drink the sweet feeling of the colour zero

Obligatory new job post

Tags: , , ,

While by no means obligatory, it seems as though writing a new post after accepting a life-changing position with a new employer is the socially acceptable means of public broadcasting one’s excitement. This is that post for me.

Most people write their new job posts filled with carefully crafted optimistic phrases designed to express trepidation, subtly seek reassurance, and avoid alienating their new employer. Sometimes these blog posts are filled with details of how the new job will affect them, their family, or their dreams for the future. This isn’t that post for me.

This post is about saying all the things we’re taught not to say. To talk about the things we’re repeatedly told not to talk about. This post is about personal vulnerability. It’s about insecurity. It is also about shameless bragging and self-promotion. I am now a Director of Product Marketing at Juniper. Here is my horn. I am tooting it.

When I was approached about a position at Juniper Networks I thought I was being punked. Juniper is a huge company. They try to hire only the very best, and they have the money to be choosy about it. Juniper doesn’t have to compromise, so what could they possibly want with me?

I don’t have a bunch of letters after my name. I haven’t worked at a bunch of enterprises prior to taking on a position at a fortune 1000 with the word “director” in the title. I didn’t exploit access to some secret old boys’ network. There were no dark rites. The Old Ones were not summoned.

I went through the interview process. I was offered the position, and I accepted it. I packed my bags and headed to the mothership for orientation…and throughout the entire adventure, none of it seemed real.

Is this really happening?

Over and over, I asked myself one question: “is this really happening”? Some context is relevant, and if you’ll stick with me, I promise there’s a relevant story underneath all this navel gazing.

In my experience, one doesn’t get a position with a fancy title at a big company unless you have a fist full of credentials, or have spent a lifetime grinding experience from the low level positions, and making the contacts necessary to get promoted from the ranks. I have done neither, and yet here I am.

It is this gap between experience and reality that is at the root of that nagging question: “is this really happening”? After my first week of orientation at the mothership I do understand why I’m here, and why I have the job I have, but it is the journey towards that understanding that is relevant…and instructive.

Feeling like I don’t fit

I was born in Edmonton, Alberta, Canada. Edmonton is a little scrap of nowhere surrounded by more nowhere in the middle of nowhere. Neither Edmonton nor Alberta are particularly well known as centers for technological or business innovation. Oh, some of our post-secondary institutions have made a bit of a name for themselves in primary research for nanotechnology and biotech, but if we’re being honest about things, Alberta is about primary resource production and extractions. Farms, forestry, mining, oil, and gas.

What’s important to understand here is that the city where I have lived all of my life does not have a culture where ideas are valued. We don’t so much bring new ideas to life as we do implement other people’s ideas. We don’t design the machine that dismantles a mountain to get at the precious bits inside, we are the ones who use it to do that dismantling.

Albertan culture values conformity, hard work, and the willingness to sacrifice work-life balance in a macho display of false unflappability. If your superpowers are the ablity to generate ideas, analyze large quantities of data, or think outside the box, then in Alberta you’re an outsider. You’re “the other”. Thinking, writing, and problem solving aren’t “real work”. Worse, they mean you are likely to think differently from the group, and where I grew up, different is very – very – bad.

Diversity exists

Fortunately for me, the whole world isn’t the bubble I grew up in. There are places out there where ideas are valued. Where being a big data engine in human form is not considered a flaw, but a superpower.

Through a series of unlikely events, I went from being a generic small business systems administrator, to someone who spend enough time talking to Silicon Valley types that I learned how that world worked. Drew Cullen, one of the principals behind Technology trade magazine The Register noticed me posting rather a lot on The Register’s forums. He plucked me from the muck, taught me how to tell stories, and told me that nobody says “whilst” anymore.

And while I owe almost everything I’ve become to Drew’s decision to drag me out of the bubble I grew up in, he’s totally wrong about the whilst thing. (Alternately: I’m bringing it back. Take your pick.)

Drew made me goodly learn the words making. Many others took a chance on me, and gave me other important opportunities to learn. Rich Pappas, in particular, became a mentor to me, teaching and guiding me. Far more importantly, he would regularly tell me ween I was full of [insert poop emjoi here].

