “I need a few strong men to help me lift this“. Most of the time people will not realize how problematic this statement is. This is an example of ‘gender microaggression’. But what exactly is a microaggression? Microaggression is verbal or nonverbal behavior that, intentionally or unintentionally, can communicate denigratory behavior towards the members of a minority/oppressed group which often goes unnoticed and unreported. In simple words, it is a form of discrimination that is subtle yet harmful. There are mainly 3 forms of Microaggressions: microassaults (purposeful discriminatory actions), microinsults (communicate a covert insulting message), and microinvalidations (dismiss the thoughts of certain groups). Different kinds of gender microaggressions are sexual objectification, second-class citizenship, use of sexist language, assumption of inferiority, restrictive gender roles, invisibility, sexist humor/jokes. According to Australia’s sex discrimination commissioner, Kate Jenkins, people typically don’t raise their voice against everyday sexism because it can be seen as too small to make a fuss about, but it matters. As the Women in the Workplace report also reflects, “Microaggressions can seem small when dealt with one by one. But when repeated over time, they can have a major impact.”

Let’s go back to the above example for people who could not identify what was wrong in that statement. When people use phrases like ‘strong men’, it tells that only men are strong and conversely, that women are weak. This statement does not have to be focused on gender at all. It can be rephrased as “I need a few strong people to help me lift this“, and people around can determine for themselves who the strong helpers will be. Few other examples of common gender-related microaggressions are:

  • Mansplaining – Explaining a subject to a woman in a condescending, overconfident, and often oversimplified manner with a presumption that she wouldn’t know about it.
  • Manterrupting – Unnecessary interruption of a woman by a man whenever she is trying to convey her ideas or thoughts.
  • Bropropriating – A man taking a woman’s idea and showing it as his own hence, taking all the credit for it.
  •  ‘Boys will be boys’ – A phrase used to dismiss any traditionally masculine behavior and not holding men accountable for their wrong deeds.
  • Using differentiated words when describing women and men, such as ‘Bossy’ versus ‘Leader’, ‘Annoying’ versus ‘Passionate’.

The pandemic has given way to a new surge of microaggressions for working women. A law firm Slater and Gordon conducted a poll of 2,000 remote workers and found that 35% of women reported experiencing at least one sexist demand from their employer since the lockdown started. For video conferences, some women were asked to wear more make-up or do something to their hair, while others were asked to dress more provocatively. Their bosses also tried to justify this by saying it could ‘help win business’, or it was important to ‘look nice for the team’. Nearly 40% said these demands were targeted at women, rather than equally with their male peers. Also, a lot of women are being micromanaged by their managers while their male colleagues are not. This sends a message of distrust towards them. Researches have indicated that experiences with these microaggressions, and many others not mentioned above, are related to a negative impact on the standard of living, physical health as well as psychological health, such as unequal wages, migraines, heart disease, depression, anxiety, and body image dissatisfaction. As a result, women who experience such insidious, everyday forms of sexist discrimination, are three times more likely to regularly think about leaving the organization. Hence, sexism can not only impact the individual but also the overall performance and working culture of the organization. Eliminating such behavior at the physical and virtual workplace is extremely important and will enable the organization to break down the barriers for equal access to different career opportunities for leadership for women and will help include diverse thinking, perspectives, and experiences in the workplace at every level. As an individual, the most basic yet effective thing to do would be to develop an honest awareness of our own biases and stereotypes.

Unless we tackle everyday sexism, the most innovative policies and initiatives designed to advance gender equality and inclusive and effective organisations will not deliver the change we need.” – Kate Jenkins

Here’s a small story of grace and grit which might inspire some, to take a stand against such gender-related microaggressions. Back in the 1970s, when feminism was a word unheard of, an incident took place. A woman saw a job advertisement by a telecom company, which said it required only male engineers. On seeing this requirement, she wrote back a postcard to the company’s Chairman questioning the gender biases. She was then called for a special interview, where they told her their side of the story – “We haven’t hired any women so far”. To which she replied, “You must start from somewhere.” Her name was Sudha Murty, who is now Chairperson of Infosys Foundation.

