Codit Wiki

Loading information... Please wait.

Codit Blog

Posted on Monday, February 19, 2018 11:00 AM

Nicolas Cybulski by Nicolas Cybulski

A best practice guide when faced with uncertain results during a project due to lack of information.

Kicking the can down the road

I guess it has happened to the best of us. You’re on a project, whether it is during sales, analysis or even development, and your customers utters the sentence: “Well, since we don’t have all the information yet, let’s take this vague path, and we’ll see how it turns out.” The customer just kicked the can down the road.

This innocent sentence is a potential trap since you’re now dealing with a “known unknown”, or to put it in other words: “A Risk”.

When you’re in a similar situation your first reflex should be to ask the following 3 questions:

  • WHEN will we evaluate the solution? (Planning)
  • WHAT will be the conditions against which to evaluate the solution? (Scope)
  • HOW will we react if the solution does NOT pan out like we’ve expected? (Action)

Planning (WHEN)

So, the first question you need to ask is: “WHEN”. It is important that a fixed point in time is communicated with the customer to assure that the new solution is being evaluated.

It is up to the customer and the project manager to decide how much risk they want to take. Are they prepared to wait until the entire solution is developed before evaluating? In this case, the possibility exists that the solution is not fit for use and everything needs to be redone.

A better way to go (especially when the proposed solution is uncertain or vague) is to cut it into smaller iterations and evaluate early. This way, problems can be caught in an early stage and corrective actions can be performed.

Scope (WHAT)

Now that we’ve set out one or more moments of evaluation, it is important to define exactly WHAT we’re going to evaluate. Since a customer (or even your team itself) decided to take an uncertain approach to a vaguely described scope (e.g. we need to generate reporting, yet we don’t know exactly what tool to use, or how data should be represented) it is important that everybody is on the same page as to what criteria need to be fulfilled.

This evaluation process is linked to planning. The later you evaluate the solution, the more precise the scope should be, since there is little or no way of correcting the approach afterwards.

Once again, the greater the uncertainty of the scope, the shorter the iterations should be, but even short iterations need to have fixed criteria, and deliverables up front. These criteria define the scope of the iteration.

Action (HOW)

Last, but most definitely not least, the customer needs to be informed about potential actions, should the result of the evaluation turn out to be unsatisfactory. Usually the “we’ll see” sentiment originates in the inability (or unwillingness) to make long term decisions.

However, kicking the can down the road, is never a good strategy when dealing with projects. Sooner or later these potential time bombs come to detonate, usually in a late stage of the project when budgets and deadlines are tight.

So, it is of utmost importance that the customer is made aware that the suggested solution might not work out. A worst-case scenario needs to be set up in advance, and follow up actions (extra budget, change in deadlines, drop the feature altogether, …) need to be communicated.


So, in conclusion: when working on a project it is important not to fall in the trap of pushing risks down the road because information is missing.

Either delay the development until more information is available, or adapt iterations according the vagueness of the proposed solution. Plan your evaluation moments, define the scope of each iteration and communicate a plan “B” if the worst would come to happen.


Hope you enjoyed my writing!
Please don't hesitate to contact me if you think I totally missed or hit the mark.

Posted on Tuesday, November 7, 2017 2:40 PM

Sam Vanhoutte by Sam Vanhoutte

Internet of things (IoT) is hot. And it should be! But one of the major misconceptions is that IoT projects are overly focused on technology. At times I have been guilty of that myself. It appears that the gap between business and IT has reopened in this respect. The business does not understand enough about IT, of its possibilities, and IT does not know enough about the business, of what is needed.

IT is only a means. And IoT is not necessarily the solution. And I'm not just talking about IoT gadgets like the not-so-smart smartlocks, smart lighting, expensive juicers, connected refrigerators or other online, possibly automatically shopping, consumer equipment.

