Blog

Cross Training Teams in a Knowledge Culture

“Learning is a treasure that will follow its owner everywhere.”
— Chinese Proverb

There is so many things IT people need to know these days.  Gone are specializations in many organizations.  Yep, IT pros must know 20 to 30 different types of technologies to remain relevant and competitive.  In fact, as I interview younger candidates, there is evidence the new generation of IT people already have these skills and more.

And that’s just infrastructure.  All organizations expect IT people to know core business applications.  Specifically, how they relate to the organization and customer, technical work flows, monitoring, and on and on.  How does an organization tackle it all while keeping IT pros at least tuned into the periphery?

How I’ve done this historically is this idea of knowledge culture and DevOps’ “Sharing” idea, where team members present material via a TED talk.  Below is my deck on peer learning.  I hope you find it applicable.

\\ JMM

Lanvera Update: January 2018

“If you fail to plan, you are planning to fail!” – Benjamin Franklin

January marks the six months and our progress is moving rapidly on multiple fronts.

1. Developed and publicize IT’s strategic plan for 2018. This is our road map for the year, developed in December and approved by senior leadership.

2. Workstation Technology Refresh is in full swing. Moving to Windows 10 has been fairly uneventful and user satisfaction is high with the hardware decision. Although we’ve made a conscious decision to stay with legacy software productivity platforms so we can have more time considering Office 365.

3. VMWARE NSX progessing slowly. Primarily, due to difficulties with our network provider, a subject for a future blog. Mobius has been fantastic and working with my local team. Concurrently, team members are spinning up on NSX via VMWARE’s training classes.

4. SOC2: AICPA’s Service Organization Control 2. SOC 2 is considered a technical audit, but goes beyond that. SOC 2 requires companies to establish and follow strict information security policies and procedures, encompassing the security, availability, processing, integrity, and confidentiality of customer data.

5. Knowledge Management and ORC. Hard push getting Operations Readiness Checklists for all production systems to serve as the foundation of our KM system.

\\ JMM

+++ If you read this far, you may be wondering if this is an old post. Yes. It was never published, along with the other 30+ posts in various stages.

Why We Need and How We Execute Strategic Meetings

Speaking strictly of Patrick Lencioni’s vision of Death By Meeting, the strategic meeting is the hardest meeting to get off the ground.  Although, I argue it’s the most critical.  At LANVERA, we’ve succeeded at stand up and tactical.  Easy parts.  Now, onto strategic…

\\ JMM

LANVERA’s System Engineering Team – 2018

“NIHIL SINE MAGNO LABORE”
– Translated ‘Nothing Without Hard Work’

Rebuilding technology is no small feat.  It takes people who are willing to work the extra hours, have the attention to detail, put their technical skill to the test, and work with peers who expect the same.  It takes a team.

ITO SE 2018

LANVERA System Engineering Team – 2018

\\ JMM

My Top 5 Issues With IssueTrak

IssueTrak is a fairly basic ticketing system currently in use at LANVERA.  Although development efforts surrounded IssueTrak giving it a level of criticality to the business, we found ourselves painted into a corner with this solution.  We cannot upgrade without risk of breaking our applications.  That is on us.

However, my biggest concern was the product wasn’t designed with ITIL or any ITSM framework in mind, in my opinion.  And I wasn’t sure it ever would be with their track record of mostly bug fixes and focus on non-service management features.

As a result, in September 2017 I met with IssueTrak’s leadership to discuss the roadmap of IssueTrak .  Here is the deck I prepared for that meeting.


The conversation was mostly positive and there was a healthy agreement that the product wasn’t developed with these use cases in mind.  I hope the product continues to mature and grow as competition in the ITSM space is healthy in the SMB space.

\\ JMM

Information Security Preventative Measures

Information Security Preventative Measures
By US Department of Homeland Security, United States Secret Service
NTX ISAA Cyber Security Conference, November 10, 2018

  1. Employee Awareness and Training
  2. Strong Filters
  3. Email Scanning (Incoming and Outgoing)
  4. Firewall Configuration
  5. Network Segmentation
  6. Software Updates
  7. Scheduled AV Scans
  8. Configure Access Control (Least Privilege)
  9. Disable Remote Access
  10. Software Restriction Policies

Please check out this conference notes and consider attending going forward.  Amazing event and a lot of content shared.

