Skip navigation
1 2 3 Previous Next

Geek Speak

2,349 posts

When a lot of organizations first take on the challenge of setting up a disaster recovery plan it’s almost always based on the premise that a complete failure will occur. With that in mind, we take the approach of planning for a complete recovery. We replicate our services and VMs to some sort of secondary site and go through the processes of documenting how to bring them all up again. While this may be the basis of the technical recovery portion of a DR plan it’s important to take a step back before jumping right into the assumption of having to recover from a complete failure. Disasters come in all shapes, forms, and sizes, and a great DR plan will accommodate for as many types of disasters possible. For example, we wouldn’t use the same “runbook” to recover from simple data loss that we would use to recover from the total devastation of a hurricane. This just wouldn’t make sense. So even before beginning the recovery portions of our disaster recovery plans we really should focus on the disaster portion.


Classifying Disasters


As mentioned above, the human mind always seems to jump into planning for the worst-case scenario when hearing the words “Disaster Recovery,” a building burning down, flooding, etc. What we fail to plan for is other minor, less significant disasters, such as temporary loss of power or loss of entrance due to quarantine. So, with that said let’s begin to classify disasters. For the most part, we can lump a disaster into two main categories


Natural Disasters – these are the most recognized types of disasters. Think of events such as a hurricane, flooding, fire, earthquake, lightning, water damage, etc. When planning for a natural disaster we can normally go under the assumption that we will be performing a complete recovery or avoidance scenario to a secondary location.


Man Made Disasters – These are the types of disasters that are lesser known to organizations when looking at DR. Think about things such as temporary loss of power, cyber-attacks, ransomware, protests, etc. While these intentional and unintentional acts are not as commonly approached, a good disaster recovery plan will address some of these as the recovery from them is often much different from that of a natural disaster.


Once we have classified our disaster into one of these two categories we can then move on by further drilling down on the disasters. Performing a risk and impact assessment of the disaster scenarios themselves is a great next step. Answers to questions like the ones listed below should be considered when performing our risk assessment as it allows us to further classify our disasters, and in turn, define expectations and appropriate responses accordingly.


  • Do we still have access to our main premises?
  • Have we lost any data?
  • Has any IT function been depleted or lost?
  • Do we have loss of skillset?


How these questions are answered as it pertains to a disaster can completely change our recovery scenarios. For example, If we have had a fire in the datacenter and lost data we would most likely be failing over to another building in a designated amount of time. However, if we had also lost employees, more specifically IT employees in that fire as well, then the time to recover will certainly be extended as we most likely would have lost skillsets and talent to execute the DR plan. Another great example comes in the form of ransomware. While we still would have physical access to our main premises, the data loss scenario could be much greater due to wide-spread encryption form the ransomware itself. If our backups were not air-gapped or separate from our infrastructure, then we may also have encrypted backups, meaning we have lost an IT function – thus provoking a possible failover scenario even with physical access to the building.  On the flip side, our risks may not even be technical in nature. What is the impact of losing physical access to our building in the result of protests or chemical spills?  Some disasters like this may not even require a recovery process at all, but still pose a threat due to the loss of access to the hardware.


Disaster Recovery is a major undertaking no matter what size the company or IT infrastructure and can take copious amounts of time and resources to get it off the ground. With that said, don’t make the mistake of only planning for those big natural disasters. While it may be a great starting point, it’s best to really list out some of the more common, more probable types of disasters as well, document the risks and recovery steps in turn. In the end, you are more likely to be battling cyber attacks, power loss, and data corruption then you are to be fighting off a hurricane. The key takeaway is – classify many different disaster types, document them, and in the end, you will have a more robust, more holistic plan you can use when the time comes. I would love to hear from you in regards to your journeys with DR. How do you begin to classify disasters or construct a DR plan? Have you experienced any "uncommon" scenarios which your DR plan has or hasn't addressed? Leave some comments below and let's keep this conservation going.

We’ve all heard the saying, "what you see is what you get." Life isn’t quite so simple for those focused on security, as what you don’t see, is more likely to be what you get. Luckily, there are places to get visibility that are often overlooked.


Security policies have always included the protection of key assets such as servers, network infrastructure, and data center and perimeter devices. This approach will always be the first line of defense and for those that are new to the security space; this is the best place to start.


More recently, security policies have been extended to the user level. The number of endpoint protection solutions has grown markedly over the last few years as security administrators have understood that protection from attacks initiated from inside an organization is critical. These attacks are able to leverage users and their devices because like it or not, people do download things they shouldn’t, they visit websites they shouldn’t, they share files, they let their kids use their company assets, and, they often fall prey to social engineering.


Endpoint Protection (EPP) has existed since the 1980’s in the form of virus scanning clients and over the years the EPP landscape has become a battle of the Advanced Endpoint Protection (AEP) products. AEP’s are next gen technology, combining EPP functions like anti-virus with event detection and response (EDR) technology providing detection, blocking, and forensic analysis capabilities. In addition, operating systems like Windows provide a selection of endpoint tools that can be enabled out-of-the-box.


In the Microsoft world, implementing an endpoint protection strategy can start with an often overlooked feature; Windows Event Logging. Event logging provides visibility into the activities performed on the workstation by grouping application, security and system events into a single view. The workstation event console may then be configured to forward a customized set of these events to a log aggregator like a domain controller allowing the administrator to have a consolidated view of the activities on the workstations in the domain. These consolidated events can then be further forwarded to a SIEM and used as an alert trigger (detection of an APT) or provide contextual value (workstation state for a specific user on a device that attempted a brute force attack on a key server). More of this in a later blog.


To decide if Workstation Event Logs have a place in your overall security strategy, consider these use cases:


  • Access: How secure are the local authentication policies of individual workstations? If an attempt is made to login to a device using a local access credential rather than a domain controlled account, it will be logged in the workstation event log only.
  • Persistence: Registry changes made by an attacker to provide a foothold into the system that persists over system reboots must be tracked.
  • Discovery: IoC’s can be recognized by anomalous actions, for example events reporting misspelled service names, uncommon service paths or non-typical application crashes due to buffer overflows.
  • Reconnaissance: Running of tools that indicate scanning, recon and brute force attacks may have been attempted can be logged.
  • Forensics:  In the case of a breach, building an event timeline from initial compromise to detection is critical to understanding how to recognize the extent of the compromise across multiple machines and how to remediate these systems.
  • Behavioral Analysis: Changes in user behavior or inappropriate use of company assets can have both security and legal implications. If certain event types like failed logins or privilege escalation attempts begin to occur, or known exploitation tools are installed on a system, this could be a sign of a compromise, or a potential issue with an employee.


As with any logging tool, the trick is to create a configuration and deployment strategy. One of the downsides to event collection is that a poorly tuned system can generate far too many events to be useful or even viable.  Admins must identify critical events to collect based on how they impact their environment and have an action plan defined for addressing issues. This ensures an understanding of the context and implications of an event; rule of thumb proactive beats reactive. If this post has you thinking about workstation logging, future blogs will provide more information about defining your security policy, configuring endpoints and forwarding events to an aggregation device and making use of logs in SIEMs. Stay tuned.

Back in the saddle this week, feeling rested and ready to get 2018 started. We had quite a few interesting stories last week, too. Never a dull moment in the field of technology.


As always, here are some links from the Intertubz that I hope will hold your interest. Enjoy!


