Wednesday, January 23, 2008

The computer doctor is in

I have noticed an interesting phenomenon among my co-workers. As the IT Manager, it is my job to maintain the servers, the computers and the network. I am responsible for security and for the continual availability of the data on our servers to all those who need it. I think I do a pretty good job of that. In fact, it's hard not to. Once technology is put into place and is tuned properly, it just runs and it just works. The secret is in choosing good and reliable technology.

So here's the phenomenon: I practice what is called MBWA - Management by Wandering Around. I learned it from a wise CFO I once worked for. It never ceases to amaze me the number of times I will meander by someone's desk and have them call out to me to get my attention. "Hey Tim," they almost shout, "What's up with Vista? We're having all kinds of trouble with it. Can you help us go back to XP?"

Now, get this. I have not yet implemented Vista in our offices. In fact, there is only one Vista computer in the entire enterprise. So I ask the employee on which computer he is having problems. "Oh, it's my daughter's new laptop that she got for Christmas." I've heard this complaint a lot lately. It seems that Microsoft has done a great job of selling Vista primarily in only one place - in the retail and mail order stores aimed squarely at the consumer.

"Sure, I would be happy to help you," I say. Under my breath I mutter, "Why didn't you ask my advice before you bought it?" It has been over a year since Microsoft rolled out Vista. I have written about it several times in previous posts but am still of the opinion that there is really no need for Vista. It doesn't offer much advantage over XP and in fact, requires an investment in beefier hardware that simply doesn't justify the cost. In other words, it's just not worth it.

This post isn't about Vista. That just happens to be the example I used. The point of this entry is the phenomenon where people seem to feel this innate tendency and need to complain about something when they see the IT Manager even though things are otherwise going extremely well. There's nothing wrong with this employee's work computer. Email is flowing, servers are serving, clients are talking, the Internet is there for anyone to use and abuse all day.

So why do they feel that they just have to share some technological deficiency in their life when I happen to come into the room? Are they just trying to make polite conversation? I can do without the complaints about Vista, but if it's not Vista then it will be about their home wireless network or about their printer at home that is no longer printing. In other words, I get dumped on a lot with stuff that has nothing to do with our computer equipment at work.

I guess I don't mind working on an employee's personal computer problems, as long as the boss knows about it and especially if it is the boss that has asked me to take care of it. But for the most part, it gets a little annoying to be asked every day about computer issues that have nothing to do with work. It's like I'm expected to provide free computer consulting to every co-worker as if it's part of my job description. I guess that's to be expected if you're the expert.

Sometimes the co-worker will listen to my advice and sometimes they won't. I almost always recommend a course of action that they need to take to remedy or further diagnose their problem. Once they ascertain that I'm putting the burden back on them, they quickly turn the conversation to something else. I guess they feel better that they have talked it over with their IT Manager. I sometimes feel like a psychiatrist to all the employees.

What do you think? Is it OK for co-workers to use the IT Manager as a resource for their personal computer problems?

Monday, January 21, 2008

Windows Vista Power Management

I've had a couple of new Vista users complain about the power management features of Windows Vista. It's not really a big deal to change. Like most complaints I get about Vista, it's just in a new and different location. Here is a graphic that summarizes it very succinctly. Click on the image for a larger view

Friday, January 11, 2008

VPNs and Remote Desktop from home to office

More and more employees are working from home these days. That means they use Remote Desktop and need a VPN. Oh there are other ways, but I'm not going to allow employees to use or on my network. Sorry, I'm responsible for security so I'll control that access myself, thank you very much.

I don't even like to use PCAnyWhere. I mean, why should you pay for something that is built-in to Windows - Remote Desktop? The thing that makes it all works is the VPN. A virtual private network is just a secure method of getting through the company firewall. It's not a big deal to setup a VPN and Remote Desktop. I've done it dozens of times.

That's why I was really frustrated when our HR manager could not get it set up following the standard instructions that have worked for every other employee that has needed it. Now I don't give remote access to just anybody. They have to have a job that requires it or just can't get enough of work so they take it home with them.

I must have spent four or five hours working on this issue over several months. We tried everything. Sometimes the VPN would connect but the majority of the time it wouldn't. We could never get Remote Desktop to work when the VPN said it was working. So I did something I rarely do - I offered to make an on-site visit to her home to get it working.

Of course the HR Manager was over-joyed. She had shared her frustration with her husband who happens to have his own business and his own computer guy. She suggested that the other computer guy meet us there. All we needed to have a full complement of tech guys was to invite a tech from AT&T to join us. It turns out we didn't need him.

The router was setup to get it's IP address using DHCP. That's not a problem - either DHCP or static works fine and has worked for lots of other employees. The only problem was the gateway it was getting - I would have expected an outside address from the ISP. So we got into the SpeedStream modem at that address. Ah ha! It was running PPPoE.

I've noticed this on a few modems setup by SBC (now AT&T) here in Southern California. My first thought was to change the IP address of the modem to The DHCP on the router was handing out addresses in that range so it only made sense to make the modem the first address in that subnet. We decided to try something else instead.

