Monday, February 22, 2010

Controls create complexity

When something bad happens do you tend to react by quickly implementing some control to quell the immediate symptom? Users taking up all your file server space with videos of their kids' soccer practice and pictures of lolcats? No problem! Run a script each night that deletes all files that end with common video and picture extensions. That's a great idea... except the script deleted the HR director's collection of employee photos as well as all of the product teams' video documentation of their latest prototypes. One late night and three backup tapes later you decide to tweak your script.

Now, all suspicious file extensions that are found in user directories that are not HR or product team members are deleted. Wait, the web team is complaining now so you'd best exempt them as well. Except that one guy Sven who you never liked so we'll pick a random date 3 times a year and indiscriminately wipe out a few files.

You then discover that users are sending their media files to HR and Product Team members to share out. You immediately create a rule in the email servers to drop all image and video files as well as impose a 250k message limit. Except now you're company logo is being dropped form email footers and the CFO's 750k policy change documents can't get sent to the contracting agency that he uses.

Tweak time! Only image files that have an approved file path are accepted and email from VP level people can go above the 250k limit. Oops, the product team can't send PDFs to the engineering team because of size limits. Okay, 5Mb limit for them.

Users have now figured out that files are only being deleted based on extensions and have started naming their media files .mymovie, .watchme and .ouradminsucks.

This is getting out of hand. You spec out and pitch a fancy NAS box to the uppity-ups. They miraculously give their support. Now you can inspect each file and tell what it is regardless of file extension. You deny certain file types from even being moved onto it based on user groups in your directory service. Problem solved. Until you look up and see the angry mob with pitchforks and torches approaching.

This fictional, but oft repeated scenario plays itself out in one form or another every day. According to this Harvard Business Review article, an organization should step back and review their policies for three potential problems
1. Static controls for dynamic issues. (Banning .media file types from the file server)
2. Cost of controls higher than the cost of no controls. (Purchasing a high-end NAS appliance to restrict file types.)
3. Controls applied across the board, whether needed or not. (Now the boss's secretary can't download and load B-Net podcasts onto the VPs iPod. You will shortly be able to examine the finer points of said VP's dental work with the amount of time his mouth will spend open oh-so-politely requesting that you rescind your policy.)

We as admins have to deal with complex systems each and every day. As a result we are desensitized to complexity and lose sight of when a solution gets out of hand. We also take our systems too personally (which is a whole 'nother post) and become offended when someone does something that we think "dirties it up".

I propose that we as admins step back, detach our emotions and look at our policies with a critical eye. Let's look for the ones which are only addressing very tightly scoped problems and rescind them, looking for more flexible policies or none at all. In fact, I think I'll go grab some spare hard drives and make an OpenFiler NAS machine for people to share their silliness on.

And for the record, the VP of marketing has very nice caps and minty fresh breath.

Friday, February 19, 2010

To those who frequent my blog

...yes, both of you. I've been toying with an IT related blog in some form or another for about a year and a half. I'm focusing more on content than I am presentation. As a result, I'm still refining, renaming, moving and generally tweaking things. Bare with me as I change the name, titles, font, spacing and layout at will. I hope to settle into a nice groove soon.

Wednesday, February 17, 2010

Leadership Lessons from "Dancing Guy"

Leadership is overglorified. Be a lone nut.

It's only 3 minutes and you'll not regret watching it. Betcha can't keep from smiling.

Monday, February 15, 2010

The Ultimate Productivity Blog

I'm fascinated by productivity theories, tips and tricks. Probably because I have issues with staying focused and being productive. I like Merlin Mann, David Allen and BaseCamp. However, I've recently found the most amazing productivity blog I've ever come across. I think I may be on the verge of a major life change.

I think I need to meditate on that.

Friday, February 12, 2010

Cisco Puts an Internet Router in Space

Cisco has gone astronomical... and not just in their licensing and hardware prices.

Yes, they really do want to rule the world. And probably the universe too. It's all part of their Cisco Internet Routing in Space (IRIS) program. You have to hand it to them for thinking big. At last the size of their corporate plans are matching their out-of-this-world-pricing (the pricing jabs will be over shortly).

Let's not forget that ProCurve had the first ethernet switch in space. Okay, so maybe it was only a simple 2524 and not a router the size of an apartment complex. But still. Yay ProCurve. Now start making routers!