A Simple Explanation of the Differences Between Meltdown and Spectre

In case you didn’t hear, our CPUs have been hacked. Well, they could be hacked. We should all be panicking. Or not worried at all. It’s hard to say, really, because there is a lot of misinformation going around right now about Meltdown and Spectre. This article helps clear up a few things. Also, it shows that we’ve now hit a point in time where we create logos for security vulnerabilities. What a time to be alive.


The No Good, Terrible Processor Flaw and SQL Server Deployments – Nearly Everything You Need To Know

Here’s a great summary of how Meltdown and Spectre may affect SQL Server workloads. There’s a lot of FUD being spread about the performance hit for the patches, this article will help you focus one the important details.


All the cool new friends you'll meet when you drink raw water

Here’s the upside to the diseases that raw water can carry: only hipsters inside of Silicon Valley will be affected at first.


The Intolerable Speech Rule: the Paradox of Tolerance for tech companies

Someone needs to get this article in front of Jack Dorsey at Twitter. It’s a simple enough rule that would remove so many of the jerks using their service.


You’re Descended from Royalty and So Is Everybody Else

In case you got one of those DNA kits as a gift this year, I‘m here to ruin the surprise for you. We’re all related to royalty because math.


A practical guide to microchip implants

I don’t think I’m ready for this future yet.


DHS Says 246,000 Employees' Personal Details Were Exposed

The word ‘Security’ is literally in their name, you would think they could do that part right.


I found Heaven here on Earth:


The use of cloud technology and services--especially public cloud--has become nearly ubiquitous. For example, it has made its way into even the most conservative organizations. Despite the fact that some find it challenging to support the service following adoption, the supportability resides with the public cloud provider. The business unit that decides to leverage public cloud is on their own. And while we’re at it, well done for them, because they didn’t want to use our own internal infrastructure or private cloud, if we’re a more advanced organization).


Sometimes It Isn't Up to IT

But to what extent does this binary (and somehow logical) vision of things hold true? The old adage that says, "If it has knobs, it’s supported by our internal IT departments" is once again proving to be correct. Even with public cloud, an infrastructure that is (hopefully) managed by a third-party provider, there are very meager chances that our organization will exonerate us from the burden of supporting any applications that run in the cloud. Chances are even slimmer for IT to push back on management decisions: they may seem inconsiderate from an IT perspective, but make sense (for better or worse) from a business perspective.


Challenges Ahead

With business units’ entitlement to leverage cloud services comes the question about which public clouds will be leveraged, or rather the probability that multiple cloud providers will be used without any consideration of IT supportability of the service. This makes it very difficult for IT to support and monitor the availability of services without having IT operations jump from monitoring console on cloud provider A to their on-premises solution, and then back to cloud provider B’s own panel of glass.


With that comes the question of onboarding IT personnel into each of the public cloud providers' IAM (Identity & Access Management) platforms, manage different sets of permissions for each of the applications and each of the platforms. This adds heavy and unnecessary management overhead on top of IT responsibilities.


And finally comes the relevance of monitoring the off-premises infrastructure with off-premises tools, such as those provided by public cloud operators. One potential issue, although unlikely, is the unavailability of the off-premises monitoring platform, or a major outage at the public cloud provider. Another issue could be, in the case where an internal process relies on an externally hosted application, that the off-premises application reports as being up and running at the public cloud provider, and yet is unreachable from the internal network.


The option of running an off-premises monitoring function exists, but it presents several risks. Beyond the operational risk of being oblivious to what is going on in case of a network outage/dysfunction (either because access to the off-premises platform is unavailable, or because the off-premises solution cannot see the on-premises infrastructure) is the more serious and insidious threat because it exposes an organization’s entire network and systems topology to a third-party. While this may be a minor problem for smaller companies, larger organizations operating in regulating markets may think twice about exposing their assets and will generally favor on-premises solutions.


Getting Cloud Monitoring Right

Cloud monitoring doesn’t differ from traditional on-premises infrastructure monitoring, and shouldn’t constitute a separate discipline. In the context of hybrid IT, where boundaries between on-premises and off-premises infrastructures dissolve to place applications at the crossroads of business and IT interests, there is intrinsic value to be found with on-premises monitoring of cloud-based assets.


A platform-agnostic approach to monitoring on-premises and cloud assets via a unified interface, backed by the consistent naming of metrics and attributes across platforms will help IT operators instantly understand what is happening, regardless of the infrastructure in which the issue is happening, and without necessarily having to understand or learn the taxonomy imposed by a given cloud provider.


IT departments can thus attain a holistic view that goes beyond infrastructure silos or inherent differences between clouds, and focus on delivering the value that business expects from them. Guarantee the availability and performance of business systems, regardless of their location, and ensure the monitoring function is not impacted by external events while respecting SLAs and maintaining control over their infrastructure.

By Paul Parker, SolarWinds Federal and National Government Chief Technologist


I'm the new Chief Technologist for our Federal and National Government team, and I’m glad to be joining the conversation on THWACK® with all of you. Here's an interesting article from my colleague, Joe Kim, in which he argues that military IT professionals can and should adopt a more proactive approach to combatting cyberattacks.


Today’s cyberattackers are part of a large, intelligent, and perhaps most dangerously, incredibly profitable industry. These attacks can come in all shapes and sizes and impact every type of government organization. In 2015, attackers breached the DoD network and gained access to approximately 5.6 million fingerprint records, impacting several years' worth of security clearance archives. This level of threat isn't new, but has grown noticeably more sophisticated—and regular—in recent years.


So why are defense organizations so vulnerable?


Brave new world


Military organizations, just like any other organizations, are susceptible to the changing tides of technology, with Warfighter Information Network-Tactical (WIN-T) offering an example of the challenges it faces. WIN-T is the backbone of the U.S. Army’s common tactical communications network, and is relied upon to enable mission command and secure reliable voice, video, and data communications at all times, regardless of location.


To help ensure “always on” communications, network connectivity must be maintained to allow WIN-T units to exchange information with each other and carry out their mission objectives. WIN-T was facing bandwidth delay and latency issues, resulting in outages and sporadic communications. They needed a solution that was powerful and easy to use. This is an important lesson for IT professionals tasked with adopting new and unfamiliar technology.


WIN-T also required detailed records of their VoIP calls to comply with regulatory requirements. Available solutions were expensive and cumbersome, so WIN-T worked with its solution provider, SolarWinds, to develop a low cost VoIP tool that met their technical mission requirements.


The WIN-T use case demonstrates that defense departments are looking to expand and diversify their networks and tools. This has created a new challenge for military IT professionals who must seamlessly incorporate complex new technologies that could potentially expose the organization to new vulnerabilities.


Impact of a breach


Military organizations are responsible for incredibly sensitive information, from national security details to personnel information. When the military suffers a cyberattack, there are far greater implications for it and the society as a whole.


If a military organization were breached, for example, and sensitive data fell into the wrong hands, the issue would become a matter of national security, and lives could be put at risk. The value of military data is astronomical, which is why attackers are growing more focused on waging cyberwarfare against military organizations. The higher the prize, the greater the ransom.


However, it's not all doom and gloom, and military IT professionals do have defenses to help turn the tide in the fight against cyberattackers. The trick is to be proactive.


Be proactive


Far too many organizations rely on reactive techniques to deal with cyberattacks. Wouldn't it be far less damaging to be proactive, rather than reactive? Of course, this is easier said than done, but there are ways in which military IT professionals can take a proactive approach to cybercrime.


