Thursday, September 14, 2017

Invest in a Partner Who Will Invest in You

This post is part 3 of a 5 part series I wrote for Internetwork Engineering in 2017.  The original can be found here:

“Invest” is an interesting word. It implies you’re putting something of value to work and you expect a return, in addition to the initial value. This perfectly describes a client-partner relationship that is a two-way street. A customer expects that their investment will return a stable and dependable IT environment that isn’t a burden to manage and works to achieve the business’s goals.
A partner expects that their investment will return the opportunity to sell, install, and service technology that achieves your business’s goals. When both parties invest fully it becomes the ultimate win/win with the principal investments from both parties being time and trust. In this post, I’ll explore two ways to know if you're investing in the right partnership. First, they’ll invest their time to achieve the desired returns for their customers and themselves, and second, they’ll be dedicated to building trust.

A good partner will invest in a dedicated presales engineering team to work with you, at no cost. These are seasoned engineers who’ve spent years in the trenches building and managing IT environments. They’ve been there during crashes, 2 AM cutovers, data center moves, and everything else your staff experiences on a regular basis. They’ll have the highest professional certifications, years of design experience, and a seemingly intuitive understanding of what makes IT work. The sole purpose for the partner presales engineering team’s existence is to help your team achieve their goals.

If a presales engineer is dedicated to the technical side of your organization, the natural complement is a dedicated and experienced account manager. An account manager is more than a salesman, they’re a partner who understands your business, is responsive, accountable, and available. They work with multiple members of your team and coordinate engineering and consulting resources, is involved in daily projects, opex vs. capex conversations, and assists with 3-5-year budget plans and project justification documentation. When things start to go sideways, your partner account manager, the accessible and familiar face, is an easy first call. Their experience and resources are at your disposal to successfully complete a project or put out a fire quickly and efficiently.

The two together, your account manager and presales engineer, form your partner account team and they understand that for you to succeed, you must stay on top of emerging technologies. This includes new technologies and major code revisions of your existing investments. Partner teams are generally aware of these innovations before the public knows what they mean to your business. Whether through regularly scheduled technology updates, impromptu meetings, or a friendly email, a partner team member will work to keep you abreast of what’s new and why it’s important, whether it involves a sale or not. This dedication is an investment that builds trust between your organization and your partner which can yield valuable results if established and nurtured by both parties.

As you can see, a partner will spend a great deal of energy ensuring they’re in the best possibly position to help you succeed through time and building trust. As we said at the beginning, a client-partner relationship is a two-way street with both parties investing for a mutually beneficial return. It’s important for your organization’s success to ask yourself a few questions:

  • How much time and energy are you willing to invest so that they can help you succeed?
  • Do you include them in your annual budgeting process?
  • Are they invited to strategy sessions?
  • Do you reach out when business goals change?
  • Are they as aware of what is happening to your business as you are?

Each one of these questions you can answer “yes” to brings you closer to achieving the full benefit of working with a trusted partner.  This is the third in a five-part series dedicated to helping companies identify true partners and understand the advantages of working with them. Continue reading the next post, “Partners Protect Your Investment, Vendors Protect Theirs” to understand more of the returns you can count on by working with a committed partner. Again, if you missed the first post in this series, you can read it here, “Why Working with a Partner Beats Buying from a Vendor Any Day.”

Sunday, June 11, 2017

Top 3 Ways a Partner Understands Your Industry Better than a Vendor

This post is part 2 of a 5 part series I wrote for Internetwork Engineering in 2017.  The original can be found here:

Some of the best years of my career were spent working for a non-profit student loan organization: a great company with great people. The problem with this type of company is that there is generally only one per state. Even though we didn’t compete, communication between companies was limited and there was no visibility into the industry from an IT perspective.

How were the other forty-nine student loan organizations organized? What were their priorities? What was working and what wasn’t? How were they adapting to new laws and regulations? I was isolated and on my own. You may feel that isolation from time to time, but remember you’re not as alone as you think. A good partner – one that’s well versed in your industry – can provide you with much of the direction you seek without violating anyone’s NDAs.

Being in the trenches day in and day out, you come to know your business better than some people know their own children. That rarely leaves time to follow industry trends, research emerging technologies and contemplate how they fulfill your mission. In my last post, I took the time to outline why working with a partner beats buying from a vendor, and now I’d like to share the top three ways partners understand your industry better than a vendor.

