Need to Manage a Career Change? Try SCRUM

One of the major challenges of a career change is to manage all of the details. Whether you are looking for a new full time position or would prefer consulting assignments, you’ll need to have a clear direction and an execution strategy. Some of the tasks are to identify prospective companies and potential roles, make networking contacts within the companies, apply for positions, conduct company research and prepare for interviews.  And the list of potential activities goes on.

I found my local career center was a great resource for learning the “how to’s” for a job search in 2014, but that managing and executing the activities was a full time job in itself. A few months ago, I took training courses in two of the leading project management methodologies: PMP and SCRUM. PMP reviews the classic methodology for managing large complex projects and includes up to 49 different processes in the latest (5th) Project Management Book of Knowledge (PMBOK). It’s very thorough and well regarded, but is really best for truly complex projects with lots of interactions between the steps. I also took a course in SCRUM, which is one of the Agile methodologies for managing projects. What’s the difference? SCRUM is much more lightweight, has fewer processes and is designed to enable very rapid responses to change.

A few weeks after taking the courses, I decide to put these skills to work. I looked at what I needed to do in my job search and decided that SCRUM was probably a better fit for the task than PMP. Why did I choose SCRUM?  First, I liked it’s lightweight approach. I already had a pretty clear idea on my goal — looking for a full-time position which used my product management, marketing or project management skills. I also had lots of potential tasks every week — identifying companies, networking, creating cover letters and tweaked resumes, making followup contacts and so on. Plus, depending upon what happened from week to week, I might need to change the emphasis — for example, to do company research for upcoming interviews and reduce the amount of prospecting for new companies. SCRUM also is useful for promoting action. I wanted to track my activities and be able to monitor progress with some visible metrics. With SCRUM, you can assess progress day by day and week by week.

If you’re in the process of making a change in your career, what approaches are you taking? Have you considered using project management methodologies such as SCRUM or PMP?  In my next post, I’ll talk about the steps I took to put SCRUM to work to help manage my job search.

Secure IP Fax – Now Standard

Last fall, I blogged about a pending standard for securing facsimile communications over IP networks here and I spoke about this progress at the SIPNOC conference. Since that time, the standard, known as RFC 7345 has been approved by the Internet Engineering Task Force. The availability of a standard is very good news. There’s a common perception that fax isn’t used anymore, but there are a number of business to business (B2B) and consumer applications where fax still is common, including real estate, insurance, health care and legal applications. There are also a number of companies which provide fax by selling equipment, fax enabling technology, software or a hosted service.

So why should people or companies care about securing IP fax? Increasingly, most of our real time communications, whether by voice, fax, text or video, are transported over IP networks. Very often, they will travel over the Internet for a portion of their journey. The Internet is ubiquitous, but fundamentally unsecure unless the application or the transport layers provide security. Security can mean many different things, but is often referring to solutions for needs which include privacy, authentication and data integrity. The new RFC 7345 is designed to support these types of requirements by applying a standard known as Datagram Transport Layer Security (DTLS). One of the key reasons that the Fax over IP RFC uses DTLS is because the T.38 IP fax protocol most typically formats its signals and data using the User Datagram Protocol Transport Layer (UDPTL), unlike most real time media, which use the Real Time Transport protocol (RTP).  DTLS was designed to provide security services with datagram protocols, so it’s a good fit for T.38 IP fax.  The current version of DTLS is 1.2, which is defined in RFC 6347.

Getting a standard approved is really only the beginning. In order to get traction in the marketplace, there needs to be implementations. For example, T.38 was originally approved in 1998 by the International Telecommunications Union, but implementations did not become common until many years later, starting around 2005. In the time since, T.38 has become the most common way to send fax over IP networks and its been adopted by most of the fax eco-system.  On the plus side, a key advocate for the new standard is the Third Generation Partnership Program (3GPP), which is the standards group that drives standardization of services which will run over mobile networks, such as the emerging Long Term Evolution (LTE) network.  The SIP Forum is also continuing work on its SIP Connect interworking agreements and there is potential for including the new standard in a future version of SIPconnect.