First, they should apply cutting-edge technology. Outdated technologies essentially open doors for well-equipped attackers to walk through. IT professionals should be given the support needed to implement this technology, if military organizations are serious about safeguarding against cyberattacks.


By procuring the latest tools, and ensuring internally that departments are carrying out system updates when prompted, military organizations can help protect themselves against the sophisticated techniques of cyberattackers.


Second, automation should be employed by military organizations as a security tool. By automating processes—from patch management to reporting—they can help ensure an instantaneous reaction to potential threats and vulnerabilities. Automation can also help safeguard against the same type of breach in the future, providing an automated response should the same issue occur.


Third, all devices should be tracked within a military organization. This may sound paranoid, but many breaches are a result of insider threats, whether it's something as innocent as an end-user plugging in a USB, or something altogether more sinister.


Automation can be used to detect unauthorized network access from a device within the organization, enabling the system administrators to track and locate where the device is, and who may be using it.


Despite the fear surrounding data breaches, military organizations are capable of standing firm against the next wave of innovative, ingenious cyberattacks.


Find the full article on Government Computing.



(This is the third part of a series. You can find Part One here and Part Two here.)


It behooves me to remind you that there are many spoilers beyond this point. If you haven't seen the movie yet, and don't want to know what's coming, bookmark this page to enjoy later.


Having tools without understanding history or context is usually bad.


On the flipside of using tools creatively, which I will discuss in the next part of the series, is using tools without understanding their context or history.


There are two analogs for this in the movie. First is how Charles can't remember the Westchester Incident. He continues to operate under the assumption that Logan is tormenting him for some reason, forcing him to live in a toppled-over well, and then dragging him cross-country when they are discovered. In reality, they'd been hiding from the repercussions of Charles' psychic outburst. But lacking that knowledge, Charles is ineffectual in helping their cause.


The second example is "X24,” an adult clone of Logan and something of a mindless killing machine. X24 is Logan without context, without history, without a frame of reference. And therefore, he is without remorse.


Both of these cases exemplify the harm that can come when a tool is operated by a user who doesn't fully understand why the tool exists or everything it is designed to do. It is nmap in the hands of a script kiddy.


As "experienced" IT professionals (that's code for "old farts"), one of our key goals should be sharing history and context with the younger set. As I wrote in "Respect Your Elders" (, everything in IT has a reason and a history. Forgetting that history can not only make you less effective, it can be downright dangerous. But newcomers to our field aren't going to learn that history from books. They're going to learn it from us if we are open and willing to share.


Lynchpin team members become force-multipliers, even if their specific contribution wasn't the most impactful.


In the movie, Logan shows up at a final battle. He doesn't defeat everyone and technically all the kids should have been able to hold their own. But when he appeared, it galvanized them into working together.


A little earlier I mentioned that the mutant kids are able to hold their own against an army of reavers, robotically enhanced mercenaries intent on capturing and/or killing the children before they reach the Canadian border.


I should have mentioned that they are just barely holding their own. Before long, most are captured. It is only due to the timely arrival of Logan that they are able to regain the upper hand. And even then, Logan is the one who has to take on X24, their most powerful adversary.


Granted, it is Laura who ultimately ends the conflict with X24. Granted it is the kids who disarm, disable, or kill the bulk of the soldiers.


But Logan's appearance changes the tide of the battle. Before he arrives, the kids are being picked off one by one. The reavers control the situation, they understand each kid, and are able to neutralize their abilities with precision. After Logan appears on the scene, the reavers are fighting on two fronts and it disrupts their efforts, causes them to make careless mistakes, and ultimately costs them the fight.


In this moment, Logan is known as a "force multiplier," a tool, technique, or individual who dramatically increases the efficacy of the team. In effect, a force multiplier makes a group work as if they have more members, or have members with a greater range of skills, than they actually possess. While the concept is most commonly understood within military contexts, the fact is that many areas of work benefit from the presence of force multipliers.


In IT, we need to learn to acknowledge when a technology, technique, or even an individual (regardless of age or experience) is a force multiplier. We need to also understand that a force multiplier isn't a universal panacea. Something (or someone) who is a force multiplier in one context (day-to-day operations) isn't necessarily going to have the same effect in a different situation (rapid deployment of a new architecture).


It's okay to lie as long as you're telling the truth.


There are times in your IT career when you're going to need to lie. Not a little white "because the birthday cake is in the kitchen and we're not ready for you to come in yet" lie. Not a bending of the truth. I’m talking full-on, bald-faced lie.


You're going to get the email instructing you to disable someone's account at 2:00 p.m. because they're being let go. And then you're going to see that person in the hall and exchange pleasantries.


A co-worker will confide to you that they just got an amazing job offer, but they're not planning on giving notice for another two weeks. After that, you're going to be in a meeting with management offering staffing projections for the coming quarter, and you are going to feign acceptance that your co-worker is part of that equation.


Going back to the dinner scene on the farm with the Munroe family, the exchange about the school goes something like this:

Logan: “Careful, you're speaking to a man who ran a school… for a lot of years.”

Charles: “Well, that's correct. It was a… it was a kind of special needs school.”

Logan: “That's a good description.”

Charles: (indicating Logan) “He was there, too.”

Logan: “Yeah, I was in it, too. I got expelled out three times.”

Charles: “I wish I could say that you were a good pupil, but the words would choke me.”


From the Munroes’ point of view, this is a father and son reminiscing about their past. And you know what? It IS a father and son reminiscing about their past. All of the things they say have an emotional truth to them, even if they are a complete fabrication.


IT pros have access to so many systems and sources of insight that our non-IT co-workers can’t "enjoy." Therefore, we must endeavor to maintain the emotional truth of each situation, even when we have to mask the details.


But that isn't all I learned! Stay tuned for future installments of this series. And until then, Excelsior!


1 “Logan” (2017), Marvel Entertainment, distributed by 20th Century Fox


Welcome to 2018!


Just three days into the new year, Spectre and Meltdown made the news. These flaws affect both system security and performance since they degrade CPU performance significantly. Previously, we saw prominent companies use software to manipulate older generation devices. And everyone seemed to be launching ICOs and adding blockchain or bitcoins to their company portfolio to ride the cryptocurrency bubble expansion.


The year ahead promises to be an exciting (for lack of a better descriptor) one for IT pros, developers, DevOps practitioners, and every other role you choose to claim for yourself. Check out the teaser video below:




And, don't forget to check out the complete list of pro-dictions from adatole patrick.hubbard Dez sqlrockstar and myself, click the banner at the top of this post. We cover IoT, blockchain, data security, compliance, and more. Will our predictions turn out to be prophetic or will they fail to come true? Let us know what you think in the comment section below.


The Legacy IT Pro

Posted by kpe Jan 4, 2018

In the fast-paced world of IT, can you afford to be a legacy IT pro? This is a concern for many, which makes it worth examining.


IT functions have been clearly separated since the early days of mainframes. You had your storage team, your server team, your networking team, and so on, but is that really the way we should continue, moving forward? Do we as IT pros gain anything by keeping up with this status quo? If you and your organization stay on this path, how long do you think you can you keep it up?


The best way to define a legacy pro is to share a few examples. Let’s say you were hired to be on the server team in a given enterprise environment around 2008. If you have not developed your skill set beyond Microsoft® Windows Server® 2008 or any related area since then, that’s legacy. A lot has happened in nine years, especially in cloud and security sectors. That means that if you haven’t kept up with the latest technologies, you’ll likely end up being one of those legacy guys.