I went from sysadmin to writer. From writer to independent analyst and marketing consultant. And from there to something with “director” in the title; a title that brings with it all those introspective questions that always end in “is this really happening”.

The truth is that I did not teleport into this position. I got here day by day, month by month, and year by year. I learned the ropes the hard way. I failed. I succeeded. And I became deeply, irretrievably embedded in a new culture: one where new ideas are cherished, where analytical abilities are prized, and where out-of-the-box thinking can earn you positions with fancy words in the title.

Insider, outsider, imposter, bingo!

I could write a lot here about the wild emotional swings between triumph, pride, and schadenfreude on the one side, and a deeply humbling sense of impostor syndrome on the other. Had you asked me what my “I’ve got a new job” blog post would be about a week ago, that’s what I would have chosen as a topic.

The thing of it is, my trip to the mothership has me realize that I’m not an imposter. I’ve earned my stripes. I’ve put in my time. From call centers and helpdesk positions, all the way through to writing whitepapers and ebooks tens of thousands of words long. I’ve learned the lingo, played with the bleeding edge emerging technologies, and held my own in discussions about data center design and marketing strategy with some of the best in the business.

I’m proud of that.  ANd just like anyone else who has managed to level up their career in a significant way, I want to strut and preen my feathers. In your face, everyone who’s ever bullied me! Have at you, I bite my thumb at thee, and something in Klingon.

My ego, whilst (have at you!) enjoying its moment in the sun, isn’t actually important. Being recognized for my talents feels good, but I am also painfully aware that I made a crazy amount of mistakes along the way.

That’s the interesting part of this all. I am not special, and yet I got to where I am. I was the bullied, not the bully, and yet I found a place where I belong. There is a niche where people who understand technology and can tell stories are considered valuable. A square hole for a square peg like me.

In other words, it doesn’t matter how much you doubt yourself, or how horrible people were to you because you didn’t fit in: there really is a place for everyone. Though, it can take an exhausting amount of work to find it.

Never underestimate your power to enable others

Drew and Rich may be the two people I call out as being primarily responsible for my personal success, but the reality is far more complicated than that. There have been dozens of people over the years who have been vital to my success.

Many of these individuals are people I have met through conferences, PR gigs by vendors, and at clients that have commissioned writing through my content marketing company, eGeek. The online systems administrations communities have also introduced me to many supportive individuals, with the VMware vExpert community in particular have introduced me to people I sincerely hope will remain lifelong friends.

The dozens of people responsible for my success have encouraged me. They have educated me. They have called me out on my errors, celebrated my successes, consoled me through my tragedies, and generally been decent human beings.

The support of others – their knowledge, their emotional backing, standing up for me when I was bullied, and kicking me when I myself wronged others – all of it made me who I am. Their support was more than kindness or emotional support; their skills complimented me by providing in my life what I could not.

None of us are islands. We are all interdependent on one another. As I mentor other tech nerds into becoming junior writers, I aim to bear my own journey in mind, and retain some semblance of humility. As I write this, I hope I inspire even one person to try mentoring others themselves.


With my new job, my life has changed, but it’s not that change – nor even anything about my life – that is what’s important. What’s important about this new job is that it symbolizes two things. It doesn’t matter how much we feel like a broken toy, there’s a place for everyone. But we don’t make it to where we belong alone, so if you can help others level up at any point in your journey, take the time to pay what others have done for you forward.

If the people around you tell you that you are strange and weird, and that you’re not going to amount to anything, then you’re surrounded by the wrong people. Good luck to you all.

BYOD: Manage the band, not the box

Tags: , , , , , ,

I have recently been involved in an interesting debate focused on the concept of “Bring your own device” computing.  I argue that no company will go out of business implementing BYOD, while others argue strenuously against the entire concept excepting under very narrowly limited circumstances.

Previous iterations of the argument focused on the costs of BYOD (is it cheaper?) the security (isn’t BYOD a security threat?) demand from end users and/or resistance from IT.