I’ll continue to track what’s happening with respect to implementation of the standard.   As I noted in some of my previous posts, the current work on standardizing WebRTC is helping implementors to gain experience in important new standards for security, codecs and Network Address Translation (NAT) traversal. This WebRTC “toolkit” is also available in open source form.  The inclusion of DTLS in RFC 7345 joins the pending RTCWeb standards in providing new applications and use cases for these emerging standards. This will be good news for the user community, as features which were previously available only in proprietary get implemented in variety of products and services.  If you know of any plans in motion or want to learn more, please feel free to comment or get in touch with me.  You can also learn more by checking out my presentation on Securing IP Fax.

On the Road Again – SIPNOC 2014

I’ll be speaking next week at the SIPNOC conference in Herndon, Virginia.  SIPNOC is sponsored by the SIP Forum and covers a wide variety of topics related to SIP — the Session Initiation Protocol — with a particular focus on the needs of service providers.   It runs from June 9 – 12.

WebRTC continues to be a hot topic in the telecom industry and I’ll be on a panel with several other participants to discuss the relationship between SIP and WebRTC.   SIP has been the primary protocol for Voice over IP and is widely deployed.  WebRTC is much newer, but offers an interesting mix of audio, video and data capabilities and it can be accessed via popular browsers from Google and Mozilla.  WebRTC also has a rapidly growing eco-system.  Are SIP and WebRTC complementary standards which work well together or going in totally different directions?  Come to the panel and find out!

I am also delivering a presentation on a very exciting development in IP fax communications over SIP.  The presentation is entitled: Securing IP Fax – A New Standard Approach.  It’s been a long time coming, but there will soon be a new security standard for implementors of IP Fax over SIP networks.  In particular, the Internet Engineering Task Force is working on using an existing security standard known as DTLS and adding this as a security layer for T.38 fax.    I’ll be talking about the pending standard, why it’s needed and what kind of benefits can be expected for the many users of T.38 IP fax once the new standard is deployed.

I’ve attended SIPNOC as a speaker since its beginning four years ago.  It’s an excellent conference and offers an in-depth perspective on the latest news in SIP as delivered by an all star cast of speakers.  I hope you’ll be able to join us.

Lean Six Sigma – Taking it Forward

This is the second post in a two part review of the discipline called Lean Six Sigma.  The first part of the discussion can be found here.

When I was in college at RPI, I segued from the core Engineering curriculum into a degree called Management Engineering. This degree had elements of Industrial Engineering, but also dove very deep into computers, statistics and operations research. As a result, graduates could pursue a variety of career paths including manufacturing, software development and various quantitative careers. I chose the software development direction, but also used the problem solving skills I’d learned. Later, a manager noticed those problem solving skills and offered me a position in operations management. I worked with teams to solve problems, organize processes and eliminate waste, but we did it on an ad hoc basis and had nothing like a Lean Six Sigma methodology to guide us. I’m proud of the work we did,but I soon got interested in products and moved into product management and R & D. In software project management, I tracked defects using databases and graphics, but never dove back into the statistics that I’d enjoyed so much in college.

I later shifted into product management for other products. In one particular case, we had a multi-million dollar customer who was very upset because the product process for an embedded voice mail system had fallen out of control. I was asked to solve the problem and took over program management for the product. I worked closely with our customer, manufacturing, sales and our quality department. We listened carefully to the customer and improved both the quality and efficiency of the product process. Within a year, the customer awarded our team a quality award in recognition of our progress. Once again, I’d worked with a team to solve problems, this time for an external customer. Our quality team used a number of statistical techniques to demonstrate our improved process quality and we used Pareto charts to identify and solve major problems. Sounds a lot like Lean Six Sigma.  We listened carefully to our customer and let them guide us on which problems were the most important to solve.

Fast forward to this year and my participation in this course. The cool thing about Lean Six Sigma for me is that is takes ALL of the skills I learned in my university studies, plus lots of hard earned learnings from different points in my career and weaves them together into a coherent methodology which is great for solving problems.  The review of statistics and other analytical tools in the course was an excellent refresher — I’d studied most of these techniques at RPI — and the techniques are highly relevant in today’s business environment. Analytics and quantitative analysis are hot in a wide variety of fields today, including politics, social media, medical devices, telecom and marketing. Companies like people with experience, but they like it even more if people can analyze data and use it to back up their ideas. The course also offered a variety of approaches for getting information from customers, including ideas on data driven approaches such as surveys and interviews. This ties well into contemporary marketing approaches where listening to the Voice of the Customer is critical and analytical tools such as A / B testing for new marketing campaign ideas are increasingly common.