In networking, my specialty, the same definition applies. If you are a data center networking engineer and you are still doing three-tier design with spanning tree and all that good stuff, you are clearly missing out on the most recent trends.


So, the key take away here is, don’t be afraid to rejuvenate yourself AND the tools of your trade. Going back to our first example, ask yourself if you are really living up to your job title. Gone are the days of updating to a new software release every second year, or whatever your company policy used to be. You really need to tell your vendor of choice to go with update cycles that match the trends of the market.


Now that you have progressed from a legacy IT pro to the next level, how do you take this even further? My suggestion is that you evolve from being a great IT pro to being an individual who has knowledge beyond your own area of expertise. It’s probably time you started envisioning yourself as a solution engineer.


A recurring theme these days is for clients to want a complete solution. In other words, organizations really do not want to deal with a collection of IT silos; they’d prefer to treat IT as a whole. This means that your success as an engineer on the networking/server/storage team is not only dependent on your own performance, but also that of your fellow engineers.


To deliver on this promise of a solution, you really need to start getting comfortable dealing with engineers and support staff from different parts of your organization. It doesn’t matter if you work in a consultancy role or in enterprise IT, this is something you need to start gradually incorporating into your workflow.


I suggest you start by establishing communication lines across your organization. Be open about your own job domains and tasks. Buy that co-worker from servers a cup of coffee and be genuinely interested in his/her area of expertise. Ask questions and show appreciation for his or her work.


Don’t be afraid to bring this level of cooperation to the attention of management to gain some traction across multiple business units. More often than not, you will get this level of support if you offer solutions that provide value.


Start sharing software tools and features across silos to spark further interest and energy into this new way of thinking. Perfstack now allows you to customize panes of glass according to individual teams and groups. Why not utilize this to create a specific view for the storage team that gives them visibility into your Netflow data?


I am not advocating a complete abandonment of your current role. I am suggesting instead that you transform your specialization into a new multi-level sphere of expertise. If you are on the networking team, go full speed ahead with that, but also pay attention to what is happening in the world of compute and maybe storage. Read about the topic, or even get some training on it. That way you are not completely oblivious to what’s going on around you, which makes communicating across the organization even easier. Doing these things will make you a better engineer and confirm that you are a true asset to your company. In the end, isn’t that what it’s all about?


To summarize, I do think it’s very important to evolve in this industry. If we are to meet future demands, we need to start thinking and acting differently. By gaining new skill sets and breaking down the silos we have built up over the years, we are on a clear path of evolution. Instead of being afraid of this evolution, look at it with a positive attitude and see all the possible opportunities that arise because of it.


With that in mind, I wish you the very best. Take care and go forth into this new era of IT!



I’m still on holiday, but that won’t stop me from getting the Actuator done this week. I hope everyone had a safe and happy holiday season with family and friends. Let’s grab 2018 by the tail, together.


As always, here are some links from the Intertubz that I hope will hold your interest. Enjoy!


A Message to Our Customers about iPhone Batteries and Performance

I’m stunned by this response from Apple. I don’t ever recall a company standing up like this. It’s clear they know they have a bit of an image problem right now, and are taking every step possible to earn back consumer confidence.


The Galaxy Note 8 reportedly has a battery problem of its own

But the good news is that they aren’t catching fire...yet.


Computer latency: 1977-2017

Ever wonder if your old computer from childhood was faster than the one you have today? Well, wonder no more! Read to find out how the Apple 2e is the fastest machine ever built.


Net Promoter Score Considered Harmful (and What UX Professionals Can Do About It)

Including this because it uses math and data to prove a point about a metric that I believe is widely misunderstood to be a good thing.


Crime in New York City Plunges to a Level Not Seen Since the 1950s

Another link because math. It’s important to understand that having all the data doesn’t mean you can have all the answers. Nobody really knows why crime is dropping. Which means they don’t know why it will begin to rise, or when.


Ten years in, nobody has come up with a use for blockchain

Look for this article again next year, when the title is updated to “Eleven years”.


17 Things We Should Have Learned in 2017, but Probably Didn't

Wonderful list of mistakes that are likely to be mistakes again in 2018 (and beyond).


By Joe Kim, SolarWinds EVP, Engineering and Global CTO


Social media has given us many things, from the mass circulation of hilarious cat videos, to the proliferation of memes. However, social media is not commonly thought of as a tool for cybercriminals, or a possible aid in combatting cybercrime.


However, as government IT pros frantically spend valuable time and money bringing in complex threat-management software, one of the methods most easily used by hackers is right in front of you—assuming you’ve got your favorite social media page open.


Social skills

Social media can be a tool to both protect and disrupt, and attackers are eagerly screening social media profiles for any information that may present a vulnerability. Any status providing seemingly innocuous information may be of use, revealing details that could be weaponized by hackers.


Take LinkedIn®, for example. LinkedIn provides hackers with a resource that can be used nefariously, by viewing profiles of system administrators, attackers can learn what systems they are working on. This is a very easy way for a cybercriminal to gain valuable information.


As mentioned, however, social media can also be a protective tool. By helping ensure that information is correctly shared within an organization, IT pros can more easily identify and tag attackers.


Cybercrime is organized within a community structure, with tools and tactics doled out among cybercriminals, making attacks faster and more effective.


This is a method that government IT pros need to mimic by turning to threat feeds, in which attack information is quickly shared to enable enhanced threat response. Whether it’s through an IP address or more complex behavioral analysis and analytics, a threat feed can help better combat cybercrime, and shares similar traits to social media.


For government IT pros, the most important part of this similarity is the ability to share information with many people quickly, and in a consumable format. Then, by making this information actionable, threats can be tackled more effectively.


Internal affairs

The internal sharing of information is also key, but not always a priority within government. This is a real problem, especially when the rewards of more effective internal information sharing are so significant. However, unified tools or dashboards that display data about the ongoing status of agency networks and systems can help solve this problem by illuminating issues in a more effective way.


Take performance data, which, for example, can tell you when a sudden surge in outbound traffic occurs, indicating someone is exfiltrating data. Identifying these security incidents and ensuring that reports are more inclusive will allow the entire team to understand and appreciate how threats are discovered. This means you can be confident that your organization is vigilant, and better equipped to deal with threats.


Essentially, government IT professionals should think carefully about what to post on social media. This doesn’t mean, however, that they should delete their accounts or start posting under some poorly thought-out pseudonym.


When used correctly, social media can provide public service IT professionals with more protection and a better understanding of potential threats. In a world where cyberattacks are getting ever more devastating, any additional help is surely worthy of a like.


Find the full article on PublicNet.

While the Word-A-Day  Challenge has only completely it's second year, it is already a labor of love for me. Last year the idea struck (as they so often do) in an unanticipated "a-ha!" moment, and with barely enough time to see it realized. As I explained at the time, the words were re-cycled from another word-a-day challenge I take part in yearly.


This year was different. I had time to think and plan, and that was especially true of the list of words I wanted to present to the THWACK community. I knew they had to be special. Important. Meaningful not just as words can be in their own right, but meaningful to us in the IT world.


As I selected the words for the word-a-day challenge, I looked for ones with a particular feel and heft:

  1. They had to be clearly identifiable as technology words
  2. More than that, they needed to be words which have an enduring place in the IT lexicon
  3. And they needed to also be words which have a significant meaning outside of the IT context


In addition to hoping that words with those attributes would inspire discussion and offer each writer a variety of options for inspiration,  I was also curious to see which way the ark of conversations in the comments would bend for each. Would the community focus solely on the technical aspect? Would they avoid the tech and go for the alternate meanings? Would there be representation from both sides?