Even business-oriented and industrial IoT is often too much focused on the technological capabilities, rather than on business use. As a result, many IoT projects are stuck in the proof-of-concept (poc) phase and do not evolve into pilots and practical acceptance. I think the only way to get business buy-in is through the creation of a clear business case.

Past the hype

This is easier said than done. The business case is often hard to predict. Pressure can be high, partly due to the fact that IoT is now beyond its peak on the Gartner hype cycle. The top of the hype lies behind us and the downturn to 'the trough of disappointment' has set in. For those who are not easily discouraged by Gartner, there are still some genuine pitfalls.

In fact, the design of the poc-phase is one of these pitfalls. Many proof-of-concepts are set up without or with insufficient business base. This amounts to a discrepancy between the poc and business reality. Test setups for IoT solutions often put too much emphasis on quick results.

Too much time and effort are spent on matters that are less important in practice. And, perhaps even worse, too little time and effort goes into things that are much more important in practice. One example are the upcoming European Data Protection Rules GDPR.

Go for distinctiveness

A better approach to the poc phase not only increases the chance of success, it also reduces costs because time is spent in more meaningful ways. This also includes insight into what has become a commodity nowadays. Namely, that IoT is an end-to-end value chain.

There is little credit to be gained from developing components like IoT hardware, network edge capabilities, connectivity, and data intake. It is too difficult for organizations to distinguish themselves here. Instead, they should focus on intelligent clouds, data analytics, reporting and action. The latter is what brings the desired business use.

IoT is only a concept; a means to innovation and acceleration. This means can have a goal, for example an unforeseen reduction of energy consumption.

Let us look at the example of a company that stores deep-frozen food. Frozen foods are very energy intensive, but the freezing itself takes place within a specific temperature range. The low temperature does not have to be constant. Sometimes less freezing is acceptable. The company in question has an hourly contract, with a rate structure, from an energy provider. And that gives them the chance to use less energy at times when it is expensive. During cheaper hours, they can freeze harder.

On the way to greater benefits

Nevertheless, many current IoT applications involve no more than the automation of existing business processes and practices. But that is just the beginning. Next to smarter power consumption on an industrial scale, we can think of many new activities and even completely new business models.

Efficient monitoring allows for further optimization of business processes. This solves two problems at once. Because optimization requires data collection, and you can do more with more data. This extends to many departments within the organization, as they know the business very well.

Means for innovation

A good deployment of IoT can thus provide insights that allow other value-added services to be developed. This is completely in line with the shift from hardware sales to services. New services allow us to tap into other markets - through IoT, which is still a means and not the goal. IoT is hot, but no more (or less) than a good concept; a means to drive innovation and acceleration.

Note: This article was first published via Computable on 6 November 2017 (in Dutch) 

Categories: Opinions
written by: Sam Vanhoutte

Posted on Wednesday, May 31, 2017 3:48 PM

Sam Vanhoutte by Sam Vanhoutte

What can we learn from the WannaCry ransomware attack and the way we tackle Internet of Things (IoT) projects? That we had better invest enough resources to make, and keep, our smart devices safe.

I was at the airport of Seattle, returning from the Microsoft Build Conference, when I saw the outbreak of the WannaCry ransomware trending on Twitter. There was talk of hospitals that couldn’t operate anymore, government departments unable to function, public transport issues... All consequences of the virus that spread from computer to computer, looking for new victims. The consequences for many IoT scenarios around the world played through my mind. I also remembered the conversations I've had with partners and clients over the past years about investing time and money in the security and safe keeping of IoT devices.

The WannaCry story clearly demonstrated that there was a crushing responsibility for various IT service companies. They should have kept computer systems up to date with a supported Windows version and the latest security updates. Very often, time, budget or change management is a reason why such updates did not happen. "It it’s not broken, don’t fix it." Such thinking left the back door to several critical systems wide open, which made things broken a lot quicker than anyone assumed.