\\ JMM

yED Graph Editor – Diagramming Dynamo

yEd is a powerful desktop application that can be used to quickly and effectively generate high-quality diagrams.
Create diagrams manually, or import your external data for analysis. Our automatic layout algorithms arrange even large data sets with just the press of a button.

I’ve just recently sat in an meeting with application development talking roadmap and architecture and was curious what tool they used diagramming their workflows and service dependencies.  When the manager mentioned this tool, I was suprised to hear it wasn’t Visio.

yEd is freely available and runs on all major platforms: Windows, Unix/Linux, and Mac OS X.

https://www.yworks.com/products/yed

\\ JMM

“Secure” is not a binary, black-and-white thing.

“Secure” is not a binary, black-and-white thing. Instead, it’s about risk management. Instead of asking whether something is secure, it’s better to ask whether it is “secure enough for such-and-such purpose”. – Quote from Crypto Stack Exchange, August 2013

I seem to be talking a lot about security these days.  Not only in my professional life, but in my personal day to day.

I am considering shifting my family from Windows phone over to Android, despite the personal pains supporting this ecosystem that worked flawlessly for me for many years.  The security conversation in this context is rife is opinion and observation from friends and colleagues.  Everything from Android’ inherent security challenges to hackers leveraging Google Play to distribute bad wares.  Admittedly, I will lose some sleep knowing my family’s desire to load hundreds of apps.

Getting the Microsoft ecosystem connected onto an Android phone requires passwords and access to applications that will not be understood as to why.  Just going through the motions.  For example, the password vault we’ve been using in my family worked only on Windows phone.  We need to consider what tool works well in the Android space, ease of transference, and retraining my family members to use this tool.  Further, vaults need access and will prompt if it can obtain rights to reach or access areas of the operating system.  Another situation rife with chance of malfeasance.

When I researched a deck on security back at Santander, I found the above quote and it immediately returns to mind when I talk security in both spaces today.  Many organizations take a harder line to reach the goal of “secure”, damn productivity and usability.  Compliance works for larger organizations under audit scrutiny.  But many companies do not operate in those industries.  Neither do families.

Nevertheless, when I look at technologies, you have to look at the people at the helm.  Combined, risks can be pondered and formulated. And after thoughtful interaction and use cases, discussion with the people using the technologies, making the arguments pro and con, can you make the right decision for those users.  As often times, technologies are often secure enough when powered by security conscious people.

My recent thoughts on the matter.

\\ JMM

Rob England IS the IT Skeptic

“You don’t change culture team by team or app by app. You don’t get to pick and choose where you DevOps. You can do it for a while – operating bi-modally – in order to experiment, to allow new ways of working to incubate, but it is essential to converge quickly. DevOps is not a piecemeal tool, it is an organisational transformation.” – The IT Skeptic Blog, July 22, 2017

This blog isn’t about DevOps.  There are now thousands to choose from with authors off all walks.  This blog is about Rob England and his blog, The IT Skeptic.

If you haven’t read this blog, start.  It’s a must read.  In fact, I’ve spent evenings rolling through his old content to follow his train of thought in the hottest topics all IT shops struggle with:  How to do IT service delivery, effectively.  It’s an art.  It’s not simple.  And done poorly, costs organizations dearly.

I do not have a recommendation where to start.  If you read his last blog, currently on December 5, 2017, it’s titled, “Project Management was the worst thing that ever happened to IT“… Wow.  And right on target.  Do organizations think this way?  Most can not.

\\ JMM

SMB and ITSM: Framework

Everybody says they want to be free. Take the train off the tracks and it’s free, but it can’t go anywhere.”

Zig Ziglar

Organizations require structure to operate, but most often end up creating silo towers with no connecting switch-track to communicate or change direction. Following a framework in exactness is limiting — but adapting a framework is not. There is no one-size-fits-all; that it’s a framework means you have the ability to lay the tracks any way you like. If, in the future, you decide to make an offshoot to a new destination, then you have the ability to do so with the guidance the framework provides.

ITSM is a continuous journey, not a project that ends on the ‘go live’ date. And if truth be known, there is no end to a project until all the chickens come home to roost (but that’s another blog). Count on this: There will always be other destinations to visit that will require you to lay tracks to get there.

From:  http://www.bmc.com/blogs/itsm-best-practices-quoting-itsm-isnt-enough/

Re-posting as we shift focus to ITSM.  I found this article on BMC’s website and felt it’s right on.

\\JMM