To put it in more concrete terms, would people choose to write about backbone as an aspect of biology, technology, or character? Would Bootstrap appeal to folks more as a method or a metaphor?


To say that the THWACK community exceeded my wildest imaginings would actually be understatement (a crime I've rarely been accused of). Here at the end of 31 days of the challenge, the answer to my question is a resounding "all of the above". In writing, images, poems, and haiku, you left no intellectual stone un-turned.


More than that, however, was how so many of us took a technical idea and suggested ways we could use the same concepts to improve ourselves; or conversely, how we could take the non-technical meaning of a word and apply THAT to our technical lives. And through it all was a constant message of "we can do better. we can be better. we have so much more to learn. we have so much more to do."


And even more fundamentally, the message I read time and time again was "we can get there together. as a community. we can help each other be better."


For me, it brought to mind a quote by Michael Walzer:

"We still believe, or many of us do, what the Exodus first taught...

- first, that wherever you live, it is probably Egypt;

- second, that there is a better place, a world more attractive, a promised land;

- and third, that 'the way to the land is through the wilderness'.

There is no way to get from here to there except by joining together and marching."



I would like to thank everyone who took time out of their hectic end-of-year schedules - sometimes in their personal time over evenings and weekends - to comment so thoughtfully. And in that same vein I'm deeply grateful to the 22 writers who generated the 31 "lead" articles - 12 of whom this year came from the ranks of our incredible, inimitable, indefatigable THWACK MVP's. If you missed out on any of the days, I'm listing each post below to give you yet another chance to catch up.


Finally, I want to give a shout-out to the dedicated THWACK community team for helping manage all the behind-the-scenes work that allowed the challenge to go off without a hitch this year.


I am humbled to have had a chance to be part of this, and I'm already thinking about the words, ideas, and stories I hope we can share in the coming year.


Leon Adato
Eric CourtesyIT
Peter Monaghan, CBCP, SCP, ITIL ver.3
Joshua Biggley
Craig Norborg
Ben Garves
Kamil Nepsinsky
Richard Letts
Kevin Sparenberg
Jeremy Mayfield
Patrick Hubbard
Rob Mandeville
Karla Palma
Ann Guidry
Matt R
Jenne Barbour
Thomas Iannelli
Allie Eby
Richard Schroeder
Jenne Barbour
Abigail Norman
Mark Roberts
Zack Mutchler
Rainy Schermerhorn
Shelly Crossland
Jez Marsh
Michael Probus
Jenne Barbour
Jenne Barbour
Erik Eff
Leon Adato

We're very nearly at the end of our Word-a-Day challenge, and - while I'll have a more formal wrap up next week - I couldn't imagine a more successful run than the one we've seen this year. At the time of this writing, the challenge has garnered over 26,600 views and nearly 1,500 comments, so many of which were thoughtful, heartfelt, insightful, moving, and inspirational.


My goal was to give the THWACK community an opportunity to pause and engage in a bit of self-reflection, but put it into a context we find familiar and comforting - technology.


While there are still 2 days left, here are the comments from the past week that caught my eye:


Parity (Posted by Zack Mutchler Expert)

Steven Carlson Expert Dec 24, 2017 3:06 AM

My mind also went instantly to parity bits. I'm still amazed at how we can maintain data operations in a RAID array with a failed drive (or drives depending on RAID configuration).


Peter Monaghan, CBCP, SCP, ITIL ver.3 Expert Dec 24, 2017 5:55 AM

Former NFL Commissioner Pete Rozelle said that he wanted every team to go 8-8 in a season and for the league to have parity. Instead, what he had was the dynasties of the 1960's Green Bay Packers, 1970's Pittsburgh Steelers, and so on. Pete felt parity was good for the league. Every team was competitive, had a shot for the playoffs, made all games meaningful. Parity would equate to enormous revenue growth. The reality is that the league experienced exponential growth and prosperity during Rozelle's reign without parity being achieved.


Richard Phillips Dec 26, 2017 12:15 PM

All too often the word equal or equality is thrown about without complete thought. Do we really want equality or parity? Take a look at this definition. "the property of an integer with respect to being odd or even. 3 and 7 have the same parity." A true balance is found when the value, purpose, use, etc. of any person or thing is truly understood. I like to use this example. Do you want a cake made with equality or with parity?



Peripheral (Posted by rainyscherm)

Steven Carlson Expert Dec 24, 2017 8:16 AM

I like your interpretation of events that keep getting put off as being in your peripheral vision. I'm guilty of myself a lot this year; catching up with people, watching that lab video, watching that Netflix series everyone keeps telling me about, installing X beta, starting that exercise routine, and so on. I think I will try your idea sometime, wait, what I meant was "I will start that Netflix series on Wednesday".


Thomas Iannelli Expert Dec 25, 2017 6:03 PM

Just like we experience with our vision things on the the peripheral are not in focus so to the people at the peripheral of your life don't get as much focus. The brain resources used to process the visual input of what is in focus is emblematic of the time spent with those we focus on. It doesn't make those on the edges less important in the world, just less so to you. Things at your peripheral vision are really grey scale, it is just the physics of our vision, and it is our brain that fills in the color. This can happen too with those we don't focus on. We make up the rest of their stories and motives in our minds so it makes sense to us. If we really want to see or know someone we must focus our time and attention on them.


Richard Phillips Dec 26, 2017 12:19 PM

Years ago I read a book called "The Tyranny of the Urgent." This makes me think of periphery - we so often get caught out taking care of the urgent things that the really important ones get neglected. Keeping focused on what is truly important is critical in all of life. It's said that the person that fails to plan, plans to fail and so it is with our day to day vision. Do we come in with a clear focus and plan or do we let our eyes wander and chase things that may or may not be important.



Platform (Posted by srcrossland)

Steven Carlson Expert Dec 25, 2017 9:51 PM

My mind went straight to platform shooters. One of the first computer games I played was Commander Keen and I was immediately hooked. Playing more and more games over the years and learning about computers and their different components, led me to an interest in networking. That then led to network monitoring and SolarWinds. All from that initial spark while playing platform games.


Richard Schroeder Expert Dec 28, 2017 11:01 AM

Back in 1963 my father built a wooden platform that measured four feet by six feet.  He placed it about four feet up in some trees for me, not too far from our new home.  Complete with ladder and railings, it was my tree house / fort / rocket ship / jet / imaginarium.  Some times it was the Flying Sub from Voyage To The Bottom Of The Sea, or even the Seaview itself.  Other times it was Fireball XL-5, or Stingray, or some command tower from which I could control my destiny and the world around me. Reviewing the earlier submissions, I easily see a parallel between that old wooden platform, upon which ideas and imagination were built and subsequently sprang forth, and the solid state virtual "platform" upon which applications are installed to perform their tasks. Where programmers and teams collaborate to build upon the ideas of a single person, so too did my tree house platform promote new ideas in my imagination.  It enabled me to create and share ideas with others in a tree-borne microcosm that was our local "social media" environment.  What started out as a place for sharing ideas with friends and receiving ideas of improvements or praise from them, has grown to be the Thwack environment and the world beyond, where we share ideas and receive input and ideas around the world for improvements. Those childhood habits of creating new ideas and elaborating upon them are how dreams and programs and businesses and organizations are born and grow.  The imagination of an entrepreneur, coupled with guidance and assistance from someone as simple a father willing to "bootstrap" the platform's ideas physically, financially, with thoughts and encouragement, are the ingredients that help make children greater than they were.  This support and these ideas are the building blocks of the Internet and business and society and countries.


