Tuesday, October 28, 2008

Removing Complexity

"Fools ignore complexity. Pragmatists suffer it. Geniuses remove it."
Alan Perlis (Creator of ALGOL, one of the first programming languages)

Whenever I purchase something for myself or my home, I always think about the complexity that the purchase will add to my life. Adding more stuff to my life can lead to short term gratification, but it also can lead to long term maintenance headaches.

The same can be said of information technology. Here a few examples:

1. A few years ago, I had dinner with Steve Ballmer and explained that Microsoft should produce secure, reliable products with fewer features and lower cost. Who really wants their outline reformatted by the Outline Wizard in Word? Who really wants to apply the latest emergency patch that's required because of too much code supporting too many seldom used features? He explained that I was mistaken since most people use 95% of the features in Office and the average user prioritizes new features over everything else. We agreed to disagree and he returned to Redmond to manage the creation of Vista.

2. At BIDMC, we buy and build software. Every time we buy a commercial product we need to think about interfaces from our existing systems to the new product and from the new product to our existing systems. All those interfaces add significant complexity, makes recovery from downtime more difficult and increase the cost of support. Recently, a clinician commented that one of our new software purchases really surprised her, since it added complexity, fractured workflow, and inconvenienced many users for the benefit of a few.

3. When we build software, we are often tempted to add all the bells and whistles requested by the user. For each new custom feature there is a cost of maintenance, additional training, and potential bugs that could compromise stability/reliability. I've been involved in many development projects that eventually became so complex that the software had to be rewritten to ensure usability, security and maintainability.

4. Customizing commercial packages seems like a good idea to get the buy in of stakeholders. Over my past decade as a CIO, I've found that stakeholders come and go, and when they leave, all the esoteric customizations they designed are often retired. In fact, many upgrade projects include the retirement of all the previous customizations that became an impediment to life cycle management of software, added complexity, and over the long term were more hassle than benefit.

5. Best of breed seems like a good idea when you're comparing products based on narrowly focused requirements. We did that with our email system i.e. Exchange for general email functions, Brightmail for spam protection, McAfee for virus protection, Tumbleweed for secure email transmission, SendMail for SMTP gateways etc. The end result was a feature rich system that has been too challenging to maintain and debug. Our next purchase will be an appliance from a single vendor which consolidates Spam filtering and security into a single product.

In short, complexity is generally not a good thing. What am I doing to battle complexity?

I try to use the fewest number of vendors possible - one (or at most two) storage vendors, one desktop vendor, one network vendor, and a very few application vendors. The more vendors, the greater the integration effort, the increased support and maintenance burden and the higher the cost.

I aim to avoid customizing commercial software whenever possible. My experience is that customizations are rarely worth the investment. Once customizations are in place and the users really understand the implications to workflow, cost, and impediments to future upgrades, they are no longer so enthusiastic about them.

I use enterprise-wide generalizable tools whenever possible i.e. one content management system for the web, one means of authentication/single signon, one ERP system for all fiscal/administrative functions.

How are we seeing this "removing complexity" idea play out in the industry?

People are adopting Gmail, Google Apps, and Facebook as "good enough" productivity tools.

People are adopting commodity hardware, clustered together using basic Linux operating systems, instead of proprietary niche solutions.

People are using Software as a Service offerings with thin client computers running nothing more than a browser. Even Microsoft has embraced the new reality of cloud computing, demonstrating a willingness to eliminate the complexity of its current operating system and application environment.

In the world of IT, simplicity is often more reliable, more secure, and more usable. Whenever I'm tempted to add complexity to address the needs of a few customers, I remind myself that Less is More. Per the Alan Perlis quote above, we should all strive to be geniuses!


Jurvis LaSalle said...

Nice zing on Ballmer!

In the interests of reducing complexity in the home, I'm currently evaluating a Drobo unit. While I have the technical expertise to manage an OpenSolaris box full of SATA disks in a zfs pool, the Drobo appealed to me as a solution, that if it truly performs as billed, could be deployed with ease even in my parent's home.

stansettle said...

"one means of authentication/single signon" Could we get some elaboration? Is the same vendor providing CCOW, role management, user provisioning, etc?

Bart Collet said...

Great post, spot on, less=more! But biggest difficulty is not removing complexity from software, but removing it from sales reps & vendors! Complexity = $

John Halamka said...

The Single Signon approach we use is a web service containing an LDAP query to Active Directory that we have integrated into each of our form-based authentication web services. It appears to the application that the user is entering credentials, when in reality it's the our portal doing it on behalf of the user.

Naticksoxfan said...

I work for Mimecast - we offer an email management solution via SaaS that would allow you to replace most of the products you mention (except of course Exchange). We can handle the security and encryption, and we also provide business continutiy and a feature-rich archive. Check us out at www.mimecast.com/us!

Anonymous said...