I make the argument in the latter case that there are enough unemployed IT guys out there right now that resistance from IT is functionally irrelevant.  IT operations staffs are functionally disposable; there are so many of us that for every one you fire a dozen more are willing to step into the position.  That varies by region, but I feel that on a global scale this is largely accurate.

IT staffing deficiencies are largely in development, Big Data, niche virtualisation deployments, Metal as a Service (MaaS) or in specialisations such as CCIEs, high-end storage and so forth.  Sysadmins are a dime a dozen, and this is a fundamental premise to be borne in mind when reading the below.

BYOD policy MAY be more expensive, but this is not guaranteed.  There are many high profile examples of successful deployments.  (Intel and Google spring to mind.)  Thus when the business side of the company comes to IT and says “make it happen,” they know it’s possible.  The question is “do your extant IT staff have the skill to pull it off properly?”

If they don’t, you fire them and you get new IT staff.

Think Small

Most businesses are small and medium enterprises.  They aren’t running 1000 seats and they don’t need their data screwed down tighter than Fort Knox.  In fact, on the lower end of the SME side of life, the time has come for them to bid adieu to their IT departments altogether.  They can have IT delivered to them as a service cheaper and more securely than they are getting it now.

One argument against BYOD is that “you must open up more information to the internet.”  I’m going to call bollocks here.  Done even halfway competently, BYOD allows you tighter control of your information than most businesses currently have.

Let’s consider the average SME today.  The average SME today has one (maybe two) overworked sysadmins.  When they are not trying to prop up the ancient servers, they are rebuilding (again) some desktop or stuck on some support call with a twit who can’t remember that “clicking” and “double clicking” are different.

These companies exist in an environment where half the company runs as local administrators because – despite their warnings against these behaviours by IT – alternative methods are simply less convenient.  SMEs are companies where the IT is in nearly every case not “proper” to begin with.  They aren’t set up by whitepaper and they aren’t managed and locked down like a fortune 500 company.

There are orders of magnitude more of these companies than there are organisation who are “doing it right” today.

Let’s centralise that

So what does a BYOD with VDI and SaaS approach bring?  Well, first off it allows you to put everything in a single location.  No information arriving or departing by USB stick, CD, DVD or other physical manner.  The endpoints don’t get to talk to the core network unless they are locked down.  Everything else comes through an RDP session.

I’ve been running VDI on dozens of SMEs since 2005, and in all but one case, I haven’t had a single person notice that they can’t move files off the network (except through the internet) yet!  They just don’t care.  Everything they’d want to do with those files they can; through RDP.  (Yes, we block RDP file transfer, USB pass-through, etc.)

AHA, you say!  A weakness in his argument!  They can move files around using the internets!  The internets are scary and filled with lolcats!  We must prevent this at all costs!

Bah, I say.  This is what IDSes are for.  Have you met Palo Alto networks?  (http://www.paloaltonetworks.com/index.php).  They have IDS/IDP systems that wreck everything everyone else can bring to bear in this space.  Dirt cheap, application aware, simple to configure.  Even my precious Linux boxen configured as network-sniffing IDS/IPS systems simply can’t compete.

Suddenly, I can manage the band instead of the box.  Sure, you can move information off the network using the internet, but I can monitor and restrict it with an appliance.  A simple plug-and-play appliance that a twelve year old could manage.  Here is a great example of the commoditisation of IT.  What 10 years ago was deep voodoo now comes in a nice pre-canned box that simply does the thing for you.

So now we’ve got a great big ball of everything living in the datacenter, maybe with a few select SaaSy apps on the web.  It all goes through an awesome IDS/IPS which allows me to filter it, and I even work with my SaaS providers to ensure that our instances of the SaaSy applications have logins restricted to selected IPs.

The only way you are getting information off of this network is to take a photograph of someone’s screen while they are RDPed in.  If you are honestly concerned about this; if this is a legitimate security threat to you, then you are either dangerously paranoid, or you work in the kind of organisation that has enough qualified and competent IT personnel that you should be talking to them about this topic instead of reading my blog.  (Suffice it to say that even this risk is one that can be mitigated using any of a number of different technologies.)  This is a realm of infosec paranoia that is simply out of scope of this post.

