Peponi

February 25, 2012 in musings with 0 Comments

I love this song and the video called Peponi by The Piano Guys.  Jon Schmidt piano player, Steven Sharp Nelson is a cellist.  I love listening to each of them individually.  The two of them have formed a YouTube channel called The Piano Guys  filled with great music and amazing videos.  The latest video Peponi, features Alex Boye.  This is my favourite PianoGuy video and song to date.  Alex is a good singer.  The two things I like most are the Jacket Alex is wearing and the way he moves in the video.

.

There is no innocent, only aquittal

January 7, 2012 in law enforcement, Legal with 0 Comments

I was reading a news report this morning on an assault in London and it lead me to this quote:

Keep in mind though in a court of law you are either acquitted or found guilty. An acquittal doesn’t mean you’re innocent, it just means there’s not enough evidence to convict you.

I am wondering if this is actually true?   Logically it makes sense it would be this way – which would means if you are charged with an offense, you are never really innocent of it in the eyes of the law.

Who owns the follow?

December 28, 2011 in Personal Brand, Social Networking with 0 Comments

I am not a lawyer, but over the past few years, I have found myself becoming more and more interested in law.  I took and introduction to law course a couple of years ago out of pure interest.  Specifically, my work with service providers, law enforcement, internal investigations and recently working for a financial institution has created much more interest in what I find to be the lack of details in laws around computer crime, data ownership and use of data. This article caught my eye.  Noah Kraviz, a former employee of Phonedog, is being sued by Phonedog for taking his followers with him when he left the company.  It seems to ask the question: Who owns a set of followers on Twitter?

For ordinary businesses it’s quite difficult to gain a following without a strong personality. You have to have a very strong brand for it to work.

If I choose to follow someone or some company it is because I have an interest in what that person or that company has to say.  For me personally, so far there are very few companies I actually follow.  A few I follow because I do have an interest in their products or philosophy.  As long as that company keeps my interest, then I am happy to keep following them.  However, if I no longer have a use or interest, then I will no longer follow.  It’s pretty simple.

In most cases, I choose to follow a particular person or individual.  I like what they say, the message they communicate, or they share a common set of interests with myself.  Who they work for, is not why I follow them, it just happens they work there and that is where a majority of their tweets come from.  If for whatever reasons they move on, I will still follow them, but unless the company has created a brand I am interested in, I won’t continue to follow the company.

It is hard to pinpoint a financial value to Twitter followers as it is unclear why they follow a particular account.

The key to this statement is why they follow.  Who I choose to follow is my choice as the follower, not the owner of the account I am following.  What makes person or company feel they in any way own or can make claim to a set of followers is beyond me.  The entire follow or not follow process is not owned by them.  If you want me to follow you, then create a personal brand that makes me want to follow you. This is one of the great things about social media compared to previous technologies such as email or phone.  Once a company obtained your phone number or email address they could contact you anytime they wanted as often as they wanted and there was little you could do about it.  The company felt in control, and to a large degree they were.  You could change email addresses or phone numbers, but the cost and work involved to do that is very high for you and not high for the company.  With social media such as Twitter, Facebook and others, it is easy.  Just a mouse click and you are gone.  It levels the playing field and forces companies and individuals to compete on their brand, quality of products, treatment of their customers, and other factors.

I hope that this does not settle.  I think it would benefit everyone to have a legal precedent set.  Data and meta-data ownership is going to become very interesting from a legal point of view over the next few years, and I am looking forward to watching it unfold.

Update (Jan 3, 2012): @LeeBerlik a lawyer in Virginia wrote a post about this which you can find here.

You will make a difference. Don’t worry about that.

November 13, 2011 in Leadership with 3 Comments

I just finished watching a 50 minute talk from General Mark Welsh that he gave Nov 1, 2011. You can find it here. Normally, I would just tweet the link, but I wanted to comment on it so I have a reference to my thoughts.  Those that know me, know I am not a military type person.  Several times in my adult career I have seriously debated becoming law enforcement, working for the Coast Guard, being a paramedic, or entering the military.  If I was younger and General Mark Welsh gave this talk to a room I was in, and he or someone like him was leading me, I’d have signed up right away full stop.   if I am able to develop half of his leadership skills (based on his talk) before I retire I will feel like I accomplished something from a leadership perspective.

