There's a whole new world coming for the IT decision maker, and it isn't just which Android handset you're going to adopt as a corporate standard.
IT is increasingly coming under pressure to support the business' communications capabilities. In the past, this often meant being responsible for the office's broadband connection, and perhaps negotiating VoIP services. Now, wireless communications and data plans from cellular carriers are getting into the mix.
In some organizations, IT is already handling wireless carrier contracts, and it may have been doing so for some time. But for many companies (especially several clients I'm working with right now), the companies have never really paid for wireless service, or they've had a sort of informal arrangement with several employees to just pay all or part of the cellular phone bills. In some cases, the company will just negotiate special rates with a carrier, and offer those to employees as a sort of added benefit, while staying out of any ownership of the actual contracts.
More
Posted by Don Jones on 10/21/20110 comments
Invent something cool, something fun, something useful, and someone will find a way to ruin it for everyone.
That's what malware has repeatedly done for computers, for the Internet, for e-mail, and for anything else it can latch its ugly hands onto. We've responded with suites of anti-malware-ware, designed to catch phishing attempts, stop viruses and spyware, and much more.
Now our smartphones are at risk.
No, we're not really seeing traditional viruses, which for a variety of reasons don't yet make sense on a smartphone. But we are seeing an increasing number of e-mail and Web-based attacks that phish for information, direct users to malicious Web sites, and more. Regardless of what you allow your users to do with their mobile devices on their own time, what comes through the corporate e-mail server is your concern, and the risk of data loss is also your concern. It's not impossible -- or even difficult -- for phone-based malware to harvest users' contact lists, which would include business contacts. Phishing Web sites can easily harvest business credit card numbers, login accounts, and more.
More
Posted by Don Jones on 10/14/20110 comments
I can't remember a time when IT decisions were being driven more by users' love of gadgets than is the case with today's smartphone landscape.
Yeah, I guess in the past you'd always have a user or two who wanted a specific Dell laptop because it had a new-fangled DVD burner, a bigger screen, or whatever. But for the most part, users' preferences could be easily accommodated by a corporate standard. Not so with smartphones.
I've never liked the term "PC" when it comes to business computers. It isn't your personal computer, it's the company's computer. Call it a CC or a BC (Business Computer), but it certainly isn't personal. I'm going to configure it, lock it down and do whatever else the business wants me to do with it. You'll take the model you're given, and you'll like it, because you didn't have to pay for it.
More
Posted by Don Jones on 10/11/20111 comments
More than a decade ago, Microsoft Windows became the best and safest bet for a client operating system. The old "nobody ever got fired for buying IBM" sort of transformed into "nobody ever got fired for putting Windows on the desktop." Today, despite the availability of alternatives, Windows is still the best bet for most business desktops. Yes, we'll probably always have a little Mac or Linux or something running around on the sidelines, but for most organizations there's little downside in not having a homogenous desktop environment.
More
Posted by Don Jones on 10/07/20110 comments
At TechEd 2011, Microsoft announced that System Center would begin supporting mobile device management, including management of Apple iOS and Google Android devices. I couldn't be happier with that news, and it's an area where IT decision makers should be paying close attention.
Mobile devices represent one of the biggest changes to hit the corporate IT landscape since the personal computer. Even laptops weren't as big of a deal, because they were really transportable more than truly mobile, and because laptops could be managed using pretty much exactly the same techniques as desktops. Mobile devices, on the other hand, are always-on, always in users' hands, and are being used for a wider and wider variety of business tasks.
More
Posted by Don Jones on 06/28/20110 comments
You don't meet a lot of people who think their state's Department of Motor Vehicles (DMV -- or whatever it's called where you live) should be a model for how to run business. Don't get me wrong -- the Nevada DMV, where I live, is pretty awesome as far as DMVs go. But still. Long lines, arbitrary rules, surly employees who delight more in saying "no" than "here's your license, sir/ma'am."
Yet thousands of companies across the world are using a government agency as their model for how to run IT.