I want my computer, and my data too!

The inevitable argument is “well, that’s not true BYOD!  In a real BYOD environment, people can use files on their computers!”

Quite right.

But that’s where BYOD gives awesome options.  Most people don’t need this, so they can (and will) use RDP.  If you want to do things local to your system, then you have to accept some restrictions.  Management software has to be put on your PC, and it will restrict what you are able to do.  Mobile Device Management for the cell phones and tablets, Puppet for  Macs and Linux boxen and Active Directory join for my Windows boxes.

The choice is up to the end user.  BYOD and third-party management software has allowed me to provide greater security than I would otherwise be allowed to provide by the business owners under a more traditional model.  Why?  Because BYOD gets the convenience part of the security/convenience equation right.

The argument that BYOD is usually/probably “bad” is rooted in several assumptions that just don’t hold true for the vast majority of the world.  The first: that BYOD is being implemented in an environment that is properly setup already.  This is almost never the case.  The second, that IT has the kind of pull within an organisation that they can set things up properly and manage by fiat and edict.  Again; when are you from, 2000?

Circle the wagons

In these organisations, BYOD is probably not a consideration.  IT still has their little empire, and they will viciously and vociferously defend it against all comers.  Here, we have the talent and knowledge to pull off BYOD properly if they so choose, but they won’t if they can possibly avoid it.

And frankly, who cares?  These companies have something that works, proper security…they just don’t get any real benefit from BYOD beyond staff retention and a modification of CAPEX as a line item.  BYOD will cost them more than their current setup if for no other reason that you will have to cram it down the throats of IT.

In such a scenario, IT will make the entire project as miserable as possible, most going to far as to actively sabotage it.  Unless the company is willing to functionally jettison their entire IT department (some have) in order to see the project through – and thus changing how IT is delivered across the company – BYOD holds no value.

Fine, cool.  Wunderbar.  We have proven that BYOD is not a magic solution for all companies in all cases.  Who has ever claimed that it was?

My previous arguments on this topic have argued – quite simply – that no company is going to go out of business for deploying it.  SMEs either have or they don’t have the talent to deploy this.  If they do have, then their guys will probably jump all over it as a chance to (finally) do some real security in the enterprise.  If they don’t, then they will bring in consultants/contractors – myself, say – who know this stuff cold and deliver the transition as a proper service.

If the company is large enough (and with a well enough set up extant IT apparatus) that the benefits of BYOD are marginal to begin with, then they already have the IT guys who are fully capable of pulling this off properly and securely, should they choose to do so.

BYOD is not a risk.  It isn’t a security threat.  It isn’t a disaster waiting to happen and it isn’t automatically – or even in most cases – a negative approach to computing.  Quite the opposite, for the vast majority of organisations it provides the opportunity to significantly simplify their IT delivery.

BYOD offers the chance to properly secure the IT of these organisations; what’s more, it offers the chance to do both in a convenient way that won’t see the sort of end user and management push-back that results in insecure IT in the first place.

Just who are you, really?  And why are you here?

More interesting to me are those organisations that steadfastly and ardently resist BYOD.  What else are they resisting?  How “integrated into the needs of the business” are these fiefdoms of nerdly hegemony?

Are they organisations that practice DevOps?  Or are they siloed, each department peering over the rafters with a suspicious eye at the next, carefully protecting their budgets?  Are these departments agile?  Capable of adapting rapidly to changing demands?  Or are they rigid, inflexible, with a well established “change request system” whose primary function is to prevent change through the implementation of excess bureaucracy?

Are these IT departments that care about the good of the company, or is “them” separate from “us?”  Are they providing optimal service to the business with their extant systems, or are they an anchor that has to be tugged at any time change needs to occur?

In my personal experience, IT departments that are most integrated with the needs of the businesses are ones that were doing DevOps before DevOps had a name.  They are ones where the head sysadmin isn’t just a sysadmin, but is in fact a full participant of the business-side meetings.  IT in these organisations helps plan company strategy and has the corporate security clearance to know what’s coming down the pipe.  This close integration allows IT to plan to meet business needs not just now, but 6 months, a year, 5 years from now.

