Showing posts from October, 2010

So you want to do a Startup – the “E” projects

“E” stands for educational. The main purpose is to improve your education or knowledge, making money or moving up to a better job is a possible side-effect.   The keys for an “E” project is Early Adapter of a version 1.0 language, product etc. Ideally within 6 months of release “Academic Research Languages” and “Niche Languages” are an exception. Be prepare for 6 “wasted time” for every success Actually, the time is not wasted – you have increased your width of knowledge and patterns . Be product/offering directed. A few examples from my own past. APL/360 (in 1968) – main benefit was seeing what was seeing what was possible beyond currently available languages like Assembly, Fortran, COBOL, EasyCoder. C did not come into existance until 1973 B (that which C was based on) did not come into existence until 1970 Most developers have zero experience with this, which is still a much higher language than C# or Java

Startups: The napkin business plan

Today I had two different conversations with folks interested in doing startups. Both were in that pre-business plan phrase. A business plan is not just something that you write for Angel Funding, it is something to precipitate vague ideas into something concrete.   Often in the early days, people think in stream-of-consciousness.  The logic and thinking is fuzzy. The purpose of a napkin business plan is to get a framework, a skeleton to add muscle, flesh, circulation system and fat too. Without a framework, you cannot walk,  you can only slither. Changing the stream into snow (but not ice – you want to keep it pliable ).   To me, the first question is simple – what class of business are you thinking of?   Businesses can be divided to the following general classes: Producer : You build or create a sellable commodity. Your are the factory, examples: Selling Word Templates Selling Control Libraries Selling Accounting Systems Selling content (P

Startup: Garage or Angel Funded or Solo

There are three main models for startup as the title suggests. In the old days before Open-Source, there was Share-Ware. Often Share-ware allowed a single person to produce a viable startup with no external funding etc.  Support was via email, there was no need for a website, and social media did not exist.   Today, a solo startup could technically make it – but it has the following risks: You get swamped trying to do everything – in fact, you may suffer burn out. If anyone sets their business crosshairs on your business, they can jump ahead of you because they have more resources Moving from solo to team runs a very high risk. There is learning curve to working as a team. If you are running solo, you will likely defer this change until it is forced upon you… Odds are that this will be in the middle of taking off… and the extra load on the single engine will cause the engine to sputter and your firm may crash instead of cash. If you do not have signific

So you want to do a Startup – the “A” projects

A is for “Academics”.  If you are a boot-strapped developer that learnt coding on the job, this is very likely not for you.   Academic literature is full of research that can be rolled into products or components. If you are a Computer Science Grad (or post grad) then a membership to IEEE and/or ACM is a must – solely to get access to their electronic libraries of journal and conference proceedings.   What you will discover are mountains of research which have not been developed into products or components. For example, one of my current project is to research and derive advance Role Base Access component that supports Policy, Distributed,  Temporal and Special.  I’m in the midst of reviewing the literature (for a bibliography of what I am reading is here ).  This type of system is needed by most large organizations – for example: Hospitals (HIIPA), Banks and other financial organizations, large corporations. If you google, you will find that there are offerings in this area, f

So you want to do a Startup – the “D” Projects

“D” is for Developer. This means that the product is for developers! You are a domain expert! Examples of successful firms in this space are Telerik , DevExpress , etc. This is the type of project that you are unlikely to get angel funding for initially but it’s a viable business model with the exit strategy being selling off to one of the above.   The typical development system provides basic Lego blocks only. You provide custom blocks that deal with common specific needs (for example, doors and windows!). Below, I will first talk about Controls, the visual widgets.   Control Projects The key for success is success is a new or highly popular development system. Today, that would boil down to: Android (Java core) Windows Phone 7 (CLR core) You can actually jump start your development by looking for Open Source controls and examples of how to modify existing controls. For example, I found a nice color picker example for the Android. On your first pass, you simply

So you want to do a startup – the “C” projects

C stands for Co-operative as in the co-operative game theory. Ideally this means striking a partnership with an existing business or software product firm. Your goal is to provide an add-on product offering for their product. The motivations of people are shown below:   You, the startup You have an existing market to target If your offering can be on THEIR site, you will get much higher sales at a lower cost Greatly reduced marketing cost Revenue sharing may be part of the agreement – view it as a “sales representative” commission. If you can get an exclusive agreement for 2+ years on your offering then you have that sweet spot called a protected market! Scope of project is usually reduced (you will be interacting, not building a complete system) Them, the established business Allow richer offerings to customers without cash outlay or risk. Allow your core competency to stay focus (especially is a small development staff) Possible ad

So you want to do a startup–the “B” projects

B is for bureaucracy – that hated of all things!  The two biggest producers of bureaucratic requirements are governments and union (as in Union Contracts). On the plus side, it often compels companies to buy software. Healthcare is one of the biggest ones but it require domain expertise often. There are many more, for example staffing levels at nursing home [ paper ]. You look at the requirements and start building a sellable application around that.   The key to this is to be first or early to market with compliance to the regulations. There are two approaches – producing a replacement system for what they are using. Your key selling feature is compliance, but you should be competitive on features (see prior post) produce an add-on. This means researching what people are using and figuring out how to get the data out/in. For example, many businesses use Quick Books. Many firms are customer request driven – they will not look at reporting requirements until the customer