In short, I’m really glad I took the Lean Six Sigma course. It’s equipped me with a useful philosophy for process and quality improvement and the tools we studied should be useful for numerous business situations. Lean Six Sigma. Check it out.

Lean Six Sigma – First Take

I just finished a two week course and now possess a certification known as the Lean Six Sigma Green Belt. I’d been running into a few people with Lean Six Sigma backgrounds while networking in the last several months, but didn’t really understand what it was all about until I took this course. I now have a much better appreciation for what I’ve been missing and am amazed by the degree to which this particular cluster of methodologies winds like a river through many different elements of my education and career.  

Lean Six Sigma is a combination of two movements. Lean is an approach to improving processes by analyzing and removing various types of waste. But that’s not all. It can also be used to assess a product or process and determine which elements provide value for customers. I’d been thinking Lean Six Sigma was just a manufacturing thing — a common misconception — but here they were talking about the customer value and the Voice of the Customer. So Lean is relevant to customers and therefore, might also be highly useful for people in marketing and product positions. Okay, so Lean is relevant for product and marketing people like me. What about Six Sigma?  

Six Sigma dates back to the Seventies, when Dr. Mikel Harry of Motorola put together a variety of quality and statistical approaches aimed toward helping organizations greatly improve the quality of their processes. The term Six Sigma derives from the statistical world, where sigma is another word for standard deviation. A six sigma process is highly accurate and produces on average only 3.4 defects per million. At one time, Six Sigma and Lean were separate movements, but organizations soon saw the value in using Six Sigma techniques to improve the quality of their processes and Lean to reduce wastes, eliminate unnecessary process costs and in general, have much more efficient processes.  

It turns out there’s a lot to learn. Green Belts get introduced to the smorgasbord of Lean and Six Sigma techniques, but true mastery of the tools takes more learning and experience — hence the use of the term Black Belt.  The overall Lean Six Sigma philosophy and collection of tools strikes me as being valuable for people in a wide variety of disciplines.  I’ll talk more about how Lean Six Sigma relates to my own background and today’s business needs in my next post.  

 

Going Lean

In January, I was fortunate enough to attend two events which both focused on the concept of product / market fit.  Marc Andreessen, of NetScape fame and now a venture capitalist, coined the term.  But the story doesn’t really begin there.  There is a movement known as “Lean Startup,” whose chief advocate is an entrepreneur and consultant named Eric Ries.  My introduction to Ries was at the two events I mentioned.  At TIE Boston, a group which helps entrepreneurs and startups, venture capitalist Tom Huntington spoke eloquently on product / market fit based on his own startup experiences.  His key point was that companies should not scale up in their use of resources until they have found the right fit between the product and the market it is directed to.  He used several examples where companies had functional products, but didn’t have the right market fit, so growth wasn’t happening.  

The next week, I attended the keynote at the Boston Product Management Association (BPMA) on “The Magic Fit”, delivered by Jeff Bussgang of Harvard and Flybridge Ventures.  Bussgang’s presentation built nicely upon the messages I’d heard the week before, but he dug a bit deeper.  He touted Lean principles as an ongoing revolution for Product Management and strongly encouraged all of us to get on board.  LIke Tom Huntington, he emphasized the value of placing the MVP (Minimum Viable Prototype) in the hands of customers and then learning as quickly as possible from these customer experiences.   Bussgang was generous in his use of references and made it clear that author Eric Ries was a key inspiration for many of these Lean Startup concepts.   

A few weeks ago, I borrowed Ries’s book The Lean Startup, from our library and I just finished reading it.  Ries does a nice job of explaining the series of startup experiences which caused him to develop the “Lean Startup” methodology and then he explains the methodology in detail.  As alluded to by the two speakers I’d heard in January, a key concept is setting up an approach that allows startups to get their prototypes (MVPs) out to customers and conduct detailed experiments to see which product or business model approaches are most valuable to customers.  Like many contemporary management theorists, Ries is a strong advocate of creating effective metrics and then conducting measurements, but he also emphasizes the need to talk with customers to understand the meaning behind the statistics.  In the latter approaches, he draws directly from the experiences of companies like Toyota who have been innovators in the lean manufacturing space.  