IT delivery in these agile organisations is shaped not against a whitepaper, or to protect someone’s job…but to meet the exacting and specific requirements of the business in the most efficient possible way.  IT here isn’t a department, and they aren’t a “cost center.”  They aren’t a silo or an empire.  They are part of the team.  They work hard to make the business perform, and they are rewarded accordingly.

IT in these agile organisations isn’t really “IT” at all.  They aren’t grunts twiddling with boxes and networks, they are fully fledged members of the management hierarchy.  The IT services they provide are generally either off-the-shelf pre-canned appliances, provided by contracts that the internal IT department project managed, or are customer in-house solutions developed and maintained in a DevOps style.

Also in my experience, the larger the company gets, the LESS likely it is that this sort of agility and business-line integration exists within the IT department.  And again, also in my experience, the IT departments that have this level of integration with the business would read this post and laugh their asses off.

They’d laugh because they went BYOD before BYOD had a name.  These sorts of integrated, agile IT departments didn’t implement BYOD to jump on a trend.  They implemented BYOD so they could get out of the businesses of playing nursemaid to endpoints and focus on the business of growing the business itself.

On the relevance of Social Media.

Tags: , , , ,

This post is in response to comments made on The Register regarding one of my recent articles.  I’ve had to post it here as the character limit on The Register is 2000.

While yes, the opinions expressed in my Sysadmin Blog on The Register are my own, I would be willing to make the statement that on the topic in question (the rise of Social Media) they are indeed quite informed.

First: let’s admit that there does not exist primary science that conclusively and definitively pegs the exact % of our population for whom $social_media_site has become “the lens through which they view all content on the internet.”  I would go so far as to say that this is A) an impossibility and B) functionally irrelevant.  The % will be under constant flux as the habits of individuals (and groups) change.

But there are a number of studies that have been conducted so far that hint at this, and the reality of it is considered “common knowledge” amongst a certain brand of IPM nerd. The proof will out when the science is done, but studies to really refine the error bars around the exact % of users for whom this is true are only now getting underway.

One person you could talk to about this is Scott Galloway, professor at NYU School of Business. He is considered one of the more notable “digital strategy” experts. Consider also the numerous studies being done showing how little email is being used by “da yoof,” with Facebook rapidly slotting into the role that email once filled. (Many argue that Twitter is slotting into the role that Google once filled.)

Dr. Michael Fenichel – amongst many, many others – has done a great deal of hard, primary research into Facebook/Social Media/Internet usage.  Indeed, their research has convinced them that Facebook/Internet Addiction Disorder is a very real phenomenon, and should be added to the DSM V.

Beyond that, there are numerous industry studies that have noted – and then explored in depth – the reality of “$social_media_site has become the internet for X segment of the population.”  These are studies performed not by organisations who would benefit from Facbook/Twitter/etc. becoming a vehicle for advertising, but rather by organisations who have a driving need to know exactly how people shop, how they do product research and what influences their decisions.

Starting in 2007 we have a report from private equity firm Veronis Suhler Stevenson and PQ Media.  They note that for the first time in decades, 2007 saw people spend less time on traditional media and more time on the internet.  The study also noted a huge uptick in advertiser spending online as well as consumer online purchasing.  They predicted that by 2011, the Internet would be the largest advertising medium.

They were right.

In the intervening years, hundreds of studies have been run on the topic.  In 2009, we have a study from the Retail Advertising and Marketing Association (via BIGresearch).  They concluded – amongst other things – that moms (women with children younger than 18) spend way more time on social media than anyone else.  They also use social media for product research, trusting peer opinion above all other review methodologies.

Pew research in 2010 concluded that 58% of all Americans have done research for products online, numbers that start to get a lot larger as you adjust to look at the critical 18-32 age bracket.  While there was no social media component to this study, the thing that got everyone’s attention was the fact that internet users in higher-income brackets do significantly more online research than those in lower income brackets.