It is well worth watching the entire talk.  General Welsh has such presence.  I felt like I right there in the room when he spoke.  My current mentor told me that presence is one of the qualities any leader must have.  General Welsh has presence.  While I enjoyed the entire talk, the parts that really registered for me, I describe below, but for most you can stop reading.  I just encourage you to take the time to watch the entire talk.

Making a difference.

These people made a difference. Everybody I just talked about is making a difference, and you will too.  Don’t worry about that.

He flat out says ‘you will make a difference and don’t worry about that.’  Do you work for or with people that will say that about others with that level of confidence in their staff?  He even says not to worry about it, as if it is a done deal, and he believes it.

Expectations.

He speaks about 4 expectations that all the students must meet, credibility, attention to detail, be ready to make decisions, and be committed.  He speaks about each one of these and gives very real examples of how it has applied to individuals that have been where the students are, allowing the inference it will apply to them.

Leadership is a gift.

In the completion of his talk before given a toast to a fallen friend, he makes two statements that really registered with me.

Leadership is a gift. It’s given by those who follow.  But you have to be worthy of it.

 

If you are still saying this place sucks, leave, we don’t need you, we don’t want you, don’t have time for you.

For me, this was one of if not the best talks on leadership I have ever watched or been present.

My thoughts on ‘A few thoughts on image’

November 6, 2011 in Corporate Culture with 0 Comments

Terry Gillis of Carswell Partners wrote a post on your image, specifically your attire when at work.  In his post, Terry questions why people would dress wearing Cargo pants, flip-flops and other less professional attire when going to work.  I get his question and it is something that I have struggled with my entire career.

When I first started my career, I was employed by a bank.  Like you might expect at a bank, most dressed in a reasonably professional manner.  Dress pants, buttoned shirt, dress shoes for the technical and support staff.  Managers often added a tie.  Senior executives typically wore suits.  There were some exceptions, but for the most part that was the norm.  Being new to my job, I unconsicously followed the trend, typically wearing  dress pants, buttoned shirt, dress shoes configuration.  People when meeting you, immediately assumed a certain position level, experience, and intelligence based on what you wore.  I also observed that people who chose to dress differently than their role, a non-manager that suddenly wore a tie for example would be noticed.  Many wouldn’t say anything, but you could tell by their body language they noticed it. Sometimes there would be a comment like “Joe is wearing a tie today, he must be interviewing” or something to that effect.  It was almost a way of indirectly saying “your dress doesn’t match your role.”

Eventually, I left the bank to work for a small consulting firm.  This firm provided network security and network designs for tier 1 service providers around the world.  I was also now interacting with both engineers and executive management on a regular basis.  Initially, I tried dressing more formally wearing a jacket and sometimes a tie.  The problem was that most engineers didn’t take me very seriously.  They would initially view me as a management type that didn’t understand the ‘technical details of network flows and security’.   I would consciously dispel those thoughts in the first few meetings, but I found I had to make a point of proving my technical capabilities and it caused the relationship to have a much ‘slower’ start.  If however I matched the technical teams dress, things were easier.  It was a weird correlation to me, but it seemed to be present at most clients I visited.  Of course, the reverse was also true.  When I had meetings where I was providing updates to the executives, things seemed to go much better when I was dressed similar to what they were wearing.

Today, working for a financial institution once again, I actually dress depending on what I am doing for the day, who I am meeting and which location I will be in.  If I am working at head-office (usually 2-3 times per week) I wear a suit and tie.  I find that most dress business formal at head-office.  If I am at one of our other locations, then it is business casual which is dress pants, shirt and optional jacket (although I usually have a jacket on).  On Friday’s the business causal seems acceptable at head-office as well.

