Premier 100: Yahoo gets 'Paranoid' about IT security

Computerworld - PALM DESERT, Calif. -- One of the most important IT teams at Yahoo Inc. is a globally dispersed group with a name more fitting for a punk rock band.

The Paranoids is a small, select team of techies who are embedded into each of Yahoo's engineering and product management groups and collectively provide a "big voice" that constantly is arguing for better IT security, according to Yahoo CIO Lars Rabbe.

"We felt strongly that security can become an afterthought if it's created as a separate organization," said Rabbe in an interview Monday after speaking at Computerworld's Premier 100 IT Leaders Conference here. "We thought it was important to make it part of the process, so that security becomes part of the job, so that every developer looks at it and thinks about it."

To ensure that the Paranoids aren't treated as deadline-busting killjoys, the team is strongly endorsed and supported from the top. And many members are "very well-regarded technically" within Yahoo, Rabbe said. For instance, Rasmus Lerdorf, the original creator of the PHP open-source scripting language, is a member of the Paranoids.

Security is only one area in which Rabbe, who has been CIO since 2003, and his 350-member IT team stand apart from the ones at many other companies.

For example, Rabbe's team is often called on to help evaluate potential acquisitions –- not just how much time and effort it would take to integrate a company's systems into Yahoo's global network, but also the quality of the services it offers.

To optimize the operation of Yahoo's servers in 25 global data centers, the IT staff has created proprietary file systems that, along with heavily customized MySQL databases, can process more than 13TB of data each day.

During his time at the company, Rabbe also has improved Yahoo's data redundancy, such that "all important pieces of info are stored in at least two, and often three, geographically dispersed locations," he said. The IT group is also working hard to eliminate tape backups.

All of those technical achievements by Rabbe's IT staffers surely must have impressed their engineering peers, right? Not really, he said.

"In most companies, IT is revered as the holder of the black arts," Rabbe said. "At a technology company like Yahoo, everyone thinks they can do your job better than you."

To cater to his end users and help maintain Yahoo's engineer-friendly climate, Rabbe tolerates all manner of operating systems and applications that a CIO used to a more traditional command-and-control environment might not. In addition to typical setups of Windows, Office and Internet Explorer, Yahoo's IT team has to support Macintosh systems and PCs running various flavors of Linux, and make sure that Web-based human resources applications don't break on the Opera Web browser.

Rabbe downplayed the impact of a recent internal reorganization at Yahoo on the IT unit. "It's the first major reorg we've had in five years," he said. "It doesn't change that much for us on the back end. We just need to stay close to the business to help them get to market faster."

Read more about security in Computerworld's Security Knowledge Center.