On the Mark: The business project is today's assembly line

Computerworld - In an information-driven service economy, projects are the foundations of business. So says Douglas Clark, CEO of Métier Ltd. in Arlington, Va. He argues that in an era when business success depends on bringing ideas to market quickly, project management is akin to building and managing a manufacturing plant in days gone by.

"The project is the new assembly line," he says.

Yet most projects, especially in IT, fail to meet expectations. The reasons are manifold, but Clark points to a market dominated by Microsoft Project, software that's fine for scheduling but little more. He says a schedule doesn't reveal the process, with all its interrelations and logic. For that, you need a full-blown project portfolio management application.

Douglas Clark

Not surprisingly, Clark claims that Métier's Web-based WorkLenz subscription service is as complete a PPM offering as you can buy, er, rent. He says WorkLenz, now in its 5.6 iteration, uses Project Management Institute best practices in areas like budget calculation and risk assessment.

He likens its algorithms to "assistants" for project managers. For example, you can use the product's duration estimator to forecast how long a project will take based on the complex mix of resources available.

Next year, Métier intends to release an algorithm tentatively called Builder that will create entire projects based on past project data. And it's developing 3-D visualization features for reporting on project status.

Pricing starts at $10 per user.

Many Myopic Eyes

Open-source proponents claim that the Law of Many Eyes leads to higher-quality, more secure code: Because anyone can view the source code, find problems and report back to the community, you get better software.

But Fortify Software Inc. in San Mateo, Calif., has analyzed 11 popular open-source software products, and the news is not good. According to Jacob West, manager of Fortify's security research group, all 11 have significant vulnerabilities.

What's more, says West, in looking at different releases, Fortify found that old security problems often didn't get fixed and, worse, that new vulnerabilities were introduced. And in an utter embarrassment for open-source advocates, the report reveals that basic security flaws that would easily be detected by automated testing tools are scattered throughout the code. In sum, the Law of Many Eyes is bogus.

West is not arguing that commercial software is any more secure than open-source products. But he warns that commercial software developers are doing more to develop good development processes and that without augmenting the Law of Many Eyes, the open-source process is unlikely to deliver secure code.

Destroy HDDs Quickly

OK, you've just finished rolling out new PCs. What are you going to do with all those old hard disk drives loaded with sensitive information?