Where did the idea of wearing flip-flops to work come from?  Well, I am no expert my first experience was when working for small tech companies.  I realized they rarely if ever dressed formally.   That was actually one of the perks.  If you were smart, good at what you did, and had a passion for the work, then they hired you based on that.  Didn’t matter what you wore, if you had an earring or a tattoo.  Look at most pictures or videos of Steve Jobs from Apple – Jeans and a black t-shirt is his standard attire.  These companies believe they are hiring you for your passion, knowledge, and skill – period.    During this part of my career, I always had a change of clothes in my office, car or hotel. If external clients or potential clients were visiting, I would quickly change, otherwise I dressed comfortably and casual.  I remember times when a group of us would be interviewing potential candidates for technical positions and if the candidate overdressed, a comment was usually made after the interview had concluded.  It wasn’t a decision point, but it was noted.

One of the reasons I try really hard to consciously not judge someone based on their dress but on their personality, what they say and how they act is because of my experiences with dress.  The turning point for me was when I realized that by dressing certain ways, you can make others feel more comfortable or less comfortable, depending on what you want to achieve.  If you want people to be comfortable working with you, dress plays a key factor.  Logically this doesn’t make sense to me, and I personally try hard to not judge based on dress.  But I have learned that depending on the environment dressing appropriately makes things a little easier for me and more importantly the people I interact with so I try to follow along as much as possible.

How I now manage my email and meeting requests

September 26, 2011 in Information, Task management with 2 Comments

I used to think that I received way to much email, then I started working for my current employer.  Maybe I thought that because I have mostly worked for small to mid-size companies in my past and this is my first time working for a large company for any significant period of time,  but the amount of email I receive that actually requires my attention is unmanageable.  The amount of email has amazed me enough that I whipped a few database queries together to extract the amount of email I have received on a monthly basis.

The above chart represents incoming email to my inbox after being through checks for malicious content and Spam.  I have also removed most (if not all) bulk email (subscribed lists, etc.) that I subscribe. I could spend all day and night just dealing with, responding to and actioning email items I receive and I would still be behind. Managing from my inbox and trying and the end of each day or week to obtain the cherished state of having no email in your inbox will not be a reality for me (at least not in the foreseeable future).   I decided that I need to make a change.  As a result, I have started to more aggressively delegate many of the technical and design requests to my team.  I also decided that I needed to come up with a way to get and stay in control of my inbox.

Using Google, I searched and read interesting articles and blog posts from many experts on how to effectively mange and prioritize.  I have queried a few of my friends at work that have the same issue, as well as observing and asking some senior executives that I have a respect for and who have been in large companies for much longer than myself.  Taking all that into consideration, along with some assumptions, this is the current way I am handling email at work.

I made two assumptions.  First, my inbox will never be empty.  I have not done a rate analysis on my inbox, but just eyeballing the number of messages per day, an empty inbox will be very short lived even if I managed to get it to empty.  The second assumption is that my inbox is a representation of my interactions with a very large organization across many teams with different objectives and priorities within the organization.  Each party will always feel what they need is more important than someone else. Therefore, from my perspective there is no over-reaching set of priorities one can follow that will fit everyone.  I have to make my own decisions on priority of requests and concerns based on my understanding of the goals of the company, business units and teams I deal with.

Rather then manage my email from folders, I manage it using search folders (Microsoft Outlook terminology).  In Outlook, each search folder creates a ‘view’ into your email based on a set of criteria. These ‘views’ are not folders you store objects into, but rather a dynamic folder that changes as the underlying folders change.  They remind me of database ‘view’ features that you find when designing applications with large scale database systems like Oracle or Postgres.  In my case, these search folders or ‘views’ are different ways to look at a single folder (or datasource), my inbox.

I have the following search folders:

significantExecsAndTheirAssistants: There is a subset of executives I work with or are involved in projects that I am responsible for in one way or another. If they or their administrative personnel is to send an email, I want to be aware of it.  Any emails sent from them or their administrative staff will show up here.

upwardVisibility: This is basically the reverse of ‘significantExecsAndTheirAssistants’ folder.  If anyone sends a email to myself and any of the subset of executives I am interested in, it will appear here.  This allows me to understand what is being communicated upwards in the organization. I can more quickly be aware of any questions or concerns these executives may have, and if necessary respond or offer additional information if required.

leadershipTeam: This folder will highlight any correspondence sent from my peers in the Network Services Organization or the VP of Network Services himself.

significantPersons: Any emails from family, friends, and others that I have a close personal relationship with will appear here.  It is a pretty small group, but they are important to me, so I want to be aware if they send something.