So, the next time when conversing with a colleague, consider all of this and be kind!

About the Author –

Priyanka is an ardent feminist and a dog-lover. She spends her free time cooking, reading poetry, and exploring new ways to conserve the environment.

Tuning Agile Delivery for Customer and Employee Success

Ashish Joseph

What is Agile?

Agile has been very popular in the software development industry for empowering delivery to be more efficient and effective. It is a common misconception for Agile to be thought of as a framework or a process that follows a methodology for software development. But Agile is a set of values and principles. It is a collection of beliefs that teams can use for decision making and optimizing project deliveries. It is customer-centric and flexible, helping teams adapt accordingly. It doesn’t make the decision for the team. Instead, it gives a foundation for teams to make decisions that can result in a stellar execution of the project.

According to the Agile Manifesto, teams can deliver better by prioritizing the following over the other.

  • Individuals and Interactions over process and tools
  • Working Model over Comprehensive Documentation
  • Customer Collaboration over Contract Negotiation
  • Responding to Changes over following a Plan

With respect to Software Development, Agile is an iterative approach to project management which help teams deliver results with measurable customer value. The approach is designed to be faster and ensures the quality of delivery that is aided with periodic customer feedbacks. Agile aims to break down the requirement into smaller portions, results of which can be continuously evaluated with a natural mechanism to respond to changes quickly.

AIOps Artificial Intelligence for IT Operations

Why Agile?

The world is changing, and businesses must be ready to adapt to how the market demands change over time. When we look at the Fortune 500 companies from 1955, 88% of them perished. Nearly half of the S&P 500 companies is forecasted to be replaced every ten years. The only way for organizations to survive is to innovate continuously and understand the pulse of the market every step of the way. An innovative mindset helps organizations react to changes and discover new opportunities the market can offer them from time to time.

Agile helps organizations execute projects in an everchanging environment. The approach helps break down modules for continuous customer evaluation and implement changes swiftly.

The traditional approach to software project management uses the waterfall model, where we Plan, Build, Test, Review and Deploy. But this existing approach would result in iterations in the plan phase whenever there are deviations in the requirement with respect to the market. When teams choose agile, it helps them respond to changes in the marketplace and implement customer feedback without going off the plan. Agile plans are designed in such a manner to include continuous feedback and its corresponding changes. Organizations should imbibe the ability to adapt and respond fast to new and changing market demands. This foundation is imperative for modern software development and delivery.

Is Agile a right fit for my Customer? People who advocate Agile development claim that Agile projects succeed more often than waterfall delivery models. But this claim has not been validated by statistics. A paper titled “How Agile your Project should be?” by Dr. Kevin Thompson from Kevin Thompson Consulting, provides a perspective from a mathematical point of view for both Agile and Waterfall project management. Here both approaches were followed for the same requirements and were also affected by the same unanticipated variables. The paper focused on the statistical evidence to support the validity of both the options to evaluate the fit.

While assessing the right approach, the following questions need to be asked

  • Are the customer requirements for the project complete, clear and stable?
  • Can the project effort estimation be easily predicted?
  • Has a project with similar requirements been executed before?

If the answer to all the above questions are Yes, then Agile is not the approach to be followed.

The Agile approach provides a better return on investment and risk reduction when there is high uncertainty of different variables in the project. When the uncertainty is low, waterfall projects tend to be more cost effective than agile projects.

Optimizing Agile Customer Centricity

Customer centricity should be the foundation of all project deliveries. This help businesses align themselves to the customer’s mission and vision with respect to the project at hand. While we consider an Agile approach to a project in a dynamic and changing environment, the following are some principles that can help organizations align themselves better with their customer goals.

