Ten Rules for the Solution/Security Architect

A good read for Information Security Architect, courtesy of its author, Geoff Rob.

  1. Listen and Learn: Clients will appreciate much more your understanding their environment and business requirements fully before you try to sell them your solution. This builds the customer’s trust in you.
  2. Lead Diplomatically: In most cases the client is paying not only for a service but also a motivated person to take charge of the situation and provide a clear direction. Always be prepared to give other people time and space to express themselves.
  3. Your Area of Expertise: Understand in depth a specific area of technology and take leadership in it. Collaborate with other leaders who can supplement your knowledge in other areas.
  4. Repeatability: Capitalize on work already done for other clients. By using experiences from similar client situations and adapting them to your client’s situation, you can deliver a solution faster with a higher success rate.
  5. Market Awareness: Have a global view of alternative solutions available on the market and be able to discuss and compare them with your solution.
  6. Business Sense: Understand the costs and business impacts of the technology and the solutions you are proposing. Keep business benefits and the client’s priorities paramount.
  7. Design Acceptance: During the initial part of the design phase, be open and frank with the client and look for acceptance of a solution. This is far better than spending weeks developing something in isolation and then fighting for acceptance later. Discuss design principles and constraining factors and be prepared to defend the design rationale behind your solution.
  8. Don’t Go to Extremes: Adopt a common-sense approach to planning and design of a solution and match it to the client’s situation. What the marketing hype promotes, or what you think might be interesting to experiment with, may not always be suitable. What is good for one client may not be suitable for others. Keep an open mind.
  9. Best Fit: If a solution is too complex or costly for a client to implement, look at the part that could solve a majority of problems. Suggest an optimal solution that stays within the client’s budget and yet brings a maximum of benefits.
  10. Leverage Client’s Investment: Wherever possible use the infrastructure already in place to effect transitions. Question the sense of putting in technology for short-term use with doubtful benefits. An example of this is a transitional infrastructure put in place at heavy cost and that becomes obsolete when the project is finished.

Leave a Reply

Your email address will not be published. Required fields are marked *