That's why, starting with Windows 10, Microsoft has changed the default 'update policy'. Security and system updates are automatically installed, giving customers a Windows system that is up to date by default. However, the pushing of automatic updates is a major problem with most IoT systems available today.

IoT security with holes

Very often, devices - from smart scales and to internet thermostats to even healthcare devices – are not equipped to receive security updates. The software often does not allow it, or the computing power of the device is too limited to deal with the update logic.

In most cases, the users of such a device don’t think about by the fact that their gadget (or more dangerously, their health device) is actually a mini computer that may have a security issue. If security updates cannot be pushed by default through the manufacturer’s IoT platform, you can assume that the device will never be updated during its entire lifecycle. To make matters worse, such devices often have a long lifespan. Thus, the encryption algorithms used today will no longer prove sufficient to keep sensitive data encrypted in the foreseeable future.

Companies should therefore always supply an update mechanism in their IoT solution. This makes the initial investment higher, but it also offers an undeniable advantage. For one thing, pushing updates can prevent your brand from getting negative exposure in the news as the result of a (serious) vulnerability. But you can also send new pieces of functionality to those devices. This keeps the devices relevant and enables you to offer new features to your customers.

By taking the responsibility for updating (and thus securing) such systems away from the end user, we create a much safer internet. Because no one wants his smart toaster (and its internet connection) used to enable drug trafficking, child pornography or terrorism.


Note: This article was first published via Computable on 30 May 2017 (in Dutch) 

Categories: Opinions
Tags: IoT
written by: Sam Vanhoutte

Posted on Wednesday, May 3, 2017 10:55 AM

Stijn Degrieck by Stijn Degrieck

"One in ten IT specialists in Belgium is a cheap Indian," some media recently wrote. They work for minimum wages, ensuring unfair competition, and do not make a fair contribution to our welfare state, since they are not covered by Belgian social security. It was the socialist trade union BBTK who rang the bell. "Belgian employees are losing their jobs and the government is missing out on 26 million euros each year," they complained. Employers in the Belgian IT sector deliberately abuse the employment status of their Indian programmers to find people on the cheap. Ouch, that hurts.

I do not doubt the figures from the BBTK. I honestly don’t know how many Indian IT specialists are currently in our country. I do however know how many IT people we need. It’s in the thousands. This is what Agoria is hearing from its members. And that permanent shortage is almost always the topic of discussion when I speak to colleagues in the sector. It is difficult for us all to fulfill vacancies, in spite of great wages, benefits and a huge investment in time and resources to create the most pleasant and dynamic work environment. Believe me: we go out of our way to do that. Recently, we even had an info stand at Facts, a quirky fair in Flanders Expo dedicated to comic and gaming fans, Trekkies, Star Wars fans and who knows what else. You can look it up on, if you dare. But that’s another story. I think this job loss is not so huge. Those Indians are not taking our jobs away, we need them to fill in the gaps. It’s a good thing they exist! Because no IT specialist willing to work is out of a job for long here. In many companies, you don’t even need an official diploma anymore. A good self-taught person is better than an open vacancy.

What I refuse to believe, however, is that ‘employers’ purposefully try to save on social security by employing low-cost workforce. That generalization is too easy. For your information, at Codit we are talking about one in 130. And that one Indian colleague is paid according to Belgian standards. The same way we reward our employees in France, The Netherlands, the United Kingdom, Switzerland and Portugal according to local conditions, regardless of their nationality. Does our Indian colleague earn a lot? To Indian standards, certainly. To Swiss standards, perhaps not.

I’m afraid the BBTK is barking up the wrong tree. People being taxed in their country of origin as a result of a trade agreement is a policy issue. Individual employers and their employees have little to do with it. And in any case, it is primarily rearguard action in a globalized economy. The vast majority of those cheap Indian IT employees work in ‘Belgian IT’, but not for a ‘Belgian company’. There are a lot of international players in our market. They are indeed trying to acquire work as cheaply as possible in order to stay competitive. I could call this distortion of competition. The thing is that we at Codit (and many other Belgian IT companies) look beyond the local market.