currentProjects:  Emails in this folder include team members where my team or myself are involved in current and active projects. It is usually just the core team members, not everyone on a particular project. I spend a good portion of my time working in this view.

activeVendors: If you are an active vendor, your email will appear in this folder.  That being said, there is a very strict definition of ‘active’ that I follow for this folder. Active means there is a signed P.O. or S.O.W. with your company that is currently executing or we are actively involved in some very strategic planning or consulting with you that is likely to end in a P.O. or S.O.W.  Once completed, you are removed from this folder (as by the definition above you are no longer active).

meetingRequests: Any meeting request will appear in this folder.  Unfortunately, I spend way to much time working with this folder, which is effectively requests for my time.  In this view, I can look at the request, decide if I am going to attend, delegate, or decline.

From a folder storage perspective, I have 3 folders that I am using:

Inbox:  This is where all my email arrives and where it stays until I deal with it.  All the search folders listed above, use this single folder as their source for deciding what to present.  Once an email is dealt with, it is removed from this folder and placed into either the ground0 folder or the emailBankruptcy folder effectively removing it from any search folders above.

ground0: This is a folder where email goes once it has been dealt with.   I don’t categorize it or have any sub-folders.  I can search it if required.

emailBankruptcy:  The idea behind this folder came from a blog post by Michael Hyatt in 2009.  There are lots of emails that arrive in my inbox but do not appear in my search folders as they don’t meet the required criteria.  Eventually, they get stale and for whatever reason are no longer applicable.  Every so often, I move these older emails in a batch to this folder.  Similar to my ground0 folder, this folder is can be searched.  Any items in this folder are emails that I never did action, but keep so I have a copy in case it is ever needed.

I may need to make a few tweaks to this setup and process over time, but I am starting slowly to see some beneficial impact.   I expect there will be a few tweaks still in the coming months, but as of this writing, I am finding my email more manageable and I feel better about how I am handling it.

Technology vendors, Coke, Heinz, and Kleenex

May 28, 2011 in musings, Personal Brand with 0 Comments

I once worked for a company where during one of our quarterly internal company meetings, the CEO, presented a slide with the same graphic as the one on the top left of this blog post.  The goal of this slide was to explain the importance of making the company name synonymous with the problem they were trying to solve.  During his talk, he spoke about companies such as Coke, Heinz, and Kleenex.  What these companies have in common is that often, people automatically replace the product with the  company name  – if effect they use the company name to reference the product or problem being solved.  This is the ultimate in branding.  Ever heard someone say “Do you have a Kleenex?” – technically you never do.  Kleenex is the company or brand, and one of the products they make are facial tissues.   The CEO felt this was one of the best positions for a company to be in and encouraged the team to always do what they can to achieve that goal.   In fairness, I know him and he is a good guy. A great speaker who wants the best for his company, and wants to instill those same values throughout the company – exactly what a CEO is suppose to do. And he was somewhat successful.  When engaging clients to execute professional services there were a few times when the company name was inserted where the product should have been.  To this day, I can find Internet posts that speak about  “when we installed the <company> …”

Today, I am no longer representing the vendor providing the consulting; my team is the client.  One of my teams responsibilities are to reduce the complexity of our security environment and increase security.  In order to do this, it is important that separation of the features, solution and the vendor occurs at all levels in my organization.  The last position I want my organization to be in is one where there are inaccurately perceived dependencies on a particular vendor.  As such, I now work in the exact opposite way of the vendor.  I work hard to stop these branding attempts whenever I encounter them.  You can find them in many places,  documentation, e-mail,  meetings.  It can start to infect employees and they will propagate the branding message.  Working against this, some vendors feel that I am difficult or hostile towards them.  It has nothing to do with them, rather it has to do with keeping the message clear, real and accurate at all levels in the organization.  Effectively removing the ‘spin.’  Here are the main reasons I actively do this.

Creates a perceived dependency on the vendor. Most if not all vendors would love to achieve the perception (or reality) that a company, especially those with deep pockets can not easily do a particular feature or solution without them.  I have found in my years of consulting and technology this is rarely the case and if by chance it is, give it a few months and it will no longer be the case.  What is important is that any messaging directly or indirectly along these lines is verified and accurate.  The higher up the organization the more important this is.  Often, depending on the environment, assessing and correcting the message that vendors often send up the organization can be difficult.  Fortunately, I work for a company where senior executives actually do listen to their employees opinions and recommendations.