Michael Perkins Dec 26, 2017 2:12 PM

Platform - what a word just within IT. We used to have Mac and Windows platforms, Linux and UNIX ones. Lots of OSes were termed platforms. More recently, I hear platform used to describe more categories in the field. There are hardware platforms upon which all sorts of software (say, hypervisors) can stand. VMWare and Azure are platforms upon which can stand plenty of different VMs hosting servers with an array of OSes, virtual routers, switches, and firewalls, and applications running on top of those VMs. We even have Platform as a Service (PaaS) now.



Utility (Posted by silverbacksays Expert)

Jeremy Mayfield Expert Dec 26, 2017 8:56 AM

Utility, the ability to do multiple things well.   Like a utility man in baseball.   Many team have these utility men, they are often not hall of fame quality but to the team they are all the difference.  when you can play multiple positions, and help your team win where ever you are, you are valuable.  being that utility player is something that is important in Tech as well.  We will often be asked to do things we may not be trained for.  We will need to be sure to understand that where ever we are needed we will be expected to perform.   Its our jobs to perform well.   Having good skills and or tools will assist us.   But we can be the utility person, using our best Utility SolarWinds.  We are utility, its a utility.  Honorable mention, Utility Belt from Batman...


Michael Perkins Dec 26, 2017 4:20 PM

The first thing that comes to my mind when seeing the work utility is, well, a utility: a water, power, or gas company. My mind moves on to things that have utility. They are functional: a good belt, a utility knife, a warm coat. Cargo pants might also fit here. A friend of mine would probably add a UtiliKilt. Then there are things that have several functions: a good laptop, smartphone, or PC does quite a bit: shopping, entertainment, home finance. Leatherman and Swiss Army tools. Being an amateur cook, I might add a good chef's knife. I use one for everything from peeling to slicing, chopping, even some fine work. The software world is loaded with utilities. Disk Utilities. Diagnostic software (Wireshark, anyone?) and some little suite called SolarWinds seem pretty useful too. I have to agree with silverbacksays about Custom Properties. They allow a creative admin to extend SolarWinds' abilities in more ways than I can detail here. I do have to say that the most utilitarian thing in learning how to better use SolarWinds is right here: Thwack! Thanks to all my fellow Thwacksters for your time and help.


Bill Eckler Expert Dec 28, 2017 1:09 PM

This reminded me of one of our old Apple][ utilities we used to use in the old 300 baud Hayes days... Dalton's Disk Disintegrator which would break up large apps/games into compressed packs to more easily send over the modem. The good ol' days.  My modem must have ran close to 20 hours a day in the old ASCII Express Pro BBS days.


Initial (Posted by mprobus Expert)

Peter Monaghan, CBCP, SCP, ITIL ver.3 Expert Dec 27, 2017 9:01 AM

This word could not be more timely for me. I am in the midst of chewing on a blog post that has taken me weeks to write as my initial attempt fell well short of the mark. So now I am scrapping huge chunks and doing re-writes. And that leaves me struggling with the reality that the effort won't be worth the final product. That is frustrating. What I have learned from my wife, the artist, is that there is value in a worthy initial attempt. You'll be farther along in the creative process even if you end up scrapping it and starting over. Or if you completely change it so that the final result looks nothing like the initial attempt. The initial attempt is such an important step in the journey...


C Potridge Dec 27, 2017 10:12 AM

I like the statement, "Don’t let your first attempt be your last."  An initial attempt can result in an initial failure, but that doesn't have to define a person, unless you quit trying.


Micah Musick Dec 27, 2017 12:01 PM

I don't know why but this prompt made me think of initiative in D&D. Sometimes when facing a tough tech challenge, I think about rolling initiative to get that initial start on the project. Depending on how much sleep I've had and what mood I'm in I fail that initiative roll something fierce, but I always fight my way back and get rolling one way or another.


Recovery (Posted by jennebarbour Employee)

Mercy K Dec 28, 2017 7:23 AM

To recover takes much effort especially when the norm is comfortable or one sees no hope of a better future ahead. It takes much faith and courage to recover from something one is used to. Before recovery, the lessons learned are tools to aid you in understanding why there was a reason for that experience in the first place.


Peter Monaghan, CBCP, SCP, ITIL ver.3 Expert Dec 28, 2017 10:25 AM

I am a Certified Business Continuity Professional, aka Disaster Recovery. My professional life is preparing for the worst and figuring out how my company would recover. As in life the easiest and quickest path to recovery is preparedness and minimizing the impact of the disaster. The business world has the advantage of usually not having emotions entangled in with it. So it is usually easier to follow the mantra of "...preparedness and minimizing..." So I shall end it with my favorite quote from the Business Continuity Planners world:

          "Everybody has a plan until they get punched in the mouth."  - Mike Tyson


Byron Anderson Expert Dec 28, 2017 11:07 AM

I think we are always in some form of Recovery as it's part of growth.  To make something stronger you tear it apart and let it recover, when it does it recovers stronger than it was before.  This is a continuous process throughout our lives.


Daimon Oberholtzer Dec 28, 2017 2:35 PM

How many steps are there in this recovery program? Are there reboots involved and what downtime can we expect?


Segment (Posted by jennebarbour Employee)

Zack Mutchler Expert Dec 29, 2017 1:31 AM

One thing that kept occurring to me throughout: what about a fundamental shift in how companies see their employees? In the past 4ish years, i’ve had the opportunity to interact with about 500 unique clients/companies. there were 2 lasting impressions from these experiences.

1) the best hotel coffee is at residence inn

2) companies that treat their engineers as worker bees will receive neither

I think it is a standard that companies segment their workforce via org charts. but allowing silos to restrict engineering (and other) skill sets is one of the main complaints i heard over casual lunches with the engineering core. the companies who refused to mold to an evolving workforce were almost always the ones with the least happy employees, in my highly (un)scientific research. This speaks loudly to the shift from being specialists back towards being jack-of-all-trades engineers. we can’t keep putting ourselves into comfy little boxes. to thrive, we need to keep pushing. and our companies need to encourage that growth at a molecular level.


Richard Phillips Dec 29, 2017 7:39 AM

Interesting article. I particularly like:  “Any sufficiently advanced technology is indistinguishable from magic.” As IT professionals we are called upon to make technology transparent and easy to use. Sometimes we get caught out or upset that the end users don't see how difficult this is at times, but those that get it see that we are doing "magic."


Jason Higgins Dec 29, 2017 9:51 AM

People segment things to make it easier to comprehend, remember and categorize. This applies to everything from phone numbers, to data stores on hard drives, and even your closets. If you just mashed everything together without a segmented order to it, finding things and remember them would be next to impossible. Sit back once and take a look at everything you deal with on a daily basis and see how it is laid out and organized. I bet you will start to see a lot more segmentation to it then you realize was happening. Just looking at my desk here at work I can see layers of segmentation going on just with my little area here.



As I mentioned at the start of this post, there are still two days left to go. Check in over the weekend to see what ideas are conjured by the words "Density" and "PostScript", and look for my final wrap-up on the first day of 2018.


Thank you to everyone who has contributed!