  • Prioritizing Customer Satisfaction through timely and continuous delivery of requirements.
  • Openness to changing requirements, regardless of the development phase, to enable customers to harness the change for their competitive advantage in the market.
  • Frequent delivery of modules with a preference towards shorter timelines.
  • Continuous collaboration between management and developers to understand the functional and non-functional requirements better.
  • Measuring progress through the number of working modules delivered.
  • Improving velocity and agility in delivery by concentrating on technical excellence and good design.
  • Periodic retrospection at the end of each sprint to improve delivery effectiveness and efficiency.
  • Trusting and supporting motivated individuals to lead projects on their own and allowing them to experiment.

Since Agile is a collection of principles and values, its real utility lies in giving teams a common foundation to make good decisions with actionable intelligence to deliver measurable value to their customers.

Agile Empowered Employee Success

A truly Agile team makes their decisions based on Agile values and principles. The values and principles have enough flexibility to allow teams to develop software in the ways that work best for their market situation while providing enough direction to help them to continually move towards their full potential. The team and employee empowerment through these values and principles aid in the overall performance.

Agile not only improves the team but also the environment around which it is established by helping employees to be compliant with respect to audit and governance.  It reduces the overall project cost for dynamic requirements and focuses on technical excellence along with an optimized process for its delivery. The 14th Annual State of Agile Report 2020 published by StateofAgile.com surveyed 40,000 Agile executives to get insights into the application of Agile across different areas of enterprises. The report surveyed different Agile techniques that contributed most towards the employee success of the organization. The following are some of the most preferred Agile techniques that helped enhance the employee and team performances.

Best AI Auto Discovery Tools

All the above Agile techniques help teams and individuals to introspect their actions and understand areas of improvement in real time with periodic qualitative and quantitative feedback. Each deliverable from multiple cross functional teams can be monitored, tracked and assessed under a single roof. All these techniques collectively bring together an enhanced form of delivery and empower each team to realize their full potential.
Above all, Agile techniques help teams to feel the pulse of the customer every step of the way. The openness to change regardless of the phase, helps them to map all the requirements leading to an overall customer satisfaction coupled with employee success.

Top 5 Agile Approaches

Best AIOps Platforms Software

A Truly Agile Organization

Majority of the Agile approach has been concentrated towards development, IT, and Operations. However, organizations should strive towards effective alignment and coordination across all departments. Organizations today are aiming for greater expansion of agility into areas beyond building, deploying, and maintaining software. At the end of the day, Agile is not about the framework. It is all about the Agile values and principles the organizations believe in for achieving their mission and vision in the long run.

About the Author –

Ashish Joseph is a Lead Consultant at GAVS working for a healthcare client in the Product Management space. His areas of expertise lie in branding and outbound product management. He runs a series called #BizPective on LinkedIn and Instagram focusing on contemporary business trends from a different perspective. Outside work, he is very passionate about basketball, music, and food.

Happy Birthday MLK – My ode to the Free Thinkers, Disruptors, and Iconoclasts

Sumit Ganguli

CEO, GAVS Technologies

While we were gearing up for the weekend, I noticed that Monday, January 18, is Rev. Martin Luther King Jr.’s birth anniversary. This coupled with the overcast sky and cool winter day all conspired to make me sit back and reminisce about the events of the past few months.

Working from home, I have become accustomed to keeping my TV on mute, alternating between CNN and Fox News while I go through my emails, video conferences and other work routines. And that is when I saw the traumatic video of George Floyd’s death in Minneapolis and the massive demonstrations that ensued across the US and in other parts of the world. The Black Lives Matter movement rightfully gained immense momentum and soon #BlackLivesMatter became one of the most trending of all hashtags.

An avid tennis fan, I got to watch the US Open on TV this year, being played without any spectators.  But I was most inspired by the young Japanese tennis player, Naomi Osaka who went on to win the US Open and decided to draw attention to the #BLM by wearing the names of seven black victims who were being memorialized by the BLM movement. She succeeded in persuading me to read more about the movement and many of the victims.    

Cut to the present, we now have our first Black Vice President elect Kamala Harris who is of Jamaican and Indian heritage. Just the other day, my 90-year-old mother who is in Bangalore and is quite a political junkie, challenged me to name the Indian lady who was announced to be a member of Mr. Joe Biden’s economic committee. Convinced that my Mother was mistaken, I told her that Janet Yellen was not Indian. But she insisted and then I recalled that Ms. Neera Tanden has been nominated to head the Office of Management and Budget.