Correcting statements with “the Vendor project”. I am constantly correcting these statements.  It is common especially when a new vendor enters the footprint of a large enterprise for the first time.  Often employees and executives refer to the project as “The <vendor name> project”.  I feel it is important to correct this early on.  In meetings, when reviewing documentation, responding to e-mails, a project always has a name and description, and should not specify the vendor. The name of vendors can and should be stated where a decision has been made to include or exclude a vendor, but the project / service should be written, spoken and perceived as separate from the vendor and something a particular vendor is providing.

Creates and keeps competition alive. Vendors like to ‘feel’ that they are the chosen company – it gives them a sense of security in sales, and bragging rights on the street. You want to keep a certain amount of competition with the vendor during the selection process.  More importantly, you never want a vendor to feel they have you locked in to their technology.  It keeps the vendor more honest, and always paying a certain amount of attention to your company and their account.  It keeps them competitive both from a pricing and services perspective — all good things.

Subconsciously changes the company’s thinking. By using a vendor name as the solution, it starts to change the way teams think within an organization.  Employees start to think less critically about problems and potential solutions because the vendor is the solution.  They keep less abreast of the market and start to rely on a specific vendors to solve their problems, regardless if that is the best way to solve a particular problem or not.  If this type of thinking perpetuates throughout a company, as time passes, you end up a self-fulfilling prophecy, where the company simply goes directly to the vendor and more easily accepts their answers as truth.

Not that vendors are all bad, they are just trying to do what is best for their company and themselves.  Typically, the employees of the vendor are incentivised by bonuses and incremental pay scales that encourage this behaviour.  It is important that you constantly look out for this type of messaging and correct it. At the end of the day, it is one of the reasons your employer pays you.

Corning, glass and the future

April 2, 2011 in musings with 0 Comments

Who remembers their mother or grandmother’s kitchens with dishes like the one on the left?  I do.  They are made by Corning and were very popular back in the day.  A few years ago we toured the Corning factory.  I remember thinking how interesting it will be to see hot glass and how those dishes my mother had were made.  After a demonstration on how to make glass by an older gentleman, he gave me his card.  His title was “Glass Master”.  Titles don’t normally impress me, but this one sure did.  Sure you can be director of this or a Vice President of that, but a Glass Master — that was unique.

Well Corning has come a long way from the days of bowls and dishes.  It is great to see a company that keeps up with technology, with an eye to the future.  Below is one of their videos on the future and how glass will play such an important role in that future. I really like the video and would love to live in a world like this. The video is great in many ways and it really shows how Corning can re-invent themselves and modify their branding to move with the times.


This video also makes me think about how to secure this type of world. If information is that free flowing and communication is that easy, while amazing, there are risks. I hope security and the folks that are in security are as inventive, and advanced to keep up. My experience is that for the most part the security industry is slower than it needs to be. Maybe this type of information flow will force that to change.

Shutting down the Internet – it is possible?

February 21, 2011 in External Services with 0 Comments

At least technically I believe it is …..

There has been lots of discussion and comments about how Egypt managed to shutdown the Internet during the recent political uprisings in their country.  Some say it is not possible for a large country to shutdown the Internet, others argue that it is.  There are posts and articles theorizing how they accomplished it, was it  Deep Packet Inspection (DPI), Border Gateway Protocol (BGP), or just simply shutting down devices. Regardless of how they accomplished it, they did accomplish it, quickly and swiftly.  It was brought back online only when when Egypt chose to bring it online.  Arbor Networks has published a graph showing the actual traffic drop and restart.

Full Arbor post “Egypt Returns To The Internet” is available here.

