Week 35, 2017, “Technology Roadmap”

One of the masterful idea’s contributed by Steve Moore, Director, IT Operations, at Santander Consumer USA, was introducing the Technology Roadmap.  This tool is not just about tracking what technology is owned, but serves a very specific purpose:  managing upgrades, identifying risk, communicating timeframes.

If your looking for a way to set up up transparency in IT systems engineering and communicate timeframes with leadership, this tool accomplishes that aim.  If you need to report to auditors the review cycles and pros/cons to the versionsm, this tool meets that need.

You can find this tool here.

\\ JMM

Week 31, 2017, “Obtains Certification = Display Knowledge = Shows Confidence”

“The good news is that certification provides you with a verified foundation of expert, real-world knowledge to build on, so you’ll be ready to ramp up on the job 39% faster than your peers. If you’re still not convinced, 38% of IT pros said that certification helped them perform complicated tasks more confidently. It’s science.” – Born To Learn Blog

We’ve agreed as a team that there is a need for baseline competencies. That skills and experience are vital to our success. If any one area lacks, the team has to compensate for our weak areas that we accepted. When those weak areas accumulate because we couldn’t trust team members to perform complicated tasks, the team fails.

As such, we’ve made a bold move to mandate VMWARE VCA DCV certification as a baseline team member qualification. Expectations laid to stay current. We are implementing advanced VMWARE technologies and there is too much risk to bring in unskilled people.

Goal: Everyone on the team has VCP, MTA, and Nimble certifications.

Before And After Certification\\ JMM

Week 27, 2017, “It’s Go Time”

“Does anyone have any questions on where we are going and your role how to get us there?  No?  It’s go time, team.  Always forward!” – Jonathan Merrill

Here we are at the 60 day mark and we are looking back with awe and anticipation. Although this isn’t the exhaustive list, the highlights are:

1. We hired our system engineering architect, Sonny Mendoza. A US Navy and IT veteran, he brings deep expertise in both the VMWARE and Microsft stack. A proponent of VEEAM and NIMBLE, two complimentary technologies currently in house. His experience in both the SMB and large enterprise space is evident in his questions and answers. He has been an amazing addition to the IT team, bringing in sage experience, a positive energy, and can do attitude.

2. Wrote and implemented IT maintenance policies focusing on patching and security remediation. The policy includes an change freeze period, quarterly reviews and update schedule, and architectural review. Formalizing maintenance was the first step in establishing a relationship and accountability with teams testing patches and reducing risk. Establishing a schedule communicates when IT infrastrucutre will be updated so development and print operations has down range visibility, setting reliable expectations.

3. Implented enterprise password management. Our specific requirements were password sharing with teams, role based access control, automatic password rotation, password auditing and history, Active Directory integration, and high availability. We migrated from a KEEPASS situation to Click Solutions’ Password State.

4. Implemented the enterprise auditing solution. Speaking to vision, the solution needed to give unprecedented transparency to all teams as we marry up audit data with change management practices and and enabling a better support visibility across all teams. Netwrix Auditor is a best of breed tool and is supremely designed for SMB organizations. Microsoft space initially targeted. Additional work still to go covering VMWARE, Exchange, SQL, and networking.

5. Implemented an asset-focused network management tool. Many of my former team members won’t be surprised, but I am firm believer of LANSWEEPER and giving teams’ access to manage their resources. This tool gives teams a birdseye view of whats installed, what errors exist, and health of resources applied. When we rolled this out, teams were presently surprised at what’s going on and assists in the troubleshooting of issues. Now we are collaborating.

6. Exited out of CenturyLink’s hosted services. We are continuing to evaluate our strategic partners and aligning to goals. No fault of CenturyLink, we determined to go another direction. We thank them for their stellar services provided.

7. Implemented the ORC process. Documenting systems should be a part of our DNA. This process enforces the C (Culture) and S (Sharing) in CAMS. We asked for leadership buy in and got it, trained teams, now set goals. 100% by Jan 1.