The Indian diaspora has been deservedly proud of the achievements of the Indian leaders in America – Satya Nadella, Microsoft; Arvind Krishna, IBM; Ajay Banga, Mastercard; Nandita Bakshi, Bank of the West & Federal Reserve Bank; Sanat Chattopadhyay, Merck; Niren Chaudhury, Panera Bread – and with Reverend Martin Luther King’s birth anniversary round the corner, I think it is  opportune for us to celebrate the avantgarde Free thinkers, Disruptors, and Iconoclasts, who made this possible for some of this happen.  

In the morning, I bathe my intellect in the stupendous and cosmogonal philosophy of the Bhagvat Geeta, since whose composition years of the Gods have elapsed, and in comparison with which our modern world and its literature seem puny and trivial…The pure Walden water is mingled with the sacred water of the Ganges” (Thoreau, Walden).

In 1854’s Boston, Henry David Thoreau and Ralph Waldo Emerson, derived a lot of their concept of Transcendentalism, Non-Violence, and Civil Disobedience from the concepts of Ahimsa and Dharma from the ancient Indian scriptures, the Upanishads and the Gita. They read this at the Harvard Library and wrote extensively about it.

In 1893, a man got thrown out of a train in South Africa, which led him to take on the mighty British and launch his Satyagraha movement to fight for India’s independence. His movement in turn was highly influenced by Thoreau’s Civil Disobedience. That man, of course is known around the world as Mahatma Gandhi. 

From 1954 to 1968, Rev. Martin Luther King Jr. and other activists launched the Civil Rights Movement in America. He drew inspiration from Gandhi’s philosophy who has been immortalized as the Father of the Nation in India. This is truly a circle of ideas that traversed oceans and continents.

Today, we are all beneficiaries of largesse of the thoughts and visions of these great luminaries. On MLK’s birthday, Monday, January 18, I believe we will be well served to pay our ode to the Reverend and his fellow free thinkers John Lewis, Rosa Parks, and many others for their audacious vision, temerity, and currency of ideas and ideals –  for these disruptors, iconoclasts made it possible for us to live the life of our dreams in America, a country that we have come to love and cherish.  

Vision for 2021

Sumit Ganguli

CEO, GAVS Technologies

God, grant me the serenity to accept things, I cannot change,

Courage to change the things I can,

And the wisdom to know the difference.

The events of 2020 have reaffirmed in me the ethos conveyed by this stanza, from the Serenity Prayer.

For us, COVID has been up close and personal. One of our key clients, Bronx Care Hospital has been an epicenter of the pandemic in New York City. The doctors, staff and support staff, including GAVS’ IT support engineers have experienced the devastating effect of this pandemic, up close and personal. GAVS’ technical team supported the ICUs and patient care units at the hospitals during the peak of pandemic.

“Every day we witness these heroic acts: one example out of many this week was our own Kishore going into our ICU to move a computer without full PPE (we have a PPE shortage). The GAVS technicians who come into our hospital every day are, like our doctors and healthcare workers, the true heroes of our time.”

Ivan Durbak, CIO, BronxCare Health System

“GAVS Team was instrumental in assisting the deployment of digital contact less care solutions and remote patient monitoring solutions during the peak of COVID. Their ability to react in quick time really helped us save more lives than what we could have, with technology at the fore-front.”

Dr. Sridhar Chilimuri, Chairman, Dept. of Medicine, BronxCare Health System

The alacrity with which our colleagues in India addressed the remote working situation and the initiative that they have demonstrated in maintaining business continuity for the clients in the US have inspired us at GAVS and  have reaffirmed our belief that we are on the way to create a purposeful company.  

The biggest learning from 2020, is that we need to be mindful of the fragility of life and truly make every day count. At GAVS, we are committed to use technology and service for the betterment of our clients and our stakeholders; and anchor this with our values of Respect, Integrity, Trust and Empathy.