When Egypt shutdown their Internet and the discussions about how they would accomplish this began,  it reminded me of my first consulting client.  It was for a small Caribbean island that was and still is a popular tourist destination.  At the time, there was one major telecommunications company and they were my client.  When I arrived, Internet access to the entire island was via two Satellite uplinks.  Due to the satellite’s orbit relative to the location of the island, the trajectory of the signal was close to the horizon.  This caused lots of outages due to weather and other environmental factors.  The island had been connected to a submarine cable and it was my task to safely migrate the Internet traffic to the new submarine cable, keeping the Satellite system available as a backup.  During the entire project, shutting down the entire Island’s external Internet connectivity was a simple case of entering 2 commands or a total of 10 keystrokes.  When I completed the project, it was a little longer, 20 keystrokes to take the island off the Internet.  It was a small island, few people, lots of tourists, easy to do.  But really, how many external connectivity points does a country have?  It is probably a finite amount and I bet most major governments know where their submarine cables and satellites are.  For those interested a list of submarine cables is available here.

Governments have always been and are closely involved with telecommunication companies.  Wiretapping a phone or Internet connection, tracing a mobile call, Determing 911 caller location information are simple examples.  Echelon, Operation Ivy Bells, NSA wiretapping case are a few examples of much larger telecommunication involvement.  Deep down, I think we all know that — it is part of their job.  Does it make sense that a government would be aware of all submarine cables, that interconnect it with other continents and countries?  Would it be considered irresponsible for a government to not know where these cables are, and who controls them?  Does it not make sense to have policies and procedures around these connections in the event of a severe emergency?  At the very least some understanding of what can and can not be done with these connections, the implications of shutting down these connections, and how to go about it?  Countries have plans like this for war, terrorism, quarantining in the event of an outbreak, border control, military law and many other events that we as citizens may or may not be aware of.  Seems silly to ignore Internet connectivity.

Sure there are implications to severing all external communications links and attempting to completely isolating yourself as a country.   Could a tweet, phone call, or transmission still get out through a unknown path?  Probably, but I bet if a country such as the U.S., Canada or China made the decision to shutdown the Internet, you’d get a very similar graph to the one above.   The ability from a technical perspective to create an “Internet Kill Switch” is not an insurmountable problem to solve.  The ramifications from a political perspective are much more of the concern in my opinion.  For some really good thoughts  the ramifications of an Internet Kill Switch I suggest this article by Bruce Schneier.

photo credit

Usage based billing (ubb) coming soon

January 24, 2011 in Surveillance with 0 Comments

If you currently subscribe to an ISP in Canada, particularly one that provides DSL access (via your phone line), you are about to be subjected to a bill increase.  Michael Geist has a article linking to current resources here.

While some of my information on this topic has come from blogs I follow, as well as discussions with friends and co-workers I still keep in touch with since I left the telecommunications industry, a main source has been a long time friend of mine.  He owns a small ISP in London, became involved with CNOC, a group of ISPs in Canada attempting to fight the CRTC ruling permit Bell to charge in this manner.

While I don’t agree with the CRTC permitting Bell to charge in this manner given their obvious monopoly and reach, there is a couple of positive things I see as a result.   On a personal note, it is nice to see my friend engaging with other ISPs in this discussion and taking more of an active role.  That behaviour is not a natural for him and pushes him outside his comfort zone.   I am happy to see him doing this.  From a general perspective, while the decision is not in my opinion smart from a competitive perspective, I think it is at least a step forward because it forces  ISPs to start charging bandwidth costs to end consumers that use the resource.  This is something that should have happened years ago, and I believe that if it did it would have made the Net Neutrality debate non-existent or at least much less of a debate.  As I have stated before, in my opinion I believe bandwidth is a utility and today more than ever, it’s characteristics are similar to a utility.  It should be regulated as such and charged according market costs in a real competitive environment, not a monopoly (of course in Canada there is a monopoly, or at least an environment that is pretty close to one).

As a result of this new legislation, I have started monitoring bandwidth usage from my home connection.  I wrote a very basic script that simply queries the internet interface of my gateway every 5 minutes, gathers the raw transmit and receive bytes and stores them in a file along with a time stamp.

Once usage based billing (ubb) takes effect in March 2011, I plan to take this data and using Python generate some graphs, and put the bandwidth usage into a format that can be compared  to the usage  my ISP generates as well as the usage  that Bell provides on my DSL line.   In my experience, measurement is a tricky thing, and I am curious in any differences that might arise.

photo credit

Page 2 of 23«12345»1020...Last »