Campaign rhetoric aside, governments have a bit of a vested interest in slowing down change in the way government works. Governments are meant to be stable, reliable and predictable -- and change opposes those goals. When governments change, they do so very slowly, after much public and political debate, and after many periods of review and comment. Governments rarely have to worry about being first to market, since they kind of have a monopoly on governing. Governments don't seem to have any motive to maximize their profits or minimize their losses. Governments, in short, can afford to not pursue change too avidly.
Business, on the other hand, needs the ability to change rapidly. A new technology comes along that can double your margins? Use it. A new product offers the ability to reduce IT overhead? Get it. New techniques reduce downtime by half? Adopt them. Businesses -- good ones, at least -- thrive on change.
So why are so many businesses running themselves like a government agency? Four letters: ITIL. More
Posted by Don Jones on 06/21/201116 comments
In early June, Citigroup acknowledged yet another major breach of confidential customer data. It was the 251st such public notification this year, and could put us on track to exceed the 597 improper disclosures from schools, government agencies, and businesses in 2010.
According to an article in USA Today, cybercriminals are now "actively probing corporate networks for weaknesses," and businesses face particular pressure to let the public know when they've been hacked. Citigroup, in fact, was criticized by US Representative Jim Langevin for taking a month to notify customers after noticing the most recent breach, which was discovered during routine monitoring. Customers' names, account numbers, and e-mail addresses were all compromised.
More
Posted by Don Jones on 06/13/20111 comments
There are two ways to judge the value of an IT professional -- specifically, administrators, network engineers and so forth.
The first way is to watch how they handle crises. Anytime something goes wrong is an opportunity to see how well an admin knows the technologies they're working with. In order to troubleshoot and fix something, you need to know how it works, and you need to know how (and from where) to collect diagnostic information. Admins who jump right into the job, start running diagnostic tools and quickly start eliminating possible causes are the ones you want to retain. Pay them a lot, because they're hard to find. Notice that I didn't emphasize how quickly they solve the problem. That's important, but it's largely a function of how quickly they can eliminate potential causes of the problem and narrow in on the one that's causing the issue.
The second way is to see how they handle day-to-day tasks, especially boring and repetitive tasks. Do you have admins who are still clicking next-next-finish in a wizard, for a task they've completed thousands of times before? If so, carefully consider something: Are you actually paying someone to run through a wizard in order to complete day-to-day tasks? Really? Button-clicking is the value they bring to the team? Only in the Microsoft IT world would someone even considering answering "yes" to those questions. I'm not talking about unusual, once-in-a-while tasks. Even in the Cisco world, the Unix world, the Linux world or the AS/400 world, administrators have to look up syntax or use a GUI for tasks that they perform only rarely. That's the benefit of a GUI: It can walk you through unfamiliar tasks. But for the everyday tasks, you'll find Unix admins in a Bash shell, Linux admins in a Bourne shell, Cisco admins at the IOS command-line and AS/400 operators running CL commands. The value of an admin for day-to-day tasks isn't that they can complete them by clicking a few buttons. The value is in an admin who can automate those tasks from the command-line. Wizards are for end-users, not for experienced IT professionals. More
Posted by Don Jones on 06/07/20112 comments
I'm finally back from TechEd North America 2011, following a brief stop in Denver and Seattle to promote my new book. My final session at TechEd was a Birds of a Feather discussion on Active Directory change auditing. There were around 50 IT pros and managers in the room, and there were some revelations that, to me, were truly astounding.
One gent said his company pretty much had auditing figured out. They consolidated their event logs into a single database, knew how to report from that database, generated near-real-time alerts from it, and so forth. This was all done using a home-grown solution, too – zero cost! Well, not zero. That solution has been under development and maintenance for 10 years. A decade. In terms of manpower, that has to have cost that company something like a million dollars (literally) in total.
Other folks aren't so fortunate: They don't have the resources for that kind of home-grown solution, so they're cobbling something together themselves. More
Posted by Don Jones on 05/31/20111 comments
For more on the cloud by Don Jones, see "Please Stop Saying 'Cloud'"
I'm not a big fan of the word "cloud," because it's largely overused and overloaded. When I started hearing "private cloud" being floated around, I thought enough is enough! How is a "private cloud" any different from what I've traditionally called my "local area network?" Why in the world did we need another term for it?
Then I thought about it. Forget, for a moment, the overloaded use of the word "cloud," and think about the original concept of "cloud computing." I'm talking about services like Amazon's EC2 service, Microsoft's Azure service, or even SaaS offerings like SalesForce.com. These share a few very distinct characteristics:
More
Posted by Don Jones on 05/06/20110 comments
Here's a true story: I was once teaching a VBScript class (this was, obviously, years ago) when a student asked if there was a way to write a script that would enforce the membership of computers' local Administrators group. I smiled, knowing that I was about to make this person very happy. "You don't have to write a script," I said. "You can just use the Restricted Groups settings in a Group Policy object." The person shook their head. "We can't. Our Active Directory administrator doesn't like Group Policy, so we can't use it."
I was floored. I literally did not know what to say. I'm pretty sure I stood there with my mouth hanging open for a full minute, shook my head vigorously, and went on teaching as if nothing had happened. What else could I have done?
More
Posted by Don Jones on 05/02/20114 comments
As I'm writing this, the Internet is finally recovering from the massive outage experienced by Amazon.com's cloud computing infrastructure. Wow, you just don't even realize who's hosting with them until something goes wrong: HootSuite, NetFlix, Reddit, FourSquare, and many more major names all experienced outages.
It's okay -- computers break. I'm sure the folks at Amazon are looking hard at why and coming up with ways to prevent that kind of failure again. Great -- let's move forward. More
Posted by Don Jones on 04/29/20110 comments
I'm an MVP Award recipient from Microsoft, primarily for my work with its PowerShell technology, and you don't often see me use the words "wasting time" and "scripting" in the same sentence. But now it's out there: I truly believe that a lot of IT teams -- if not most -- are wasting time messing around with the scripts.
Let me be clear and state that this is not a blanket condemnation of scripting or of PowerShell. Quite the contrary, in fact. I believe in the right tool for the right job. Scripting is the right tool when the job is one of two things: First, whenever you have to automate some business process that is unique to your organization, and which cannot be efficiently accomplished in any other way. Second, whenever you need to automate some process that is rarely performed. In that instance, you're not really automating something that's truly repetitive; you may be automating it because it's done so infrequently that nobody accurately remembers how to do it. Either scenario points directly to scripting.
So what doesn't point to scripting? The automation of tasks -- particularly complex ones -- that are common across our industry, and which could be better and often less expensively accomplished by a third-party tool More
Posted by Don Jones on 04/25/20116 comments
Okay, we need a serious dose of reality here. I just finished a customer engagement where the company's IT director, in no uncertain terms, told me that his company was having nothing to do with "the cloud." I nodded, and asked why. Turns out he'd recently attended a tech conference, where the keynote address (according to him) was basically summed up as, "no company is going to outsource their IT to the cloud." He agreed that outsourcing his IT was a bad idea, and so no cloud for him.
Sigh.
I blame the IT marketing sub-industry for this. Let's start by agreeing to never use the term "cloud" again. They co-opted that term from the telecommunications industry anyway, and the term makes a lot more sense there because nobody is going to run their own telecom infrastructure unless they are a telecom company.
What folks routinely refer to as the "cloud" in the IT industry is actually something very different. More
Posted by Don Jones on 04/13/20118 comments
Welcome to my new blog! As you may know, I write the monthly "Decision Maker" column for Redmond magazine. Much of that column's content is based upon my consulting and analysis experience. My main job at Concentrated Technology is to provide strategic consulting for our various business clients around the world; basically, that means I sit down with businesses, figure out what their challenges are, and help them decide which ones they can address – and how to do so. We also work with a variety of Independent Software Vendors (ISVs) to help them understand what the marketplace needs in terms of solutions, to properly focus their products features, and so on. All of that work generates a lot more information than I can include in a monthly column, so the folks at Redmond magazine and I decided to start this blog, where I can share information as I come across it.
More
Posted by Don Jones on 04/10/20110 comments