8. Implemented Death By Meeting’s, “Tactical” and “Stand Up”. Next up is strategic. Goal: Lower adhocs.

All this in 30 days! And doesn’t include the projects in flight. Here are some quick bullets of things we are building:

  • Workstation Technology Refresh. Uplifting the workstation platform, bringing in new tech.
  • Active Diretory Refresh. Cleaning up the past, rolling out RBAC, and enabling teams. Trust, but verify.
  • Network Refresh. Rethinking wireless, local area, and wide area networks. SDN for the win.
  • OpManager Proof of Concept. Manage Engine’s solution is comprehensive. Amazing value for what is delivered.
  • Splunk Proof of Concept. Can anyone argue that Splunk isn’t an amazing tool? Evaluating it’s place.
  • Alien Vault USM Proof of Concept. Having had experience with Nessus, Qualys, Nexpose, Alien Vault is a challenger.
  • Data Operations Proof of Concept. Automating core functions internally. Managing 10k scripts or jobs requires control.
  • Intranet / Employee Portal.  Rethinking SharePoint’s place.

It’s go time.

\\ JMM

Week 26, 2017, “Vision”

We are coming up on the 60d mark at LANVERA and wanted talk about information technology’s vision for 2017.   In the first 30d, Steve and I had multiple conversations with various leaders throughout the organization about priorities, needs, and vision.  A central theme emerged. How can we take IT to the next level, enabling our software development teams to build and test quicker without encumberance? How do we monitor key pieces of the technologies faster and leverage automation? How do we give more traditional IT functions to business units so we can more efficiently support our customers? How do we do knowledge management protecting intellectual property? And how can IT help infuse a positive values culture?

My recommendation to Steve is what I’ve expoused for over a decade: A culture of enablement, services, and transparency.  Let’s unpack these three areas.

IT Enablement.

Giving our people the freedom and resources they say they need to do their job. Traditional IT is the top-down command and control approach that is arguably out dated and killing organizations abilities to be agile. Traditional IT’s leaders have the ability to control, but that is not where innovation comes from, is it? If we want LANVERA to feel like owners, what must give our people exactly that: ownership. This includes access rights, privledges, and determination of their tools. IT’s role will be to give them the framework, healthy auditing, and constant oversight. This will let teams do what they need to do: Be awesome. And not just our development teams. All teams.

IT Services.

IT as a utility is not a new concept and dominates the cloud model. It’s successful because it’s utilitarian approach. However, what if IT’s role is that of consultants leveraging our resources? Traditional IT’s reactive approaches are usually the result of poor IT to business engagement. Or worse, poor strategic planning with the business and IT alike. This divides and compounds. IT will offer menus of services and cost, including professional services. Teams will choose what they need, when they need it, and the resource cost of that service delivery. IT is the consultancy to the business that encorporates not just core IT functions, but how we can partner with teams to do more leveraging IT. To achieve, we crank up IT’s role as educator and communicate far far more.

IT Transparency.

Technical people not given good intel or access to actionable information will make assumptions about your network. This silo’ing of information breeds fear, uncertainty, and doubt across teams. Once made, hard to reverse perceptions, especially if baked over time. If we are going to embrace DevOps, we have to show a commitment to CAMS: Culture, Automation, Measurement, and Sharing. I’ve tested this theory over my career and have been surprised every time: the more information you give, the better the decisions are made, especially during crisis. As we monitor and measure, we’ll ensure all teams have access to these systems. All teams will see how resources are utilized, changed, and managed. We’ll also include audit data like who, when, what, how. Working as a team means establishing trust and accountability as a part of the culture. We start with ourselves.

The Direction.

Transform IT from a top-down production support focused team stuck in reactive and manual states to a infrastrucutre services based team focusing on network health, security, and reliability.  Key strategic initiatives include focusing on security postures, auditing, monitoring, and automating core functions. Others include technology refreshes, examining our strategic partner relationships, and working towards vision through the three IT culture pillars.

“You know, Jonathan, that all sounds great, but you really haven’t said how your going to do all that.”

Your right.  And if your reading this, your on this journey with me.  More to come.

\\ JMM

Quote of Week 21, 2017, The “ORC”.

“Our foundation of systems documentation will begin with the ‘ORC’, the Operations Readiness Checklist.” – Jonathan Merrill @ LANVERA

How are we doing systems documentation? Today, its spreadsheets by system, contained in a knowledgebase article, updated by the knowledge champion for that system. This is a fairly antiquated yet reliable way to manage this type of documentation. The ORC has an interesting history and has evolved for the years. Here is an abbreviated account.

