Week 27, 2017, “It’s Go Time”

“Does anyone have any questions on where we are going and your role how to get us there?  No?  It’s go time, team.  Always forward!” – Jonathan Merrill

Here we are at the 60 day mark and we are looking back with awe and anticipation. Although this isn’t the exhaustive list, the highlights are:

1. We hired our system engineering architect, Sonny Mendoza. A US Navy and IT veteran, he brings deep expertise in both the VMWARE and Microsft stack. A proponent of VEEAM and NIMBLE, two complimentary technologies currently in house. His experience in both the SMB and large enterprise space is evident in his questions and answers. He has been an amazing addition to the IT team, bringing in sage experience, a positive energy, and can do attitude.

2. Wrote and implemented IT maintenance policies focusing on patching and security remediation. The policy includes an change freeze period, quarterly reviews and update schedule, and architectural review. Formalizing maintenance was the first step in establishing a relationship and accountability with teams testing patches and reducing risk. Establishing a schedule communicates when IT infrastrucutre will be updated so development and print operations has down range visibility, setting reliable expectations.

3. Implented enterprise password management. Our specific requirements were password sharing with teams, role based access control, automatic password rotation, password auditing and history, Active Directory integration, and high availability. We migrated from a KEEPASS situation to Click Solutions’ Password State.

4. Implemented the enterprise auditing solution. Speaking to vision, the solution needed to give unprecedented transparency to all teams as we marry up audit data with change management practices and and enabling a better support visibility across all teams. Netwrix Auditor is a best of breed tool and is supremely designed for SMB organizations. Microsoft space initially targeted. Additional work still to go covering VMWARE, Exchange, SQL, and networking.

5. Implemented an asset-focused network management tool. Many of my former team members won’t be surprised, but I am firm believer of LANSWEEPER and giving teams’ access to manage their resources. This tool gives teams a birdseye view of whats installed, what errors exist, and health of resources applied. When we rolled this out, teams were presently surprised at what’s going on and assists in the troubleshooting of issues. Now we are collaborating.

6. Exited out of CenturyLink’s hosted services. We are continuing to evaluate our strategic partners and aligning to goals. No fault of CenturyLink, we determined to go another direction. We thank them for their stellar services provided.

7. Implemented the ORC process. Documenting systems should be a part of our DNA. This process enforces the C (Culture) and S (Sharing) in CAMS. We asked for leadership buy in and got it, trained teams, now set goals. 100% by Jan 1.

8. Implemented Death By Meeting’s, “Tactical” and “Stand Up”. Next up is strategic. Goal: Lower adhocs.

All this in 30 days! And doesn’t include the projects in flight. Here are some quick bullets of things we are building:

  • Workstation Technology Refresh. Uplifting the workstation platform, bringing in new tech.
  • Active Diretory Refresh. Cleaning up the past, rolling out RBAC, and enabling teams. Trust, but verify.
  • Network Refresh. Rethinking wireless, local area, and wide area networks. SDN for the win.
  • OpManager Proof of Concept. Manage Engine’s solution is comprehensive. Amazing value for what is delivered.
  • Splunk Proof of Concept. Can anyone argue that Splunk isn’t an amazing tool? Evaluating it’s place.
  • Alien Vault USM Proof of Concept. Having had experience with Nessus, Qualys, Nexpose, Alien Vault is a challenger.
  • Data Operations Proof of Concept. Automating core functions internally. Managing 10k scripts or jobs requires control.
  • Intranet / Employee Portal.  Rethinking SharePoint’s place.

It’s go time.

\\ JMM

Week 26, 2017, “Vision”

We are coming up on the 60d mark at LANVERA and wanted talk about information technology’s vision for 2017.   In the first 30d, Steve and I had multiple conversations with various leaders throughout the organization about priorities, needs, and vision.  A central theme emerged. How can we take IT to the next level, enabling our software development teams to build and test quicker without encumberance? How do we monitor key pieces of the technologies faster and leverage automation? How do we give more traditional IT functions to business units so we can more efficiently support our customers? How do we do knowledge management protecting intellectual property? And how can IT help infuse a positive values culture?

My recommendation to Steve is what I’ve expoused for over a decade: A culture of enablement, services, and transparency.  Let’s unpack these three areas.

IT Enablement.

Giving our people the freedom and resources they say they need to do their job. Traditional IT is the top-down command and control approach that is arguably out dated and killing organizations abilities to be agile. Traditional IT’s leaders have the ability to control, but that is not where innovation comes from, is it? If we want LANVERA to feel like owners, what must give our people exactly that: ownership. This includes access rights, privledges, and determination of their tools. IT’s role will be to give them the framework, healthy auditing, and constant oversight. This will let teams do what they need to do: Be awesome. And not just our development teams. All teams.

IT Services.

IT as a utility is not a new concept and dominates the cloud model. It’s successful because it’s utilitarian approach. However, what if IT’s role is that of consultants leveraging our resources? Traditional IT’s reactive approaches are usually the result of poor IT to business engagement. Or worse, poor strategic planning with the business and IT alike. This divides and compounds. IT will offer menus of services and cost, including professional services. Teams will choose what they need, when they need it, and the resource cost of that service delivery. IT is the consultancy to the business that encorporates not just core IT functions, but how we can partner with teams to do more leveraging IT. To achieve, we crank up IT’s role as educator and communicate far far more.

IT Transparency.

Technical people not given good intel or access to actionable information will make assumptions about your network. This silo’ing of information breeds fear, uncertainty, and doubt across teams. Once made, hard to reverse perceptions, especially if baked over time. If we are going to embrace DevOps, we have to show a commitment to CAMS: Culture, Automation, Measurement, and Sharing. I’ve tested this theory over my career and have been surprised every time: the more information you give, the better the decisions are made, especially during crisis. As we monitor and measure, we’ll ensure all teams have access to these systems. All teams will see how resources are utilized, changed, and managed. We’ll also include audit data like who, when, what, how. Working as a team means establishing trust and accountability as a part of the culture. We start with ourselves.

The Direction.

Transform IT from a top-down production support focused team stuck in reactive and manual states to a infrastrucutre services based team focusing on network health, security, and reliability.  Key strategic initiatives include focusing on security postures, auditing, monitoring, and automating core functions. Others include technology refreshes, examining our strategic partner relationships, and working towards vision through the three IT culture pillars.

“You know, Jonathan, that all sounds great, but you really haven’t said how your going to do all that.”

Your right.  And if your reading this, your on this journey with me.  More to come.

\\ JMM

Week 23, 2017, “Find Your Team”

“The best prize life has to offer is a chance to work hard at work worth doing. And I would add that what makes work worth doing is getting to do it with people you love. Find your team.” – Leslie Knope, Season 7, Ep13, One Last Ride: Part 2

I will admit, I’ve never watched one episode of Parks and Recreation.  My wife asked if we could watch the last episode and, agreeing apprehensively, off we go.  Although I didn’t get much context to characters, this line caught me towards the end of the show:  Find your team.

So true.  So hard to do.  And blessed when we can.

Find your team and do great work.  Yes, I will.

\\ JMM

Week 22, 2017, “First 30 Days”

“First 90 days are important.  Sets the pace.  First 30 days are critical.  Sets the tone.” – Jonathan Merrill

June 2nd marks my first 30 days.  So far, so great.  The adjectives that describe this position are:  exciting, daunting, encouraging, challenging, interesting, and exhilirating.  You know it’s good when you wake up and are motivated to go.  Can’t wait to get there and get engaged.

My to do list for the first 30 was:

  • Observe and Ask Questions.  The business.  The leaders.  The goals.
  • Identify gaps in infrastructure, collaboration, documentation, and process.
  • Assess my team’s capabilities, strengths, and growth opportunities.  Listen.
  • Introduce the knowledge culture to the team.  Begin the building of process and values into the DNA.

May was introduction of team rules, discovering the infrastructure, reading the documentation, hiring our architect, and putting together the to do list.  Cross training culture, DevOps, subject matter experts, CAMS, and working on KRAs and KPIs.  Lots of reading, listening, and absorbing.  And writing.

The tone is set!  Go! Go! Go!

\\ JMM

Quote of Week 21, 2017, The “ORC”.

“Our foundation of systems documentation will begin with the ‘ORC’, the Operations Readiness Checklist.” – Jonathan Merrill @ LANVERA

How are we doing systems documentation? Today, its spreadsheets by system, contained in a knowledgebase article, updated by the knowledge champion for that system. This is a fairly antiquated yet reliable way to manage this type of documentation. The ORC has an interesting history and has evolved for the years. Here is an abbreviated account.

The birth of the original ORC came from former Santander Consumer USA VP, IT Operations and Engineering, James Brewster in 2013. “I want a checklist that every system must have completed before it goes into support.”

The original ORC was a simple checklist of questions to answer:  Name of servers, did we back it up, was it security vuln scanned, etc.. This Q&A went through three iterations as different groups asked for information to be added. The simple checklist turned into a seven tab spreadsheet. The reception by engineers and customers alike in the end was… “awful.”

The next major iteration of the ORC, dubbed ORC-lite, had it’s most influence by former Santander Consumer USA Director of Datacenter Architecture, John Thomas. Feedback took the ORC in a different direction and focused on systems configuration documentation and support capability.  In other words, an engineer-friendly quick to fill out document focusing on support.  That change exploded it’s adoption and was embraced meaningfully across all IT Operations’ leaders.

Victim of it’s success, the ORC came onto audit’s radar when systems documentation became an IT control item, requesting specific system configuration data.  ORC-lite once again became a 7-tab worksheet through the many discussions with these teams.

Today’s ORC is the end result of those deliberations.  John Thomas commented this was some of our best work.  A lot of hard work did go in, but the goal was never a spreadsheet.  Our search for an automated system documentation was the vision.  Could ServiceNow’s discovery engine and business service mapping serve?  I won’t be there to find out.

Nevertheless, the ORC is a great tool for organizations needing a starting point for system documentation.  The ORC lives on!

Link:  ORC 1.0 “template”.

\\ JMM

Quote of Week 20, 2017

“Life is about risk.  It’s important to take risks.  Just don’t be reckless.” – Richard Holbrooke, HBO Documentary, The Diplomat

I grabbed this gem as my last four years in banking could easily be summarized by saying, “We didn’t take a lot of risks.  In fact, they beat the risk out of us.”  How do you run an innovative and agile organization without risk?  Not easily.

Some organizations get this.  Many do not.  It’s an important to be risk adverse, but not risk intolerant. Just don’t be reckless.

\\ JMM

Quote of Week 19, 2017

“Technology is not a panacea for whatever ills.  Technology is only an enabler and needs to support people, process, content and connectivity needs.  Starting with technology has proven disastrous for many companies…” – Deloitte Development, Knowledge Management 2016

Is it possible for companies to have too much technology?  Is the knee jerk reaction to behavior to deploy a technology versus a people solution?  Take employee wasting time on social media.  Line managers know it exists, but do they confront their people to set behaviorial expectations?  Far easier to avoid those conversations and let IT handle.  Technology is the enabler — for good and bad.

Although this quote was in the context of managing knowledge, it’s just as true for every aspect of the business of managing people.  Start with people first.

\\JMM

Quote of Week 18, 2017

“‘Reinventing the wheel’ sounds pretty benign but ‘failing to learn’ and ‘reinventing failure’ are actually what many organizations are facing today… especially troubling given the pace of change…” – Deloitte Development, LLC on Knowledge Managemennt 2016

What a great insight.  So many companies who don’t have a knowledge management strategy with staffing turn.  The fundamental problem of “teaching smart people to learn” and the invisible costs this comes with.

This quote came from DFW’s Knowledge Management interest group.  I highly encourage your participation.  A place where ideas go to be captured and shared.  Next one is May 24.  Hope to see you there.

\\ JMM