Experience with Similar Customers
A good partner works with numerous companies in your industry. While you spend your days putting out fires, partners spend theirs working side-by-side with hundreds of customers, discussing their environments, contemplating their challenges, applauding their successes and designing their futures. How valuable would it be to have a partner engineer standing at your whiteboard who understands your industry, your business, your technology, and has the experience of countless IT departments in your space?

Preparation for Industry Shifts
The Greek philosopher Heraclitus said, “the only constant is change.” Industry shifts can happen rapidly and nobody wants to be a footnote in the history of their industry. IT must be able to quickly and efficiently adapt to these changing tides. Chances are your IT department isn’t the first one to navigate new and changing waters. It is likely that a good partner saw these changes coming, prepared for them, and has navigated others through choppy waters already. Make use of this experience, it may just become your competitive advantage.

Cross-Industry Innovation
Another potential competitive advantage comes from cross-industry innovation. Back in the 1930s, a soap manufacturer invented a unique clay compound to clean coal residue from wallpaper. It did a fine job, and no doubt cleaned lots of wallpaper. However, twenty years later a preschool teacher saw another use for the cleaning compound – a modeling clay for children – and a new business was born.

It’s been sixty-five years since then and nearly every American has played with Play-Doh. It succeeded because someone recognized how to use it a little differently in their own industry. Partners sit at that crossroads between industries. They don’t just work with dozens of companies in your industry, they work with numerous companies in many industries. If you’ll allow them, they can use that cross-industry experience to help your company innovate and lead.

Experience within the same industry, preparation for industry shifts and cross-industry innovation are only three of the many ways working with a strategic partner beats playing vendor games. This is the second in a five-part series dedicated to helping companies identify true partners and understand the advantages of working with them. Continue reading the next post, “Invest in a Partner Who Will Invest in You” to understand more of the returns you can count on by working with a committed partner. Again, if you missed the first post in this series, you can read it here, “Why Working with a Partner Beats Buying from a Vendor Any Day.”

Why Working with a Partner Beats Buying from a Vendor (Part I)

This post is part 1 of a 5 part series I wrote for Internetwork Engineering in 2017.  The original can be found here:  

2017 marks my twentieth year in the IT field and fifth working in the reseller space. I feel like I’ve seen it all, but one thing that seems constant regardless of the organization is the struggle to reconcile the relationship between vendors and the business. I think I’ve heard every theory and strategy out there. Some want a different vendor for each architecture: the different eggs in different baskets theory. Some take every purchase as a challenge to get an ever-cheaper price: the pit them against each other theory. While others go with my personal favorite, “I like to spread it around:” the I want everyone to like me and get an equal cut of my budget theory.

The problem with each of these is that they’re based on a narrow view of the IT/vendor relationship. Many are born out of fear and an assumption the vendor is going to take advantage of them at every opportunity -- and some do. This creates an us versus themrelationship and deprives the business of a great number of benefits offered by the us with themrelationship. It’s the difference between being partners in your business’s success, or being perceived as opponents. Let’s take a step back, put down the swords, and consider what advantages a close relationship with a partner can provide your business.

To truly understand the advantages, we need to recognize the difference in working with just another vendor and working with a partner. Identifying a vendor is easy, and everybody knows several. Their primary concern is selling you whatever it is they, or you, think you need at that moment. It’s a point-in-time transaction, and the relationship only exists to ensure the next one. There’s only a cursory concern for the wellbeing of your business, if there is any at all. They’re often nothing more than a low-price leader whose only purpose to you is conveying goods from the manufacturer to your door. Their value is minimal and they are easily replaced.

Partnership, however, means the alignment of the partner’s goals with your business’s goals. A true partner has only one goal: to work with you to increase your profitability and decrease your costs while easing IT’s administrative burdens and helping IT succeed in their mission. It may sound too good to be true, but it isn’t; there are organizations founded on this principle.

Their purchase recommendations only take into consideration the needs of the business. Their engineering and sales teams understand both your business’s purpose and the mission of the IT department. Their focus is the long-term relationship, not the immediate transaction. They don’t sacrifice your welfare for theirs. They understand that when you succeed and thrive, so will they. Most importantly, they become part of your team.

If you haven’t experienced working with a partner before, differentiating between vendor and partner during your introductory meeting can be challenging. Knowing what to expect can make this easier. For more on why working with a partner beats buying from a vendor, continue reading part two of this five-part series, called “Partners Know Your Industry” to understand how you can benefit by working with partners who serve numerous businesses in your industry.