The modem can run PPPoE, pass-through PPPoE or can be put into a complete bridge mode. We used the second option because the WRT54G router can also be programmed for PPPoE. It worked! The funny thing is that the modem reports that it has no connectivity. I suppose that's because it's PPPoE circuitry has been bypassed. Whatever - it works.

Conclusion: Sometimes it just takes an on-site visit to make things work. I confess I've been spoiled over the past few years because I've been able to support all our remote locations via Remote Desktop without having to physically go there. I like that. Remote Desktop is the greatest single thing on Windows for an IT Manager with multiple locations to support.

Wednesday, January 9, 2008

Our first Vista implementation

We've finally bitten the bullet and are in the process of delivering a new computer with Vista Business instead of Windows XP installed. Yes, I know we're a little late in the game but not so late when you read what other companies are doing - most are still delaying.

Working with Vista is not at all difficult. The hardest part is figuring out where everything is. I like the interface. I don't like the endless 'are you sure you really want to do that' sort of questions. My opinion of the product has not changed - why do we really need it?

So why did we choose to go ahead with a new Vista workstation when everyone else in the company is still on XP? It was because the computer with the horsepower I wanted and needed for this individual was not available with XP. I think somebody is being sneaky about that.

Of course it is inevitable that we will make the switch. The boss doesn't like it. Sometimes I think he has no clue what an operating system is but then he doesn't need to know in order to run a multi-million dollar organization, does he? That's why he hired me.

So why didn't I just install XP over Vista? I tried. It threw up so many times that it became a waste of my time. I think it had something to do with the lack of drivers for some of the new features of the hardware we got. The old XP CD didn't seem to like PCI-E and SATA drives.

I suppose I could have figured it out eventually, but I would have spent hours and hours just nuking the drive, finding all the right drivers and reinstalling all the applications. I chose to make the investment of those hours in answering questions from the end-user on why Vista is different.

No, I still don't plan to do a wholesale migration of all the computers in the company to Vista. To do that we would have to replace three fourths of them with newer models. That will wait until next year when most of them are scheduled to be replaced. Yes, by next year I mean 2009.

So what do you think? Are we behind the ball on rolling out Vista or ahead of the curve?

Monday, January 7, 2008

Spam filters that work

I wrote a piece on my blog on Tech Republic today about an RSS feed reader that I like and use. I wrote it in response to a piece from Gene Marks in Business Week claiming that no business owner uses RSS feeds after they've tried them. I tried to politely disagree.

He made some other points in his article with which I disagreed but I didn't want to overload my readers on Tech Republic with too many disagreeable points. So I'll bring it up here. Gene also claimed that no spam filter works. I don't think he has had a lot of experience with spam filters, or at least not good ones. No business in the world should be without one.

There's no way I can endorse his recommendation that employees sort and delete their spam as it comes in. That's ludicrous for any business today that has more than a few employees or that has an email address that has been around for more than a few months. What a tragic waste of time for the employee and a loss of productivity for the employer.

Maybe the business I work for is a little bit larger than his small business experience. We have over 100 mailboxes and receive over a half million pieces of email each month. Guess what? 97% of that email is spam. We could not function without a decent spam filter. Of course no filter is 100% effective but it cuts it down to a manageable one or two pieces.

I've written previously about our success with Commtouch but I have also been somewhat pleased with Cloudmark for the really small business who has litle or no IT budget. But for a professional MS Exchange environment go with Commtouch or Postini or some other outside service to clean your mail before it gets to your employee's mailbox.

What do you think? Is there a limit to the amount of spam that employees will tolerate before productivity starts to really decline and morale suffers?

Friday, January 4, 2008

Blogging on Tech Republic

I have been invited to contribute material to the Tech Republic group of blogs. TR has been around since 1999 and is owned by CNet, the premier tech news company. I have been reading their stuff for years and never imagined that I would be adding my own viewpoints in a regular blog there someday. I am honored to be joining the Tech Republic / CNet team.

The blog is called Tech of all Trades and is new this year to TR. I will be joined by several other computer geeks like me who specialize in supporting small to medium businesses with mainly Microsoft technology. The majority of Tech Republic readers work in small businesses. That makes sense - there are just more of us because there are so many small businesses.

I've thought often about the pros and cons of being the top geek in a small business. It can be a bit of an ego booster to have everyone look to you for advice and help on all their tech issues. It can also be a pain because there's no way that one geek can know everything. There's also a kind of one-upmanship that goes on with some of the more tech savvy co-workers.

I'm not a gamer. The other day someone asked me what I think of overclocking the latest AMD processor and would I recommend using water cooling. My response: Why don't you try it and let me know how it works for you? There's no way I'm going to be overclocking any of the units we use to crunch numbers in accounting or file flight plans in Ops.

I'm more concerned about keeping viruses, spyware, malware and spam out of my network. My job is to keep the computers running and the electrons flowing. Anything that detracts from that mission is just not worth my time. So I guess I'm not as much of a geek as some. I carry a Treo, not an iPhone. I spend time on Digg but not on the Something Awful forums.

One of the main reasons I accepted the invitation to join the Tech Republic team of bloggers is the opportunity to be read by a larger audience and to get more feedback. There are millions of blogs out there and it takes someone with TR marketing muscle to get the word out. If you haven't visited the Tech Republic site, I encourage you to do so and become a subscriber.

Thursday, January 3, 2008

Top 10 sites to debunk urban legends

Has this ever happened to you? You're busy working on an intense project when someone in the company excitedly forwards you one of those stupid urban legend chain mail spams asking if it is true. Or worse, they simply forward it to everyone in the company without checking with you first.

It doesn't matter that you have a written IT policy on the company intranet explaining what a useless activity this is. Nor does it matter that you have tried to explain to this individual several times that junk like this is really annoying to everybody who receives it. They just don't seem to get it.

It's bad enough that we get spam from outside the company. Do we have to endure it from our own employees also? As the IT Manager I have to take a few minutes to debunk the latest urban legend that got the naive employee so excited. What's worse, I have to be extra nice because it is an executive who forwarded the e-mail.

Of course the basic skill in responding to these interruptions is Google and keywords. I am still amazed after all these years how many people don't know how to Google properly. Maybe it's just the people in the company I work for are that are sadly Google-challenged. Hopefully you have this better managed in your company.

I've often wished for a list of sites to which I could refer the offending co-worker so I decided to compile a short list of what I consider to be the top ten. Actually, you really only need the top three but I've found the others to be useful on occasion. Sometimes these sites can be entertaining reading but who has time for that?

1. Snopes- Who hasn't heard of Snopes? This is the grand-daddy of all fact-checking sites. Some of the worst chain spams even quote Snopes with an embedded link to give their e-mail an added level of authenticity. Of course, Snopes has been known to be wrong and has changed their listings on several occasions. They've also become very commercialized and include lots of pop-ups over the years - very annoying - but it is a very complete site.

2. About Urban Legends- This sub-site has been hosted for ten years by David Emery and frankly, he has done a great job. He is passionate about finding and debunking all those rumors, myths, pranks and odd stories. I have found lately that I am referring more people to his site than Snopes because I like the format better. The site also shows up in more Google searches than the others indicating that the content is well linked and used.

3. Break The Chain- In 1999, John Ratliff was annoyed that he kept receiving the same chain spams forwarded to him over and over. I have been just as annoyed for just as long but he did something about it. Like most of these sites, John has plenty of healthy advertisements but no pop-ups. His site is getting more professional looking all the time. He is also frequently cited by the media when looking for authoritative source on these stupid chain mails.

4. Hoaxbusters- The site has been around a long time (since 1995) and has a good archive but doesn't seem to be as current as it once was. It is a part of the US Department of Energy - Computer Incident Advisory Capacity (CAIC). Chances are that if you cannot find details of a hoax on one of the other sites, you may be able to find it here. Because it has been around so long there are some dead links. Hoaxbusters also contains a page of links to other hoax sites.

5. Sophos - This anti-virus company keeps a small list of hoaxes and urban legends but it is not nearly as complete as the sites at the top of this list. Their focus is more on virus hoaxes -you know, the ones that scream that you will wipe your hard drive and melt the motherboard if you open the suspect e-mail.

6. F-Secure - They claim that their list is comprehensive and the industry standard source for all things hoax related. Don't believe it. If you click on their list of latest hoaxes you'll see that it hasn't been updated for a few years. However, it is still a good list to search if you don't find what you're looking for elsewhere.

7. VMyths- Well referenced by specialists in the computer security field, VMyths takes Internet hoaxes and chain letters to a new level. If you want to read what the real experts have to say about Internet hoaxes, virus scares, myths and legends, get it from Rob Rosenberger at VMyths. Unfortunately, their lists are not comprehensive.

8. Symantec- I have a love-hate affair with Symantec. I use their products but I've been burned by them several times lately. That's a story for another post. Their hoax list is pretty good but seems a little dated. Maybe that's because most hoaxes today are really recycled from earlier hoaxes.

9. Trend Micro - They have improved their list lately with some good updates. I like their style and formatting. Obviously a company that sells AV solutions has a vested interest in keeping their hoax list up to date. Check out their complete list of urban legends. It has some entries that I have not seen elsewhere.

10. Virus Busters - A short list from the University of Michigan of hoaxes and legends that keep coming back. Like the UofM, I have not seen a lot of new hoaxes lately - they are almost all repackaged oldies. The list is not intended to be comprehensive but is a good reference point for what you will see on a regular basis.

I know I've missed the favorite site of somebody and would like to hear about it. Add yours to the comments so we can all add to our knowledge of what's out there. And may your New Year not include a batch of new employees who feel they must educate you about Bill Gates' desire to send you big bucks for forwarding chain letters.