The year was not without some positives. Thanks to some new client acquisitions and renewed contracts we have been able to significantly expand the GAVS family and have registered a 40% growth in revenue. 

We have formed Long 80, A GAVS & Premier, Inc. JV and have started reaching out to Healthcare providers in the US. We are reaching out to some of the largest hospitals in North America offering our AI-based Infrastructure Managed Services, Cybersecurity solutions, Prescriptive and Predictive Healthcare Solutions based on Analytics.

“Moving from a vendor-only model with GAVS to a collaborative model through Long 80 expands Premier’s current technology portfolio, enabling us to offer GAVS’ technology, digital transformation and data security services and solutions to US healthcare organizations. We are extremely excited about this opportunity and look forward to our new relationship with GAVS.”

Leigh Anderson, President, Performance Services, Premier, Inc.

This year, we see the Premier team growing by an additional 120 persons to continue to support their initiative to reduce costs, improve efficiency, enhance productivity and faster time to market.

We aim to hit some milestones in our journey of enabling AI-driven Digital Transformation in the Healthcare space. We have constituted a team dedicated to achieving that.

We are contemplating on establishing the GAVS Healthcare Institute in partnership leading institutions in India and US to develop competency within GAVS in the latest technologies for the healthcare space.

GAVS is committed to being a company focused on AI, and newer technologies and promote GAVS’ AI led Technology Operations, Zero Incident Framework. In 2021, we will work on increasing our ZIF sites around the US and India.  

Based on inputs from our Customer Advisory Board, we at GAVS would like to build a competency around Client Relationship and empower our Client Success Managers to evolve as true partners of our Clients and support their aspirations and visions.  

GAVS is also making strong progress in the BFS sector and we would like to leverage our expertise in AI, Blockchain, Service Reliability and other digital technologies.

GAVS has the competency to support multiyear contracts and there will be a push to reach out to Sourcing Companies, Influencers and partners to garner these long-term predictable business.

We will continue to build competency and expertise around Innovation, and there are some initiatives that we will be putting in place to promote a Culture of Innovation and have measurable successes under Novelty of Innovation.

Our experience of 2020 has inspired us to once again remind ourselves that we should make GAVS an aspirational company, a firm that is purposeful and anchored with our values.

Container Security

Anandharaj V

We live in a world of innovation and are beneficiaries of new advancements. New advancements in software technology also comes with potential security vulnerabilities.

‘Containers’ are no exception. Let us first understand what a container is and then the vulnerabilities associated with it and how to mitigate them.

What is a Container?

You might have seen containers in the shipyard. It is used to isolate different cargos which is transported via ships. In the same way, software technologies use a containerization approach.

Containers are different from Virtual Machines (VM) where VMs need a guest operating system which runs on a host operating system (OS). Containers uses OS virtualization, in which required processes, CPU, Memory, and disk are virtualized so that containers can run without a separate operating system.

In containers, software and its dependencies are packaged so that it can run anywhere whether on-premises desktop or in the cloud.

IT Infrastructure Managed Services

Source: https://cloud.google.com/containers

As stated by Google, “From Gmail to YouTube to Search, everything at Google runs in containers”.

Container Vulnerabilities and Countermeasures

Containers Image Vulnerabilities

While creating a container, an image may be patched without any known vulnerabilities. But a vulnerability might have been discovered later, while the container image is no longer patched. For traditional systems, it can be patched when there is a fix for the vulnerability without making any changes but for containers, updates should be upstreamed in the images, and then redeployed. So, containers have vulnerabilities because of the older image version which is deployed.

Also, if the container image is misconfigured or unwanted services are running, it will lead to vulnerabilities.

Countermeasures

If you use traditional vulnerability assessment tools to assess containers, it will lead to false positives. You need to consider a tool that has been designed to assess containers so that you can get actionable and reliable results.

To avoid container image misconfiguration, you need to validate the image configuration before deploying.