So you’re a developer and want to do a start-up …

The first thing to remember is that there are a lot of people that have invented (and patented) better mouse traps that are flipping burgers at MacDonald… A successful startup need a balance between marketing and development. I have seen startups where sales and marketing generated orders that could not be fulfilled by development because they promised stuff that was not deliverable. I have also seen startups with excellent product that could not get enough sales to maintain the company.   Recently I attended an evening called “ Speed Geek ” – a cross between Speed Dating and Dragons’ Den .  Two of the sets of pitchers were folks that I know from various local groups – I got indirect feedback later that for both sets, I provided the best feedback of anyone taking part.   So, I thought a post describing what I consider to be due diligence before ‘investing time or money’ in a startup.   Best of Breed Analysis: Have you Googled and identify all existing competitors?

A common error in implementing RBAC in SQL Server (and .Net)

Reading the academic literature on RBAC I noticed a qualification which is very significant but is rarely emphasized to get on the typical reader’s radar. The qualification is stated in the early works from 1996 and in the recent National Institute of Standards and Technology (NIST) RBAC documents . The qualification is that only one role may be active at a time .   It is not unusual to see all access rights being consolidated with something like this in TSQL:   SELECT DISTINCT AccessRight FROM [ UserRole ] JOIN [ RoleAccessRight ] ON [ UserRole ] .RoleID = [ RoleAccessRight ] .RoleID WHERE UserID = @UserID The problem is that this violated one role being active at a time!  This is not a problem if users are allowed to be assigned to only one role at time, unfortunately that is rarely seen.   Let me explain with a simple example. Prof Turning is an Instructor and assigned the Role AI_Instructor with rights (View Students taking AI in current year, Upsert Marks)

Implementing Organization Permissions in SQL Server – Basic Tables

The diagram below shows our starting tables (which will evolve).     Fine level Access Rights  are grouped into Roles through [RoleAccess]. A user is given a role on an organization unit in a specific hierarchical tree through [UserOrganizationRole].   The Organization Tree are kept correct by triggers that check any new insert against the allowed patterns stored in OrganizationTypeHierarchy. This will be our first piece of real TSQL   CREATE TRIGGER tr_OrganizationTree_Upsert ON OrganizationTree AFTER INSERT , UPDATE AS BEGIN SET NOCOUNT ON ; IF ( Select Count ( 1 ) FROM OrganizationTree INSERTED) <> ( SELECT Count ( 1 ) FROM OrganizationTree INSERTED JOIN Organization Parent ON ParentOrganizationID = Parent.OrganizationID JOIN Organization Child ON Inserted.OrganizationID = Child.OrganizationID JOIN OrganizationTypeHierarchy ON Parent.OrganizationTypeID = ParentOrganizationTypeID AND Ch

Implementing Organization Permissions in SQL Server - Overview

Permissions are often a complex problem that depends very much on the context. The closest non-computer analogy that I can think of is that of human language grammars. Sentence structure is not always <Subject> <Verb> <Object> in English and definitely not so in many languages. My experience is that there is no universal “permissions structure”, just like there is no universal sentence structure.   In this series I’m going to look at a modest complexity implementation  with the following organization structure Organizations are in a strict reporting hierarchy (tree) with: Organization Units (OU) being of specific types The type of parents/child OU are defined and enforced in SQL Server Relationships are just parent/child Organization are in a “cross-reporting” hierarchy (tree) that is relative but simple. OU relationships are just parent/child. One OU may have multiple parents Roles are sets of fine grain Acce

SQL Server 2008 R2 on Windows Server 2008 R2 Purgatory

I’ve spent a day trying to get SQL Server 2008 R2 Installed on Windows Server 2008 R2. Not just on one box, but on several (including Windows 7). What should be a trivial matter gets very obtuse.   The boxes have VS 2010 installed, and .Net 3.5 SP1. When I run setup it, I get this lovely message:   Using the .NET Verification Utility confirms the installation   So I have to install that which is installed. Googling did not find a solution and a lot of folks suffering the same problem. I had encountered this issue before and put it on the back burner (not upgrading to R2) after spending a day or two trying to find a solution without success.   To add further mystery – I see that some R2 features are installed… Looking at the Install Log (in the %tmp% folder), reveals: 09:16:23.067 Attempting to find media for .Net version 3.5 09:16:23.067 Error: Cannot determine file version of .Net redist: 0x80004005 09:16:25.984 .Net version 3.5 installation fai

Some observations on Startups / Angels Funded Company

In the last 2 years, I have been involved as a consultant with 4 startups – some for direct cash, some for equity. In the DotCom boom days, I interviewed around to literally dozens of startup, declined offers from several of them, and ended working for one Startup doing corporate software which eventually folded 18 months after 9/11 because corporate IT Budgets were still severely constrained. When it folded, I checked back on the status of all of the other start-ups that I interviewed with and all of them had already failed except for one. The reason that I declined offers from other startups were because I evaluated the odds of their success to be very low. The typical issues were: Service Company trying to become a product company : product development mentality and contracting/consulting mentality are opposites. What you seek in employees in one is what you do not want in the other. Yet Another Monkey-See Monkey-Do : The product they were trying to create was imitating oth