I invite the trade union to expand their field of view as well. Let's do something about that shortage, because it is putting a brake on the growth of Belgian IT companies. In our knowledge economy, we need to invest in talent. And that should not be limited to young people. We have a lot of people ‘on the bench’ whose skills no longer match the needs of our companies. Perhaps the trade union can help warm them to a career switch? Imagine meeting our ambitions and our country having lots of internationally relevant and innovative IT companies. That would be much more beneficial to our welfare state than fighting over breadcrumbs.

Stijn Degrieck is CEO of Codit, a fast growing and internationally active IT company headquartered in Ghent.

Note: This opinion was first published via De Standaard on 2 May 2017 (in Dutch). 

Categories: Opinions
written by: Stijn Degrieck

Posted on Tuesday, April 25, 2017 11:02 AM

Stijn Degrieck by Stijn Degrieck

"Europe is far too dependent on Microsoft." I thought I accidentally clicked on an old article, perhaps from the end of the last century. At that time, Microsoft was in trouble for abusing its dominant market position to stave off competition. It was the start of a series of legal battles both in the States and in Europe, culminating in the Windows Media Player saga. You know, that thing you may have used to watch video on a pc, if you didn’t skip it entirely because you belong to the YouTube generation. Microsoft was fined a massive sum by Europe in 2004, but continued to resist strongly until 2012. In the end, they subsided. Or that is what we would like to believe.

Back to today. According to a group of research journalists, the intensive collaboration with Microsoft makes Europe vulnerable, for instance because our data is in the hands of an American company. And we would regret that, now that our American allies seem less steadfast. A German Euro parliament member called for immediate action to force the mighty Microsoft to its knees. By comparing IT with aviation, where Europe broke Boeing’s dominance with the launch of the Airbus, he called for an "ICT Airbus". Nice one liner, and maybe a beautiful dream for European chauvinists, but utter nonsense in the end.

The world in the 1970s cannot be compared to the here and now. Of course, technological innovations were made and we pushed forward, but the rate of change was lower and the impact was much smaller. Moore's Law, anyone?

Changing a sector is not the same as overthrowing a whole economy. It shows little insight into our connected and globalized society to propose such a change of mind. And it's out of touch with reality: in spite of earlier attempts to control Microsoft, it is still one of the world's largest (IT) companies. Like it or not, the whole world has been running on Windows for 30 years.

Another question is whether Microsoft is really such a patriotic American company. Ultra large companies like Facebook, Google and Amazon do not only transcend geographic boundaries, but mental boundaries as well. Wasn’t Facebook called 'the largest country in the world' because it has more 'residents' than China? Globalization on that scale questions all the old paradigms, which our politicians love for obvious reasons.

Large companies tend to be very committed to their 'citizens'. They have an eye for local needs and expectations. For example, Microsoft has worldwide data centers to ensure quality of service and data protection. The company was recently proved right in a lawsuit by a magistrate in New York. He had summoned the company to supply data (e-mails) from an Irish-based server as part of an investigation. Microsoft won the plea, with the full support of the Irish government.

To the current CEO Satya Nadella, a man born in India, Microsoft is not so much a business as an ecosystem. He wants to build the world's best cloud platform, open to anyone, at any time and any location. And he does what he can to fulfill that promise. For example, Microsoft's employees are leading the ranking on Github, an online platform for open source developers who share code with the community. No one has more active developers on that platform than Microsoft. Not even Facebook and Google. And still, we tend to fear Microsoft.

Fear is a bad counselor and protectionism is a weak strategy. The only question that really matters to Europe is: how do we make sure that the next Microsoft, Google or Facebook has its roots in European soil? That is, if you see yourself as a European rather than a world citizen.

Note: This opinion was first published on on 20 April 2017 (in Dutch). 

Categories: Opinions
Tags: Microsoft
written by: Stijn Degrieck