Posts by Peter Jones 2

I'd like to see numbers on that.

Cisco says that 3% of their ceritifcations are at the CCIE level. What kind of percentage were the defunct MS ones?

MS used to publish the numbers of various certifications, but stopped a few years ago. I think they should bring that back.

I can't recommend it.

Whilst I work almost exlusively in the MS stack, I don't recommend their stuff without good reason. And in this case, I just can't.

The main problem is US law rather than any technical point. Bob Muglia shortly before his departure confirmed that a UK company, using Office 365 and/or Azure in the MS datacentre in Ireland, could potentially have their data transferred to a US datacentre for probing by the US government. The UK company would not notice (which is kind of a testament to the technical side, if true) and would not be told. The US government would not need a warrant to do this, but as MS is a US company, they would be compelled to assist.

From a business point, I can see all cloud businesses using the low cost to draw people in, and then slowly escalating fees once you are there. You will be very aware of the shaft, but it will cost more to migrate out. So year after year, the price goes up beyond reasonable cost, and you just accept it.

From both sides...

As a worker, I want several things to convince me that BYOD is worth it. I want compensation on my device, because if I have to buy my own tools for a job it shouldn't come out of my own pocket. I want to keep complete control over it, I'm not having anyone but me authorised to access it. I'm not having it subject to any corporate policies regarding content, searches or deletions.

As an admin, I need assurances that any device connected to the network isn't crawling with viruses, spyware, gypsy curses and the like. I need to know that data remains under the control of the company as much as possible. That means the ability to prevent copying it anywhere it shouldn't go, and removing it when they leave the company.

The only way I can see to marry these two positions is a combination of BYOD with VDI. Remote sessions that keep the data within the company bounds whilst allowing BYOD to be used. Security holes that come to mind are things like screenshots, but they are fairly minimal. It just depends a lot on the ability to control the VDI context.

Both BYOD and VDI are far from maturity. I'll watch what happens, but I won't be an early adopter of either technology for the next 2-5 years.

Easiest way to convert a country to SI?

Mandate that instead of a pint of beer, it's a litre of beer. For the same price.

Guaranteed overnight conversion, courtesy of well-lubricated new SI zealots.

What I have encountered as a contractor is that the entrenched decision-making staff (sometimes an IT Manager, sometimes a Project Manager) don't want to pay for the right thing do be done in the right way.

It could take £n and x weeks to do the job properly, however for £2/3n and 3/4x weeks you can have a kludge of a system running that users hate because it only does half the job, and does it badly.

And the Manager responsible will pick the kludge, every time. "It can't be as bad as you say." "I'm sure it will be fine." "My design doesn't break Swiss law."

Yes it was; no it wasn't; and oh yes indeed it does, as the auditors are now confirming.

'Do more with less' is the mantra of someone who will accept sub-standard work, right up to the point it fails, when you will be blamed for it.

And if the IT person refuses to do sub-standard work? They are replaced with someone who will. Because the Manager fails to see the problem, that good IT costs more than most are willing to spend on it. It requires time spent thinking, in order to avoid any money deemed worthy of the IT budget being spent on an incompatible solution. It needs a testing facility, something that I rarely see in any workplace, large or small.

IT requires policies that don't hamper it, such as "Don't patch anything; it might break it" (NHS client, obviously). It needs a Manager who understands that even if the rest of the business is 9-5, the IT department isn't, so maybe clockwatching isn't how to measure performance. The hours I keep on a contract will rarely start before 11am, because the out-of-hours window for implementation doesn't start until 6pm. Some days I won't start until then, and be finished just as the sun is coming up. But I can still get the "Where are you?" call at 9:30 from the Manager who believes that Everybody Should Be In At Nine, Because That Is The Way Things Are. And not because a meeting is scheduled, not because anything is broken, just because there is an empty desk.

Inflated sense of entitlement

Companies should change the way they operate? How about these "me me me" children grow the hell up and learn that life doesn't revolve around them?

What company will really open up a network to a swathe of potentially compromised devices just so employees can use their new shiny lookit instead of a company controlled, trusted machine?

Continuous partial attention = easily distracted. Only 2% of people are capable of true multitasking, the rest just believe they are. Tabbing out of youtube every five minutes to check for updates on facebook isn't multitasking.

Automatic tagging of data? Yes, because AI is going to be able to accurately identify complex information in a wide variety of formats, some of them bespoke to the company. If CAPTCHA can defeat it, I doubt it will be able to cope with a scan of a bank statement or clinical record.

Users can't be trusted to tag data themselves? Not even when it is their job? People who can't be trusted to do their job get fired, simple as that. Or is that some kind of discrimination against the lazy and incompetent?

Cloud audit trails. Like who in the cloud provider has the ability to access data placed there, and where in the world the data is physically located at any one time? How do multi-nationals prevent breaking the law when German mailboxes get moved to a datacentre in Ireland? Who has liability and/or culpability in a case where a user claims actionable messages were not sent by them, but possibly an administrator?

Shut down access to information quickly. As in, the data stored on a personally owned device that was joined to a company network. A personal device that you may not have technical control over. That you may even find you can't legally touch once the employee has been terminated.

This "new generation" might have radically different approaches to the Internet, information and security. Doesn't make them correct, worthy of emulation or the new arbiters of company policy.

IBM Storwize

From what I understand (don't do much storage myself, I usually have someone else handle that) the IBM Storwize does this kind of thing too. You throw in a mix of SSD and HDD, and it will put the most frequently accessed data on the SSD. When it gets old, it moves it off the SSD and puts the newer, more frequently accessed stuff on there.

You can't mix 2.5" and 3.5" disks in an enclosure, but you can mix enclosures in a system. So you can (theoretically) use the 3.5" large slower disks as your cold disks in the "hot, warm, cold" strategy. Whether it is intelligent enough to recognise that ability, or it only knows "SSD fast, HDD slow" I don't know, but its worth a look.

Im guessing..

but it's likely this was just a larger version of the same practices done by workers at petrol stations, supermarkets and other places with such loyalty schemes: swiping their own card when a customer doesn't participate in the scheme.

I have seen this done hundreds of times, but on the smaller scale. One cashier picking up an extra 200-400 points per shift can net around 70,000 points a year. If a point is worth 1p (common supermarket exchange rate) it's a small increase on top of their minimum wage.

Cheaper alternative...

...anti-theft stickers?

The IT industry needs some self regulation

in order to prevent these script readers and cable monkeys being classed as IT professionals.

Doctors have their boards of certification, lawyers have the Bar exams. And you don't get orderlies performing operations "because we are all health workers."

So many problems in IT setups that I am called in to fix stem from people not knowing what they are doing, yet being able to call themselves "technical architect" or "Chief Information Officer" (he was the only IT worker in the place) because there is no industry standard to prohibit someone woefully unqualified from using those titles.

Microsoft have their Master and Architect qualifications, Cisco has the CCIE. These are rigorous, in depth qualifications that are as close or identical to the peer reviewed systems of doctors and lawyers. They are a start, but without protection of the titles such as Systems Engineer, Technical Architect, Developer et al. the real professionals in the IT industry will continue to be lumped together with the ignorant call centre script readers that now pass for 1st line support.