Monday, February 29, 2016

Spam? Seriously? Web Beacons and Why to Hate Them

It looks like the default behavior on my mac was to allow pictures from my contacts but block everyone else.  I can tell you, is NOT in my contact list.  So why did the pictures in that email show up?  And, more importantly, why has an occasional spam email with a picture in it become a deluge of them over the last several months? virtually never got spam email in Outlook on my windows laptop.  NEVER.  Having switched to a Mac in the latter part of 2015 I find that I now get a MASSIVE amount of spam, at least 6-10 per day that the spam filters don't catch.  At first I blamed the spam filter for not catching all these new spam emails.  Turns out, I should have blamed the Mac, or rather, Outlook on Mac.

To answer the first questions regarding why that picture still showed up even though that email address isn't in my contacts, I don't know.  All I can say is, "it's a Mac thing".  The solution, however, is to disable all pictures from downloading unless you click on a button within the preview screen to allow them.  I've tested and verified this solution works.

More importantly, not disabling them from the beginning has led to an increase of spam.  Why?  It turns out that spammers are pretty smart.  The picture included in your email isn't a generic picture that anyone can look at.  It was crafted and named just for you.  What this mean is that a typical picture on the internet of some wrinkly old man might be called Wrinkles.jpg and anyone with the link could view it.  The down side is that spammers can't tell who has looked at it.  So, they customized the file with a name that is linked, in their database, to your email address and only you (having received the email) can view it.  Wrinkles.jpg becomes slsdifsfno23844t2lsnndfgWrinkles.jpg.  Honestly, how many people are going to go view a file with that name?  Nobody.  Except you, because you're the only one that has it showing in in their email.  Once their servers log that someone looked at slsdifsfno23844t2lsnndfgWrinkles.jpg they know that the email address that custom named file was sent to is valid.  They know someone is home. result is that your email address gets added to a long list of other addresses that they have confirmed as valid and that list gets sold to every spammer on the internet.  Every piece of spam that comes to you after that, which includes a picture, reconfirms that you're email address is still valid and you're on a virtually never ending Tilt-A-Whirl of spam.

The solution is to turn off all images in Outlook.  Once they can no longer confirm that your address is still valid you will begin to fall off the spam lists.  They all have different lengths they'll wait to see if you come back, but eventually you'll no longer be on the lists that are sold around the internet.  The only spam you'll get will be from groups who rarely if ever update their lists.  Oh yeah, and any new lists you unknowingly submit your name to (but that's a different story).

Sunday, October 11, 2015

Technology Misstep Doesn't Mean Failure

     As I start to write this post I'm reminded of an experience with a previous employer.  I walked into the data-center a few weeks after starting work and noticed a huge stack of Cisco boxes hidden in a corner.  I assumed these were new C-series UCS servers, however, discovered that the boxes belonged to a number of NAC appliances.  I was responsible for networking and security and didn't recall anyone telling me about NAC when I was hired.  I logged into a couple switches and didn't see anything indicating NAC was in the network.  Asking around I finally found someone who knew something but would only smile and say, "follow me".
     We walked down the hall and found, pushed to the back of the top shelf of a rack in a storage closet, were six NAC appliances in all their glory.  They obviously weren't being used.  A little more digging and I came to understand that the project had been mothballed.  Why?  Why spend tens of thousands of dollars on a solution just to stuff it into a storage closet?  The answer is that it didn't fit within the strategic vision of the company and the initial implementation plan didn't fit within the current security policies.  Could it be resurrected?  No.  Could we get our money back?  No.  Why was it still here?  Depreciation.
     Sometimes we make a misstep in selecting a piece of technology.  Sometimes we make a misstep in how we initiate technology project (and consequently they fail).  And sometimes the vendor makes a misstep when releasing technology.  A university I work with recently bought Cisco's new ASA CX Next-Gen firewall module.  If you followed the link you saw that it is already End of Sale.  It seems like it was on the market for, oh, about 3 weeks when they bought Sourcefire and put CX in their taillights.  It happens.  As IT professionals we are attempting to find a technology based solution to meet business needs with the ultimate goal of saving or earning more money for our business.  Sometimes they don't mesh as well as we'd hoped.  But what do you do to turn a failure into merely a misstep?