The birth of the original ORC came from former Santander Consumer USA VP, IT Operations and Engineering, James Brewster in 2013. “I want a checklist that every system must have completed before it goes into support.”

The original ORC was a simple checklist of questions to answer:  Name of servers, did we back it up, was it security vuln scanned, etc.. This Q&A went through three iterations as different groups asked for information to be added. The simple checklist turned into a seven tab spreadsheet. The reception by engineers and customers alike in the end was… “awful.”

The next major iteration of the ORC, dubbed ORC-lite, had it’s most influence by former Santander Consumer USA Director of Datacenter Architecture, John Thomas. Feedback took the ORC in a different direction and focused on systems configuration documentation and support capability.  In other words, an engineer-friendly quick to fill out document focusing on support.  That change exploded it’s adoption and was embraced meaningfully across all IT Operations’ leaders.

Victim of it’s success, the ORC came onto audit’s radar when systems documentation became an IT control item, requesting specific system configuration data.  ORC-lite once again became a 7-tab worksheet through the many discussions with these teams.

Today’s ORC is the end result of those deliberations.  John Thomas commented this was some of our best work.  A lot of hard work did go in, but the goal was never a spreadsheet.  Our search for an automated system documentation was the vision.  Could ServiceNow’s discovery engine and business service mapping serve?  I won’t be there to find out.

Nevertheless, the ORC is a great tool for organizations needing a starting point for system documentation.  The ORC lives on!

Link:  ORC 1.0 “template”.

\\ JMM

Quote of Week 10, 2017

“ServiceNow isn’t in any Gartner quadrant for project management, I am aware of. We should think about using third party versus ServiceNow.” – An IT Leader

It’s quite known I am an internal champion of ServiceNow at SC.  The largest benefit alone is in the demand and resource management functions of an ITSM.  Although there are many amazing third party project tools out there, the value of this tool and the visibility gained is equally amazing.

\\ JMM

Quote Of Week 7, 2017

Please keep in mind that the key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.

One of my peers cited this in one of our project meetings.  Nebulous or poorly interpretive descriptions of technical requirements should be avoided.

\\ JMM

Quote Of Week 6, 2017

From:  http://www.dslreports.com/forum/r29293609-How-Does-WHT-Do-It

“Well engineered projects are indistinguishable from crazy ideas.”

I resonated with this statement as we spoke of the important of wiring standards, craftmanship, and the sad state of installations in so many IT shops.  Why are well engineered projects, like data center wiring, met with so much resistance?  Answer: cost, time, and effort are not always well articulated nor understood by the masses.  And often, trump all unless you spend the time showing amazing value for that effort.

A wire is not always a wire.  Kudos for those shops that get it and embrace good IT.  It’s crazy, I know.

\\ JMM

Quote Of Week 5, 2017

“While I understand the process and how it should work, there is a chance that someone could go in and make changes [to servers]. We have to think like a Risk Manager and the possibilities that could happen.” – Today’s IT Leader

Just recently, we had several conversations where system engineers lamented on the amount of work risk mitigation has created.  While this often is viewed through various colors of lenses and often tempered with bias, the point was not to just express exasperation about the volume of reactive work.

The point was to proactively think like a risk manager and head things off so it’s built into the DNA of the technology.  Are we really thinking this way?  Are we creatively thinking about risk as we architect solutions.

Let’s prevent the backlog versus react to it.

\\ JMM

Quote of Week 4, 2017

From:  https://community.servicenow.com/events/2951

“It’s Official, 2017 has been coined “The Year of KNOWLEDGE”. Many, if not all of you, have started, or plan to start your Knowledge Management Initiative this coming year.” – Josh Addington

It’s probably no surprise that managing our proprietary and intellectual knowledge for commodity services, such as technical support, is still a problem in 2017.  Interestingly, people are doing something about it through community initiatives.  This is one such here in Dallas, Texas.

Excited to see what fruit this will bear, what ideas can be shared, and if we must, collectively display our sorrow at the state of our own challenges in this tough space.

\\ JMM