Embedded Malware and Clear Text Secrets

Container images are collections of files packaged together. Hence, there are chances of malicious files getting added unintentionally or intentionally. That malicious software will have the same effect as of the traditional systems.

If secrets are embedded in clear text, it may lead to security risks if someone unauthorized gets access.

Countermeasures

Continuous monitoring of all images for embedded malware with signature and behavioral detection can mitigate embedded malware risks.

 Secrets should never be stored inside of containers image and when required, it should be provided dynamically at runtime.

Use of Untrusted Images

Containers have the advantages of ease of use and portability. This capability may lead teams to run container images from a third party without validating it and thus can introducing data leakage, malware, or components with known vulnerabilities.

Countermeasures

Your team should maintain and use only trusted images, to avoid the risk of untrusted or malicious components being deployed.

Registry Risks

Registry is nothing but a repository for storing container images.

  1. Insecure connections to registries

Images can have sensitive information. If connections to registries are performed over insecure channels, it can lead to man-in-the-middle attacks that could intercept network traffic to steal programmer or admin credentials to provide outdated or fraudulent images.

You should configure development tools and containers while running, to connect only over the encrypted medium to overcome the unsecured connection issue.

  1. Insufficient authentication and authorization restrictions

As we have already seen that registries store container images with sensitive information. Insufficient authentication and authorization will result in exposure of technical details of an app and loss of intellectual property. It also can lead to compromise of containers.

Access to registries should authenticated and only trusted entities should be able to add images and all write access should be periodically audited and read access should be logged. Proper authorization controls should be enabled to avoid the authentication and authorization related risks.

Orchestrator Risks

  1. Unbounded administrative access

There are many orchestrators designed with an assumption that all the users are administrators but, a single orchestrator may run different apps with different access levels. If you treat all users as administrators, it will affect the operation of containers managed by the orchestrator.

Orchestrators should be given the required access with proper role-based authorization to avoid the risk of unbounded administrative access.

  1. Poorly separated inter-container network traffic

In containers, traffic between the host is routed through virtual overlay networks. This is managed by the orchestrator. This traffic will not be visible to existing network security and management tools since network filters only see the encrypted packets traveling between the hosts and will lead to security blindness. It will be ineffective in monitoring the traffic.

To overcome this risk, orchestrators need to configure separate network traffic as per the sensitivity levels in the virtual networks.

  1. Orchestrator node trust

You need to give special attention while maintaining the trust between the hosts, especially the orchestrator node. Weakness in orchestrator configuration will lead to increased risk. For example, communication can be unencrypted and unauthenticated between the orchestrator, DevOps personnel, and administrators.

To mitigate this, orchestration should be configured securely for nodes and apps. If any node is compromised, it should be isolated and removed without disturbing other nodes.

Container Risks

  1. App vulnerabilities

It is always good to have a defense. Even after going through the recommendations, we have seen above; containers may still be compromised if the apps are vulnerable.

As we have already seen that traditional security tools may not be effective when you use it for containers. So, you need a container aware tool which will detect behavior and anomalies in the app at run time to find and mitigate it.

  1. Rogue containers

It is possible to have rogue containers. Developers may have launched them to test their code and left it there. It may lead to exploits as those containers might not have been thoroughly checked for security loopholes.

You can overcome this by a separate environment for development, test, production, and with a role-based access control.

Host OS Risks

  1. Large attack surface

Every operating system has its attack surface and the larger the attack surface, the easier it will be for the attacker to find it and exploit the vulnerability and compromise the host operating system and the container which run on it.

You can follow the NIST SP 800-123 guide to server security if you cannot use container specific operating system to minimize the attack surface.

  1. Shared kernel

If you only run containers on a host OS you will have a smaller attack surface than the normal host machine where you will need libraries and packages when you run a web server or a database and other software.

You should not mix containers and non-containers workload on the same host machine.

If you wish to further explore this topic, I suggest you read NIST.SP.800-190.


References

About the Author –

Anandharaj is a lead DevSecOps at GAVS and has over 13 years of experience in Cybersecurity across different verticals which include Network Security, application Security, computer forensics and cloud security.