John Monaghan's Most Recent Posts

I’m over 50 and proud of it! And more importantly, I’ve been in IT for 37 years and counting. To make it this long I put myself through a career change a few years ago. Like many of my peers, I had focused on the job for many years and didn’t give myself enough time to keep my skill set current. I had become an old dog.

There's another story out there today about personal data finding it's way out of the building.  According to a story in today's San Jose Mercury News, Home Depot is reporting that a laptop containing data on some 10,000 employees was taken from a car.  The story doesn't indicate who was responsible or what department they worked in, not that it matters at this point.

The sad truth is that once again, someone ignored the rules and had removed the data from the office.  That they left the laptop in the car and, for whatever reason, didn't take appropriate steps to secure the car shows that procedures alone don't work.  People need to be taught that the rules are there for a reason. 

In the Sept. 24 Computerworld there was a delightful opinion piece ("Opinion: Five Diagrams Beat a 'Victorian Novel' ") on the use of diagrams and flow charts in presenting system designs.  I'd like to go further than Michael Hugos went.  Back in my early days we were taught to prepare flow charts and system diagrams for everything we touched.  That sort of went out of style in the 90s, as companies started to move towards 'enterprise' applications that were developed by large software houses. 

I've read a few articles on the 'respect' issue that IT seems to have developed over the years and I've just finished one of the best descriptions of the problem. Frank Hayes "Rewiring Respect" (in the 9/3/07 issue of Computerworld) does a very good job of describing a problem that has been brewing for a while. We, the IT professionals, find ourselves at odds with non-IT staffers throughout the organization and, as Frank points out, it's because we can't quite come to see an organization that exists without structure. I may be using a different phrase than Frank is, but I think we're heading down the same road.

This week's Computerworld has another article on poor project management; this one is Failed VA security contract 'was an open checkbook'. It seems at least monthly we are seeing an article on an IT project gone bad as a result of poor management. A few months ago, the winner was the failure of Philadelphia's municipal water billing system. This month, we read about a 10-year project that was shut down after three years. If you go back and look, I'm sure there'd be a dozen other stories like that in the past year.

In reading the Don Tennant's editorials, "Choosing Teams" this week and "A Wake-up Call" last week, I believe that a key point was largely overlooked.  Don hit on it near the end of the 2nd editorial.  We are in a new era of IT Globalization and, like it or not, we need to change our thinking, as IT  practitioners.  The time for the 'chicken little' response has long passed.  Quite simply, this is a global economy now.  In many business plans the focus is to become more efficient by reducing costs while improving the product.  For many organizations, this means that you hire developers who can handle the work.  It doesn't matter where they are as long as you can electronically reach out and touch them when needed.  This also applies to other facets of the organization (not just IT).

Reading this week's Computerworld, I can't help but notice on page 1 there is a major story dealing with data security failures and the repercussions they bring.  You can Google the stories about the suspension and eventual terminations of 2 IT professionals at Ohio University for the details. In a nutshell, the network was broken into and personal data was accessed.

My comments today are concerned with the inabiltity for some within the IT community to take ownership of the issue.  I don't profess to know the details in the OU case nor do I want to try to analyze it here.  I do want to point out that in a number of cases that have been publiziced within the last year, there are far too many situations where human error has resulted in the accidental release of sensitive information.  Starting last year with the theft of the VA laptop (containing personal data on over 2 million veterans) to the accidental release of credit card information (the Michigan convience store chain), there hasn't been a good explanation of the failures involved.

Has anyone read Don Tennant's editorial on stereotypes and the IT profession?  It's good reading ... seriously.  Don, thanks for saying something about it.  We, IT professionals, have been long held at arms length by certain groups.  I'm referring to educators, many business leaders and government officials. 

I've seen, over the years, several attempts to give the IT professional some credibility and a more professional stature.  Unfortunately, as Don points out in the article, there are those who view us as being members of a social class that is set apart.  I believe this exists in other areas beyond academics.  I further believe this stereotype has developed over the years and will be difficult, if not impossible, to eliminate.

There have been a number of items in the press and in blogs about the coming of Vista.  In one magazine (eWeek, this week's issue) an article points to PC sales and the hope that release of the OS will spur sales and allow vendors to improve profits.  Symantec has commented on possible security issues that they had identified in protocols and privilege management (EWeek, 7/16/06 newsletter).