  1. Can the project, or the technology, be modified for little cost to meet the original goals?
    • Possibly you bought, or were recommended, the wrong model switch or access points.  Possibly you misunderstood a particular feature.  Either way, you may be able to simply add a license, change out a piece of hardware, or enhance it in some way to meet most of your original goal.
  2. Can the technology purchased be used for some other purpose that still benefits the business or organization?
    • Buying the wrong solution isn't always a complete loss.  Few of us work in environments where everything is as new and shiny as we'd like it.  If you bought the wrong model server with not enough RAM or too few processors there is no doubt there is another place in your environment where it would be welcomed.  Planning a large switch roll-out for your primary site and then finding out it can have 0 downtime means those switches get moved out to remote sites and they get upgraded a year or two sooner than planned.
  3. Can the technology be used in a way other than you initially intended?
    • You were planning on using your new Nexus 7000 switches to upgrade your core and replace your EOL FCoE switch but discovered during implementation that the storage team actually meant pure FC (Fiber Channel) and not the FCoE (Fiber Channel over Ethernet) they previously stated.  What now?  Still replace the core and add a small Nexus 5000 switch for the FC access and uplink to the Nexus 7000  with vPCs.  You'll add more redundancy and higher throughput.
      Rarely is a technology misstep a complete loss.  The university's primary goal was to block gaming traffic and filter advertisements.  They're successfully doing that, and plan on moving to Cisco's FirePOWER on ASA in the next budget year or two to take advantage of additional features.  Even those NAC appliances didn't spend the rest of their life in that storage closet.  We pulled them out, wiped their hard drives and re-purposed them as logging servers for our network gear.  Yeah, they were expensive logging servers, but they weren't a complete loss.  Get creative and be flexible and your technology misstep won't become the project failure you're afraid it might.

Monday, June 8, 2015

Sheet Rock Dust

I spent a couple days last week working with a customer who abruptly lost their CIO and is looking for direction.  When that happens one of the things I like to look at, which gives me a good idea of what kind of IT department he ran and what I can expect going forward,
is the data center. It doesn't happen often, but I was taken aback by what I encountered.  I don't dare show all the pics I took, but the two in this post are of hardware covered in sheet rock dust.

There was construction in the building over the past several months and nobody bothered to seal off the drop ceiling or door to the data center.  As you might imagine all that dust was sucked in thru the servers, thru the network gear, and thru the AC unit.  The AC unit got so bad that at one point it failed and shut down due to back pressure from clogged filters.  The temperature spike may have caused a number of servers to fail as well.  When I saw it several weeks had passed since the AC unit had been restored and yet no effort had been made to clean the data center.

To prevent the coating of dust from overheating the systems, every piece of equipment must be powered down, un-racked, opened, vacuumed with a very soft bristle brush, and then put back.  The AC filters have already been replaced and now every surface has to be cleaned.  It will probably take a couple weeks work for two of their people to complete.

More sheet rock dust
A few other things I noticed aside from the general clutter all over the floor (to the point that you cannot walk in there).  First were open jugs of water on the floor; nobody knows why those are there.  The grounding strap for each rack isn't connected to anything.  And, no surprise, hundreds of cables are slung all over the place despite having some very nice cable management and ladder racking.  In one spot a couple fiber runs were resting on the hinges of the server rack door.  If the door were closed it would break the fiber, but don't worry, those were only their primary and secondary WAN connections <sigh>.

Its funny how much the condition of a data center can tell you about the rest of an IT department, how its run, and what kind of detail has been paid to the little things.  These details are what make an IT department run smoothly.  Neglect the little things and everything falls apart.

Just to end on a good note, this last pic is of a data center belonging to a smaller customer but which is very well maintained.  Just like their entire IT organization everything is in its place and working as it should be.

Thursday, May 14, 2015

Wreck A Dirt Bike and Secure A Network

By all accounts it was quite literally the perfect day to get out into the forest and ride.  77 degrees for the high, 4 mph winds, and sunny couldn't be more ideal.  And even better was that I had less than a hundred miles on my brand new Honda CRF250L.  I couldn't wait to get on her and run her down the trails, thru the creeks, and up the hills.
This wasn't my first dirt bike, I'd been riding off road for 17 years and on road even longer.  This was just my first NEW dirt bike and every time I get on her it excites me.  On this trip my 11 year old son was coming along.  He has a passion for dirt bikes and any reason to get on one is a good reason, even if its just to ride around the back yard.