In September 2011, Nielsen released a report saying that social media (in which they include blogs) account for nearly 25% of all time spent online.  That’s more than double the amount of time spent in online games.  3/4 of all internet users participate in social media.

Critically, 60% of people with “three or more digital means of research for product purchases” discovered retailers or brands from a social networking site.  According to the same study, Americans spend significantly more time on Facebook – 53.5% – than any other site.

Again, these are merelly sample studies I am discussing.  There are hundreds of studies – and a lot of primary science – that cover this area of discussion.  These should give you some starting points.  An idea of how modern marketing folk got to the belief that social media is in fact an important outlet for brand recognition and advertising in today’s world.

Suffice it to say that the most critical demographic – 18 to 32 year olds – are strongly influenced by social media.  So much so that they skew the statistics for “all internet users” towards the realm of “depressing amounts of time spent on Facebook.”

That “the internet” is for some – indeed for an increasing number – Facebook, Twitter, Reddit or so forth is not merely “my opinion.” It is the considered opinion of several experts in the area; I have merely taken notice. More importantly; this trend is increasing.

These social media websites are now the lens through which an ever increasing % of our population absorb their daily dose of internets.

Linux Routers Gone Wild (Introduction)

Tags: , , , , ,

I have recently embarked upon a difficult professional journey.  The larger part of this journey is in fact an attempt to secure my network and slowly, inexorably retire as much Microsoft software from service as possible.  The reasons for this lie largely in the complexity of Microsoft licensing; I am often beset by so many IT projects that it is honestly a nightmare attempting to comprehend the plethora of licensing options and caveats.  Trying to make sure our company remains in compliance is itself almost a full time job.

The solution to this is simple: cut back on as much Microsoft software as is humanely possible.  There are naturally some fairly enormous barriers to this concept.  The first being that there is simply no way we are (ever) going to be able to ditch Microsoft on the desktop.  There is simply too much industry-specific software we are totally reliant on for this to be anything but a midsummer night’s dream.  To manage these desktops, I need a directory and something that will handle group policy like templates.  After much searching and pondering the simple reality is that Microsoft’s Active Directory is the best bang for my buck in this department, and so there is no reason to abandon it.  (I should state for the record however that Novell’s offerings an unbelievably close second.)

The second obstacle is not a hardware or software limitation, but rather one of wetware.  The wetware, (which will remain nameless,) ultimately responsible for accepting or rejecting my various schemes and proposals consists of two units.  The first unit is logical, rational and driven by nothing more than sounds business rationale.  If you can make a solid business case for something, one of the two decision making wetware units will be easily won over.  Unfortunately, this wetware unit has exceptionally limited IT knowledge; when my recommendations clash with those of the second decision making wetware unit, issues can arise.

The second decision making unit in question is rather less approachable than the first.  Though remarkably intelligent, this unit remains deeply wedded to all things Microsoft and has what I consider to be an incredibly dangerous fascination with whatever happens to be the newest technology of the day.  As a born and bred technology geek, I truly understand the “gee whiz” factor shiny new kit can bring.  As someone who goes to work a loyal company man and puts aside everything except my job, I can’t and won’t let my employer risk the business on untested or questionable gear.  (Let several someone elses walk through that minefield first.)

The wetware obstacles to reducing the corporate Microsoft overhead, (and with it the licensing burdens) are thusly formidable.  An unfortunate amount of my job has devolved into simply playing the politics necessary to be allowed to implement the right solutions for our requirements and budget.  In many cases I actually have to purchase and implement first, and then inform people of it later if I feel it corporately critical that a project be accomplished without being tied up with internal political infighting and negotiations for six to eight months.

This year I am removing Microsoft’s Internet and Security Acceleration (ISA) Server from my organisation.  Like the use of LAMP webservers, LACS e-mail sanitisation servers and the slow introduction of Linux fileserver, this is the story of nibbling at the edges of a Microsoft network with tactical implementations of Linux systems.

© 2009 drink the sweet feeling of the colour zero. All Rights Reserved.

This blog is powered by the Wordpress platform and beach rentals.