Ries has written an excellent book which holds lessons both for startups and bigger companies that want to move faster in a turbulent marketplace.   My thanks to Jeff Bussgang for recommending the book.  I ran my own company for 7 years in the Nineties, so the concepts of creating new product ideas and then testing them with customers are familiar to me.  But Eric Ries has put his lessons learned into playbook form and I anticipate these concepts will be valuable in my future business roles.   

 

 

Securing Fax over IP for Business Communications

The recent controversy regarding NSA tracking of phone conversations has elevated concerns about security and privacy for business communications. Enterprises generally want to keep their communications private. Use of techniques such as private networks, firewalls and secured tunnels can help to protect internal communication from eavesdroppers, but there are also many exchanges which entail communication with third parties over public networks.

Facsimile is best known as a method of communicating images of printed pages over the Public Switched Telephone Network (PSTN) and many fax companies touted the PSTN as being much more secure than the public Internet, hence reducing the need for formal security approaches. But the circuit-switched network is rapidly being replaced by hybrid and all-IP networks, and a portion of business fax traffic is now sent over the Internet.

During the Nineties, the fax standards experts in the International Telecommunications Union (ITU-T) added annexes to the Group 3 fax T.30 protocol to protect against a variety of security threats. However, there was lack of consensus on how to proceed, so two different approaches were standardized. As attention turned to standardizing fax over higher speed V.34 links and over IP networks, the initial efforts to implement fax security using the new standard approaches fizzled out and never got traction in the marketplace.

Fast forward to 2013. Security and privacy now have a much higher profile. The NSA exposé and other security glitches like the Wikileaks exposures of government and corporate documents have increased awareness of the down side of unsecured documents and communication. In the meantime, as the phone network is being replaced by IP technology, most new sales of fax to the enterprise are for Fax over IP and the T.38 standard from the ITU is frequently used. Most applications of T.38 use a transport protocol called UDPTL (User Datagram Protocol Transport Layer) which is currently an unsecured protocol.

The conventional wisdom might have a “who cares?” attitude, since there’s a common perception that nobody uses fax anymore. However, fax still is used a great deal for a wide variety of business applications which include healthcare, financial and legal organizations, plus fax is integrated into a variety of business processes. Fax is also used for transmission of many normally confidential documents such as insurance claims, real estate transactions and legal notices, plus there are regulations such a HIPAA in the health care domain which require protection of documents from third parties.

For all of these reasons, the need for better security solutions for IP-based facsimile is becoming clear. In another realm of standardization, WebRTC is attracting a lot of attention as a next generation method for performing a wide variety of real time communications such as video and voice over web protocols. The original applications of the Session Initiation Protocol (SIP) were often implemented with little attention paid to security, so the WebRTC standards activities have examined the best approaches for addressing matters such as security and are recommending use of a relatively new security protocol known as Datagram Transport Layer Security (DTLS) to secure real time communications of media within WebRTC.

One advantage of DTLS is that it is relatively protocol agnostic and can be applied as a security layer for various different protocols. So this is a good time to consider how protocols planned for use in WebRTC might also have other applications. The Third Generation Partnership Program (3GPP) has recognized that IP fax is still an important application and wants to have a standard approach to secure faxes which are being transported over IP networks. As a result, there is now an Internet Draft being circulated for comments within the MMUSIC (Multiparty Multimedia Session Control) working group of the Internet Engineering Task Force (IETF) which proposes that DTLS be established as a transport layer that can be used to secure sessions of T.38 IP fax when running over the SIP protocol.

I’m personally enthusiastic about this direction and have made comments on the current draft. I find it ironic that the IETF is looking at adding security layer support to an ITU protocol, but in the world of standards, it’s useful for the work to be done by the experts who have the right domain expertise. In this case, the IETF created DTLS and there is interest in the combination of UDPTL and T.38 from the Fax over IP task group of the SIP Forum, so there is probably enough participation by the Internet and fax communities to produce a useful standard. At this writing, MMUSIC is considering adoption of this draft as an official working group item.

Stay tuned on this one. WebRTC is training a generation of engineers to use a new toolkit of various protocols, so the potential adoption of DTLS by the IP fax community may be a harbinger of a trend to re-purpose various components of the WebRTC initiative in innovative and surprising ways.