We pulled into the parking area, unloaded the bikes, paid our fee, strapped on our helmets and off we went.  My son hadn't ridden at this park yet so we started off with some easier trails to get him used to the terrain.  An hour and a half into our ride that Saturday morning we decided to take on the longest trail at the park, 6 miles. 

I learned to ride off road in the mountains of Utah.  Six miles up there was not a big deal, you might cover 20-30 miles in a day of riding those old jeep trails or following trails trails over the peaks and into serene hidden valleys.  Riding in the southeast is different.  It is all narrow groomed trails, dense forest, small hills and a lot of water and mud.  It requires a slightly different and more demanding riding style. Six miles thru a national forest in the southeast was going to require some work but we were having a great time and didn't even think twice.

I'm not an aggressive rider.  I'm a cautious and casual trail rider.  I get passed all the time by more aggressive riders.  I'm not into jumps or tricks or high speed maneuvers.  I enjoy being in nature, the pleasure of riding the dirt bike, and the occasional thrill of going over hills or maneuvering thru a tough piece of terrain.  I like to just explore whats out there and that day started out just that way.

Somewhere along the way I think I must have gotten bored creeping along behind my 11yo son thru miles of trails in first gear.  I like riding behind him so I can be sure he's safe and not doing anything dangerous or reckless (he'll have his teenage years for that).  But after two hours I needed to stretch a little, I needed to open the throttle, I needed just a little thrill.  So on a wide bend in the trail I jumped out ahead of him.  Two small hills were just up the trail so I shifted into 2nd gear and went for it. 

The first hill was perfect.  I went over it smoothly, even caught a couple inches of air, and was coming down just right.  I felt the thrill of that little jump fill me and I was looking forward to the next one before I even hit the ground.  When I did hit the ground something went wrong.  The bike lurched forward, the throttle open wide, and shot me toward the second small hill far faster than I should have been going.

It is natural when riding a dirt bike to grip your handlebars tight when you get scared or caught off guard by the bike's behavior.  The problem is that usually you rotate your wrists down and that revs the engine.  I teach my boys to watch for this, be aware of it and how to react to it when it happens.  It is exactly what happened to me.  When I hit the ground after the first hill I was holding the handle bars too tight and the down force caused the engine to rev and launched me over the second hill.  If the second hill hadn't been there I'd have been fine but that's not what happened.

I remember the feeling of being out of control.  I remember sensing that I was going over the handle bars.  I remember wondering if the bike was going to hit me in the back or land on me.  And then 15 yards from the top of that little hill I hit the ground; head first, then left shoulder, then left ribs, and finally left hip.  And I hit it hard.  Wearing the helmet certainly saved me from serious head injury but nothing else I was wearing was going to save me from other injuries.

I broke my collarbone, likely cracked a couple rips, bruised the hip socket, and tore innumerable muscles in my shoulder and down my left side.  I was lucky, it could have been worse.  I walked out of the forest and made my way to the hospital without the help of an ambulance.  I was in a lot of pain, but worse, I was ashamed.

I was ashamed that I had allowed myself to lose control.  I was ashamed that my son had to see it happen.  I was ashamed that I'd miss two family events later in the day and possibly disrupt a vacation.  Mostly, I was ashamed that I hadn't been vigilant.

I had done this so many times.  I had so much experience.  I knew what to look for, I knew what the risks were, I knew how to avoid them.  I knew I wasn't like other riders who risked life and limb every time they got on a bike.  But I also knew it was my fault.  I had lost focus, got distracted or frustrated, took my eye off the ball.  I had stopped being vigilant about my own safety.

It only takes a moment.  I learned the lesson while doing something I love with my son, but it applies to other areas of our lives.  It applies, as security folks, to our careers.  If we lose focus, or get distracted, or drop the ball it may be our companies or our customers who pay the price in stead of us.  We must be vigilant at all times.  One firewall rule change while testing, one unenforced policy, one new vulnerability notification that we didn't bother to read, one malware patch we didn't feel like applying at midnight on Sunday could be all it takes to open the door to attackers.
Damage to the rear

We must be vigilant.  We must also be prepared for what happens when were not.  In seventeen years of riding dirt bikes I never thought about what steps I would take WHEN I wrecked.  Do you think about what steps you will take WHEN you finally get hacked?  Have you written down your plan?  You will, to one degree or another at some point have a breach.  You probably already have and just don't know it yet.  It took me fifteen minutes after the wreck to realize my shoulder was where the real injury was.  Make sure you have a plan when you discover a real injury in your environment.  And be vigilant.