What are Cisco's ultimate plans? 
The long-term goal, they say, is to route voice, data and video traffic between satellites over a single IP network in ways that are more efficient, flexible and cost effective than is possible over today's fragmented satellite communications networks. 
Yep, they want to rule the universe. Joking aside, there are some fascinating possibilites that will drastically change satellite communication and functions.
Historically, the brains of satellite communications networks have resided largely in ground-based hardware, with the satellite itself passively reflecting the data beamed up to it. But IRIS shifts much more of the intelligence to the orbiting router – with potentially dramatic benefits, says Cisco's IRIS general manager Greg Pelton 
Cisco's plans will also remove the "double-hop" common in satellite transmissions which makes communication difficult for voice and video (think "reporter on the scene")

For all of the fascination I have with the possibilities, I'm still barely able to contain an "All Your Base" reference. I think I'll go play with Photoshop and a picture of John Chambers.

Thursday, February 11, 2010

code_swarm: Visualizing software development via commit bits

code_swarm is a project developed by Michael Ogawa that takes the history of commits on a software project, ties those to the developer's name that caused the commit and renders it into a movie. Watching a code_swarm rendering reminds me somewhat of the old simulation "life".

You can see some videos that have been rendered here. Some examples include the Eclipse project and Python. Here's how the development of Apache looks:

code_swarm - Apache from Michael Ogawa on Vimeo.

Wednesday, February 10, 2010

Free eBook! Managing Active Directory with Windows PowerShell

Quest software has a limited time offer for a free eBook at this link. Scraped from their web page:

Get this in-depth and authoritative Windows PowerShell book AT NO COST!
  • Discover new ways to manage Active Directory as well as local directory services
  • Get tips to help make Active Directory and PowerShell work more effectively together 
  • Learn from real-world examples, including complete scripts!

More evidence that multitasking == FAIL

From, this is just one of many articles that have been brought to my attention concerning the downfall of multitasking. I didn't have to be sold on the poor effects of multitasking, at least not for my personality and mentality. When I start floating two or three tasks virtually simultaneously, all of the tasks suffer and in many cases are botched and end up having to be redone.

While some people may have more of a capacity for multitasking than others, it seems to be a practice that -- no matter how you look at it -- has detrimental effects. As I've said before, stop multitasking! Start unitasking!

P.S. Yes, the original incarnation of this blog post had a misspelling in the title. Could it be that I was multitasking while blogging? Perhaps.

Monday, February 8, 2010

Postini Resellers; Why so cheesy?

Losing the fight against spam with only Exchange 2007's built in tools to aid me, I've turned to hosted filtering solutions. Google's Postini has my attention at the moment because of it's seeming simplicity, user control and the ubiquity of the Google brand. Postini resellers, on the other hand, have captured my attention because of their lack of polish and seeming indifference to rudimentary marketing policies (such as Rule #1 of Marketing: Don't scare people). While the prices that resellers offer are better than Google, I'm not entirely filled with confidence about the support that is offered when a reseller's website looks like the fruit of a seizure-prone cat dancing across a keyboard with Microsoft Front Page open.

And furthermore, if the complaints about Google's Postini support being virtually nonexistant, what benefit to I get from a reseller who is downstream of that nonexistance? Will the reseller provide me with extra empathetic tech support to listen to me sniffle should Google's fireproof services get burninated? Sarcasm aside, I believe that the resellers may get a special bat-phone to Google's tech support if they have a certain amount of customers.

Dear Postini resellers:

If you want to instill confidence in your customers, please update your websites, include some option for live chat and answer my emails. Wouldn't the ultimate irony be that my emails were caught in their Postini spam filters? Hoist by my own MTA.

P.S. And why do I not look at services like MessageLabs and MXLogic? Because I don't trust anything with the Symantec name (MessageLabs) and I don't like MXLogic because remote mailboxes that use MXLogic for protection tend to block my Exchange server in spite of it having a flawless Spam record and not being on a blacklist. I suspect it's merely because I'm on a block of DSL IPs, even though it's a static, "business class" connection.

SpamHero and AppRiver's SecureTide, however, seem interesting. Any suggestions are, of course, appreciated.

Friday, February 5, 2010

How to manage and how not to manage

I recently read a blog post by Joel Spolsky that juxtaposed his working experience at Microsoft with his time at Juno. Say what you want about Microsoft, but they know how to treat their employees. This story is a quick and powerful read that everyone facing or occupying a management position should read. Twice.