What Others are Saying about IT Survival Guide
“As a
CEO, information technology is not my forte. I don’t always speak
the same language as my IT staff. David’s ability to make technical
issues understandable bridges the gap. This book is a must for
executives wanting to link IT to business success.”
Chris
Lawrence, President and CEO
Better Business Bureau of Central &
Northern Alberta
“IT
Survival Guide provides a wealth of information for entrepreneurs
and IT personnel alike. David Papp presents technical information in
a way that appeals to all audiences.”
Jason S. Lueke, Ph.D.,
PEng, Assistant Professor
Arizona State University
“Information
management about IT needs is certainly challenging. IT Survival
Guide offers excellent advice on how to accomplish this. David
Papp’s common-sense approach makes this book extremely
valuable.”
Samih T. Darwazah, founder of Hikma Pharmaceuticals
Company Ltd.
and author of Building a Global Success
IT Survival Guide
Conquering Information Technology in your Organization
David Papp
Smashwords
Edition
Copyright 2011 David P. Papp
publishing at davidpapp
dot com
March 9, 2011
ISBN
978-0-9868213-1-8
Cataloguing data available from Library and
Archives Canada
This book is available in print at most online retailers.
All rights reserved. International copyright secured. No part of this book may be re-sold, given away to other people, reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, computer, scanning, Internet, or by any information storage and retrieval system without written permission from the author or publisher.
If you would like to share this book with another person, please purchase an additional copy for each person you share it with. If you are reading this book and did not purchase it, or it was not purchased for your use only, then you should purchase your own copy. Thank you for respecting the author’s work.
Acknowledgements
I would like to thank my parents for buying our family computers; the past BBS community; the university engineering computer lab with Internet access; my family for allowing me to continue doing what I enjoy; my wife for encouraging me to write this book; Doug, Jason, Greg, Phil, Marc, and everyone I have ever been in touch with who teach me something new each time.
Technology is fun and has become my career.
IMPORTANT!
The author has endeavored to be as comprehensive, current, and accurate as is possible. Most topics are based on the personal experiences of the author, which may differ from the average.
This book does not purport to offer legal, investment, accounting, computer, engineering, or other professional advice. If and when such expert counsel is required, the services of a competent professional should be sought. The author and publisher are not liable for loss or damage alleged to be caused directly or indirectly by information contained in this book.
As always, the best advice is: caveat emptor; BUYER BEWARE!
Table of Contents
Chapter
One: Today’s
Information Technology Environment: Putting out Fires
The
Evolution of Information Technology
A Few Questions Every
Organization Should Consider
A Step in the Right Direction
Chapter
Two: Getting
Started: Conducting an IT Assessment
The
Discovery Meeting
Other Benefits of the Discovery Meeting
Choosing
the Right Person for the Job
Moving Forward
Chapter
Three: First
Things First: Targeting High-Priority Fixes
Taking
a Tour of the Data Center
Backups and Disaster
Recovery
Operational Issues
Documentation Issues
Examining
the IT Budget
From Crisis Mode to Maintenance Mode
Chapter
Four: What’s
Good IT without the Right Technology?
Servers
Virtualized
Servers / Virtual Machines
Workstations
Printers
Network
Switches
Routers
Firewalls
Networks
Storage
Having a
Solid Foundation
Chapter
Five: Work
Smarter, Not Harder: Having the Right Tools in Place
Backup
and Archiving Tools
Cooling and Power Needs
Monitoring and
Alerting
Logging
Ticketing / Knowledge-Base
Using the
Toolbox
Chapter
Six: The
Right People - Assembling a Great IT Team
Today’s
IT Training Environment
The Maze of Certifications
A Need for
Soft Skills among IT Personnel
Responsibilities of the
C-Suite
Outsourcing as an Alternative
People Make the
Difference
Chapter
Seven:
Maintenance and Prevention:
Avoiding the Fires
Periodic
IT Assessments
Monitoring Implementation
Aligning Corporate and
IT Goals
Developing a Knowledge Base and Promoting Organizational
Learning
Fireproofing versus Firefighting
Dedication:
To my wife and children, who are most precious to me.
The only
source of knowledge is experience.
-
Albert Einstein
Introduction
A major corporation developed a serious problem with its IT system. Each of the IT managers had tried repeatedly to figure out why the system was operating poorly but could not find the solution. After a critical deadline was missed, the executives made the decision to call upon an IT consultant to assess their situation. The consultant walked into the main data center where the servers were located, paused for a moment, and then placed a large “X” on one of the machines. “This is your problem,” he stated and then left as quickly as he had come.
A week later, the company received an invoice for $10,000. Outraged, the CFO sent a letter to the consultant demanding an itemized account of the invoice. A few days later came an itemized invoice that contained only two items: “Placing an X cost $1. Knowing where to place the X cost $9,999.”
While many versions of this story exist, its value still highlights the importance of having both specific and general knowledge. The IT managers of the corporation certainly had expertise in their IT system but likely lacked enough knowledge to step back and see the problem. Others in the organization, such as the executive staff, probably lacked enough specific expertise to understand the essence of the problem from the start. The consultant, however, had both the ability to understand specifics about IT troubleshooting and a wide scope of experience about IT systems in general that allowed him to efficiently diagnose the problem.
From this viewpoint, an IT consultant can be viewed as a general contractor with the skill set necessary to solve complex problems. Not only do IT consultants understand detailed aspects of information technology systems, but they also can appreciate a more comprehensive perspective. The ability to focus on the problem rather than being distracted by the symptoms allows them to identify a solution.
Unfortunately, too many organizations have executives and IT personnel who share a limited understanding of their IT environment. This may be caused by a number of factors. Executives often see information technology as a necessary evil, as the cost and financial demands often leave a bad taste in their mouths. If you combine this with a relative lack of “soft” skills common among many IT managers, executives rarely fully appreciate how they can benefit from effective IT structures.
Other times, IT managers may choose to withhold information about IT systems, falsely believing that this provides some degree of job security. If no one else knows how an IT system is configured, then their value within the organization is presumed to be higher. Both of these behaviors lead to miscommunication and misinformation about IT systems; as a result, the organization is less able to compete and achieve success in the end.
My goal as an IT consultant has therefore been to help bridge this gap between executives and IT managers while enlightening both about more-effective and more-efficient IT systems. Likewise, this is the purpose of this book. As a type of general contractor, I assess organizations’ information technology situations from global and specific viewpoints alike to offer the simplest solution that achieves the goals, missions, and values of the organization.
IT systems do not have to be complicated. In fact, simpler systems enable more-efficient troubleshooting, and this results in fewer problems over time. This realization often brings a great deal of relief to an organization’s executives, who can now grasp how their information technology networks operate. It also pleases IT managers, who subsequently find their jobs less complicated.
I began my career as a consultant during my teenage years. My family had purchased a computer when I was young, and despite its black-and-white monitor, basic cassette drive, and limited processing speed, my love for computer technology was almost immediate. Before long we upgraded to floppy disks, then to a hard drive (5 megabytes!), and I began to gain more customers as friends and family members purchased computers. Mine was a true basement operation; I assembled and repaired computers under the name Hardwired Computer Systems. By the time I was ready to graduate high school, I had earned enough money consulting that I purchased my own PC with a state-of-the-art Intel 386dx running at an incredible 33 MHz speed. I was on top of the world.
From there, I began experimenting with bulletin board systems and gained an interest in file networking. Though modems and networks were clearly in their earlier, more-primitive states, the ability they offered to one user to connect with other users remotely and to share files and programs was very intriguing. In 1991, I was accepted into the engineering department at the University of Alberta. Although I secured a good foundation in engineering concepts, I also furthered my knowledge in computing sciences and electrical engineering through electives. During this time I first encountered the Internet. I transferred a file through the Internet from a server in Japan without incurring any costs whatsoever. It was at this moment that I realized internetworking (as well as the Internet) was the wave of the future. Nothing else came close to it in terms of information access, communication, and functionality. As a result, I decided to obtain a degree in computer engineering, and I have been hooked ever since.
With this passion, I continued to perform information technology consulting services. For some organizations, I serve as a technology advisor who educates them about their IT needs and provides simple yet effective solutions to keep them competitive.
For larger organizations, I offer the same services in addition to serving a variety of other roles. For example, I may serve as a one-time troubleshooter to identify and solve a specific problem, or I may perform periodic IT assessments and audits to gauge the ongoing health of the organization. In today’s business climate, IT is an integral and important part of most organizations’ operations.
Different organizations have different needs. Having the opportunity to see a variety of IT systems as well as different IT challenges gives IT consultants a unique advantage. Unlike representatives of specific brands (such as Cisco TM or Microsoft TM), consultants see multitudes of different IT products and systems. And unlike an organization’s IT manager who experiences the same system every day, consultants enjoy a variety of challenges from many different organizations’ systems.
Through my experience in the field of information technology I have come to realize that many organizations need a better understanding of how information technology can be of benefit to them. This naturally involves the organizations’ executive staffs but also pertains to IT managers as well. By devising straightforward solutions and conceptualizing IT systems in simplistic terms, both groups can come together in a greater understanding of information technology in general. This allows alignment of values and goals between the organization and the IT department, and this promotes quality investments in resources for everyone’s benefit. As a general IT contractor, I hope to provide this level of understanding while simultaneously bridging any gaps in communication between an organization’s executives and its IT personnel. When everyone is on the same page, efforts as well as resources can be utilized more effectively.
The ultimate purpose of this book is to provide a basic knowledge about information technologies, IT tools, and IT systems. In addition, by understanding the purpose of IT assessments and periodic IT consultation, organizations can determine if these services may be of benefit in the short term as well as over the long haul. I also hope to reveal common limitations among executives and IT personnel as these pertain to miscommunication and misinformation about IT matters. Once these aspects are put forth, remedies and solutions are offered to help put your organization back on track. IT is without question a key aspect of an organization’s success today and into the future. Investing time and effort into understanding how IT can best serve you is not only a wise investment but one that is likely essential if your organization is going to succeed.
Chapter One
Today’s Information Technology Environment: Putting out Fires
It’s Monday morning, and everyone is returning to his or her desk or cubicle from a nice, relaxing, leisurely weekend. Among them is John, a trepid fellow who heads the IT department. He casually rides the elevator to the third floor where he expects to step into his normal routine. But this Monday is different (or perhaps unfortunately not), it seems. John is immediately greeted by several colleagues, and his phone begins to ring nonstop in the background. Apparently the server had been down for the entire weekend, and no one can communicate within or from outside of the organization. The office is in panic. Fortunately, John is well equipped to handle such a catastrophe…or is he?
As have many information technology managers, John inherited his job almost by default. When he began working for the company twelve years earlier, he mentioned that he had taken a course in Microsoft technologies and was certified in one of the company’s products. That was enough for the company owner to place John in charge of all technical issues. The company was quite small at the time John started but has since nearly tripled in size. Despite John’s dedication to quality performance, the task of staying abreast of all the changes in IT has become overwhelming for him to manage by himself. Rather than being able to plan ahead for the company’s IT needs, he has become a firefighter, fixing many small problems as they arise. Each week, several IT “fires” would be brought to his attention, and one by one he would try to extinguish them. Handling a company’s information technology in this manner was far from ideal.
Unfortunately, many organizations have people just like John managing their IT departments. A lack of standardization in management qualifications, a rapidly expanding field, and a lack of appreciation of IT in general contribute to the problem. Business owners and executives do not understand the importance of budgeting for IT expenditures nor the variety of components in the IT department that likely require attention from other professionals.
Conversely, IT managers often lack the soft skills needed to explain this importance in practical terms. As a result, preventative maintenance, upgrades, and assessments of the organization’s information technology are neglected, being either outright ignored or put off until time becomes available. The only time IT issues are considered is when a malfunction occurs in daily operations. By then, the problem has likely snowballed into a much bigger issue that will cost the company resources, bottom-line dollars, and client loyalty!
So where does the problem lie? Is it John’s fault for not staying abreast of what the company needs and pushing for IT financial allowances to accomplish them? Perhaps the company’s executives and/or owners are to blame for their shortsightedness regarding the importance of investing in information technology. Most of the time, a combination of these factors are at the heart of the matter. And with such a rapidly expanding field, an inherent lack of understanding and knowledge of current technologies is always present to some degree. Therefore executives, owners, and IT professionals must understand the importance of information technology and its value to an organization. Without this realization, the company will move from one fire to the next, handicapping its ability to grow and succeed.
The Evolution of Information Technology
In 1984, approximately 1,000 Internet-connected devices existed in the world. Today, this figure far exceeds 1 billion devices (REF 1). Text messaging was nonexistent until 1992, but now the number of daily text messages sent and received around the world surpasses the entire world population (REF 2). While these figures are astounding, the amount of cumulative information is also growing at an exponential rate. The amount of information published in just one week of The New York Times is believed to be more information than a person living in the eighteenth century would have acquired throughout his or her entire life. In addition, the amount of new information generated this year will be more than the information generated in the last 5,000 years combined. Specifically, the amount of documented technical information is doubling every year. Students enrolled in technical-educational programs learn information their first year that is obsolete by their last year. Is it any wonder that an IT manager or business owner may have difficulty grasping the latest IT trends and needs?
I like to compare the field of information technology to the field of construction. As we have developed better methods of construction and have employed newer technologies that enable more efficiency and higher quality, subspecialization becomes critical. The plumber no longer knows the best way to lay and grout tile. The electrician does not know all the latest features of various security systems. Even the general contractor must be regularly educated about new techniques and materials in certain specialty areas. The same applies to the fields of medicine, law, and even accounting. As the availability and volume of information has exploded, a demand for subspecialization has evolved in several disciplines, and information technology is no different.
As an IT consultant, I have seen an entire gamut of network and security catastrophes. For some organizations, the personnel in charge of information technology have only a limited scope of knowledge. Their ability to manage complex issues, much less keep up with new developments, may be insufficient, and as a result, over time, servers and hard drives begin to crash as capacity is reached or backups fail. All too often I conduct an IT assessment for an organization only to find that someone has either ignored or neglected obvious warnings that the IT system was at risk. In some cases, ignorance was to blame; in others, the IT staff was simply too busy handling emergencies to employ maintenance or preventative measures.
About ten years ago I received a call from the owner of a small company regarding a problem with remote access to its network. A telecommunications company that provided remote-access ability for the company had washed its corporate hands of the problem, stating that they were not to blame. At the same time, the company’s IT department had reviewed and reassessed everything without finding a cause of the problem. This difficulty had been intermittently ongoing for more than a year. After visiting the IT department and reviewing its remote-access network, I identified minor problems on both sides that accounted for their issues. Within four hours the issue was solved, and everyone was pleased that there was finally a solution to the problem.
While these types of “magical fixes” are not common for such a long-standing issue, this experience demonstrated how subspecialization is needed in the information technology field. Neither the telecommunications company nor the in-house IT staff understood the nuances of the remote-access system. Training, educational updates, and ongoing curriculums are essential parts of the IT field, but even so, no one can be knowledgeable about every detail. This is where IT consultants can be extremely valuable to an organization. They have the time to learn cutting-edge information; this knowledge can routinely save organizations time, money, and frustration.
Subspecialization indeed provides an ability to exhibit advanced knowledge in a particular area. However, being an expert in information technology also allows one to envision the broader scope of an organization’s network and IT system. In this regard I consider myself an IT general contractor. Not only can I understand the individual “trees” but can also view the “forest” as a whole. In what I like to call the “Stuck in a Box” syndrome, I get to see inside other people’s boxes and share those experiences. In part this ability stems from my ability to view an organization’s processes as an outside observer. Because I am not involved in the day-to-day, month-after-month, year-after-year operations, I can step back and view the organization from a macro perspective. This ability, combined with subspecialized knowledge, allows me to more-readily identify unforeseen problems and potential concerns.
For example, one client I assisted had developed over many years multiple software applications housed in a series of servers. Several different vendors had helped develop these applications with my client during this time, and multiple in-house personnel had been involved in the development as well. Thousands of hours had been invested in this company’s online product content, yet the client had little understanding of the company’s IT systems. When a problem arose, the company’s owners did not know where to turn for help. The big picture had so many components that an IT general contractor who had knowledge of web servers, web development, programming, and a variety of other technologies was required just to assess the problem. Even with this knowledge, it still took a couple of months before a complete backup of configuration files and content as well as a recovery recipe could be devised to solve the root of the problem. None of the experts previously involved had the ability to see the big picture, and as a result, the company was put at risk for losing all its years of hard work.
We are living in exponential times in regards to growth of information technology. New developments that are occurring on an annual basis simply dwarf the developments in prior centuries. With this being understood, the need for IT subspecialization and ongoing education is imperative. You wouldn’t want a family doctor performing open-heart surgery; likewise, you shouldn’t want a junior IT staff person managing the complex array of servers, networks, backups, and firewalls your organization relies upon. IT systems make or break organizations every day in our global, competitive marketplace. Taking the time to invest in your IT infrastructure and system is crucial, and it takes asking only a few questions to start heading in the right direction.
A Few Questions Every Organization Should Consider
The problem in dealing with a topic such as information technology lies in its complexity. Rapid expansion and a constant state of flux makes it difficult for business owners, executives, and even IT managers to know exactly what problems might exist. How can you prevent a catastrophe if you are not even aware of your current IT abilities? In an initial discovery meeting, a few specific questions can help direct everyone to focus on the area in which limitations or problems might lie. Even if specific answers are lacking, the absence of knowledge may by itself point to areas of concern.
1. Have any operational mishaps or warning signals been noticed?
Many times, slowing of normal operations goes unnoticed in an organization as the capacity of memory, storage, network, or processing reaches maximum levels. Illuminated lights may change from green to orange or red, indicating an issue of capacity. If a standard mechanism by which these observations are made, recorded, and addressed are not in place, these warnings can be ignored. As a result, catastrophes most likely will occur, and once again, IT managers are forced to put out fires instead of focusing on more-important tasks.
2. Who are the key IT personnel, and what ongoing training do they receive?
If an IT manager exists for the organization, a serious examination of his or her qualifications, ongoing training, and performance activities should be considered. Many times, junior IT personnel with limited knowledge and training are placed in senior positions over time despite lacking some of the needed skills and expertise. Many options exist to improve these situations.
3. What documentation regarding IT is performed?
Where are passwords and documentation for file servers, email servers, workstations, backups, and other IT assets located? Is a logging system in place? How often is it examined for issues, trends, and functionality? Are IT personnel recording documentation and changes appropriately? Is documentation stored on-site, off-site, or both? These can become very important questions if a disaster occurs or if personnel difficulties arise.
4. Where are the key storage areas for backups and archives?
Are storage areas located on-site, off-site, or both? Is a centralized storage area network used, or is local storage utilized? In addition to the type and location of storage being utilized, the frequency of backups and archives is also important and should align with the organization’s operations and philosophies.
5. Where are key resources and staff located?
Resources can involve workstations, file servers, email servers, shared applications, and much more. Where these items are located can be important. What if a fire occurred in an organization’s primary site? Are adequate resources located in other areas to allow for business continuity? Likewise, are accommodations for staff available in other locations in case of a localized IT failure? Location plays a big role in many IT system analyses.
6. What happens if a system failure occurs after hours?
As Murphy’s Law states, catastrophes will occur at the most inopportune time. Too many times I have seen a system failure or crash occur on a Friday evening after business hours. As a result, business operations are offline the entire weekend until someone finally realizes it Monday morning. What if an important backup or update was routinely scheduled on the weekend? Understanding the repercussions of such a failure and whether alerts should be in place is a very appropriate question to ask about your business.
7. How do your clients or suppliers respond if no one answers communications?
No one wants to experience this scenario, but the question highlights the risks involved should business continuity become interrupted or not properly function. In a competitive industry, customers and clients will often turn to a competitor if poor communications exist. Likewise, partners and suppliers may view your organization as disorganized or unprofessional and question your ability to deliver. It is important to have IT systems in place that preserve operations and communications in the event that disaster strikes.
8. How often are updates performed?
Some statistics have been given already that demonstrate the rapidity with which information technology is expanding and changing today. Therefore, processes and procedures that address routine updates and upgrades to existing IT systems and applications are worth considering for implementation. Efficiency, effectiveness, and growth of the organization can all be negatively affected if these areas are ignored. And, more important, the cost associated with major overhauls to rebuild infrastructure as opposed to scheduled upgrades can be substantial.
9. What protections are in place if a power outage occurs?
Most organizations have some kind of battery backup power supply should electrical outages occur, but the extent and duration of alternative power may be inadequate to provide proper business continuity. The use of battery backups, generators, and power monitors are common topics that surface during discovery meetings with IT professionals. In addition, how power is managed can save significantly on energy utilization and costs.
10. How often are outside assessments and audits performed?
No matter how much expertise and experience your organization’s IT personnel have, a fresh perspective always has the chance to reveal new opportunities and potential issues. This exercise can reap significant rewards particularly in the field of information technology.
Conducting an IT assessment of your organization with outside professionals offers you a chance to identify areas that could be improved that internal personnel may not see. New methods and techniques specific to IT management and systems develop almost daily. External assessments are the best way to tap into the latest trends and applications so that your organization maintains its competitive advantage.
Though the questions listed here are often asked during an initial discovery meeting between business owners, IT managers, and a consultant, these meetings are typically very organic and fluid. A single question may take the group in a direction that highlights the urgent needs of the organization. However, the above list does show common areas in information technology that commonly become major problems for a number of organizations. Unfortunately, once you fall behind and begin putting out fires instead of maximizing performance, resources within the organization are often focused on survival rather than on success.
A Step in the Right Direction
Perhaps you are like John with a crisis on your hands, or perhaps you have considered the questions listed above and realized that you have shortcomings within your IT organization. Either way, a systematic and organized examination of your organization’s information technology systems and operations needs to be conducted to start the process. For many larger organizations, this may be attempted in-house, but as mentioned previously, a fresh perspective is extremely valuable. This is where the services of an IT consultant become very helpful.