These items are appearing daily and will increase as we move closer to the actual release date.  My question to my peers, "Are we getting ready for Vista?"

I've visited a few shops (small and mid-sized shops) in the last few months and have been asking the techies the question and I'm not too excited at the prospect of a major release coming out with little or no preparation.  While most I've talked to have rules in place that prohibit users from bringing in software or their own computers to the work place, they are just rules and there aren't proactive programs in place that educate the users and IT staff.

Most of these shops purchase their laptops and desktops from large suppliers who have announced they will be shipping Vista as soon as it's released.  These shops will have to either install XP or will be forced to inject Vista into their environments before they are ready.

Solutions?  I have some thoughts.  Shops should see that their systems are all on the most current release of the OS.  They should be on XP, SP2.  They have had enough time to migrate off 98, ME and 2000 by now.  If not, then their first priority is to design a program  to move to XP and standardize on the Office Suite as well.  They should begin an analysis of the "MS" skill level of the IT staff and end-users, bringing in training on the standard apps.  The goal is to have a solid foundation in place before they consider Vista.

Microsoft has been good about providing access to the Vista Beta, both the application and documentation.  The small shop staff should take advantage of this time to study and prepare.

Finally, when Vista comes out, these small shops need to understand that while Vista has much to offer and they should consider going to it, they don't have to migrate right away; it's okay not to be the first kid on the block with the latest gizmo.

I'm looking for some feedback from the small shop managers on Vista.  Are you getting ready to bring Vista in?  Are you going with the status-quo, satisfied to wait for the dust to settle?  Let me know!

I read Jerri Ledford's blog  this morning concerning the recent activity the VA has taken in response to the laptop disappearance.  After having watched the way the VA has treated it's clients over the years, I'm not at all surprised at the changes in the response that Jerri is noting.

The VA needs to realize they have a responsibility to protect their clients, the millions of vets who did their duty and now expect some degree of respect and service in return.

What distresses me the most in all this is that the VA, just like many of their counterparts in the private sector, are backing away from their responsibilities in protecting information and dealing with exposures tied to sloppy procedures and poor management.

I read through the current special report on the face of IT in 2010 and was drawn to the article on the changes in the IT careers.  I agree with the findings of the researchers when they state the IT staff will be built on a more versatile knowledge worker than we have seen in the past.  This is a trend that has been building for some time. 

An article appeared today in Computerworld that discusses the coming shortage of skilled IT people.  The article, vaguely reminiscent of the many Y2K warnings, urges IT executives to consider the baby-boomers and their retirement plans when hiring and training staff.  An excellent idea.  Based on what I've seen and experienced recently, many IT managers have begin to consider younger applicants when looking for skilled positions.

True, there isn't the surge in computer science graduates these days (that died with the dot.bomb) and other IT engineers and managers have left the field and moved on to other careers.  Over wine (hey, this is Northern California) I continue to hear stories about the frustrations on the job and a diminished home life.

I've been away for the past 2 months.  I took some time off to relocate (found a home that I liked more than the one I had). I must confess that I didn't spend a lot of time reading technology and business news during my "move" but I gather that I didn't miss much.  Seems that there were more articles written about sensitive data being misplaced, stolen and such.  The biggest one was the 25.6 million Vets that had their key data exposed when an analyst took the data home.

I have just come across a management memo from an organization concerned about the proliferation of music files on the corporate file servers.  I think we all agree that they shouldn't be there and that a reminder to the workforce is in order.  What concerns me is that it comes from the COO and never mentions IT.  It describes finding files during a server and storage audit.  "We" found files.

No where in there does the note mention IT.  This group has, as it's head, a vice president.  The memo doesn't come from him or his team, it comes from the COO.

In an article, two days ago in the San Jose Mercury News, it was reported that Hewlett Packard had to notify employees and retirees of the potential exposure of their identiy (name, ssn, etc) when a laptop containing the data was taken.  It was in the possession of the company they used for their 401K management.  A few weeks ago there was another article that reported  a potential exposure when an auditor accidently left a CD containing similar data in the seat back pocket of a commercial plane.