From the desk of: Sam C. Chan

IT Notes

Last updated April 5, 2018   (continuously updated)

Threshold: will take on a task...
   worked 3+ hrs, plagued 3+ mos, failed 3+ pros

Common Red Flags
  • mindless: goog, upd, scan, auto, default
  • non-forensic mindset (foresight, discipline, methodology)
  • unsystematic: lack abstraction, pure nuts & bolts
  • too eager, all incl. no boundary (ignorance)
  • excessive hedging (willful deception)
  • invoke magic
Risky Major Projects  (policies section)
  1. consult, assess & educate
  2. ground work (prep)
  3. basic efforts (end goal, or as pilot)
  4. advanced efforts (opt.)
  5. bounty hunter (rare)
To Patch or Not (%risk on any given day)
  • 1:10 minor glitches (patch-induced)
  • 1:25 significant glitches
  • 1:50 brief operational outages/data losses (patch woe)
  • 1:100 baseline routine incidents (non-patch-related)
  • 1:1000 catastrophic incidents (serious breach, etc.)
Risk management
  • recoverability: existential threats
  • C/I/A: exfiltration/tampering/loss of data
  • down time objectives: DR/BC/BIA
DATA
  • Goals: confidentiality, integrity, availability
  • ORG: importance, sensitivity, recourse, chg frequency, bulk, category
  • Tasks: backup, forensic recovery, sanitization, encryption, ACL
Mottoes
  1. things are not random (path)
  2. things are technical & complex (efforts, systematic)
  3. convoluted & counter-intuitive (myth, incredulity)
  4. there is no magic (deceptions, "exclusive"?)
  5. prioritization, coordination, long-term (TCO)
  6. adversarial interests
Remote vs On-site
  1. in-shop: labs/tools/spare parts req
  2. remote: long wait time
  3. touch required
philosophy
  • things are complex & convoluted:
    • prerequisites, serial dependency
  • nothing is random
    • narrow path
    • explicit
  • there is no mystery
    • just ignorance
  • there is no magic
    • exclusive? impervious? flawless?
IT indus unique char
  • complexity
  • rapid change
  • ubiquity
  • fudgeability
New versions upgrade
  • unknown modifications (features/behavior)
  • uncoordinated (schedule/sequence/extend)
  • unreliable (unproven in your own environment)
Train vs Provide  "give the man a fish..."
  1. difficulty: training costs
  2. risks: ramifications of mishaps
  3. recurrency: intervals & regularity
  4. resources availability & staff qualifications
Backup Master's Duties
  • scheduled jobs launched successful
  • monitor columns: Error/Warning, performance
  • examine log entries w/ errors
  • initiate call to IT as needed
  • manage off-site rotation
Publishing
  • idea & content
  • organization
  • legibility
  • theme & presentation
Social Lunch Show & Tell
  • 7s/15s/30s: physical access, boot, unlock, nav/search
  • UI & features (live, react, control: z/rot/nav/tl/xfr)
  • selection & presentation (design)
  • unwieldiness
Info Dissemination
  1. hosted web site
    • interactive, navigate
    • accessible online-only
    • trackable
    • updated, always current: live | addenda | rev.
  2. offline web site (encapsulation of HTML + embedded objects)
  3. HTML document (optional embedded graphics online)
  4. picture: jpg, png, tiff, gif, webp
  5. PDF
    • layout control, vector fonts, structure lost
  6. PDF with online authorization & tracking
  7. physical printed media
Invalid
  • falsehood (beyond imprecision)
  • undefined (vacuousness, platitudes, sophistries)
  • self-contradictory (illogical, oft linguistic-level failure)
  • self-defeating (against YOUR self-interest)
Internal Docs
  1. unpolished, incomplete
  2. expectation, obligation
  3. confidential info (btc/clt)
  4. proprietary info

The section below is preserved from 2007. Reviewed Nov 2016 & deemed current.

Why Retain Part-Time IT Director, not ad hoc sub-contract?

  • Official Role acknowledgment & commitment
  • Mutual road map, expenditure and resource allocation
  • Simplify billing and tracking
  • Standing Overseeing Authorization ("general contractor")
  • Cross-tasks/projects Continuity, and always "In the Loop"
  • Ability and Opportunity to Offer Insights and Optimization
  • Streamlining, preplanning, visions and strategies
  • address "You don't know what you don't know" 
  • Avert problems and crises, rather than react & combat

IT Personnel Expenditures  April 2007. An analysis on cost allocation and strategies

Attached Spreadsheet: Bravo Analysis on IT Department Expenses

Essential memos

Additional Related Materials

Copyright @2005-2018   Bravo Technology Center  *  Bravo:GO  *  Contact Us