I hope everyone had a happy Christmas this week. It snowed on Christmas day here, the first time in maybe 20 years or so where we had enough snowfall that we had to shovel. It's the third white Christmas my kids have seen, and only the second one they remember. It was interesting watching them in the morning, opening gifts as the snow fell. I hope whatever you have planned this week will create happy memories for yourself and others.


I'm on PTO this week and next, but I won't let that get in the way of the weekly Actuator.  As always, here are some links from the Intertubz that I hope will hold your interest. Enjoy!


The Weaponization of Education Data

Since January 2017, K-12 schools experienced almost 300 data breaches. Although schools collect the most personal of data they are the least prepared to protect it.


Data Is Not The New Oil, It's Nuclear Power

"Unless we're willing to bury [data] under metaphorical concrete, we're in for a bad future if we forget how to handle spent data." Brilliant.


Dozens of Companies Are Using Facebook to Exclude Older Workers From Job Ads

"Laws? Where we're going, we don't need to obey the law." - Facebook and Uber


Apple: Yes, we're slowing down older iPhones

As an owner of a few of these phones, I'm not surprised by this in any way. In fact, I thought we already knew this was how Apple did business, so I'm shocked that everyone seems shocked by Capitalism In Action.


Amazon wants a key to your house. I did it, and I regret it

A decent product review for one of the new services Amazon launched this past year. I'm not likely to try Amazon Key anytime soon, but I recognize that it's all part of a larger business strategy. And I also know that Amazon wants to build services that are secure. So, whatever issues they have with v1 of this service will be fixed, I have no doubt.


Crooks Switch From Ransomware to Cryptocurrency Mining

Honestly, I am just disappointed I didn't think of this sooner.


Power Prices Go Negative in Germany, a Positive for Energy Users

And if you need power for mining Bitcoin, Germany has some extra to spare.


The view from my deck this past Christmas morning. An almost perfect snow.

By Joe Kim, SolarWinds EVP, Engineering and Global CTO


Trying to find the root cause of IT problems can sometimes feel like trying to find your way out of a maze. Optimistically turning each corner, hoping to locate the source of the problem, only to find you’ve hit another dead end.


This is particularly the case when managing hybrid IT environments, where the source of the network’s problem could exist in the center of several different mazes, meaning a great deal more searching for a weary government IT professional.


In a hybrid IT environment, network problems could be coming from on-premises, in complex application stacks, or they could be a part of the cloud. Without end-to-end visibility across deployments, IT professionals may think that a network issue is buried too deep in the maze to be found. What is needed is a tool that offers single-pane-of-glass visibility throughout the entire infrastructure, enabling a view straight to the center of the maze.


A bird’s eye view

Taking in everything from virtualization and storage, to cloud and internet providers and users, an IT professional’s view needs to be broad and expansive.


It’s not enough to merely see what’s going on, government IT professionals need to gain insight into data being collected by these resources and sharing it with colleagues. This requires a method that allows IT professionals to compare data types alongside one another to easily identify the root cause of potential issues.


Further light can be shed on slowdowns or outages by laying timelines on top of the information derived from these applications. So, if a non-responding application sends an alert at a certain time, a government IT professional can review the data and look for warning signs around the time that the issue occurred. By sharing these dashboards with their teams, they can then get everyone on the same page and help ensure a quick resolution.


In a cloud environment, dependencies are highly dynamic. Containers can pop up and disappear, and databases can move around, which makes identifying network issues a challenge. The ability to quickly and automatically identify dependencies and events impacting connected resources across on-premises and the cloud can reduce the time it takes to identify these issues.


Future gazing

Government IT professionals should look for solutions that will offer them a glimpse ahead, helping them prepare for future issues. They should also heed the old idiom that says, “Failing to prepare is preparing to fail,” and use predictive analytics to avoid problems before they have a chance to occur.


By collecting and analyzing all of the network and systems data, government IT professionals can better predict when failures may occur and take steps to address problems before they take place. By setting up alerts based on trends, anomalous patterns, and other algorithms, IT professionals can gain insight into an event’s potential impact and be well-informed on how best to react.


Smooth operator

Ensuring a seamless user experience is a top priority for government IT professionals, and as such, keeping the network running smoothly is imperative. By discovering new ways of gaining comprehensive network and system visibility, government IT professionals can easily navigate the maze of increasingly complex hybrid IT environments.


Find the full article on Open Access Government.

There's just a week left and each day is more impressive than the last in terms of the quality of writing, the level of openness, and the creativity of ideas being shared. For those who like metrics (hey, we're all monitoring professionals, who among us DOESN'T like metrics?!?) we're currently going strong with 19,500+ views, over 123 likes/bookmarks, and 1,151 comments.


So just like I did last week as well as the week before, I wanted to share just a few of the hundreds of amazing comments from each days entry. Of course, you can find all the entries here: Word-A-Day  Challenge 2017 .


Backbone (Posted by jennebarbour Employee)

Jeremy Mayfield Expert Dec 16, 2017 2:21 PM

Backbone is something i think of when i look at life and think of where i get strength to keep going, i think of the strength a good spine can give someone to stand.  when damaged well we can see the results easily.  When intact it is the central support to our selves which allows us to move freely, stand strong and climb over our obstacles.   As proven from your story you dont need the backbone to accomplish anything you wish you need the heart to want to do something and the desire to follow through.   In Technology also you can accomplish many thinigs with skills and time, but a good backbone will allow you to more easily maneuver about the systems, monitor for weakness and report on issues with in.  A strong Backbone in the tech world is essential to be a successful business and to have success as a IT pro regardless if that backbone is made of Cisco, HP, or the people around you, or the peer groups you have joined.


L Desrosiers Dec 17, 2017 7:49 AM

IT is the backbone of the company, Unseen and unheard most of the time.


Simeon Castle Dec 18, 2017 6:19 AM

Maybe it's the phrase relating to growing a spine that's created this, but my first thought on the word backbone is to stand up for oneself. To borrow from the (second entry of the) dictionary, the backbone is "the chief support of a system or organization." In an odd way, the two are interlinked; in order to adequately support something (you, your department, your team) you have to sometimes have to take a stand, defend, and support them. I'm a long-time reader of Reddit's TalesFromTechSupport (I recommend it heartily) and sadly, an all-too common theme is one of a breakdown in the relationship between management and employee; where there's a lack of mutual support, and so there's a need for a tale to be told.


Character (Posted by tomiannelli Expert)

Ethan Beach Dec 17, 2017 12:48 PM

Do you need to be a character to succeed? What kind of character? I am in the position of a possible promotion to management and there are two of us going for the same position. I have worked hard and proven myself but I have not been very noticed. I just go to work get my stuff done UN-noticed. It is not in my character to be outgoing and in the spot light. On the other hand the other guy has been very outgoing but has not brought as much to the game as I have. I have the feeling that he has the upper hand on me and is it because of his character?  Do I need to put myself more out there and get noticed more often or will my work do that for me. When I do try I feel uncomfortable and our of character.


Peter Monaghan, CBCP, SCP, ITIL ver.3 Expert Dec 17, 2017 7:45 PM

When discussing character one would be remiss not to remember MLK's poignant quote:

"I have a dream that my four little children will one day live in a nation where they will not be judged by the color of their skin, but by the content of their character."

As a civilized society this is what we strive toward, and how we define equality. In the business world character is valued but abilities/skills are valued more (If you don't believe me consider how we interview candidates). However, equality in the workplace has become a priority over all. So in the real world we can judge a person on their character, but in the business world we often overlook it. Cue the confusion. There are many of us who refuse to comprise their principles just because they are in the business world and instead maintain a strong character throughout.  Those are the ones who can look themselves in the mirror. That is who I want to be.


Olusegun Odejide Dec 18, 2017 7:20 AM

Nearly all men can stand adversity, but if you want to test a man's character, give him power............ Abraham Lincoln


Fragment (Posted by allieeby)

Phillip Collins Dec 18, 2017 8:31 AM

If you think about it, nothing is ever really complete.  Everything we do is just fragments of larger projects.  When planning I always break down my goals into smaller fragments to make them easier to track and obtain.  Our days are full of fragments that make our days complete.  It's how we work with these fragments and not let them fall to the side that makes us who we are.


Simeon Castle Dec 18, 2017 10:20 AM

When I think of the word fragment, the first thing that comes to mind is when I was but a pup and enjoyed running Defragmenter and watching the blocks moving. I know, okay, I don't need you to tell me how bad that is! That was back on Windows 95 or something, it's been a while. The hardware was abysmal (a beige Compaq box my dad bought for £30 from a guy who was clearing out an office) but the experience was magical, and started me down the treacherous path of breaking making computers. It is a fragment of my life, and in and of itself is an experience. As part of the whole of my life, it's now merely represented in my desk coaster, because I've not seen another 1Gb hard drive - or any hard drive with handwriting inside the case - since. At least it's remembered fondly, and I'd hope to be remembered as fondly (if not by using part of my corpse for beverage-holding)


Kevin Small Expert Dec 18, 2017 4:20 PM

What causes a fragment? Dropping a glass? Moving data around on a hard disk? Breaking a promise? There are lots of fragments in our lives...some of our own making.  Think about what is important.

Handle fragile things with care.

Write programs to efficiently use storage.

Honor relationships.


Gateway (Posted by rschroeder Expert)

George S Dec 19, 2017 8:32 AM

A gateway is a portal into something new or different, whether in IT or life. It can act as a transition point to allow or deny access, particularly in IT. Ether way it is a sign that a change is about to happen.


C Potridge Dec 19, 2017 9:55 AM

I love the Marvel reference!  No matter how good your gatekeeper is, vigilance is required to monitor any anomalies on the network that indicate unwanted traffic has slipped past the gatekeeper.


Simeon Castle Dec 19, 2017 11:29 AM

I read this in the morning and came back to it, and I'm not sure what there is to add. Everyone loves a Marvel reference, right? A gateway is in that double-edged role, enabling access for those inside the circle and preventing access from outsiders, with a little help from some other friends... I'm technically in a position to administrate it, but it still limits me, and me peers try and prevent me from accessing it - for good reason, I'm a bit of a 'break-it-and-see' person... But I do have the capacity and, at a push, the responsibility to change it. So simultaneously, I limit it while it limits me.

Yesterday we saw the note on character aspects, and I rather soberly acknowledged that the questions that stood out were the flaws that I disliked the most. I wonder if in a way, we create a gateway of ourselves with our characters to both limit and protect ourselves.



Inheritance (Posted by jennebarbour Employee)

Zack Mutchler Expert Dec 20, 2017 8:42 AM

from a SolarWinds perspective, I would say inheritance is HUGE in our industry. from my time as a consultant/trainer, I would roughly estimate well over 80% of the recipients of professional services and training are admins who inherited their SolarWinds implementation from another admin who left the company and/or neglected their duties as the SolarWinds "guru". It's interesting to see, from the outside, how neglect can ruin an inheritance. I'm sure this echoes in life as well.


Terri Phelps Dec 20, 2017 9:26 AM

I also come from a large family.  Dad is a sarcastic joker (which we have all inherited) and the biggest "fun" between us kids is replacing the current picture in the "Daddy's favorite" picture frame with a picture of our self.  Dad has told me that he loves me best and my inheritance will be his treasured boxes of old Field and Stream magazines.  I'm sure (wink, wink), that he has NOT said this to any of my siblings....


Byron Anderson Expert Dec 20, 2017 10:29 AM

Inheritance can be a double edged sword, you can certainly inherit things you want be it tangible things, valuable things, or knowledge but you can also inherit things you don't want such as debt or bad knowledge that can lead you down the wrong path.  I think it's important that we be mindful of what we are passing down to our children and the next generation.  We want to put them in an even better position than we were in and set them up for success so they can do the same for the next.  Ultimately each generation should be setup to build on the success of the previous creating a continuous improvement process.


Noise (Posted by ams.norman)

Steven Carlson Expert Dec 21, 2017 7:21 AM

I grew up living near a highway but you tune it out so you don't even notice it anymore. When I moved closer to the city for university and work, I lived near a train station. That eventually was also tuned out that you don't notice. On flights, I take a pair of noise cancelling headphones. You don't realise how loud it actually gets until you have a pair. Also helps (slightly) to lessen the jarring of a baby crying or children screaming. I've recently moved away from the city and it is much quieter out here. Not as much traffic, no cars around at night unlike the city, etc.

And obviously in IT, I come across so many customers who have turned on lots of alerts and have a filter moving them all to a "SolarWinds" folder in their email client with the thousands of unread emails. At that point, you've lost the battle. What's the point of having an alert if you're going to ignore the emails?


Mercy K Dec 21, 2017 7:34 AM

This season is almost always synonymous with noise but then, towards the end of the year, you find many people turning down the noise slightly for introspection and afterwards, making plans to be a better version of themselves next year. And on and on the cycle goes.


Olusegun Odejide Dec 22, 2017 8:34 AM

This remind me of signal processing, a major focus is modelling different types of noise and traffic. Rayleigh, Rician, Nakagami, etc. Noise as mentioned by steshi noise can be a good thing sometime.


Object (Posted by Mark Roberts Expert)

Peter Wilson Dec 22, 2017 7:26 AM

Got to love the English language.  I've spent 50+ years learning it and still get caught out.  However, it does make it a lot easier to learn other languages (spoken and programming). Don't read on if you don't like swearing. Reminds me of a great Joey Dunlop statement (the greatest road racing motorcyclist ever).  He had broken down in a race at the Isle of Man TT and was asked what was wrong.  He replied (you will have to work it out because it is all expletives and I have hopefully and appropriately left out some of the letters)  F*** me, the F***ing F***er's F***ing F***ed.  Explained the problem perfectly.  I have it on a T-shirt.


Olusegun Odejide Dec 22, 2017 8:41 AM

The moment a person forms a theory,

his imagination sees in every object
only the traits which favor that theory.
- Thomas Jefferson



Michael Probus Expert Dec 22, 2017 9:46 AM

When I saw the title of today's post, my first thought was which spelling / definition will be used.  I was leaning toward the noun being that the words are IT based, therefore I was thinking programming. We as a society are often judged by the number and value or our objects.  Some seek to obtain such items in order to raise their social status.  Others seek to provide objects to others.  If I am being honest, I would say that I'm in the middle.  I like nice stuff, but I also like giving stuff.  Christmas is one of my favorite times of year as I enjoy the giving more than receiving.

If anyone states otherwise, then I object.  :-D



Of course, that is just the tiniest smattering of comments that caught my eye. Check out the Word-A-Day  Challenge 2017 forum to catch up on the rest. As we head into the final week, be prepared to share your thoughts on Parity, Peripheral, Platform, Utility, Initial, Recovery, Segment, Density, and Postscript!

Filter Blog

By date: By tag: