Overhaul Update

The overhaul plan is coming together. HP did not get back to me on extending warranties on old servers, which pisses me off since I was hoping to go HP with this overhaul, but I was able to work with Dell on two new rack servers (post). Additionally I chose a Quantum LTO-2 (shop) drive, which should handle all the data we have amassed on to one tape a night.

I used Virtual Server 2005 (link) for a few days but it just didn't give me the ease of use I need so I downloaded VMWare (link) today. All of it is free, btw. Hopefully I can get my backup software experimenting underway. I may wind up sticking with Backup Exec anyway because our consultants don't support anything else (except for ArcServe and I'm not a masochist). I appreciate everyone's input on Retrospect (post).

Before I purchase anything I need to get a quote from our consultants on migration assistance. While I know the Windows 2000 to 2003 migration is far, far easier than NT4 to 2000 (which was a nightmare), I would not feel comfortable taking the chance doing this alone. Domain controller, Active Directory, and Exchange. Seems like a lot can go wrong and I keep hearing that Microsoft's documentation is never enough.

Buying Servers

I don't get the chance to buy servers often so when I do I get overwhelmed with the details. So much so that I had to revisit what I had already spec'd. Do I need a split backplane? Does anyone need a split backplane? What the hell is a split backplane? Well I figured it out. The answer is no; the few dozen people at my organization don't hit the Exchange or File servers hard enough to warrant all that fanciness. I get the split backplane anyway but don't need to use the functionality as I'm sticking with RAID 5+1 only. Of course if I get it wrong it could get expensive but buying servers has never been rocket science considering the basic requirements for the non-profits I've worked for.

Anyone ever have a nightmare situation because they chose the wrong specs for a server? I imagine it would be a little hard to get it completely wrong, however, that thinking could also be the road to disaster.

Social Workers are NOT Allowed to Talk to Programmers

Ever watch a Social Worker talk to a Computer Programmer? Like watching cars collide, there is a fascination about it. Unlike an auto wreck, IT Managers can stand between the two, like Superman, keeping both sides apart so the universe doesn't collapse. And so we become intermediary.

This social worker is assertive but compassionate. She explains how something should occur but not step by step. She feels that the programmer is capable of accomplishing his mission if given enough support and a little guidance to help him along. She thinks even the most structured mind requires a little freedom for creativity. Getting the programmer to get the project from A to Z requires a little trust on her part.

This programmer breaks down the situation into its components, realizing the lack of specifics means the social worker is not interested in how goals are achieved. He takes the bits of information she's throwing at him and decides how and what to implement. He doesn't feel there is need to ask many more questions. The social worker should be happy with what he provides her because he's done this a thousand times, and he's good.

Disregarding the big question (who thought this was a good idea??!!), there is really only one lesson to be learned. IT Managers don't let social workers talk to programmers alone. I think that's a commandment, Veda, proverb, and amendment, but most of all, that's final.

Volunteering at Company Events

When kids are running around the office or I'm talking to people that are directly benefited by my organization's work, there is a tremendous connection between the work I do on technology and the work the organization produces. I know if I am able to perform my duties properly the staff can do their part better and good comes of it in the end. Therefore I suggest volunteering at company events when possible. The volunteering should not be around technology because otherwise it's still work. This allows you to detach from the pocket universe of IT and helps align the mind to the company's goals from a different perspective, which inevitably helps focus the direction of technology. Participating in events also helps IT people understand what the rest of the company's staff does, which sheds insight on other people's priorities and hopefully generates empathy.

It's good to volunteer and connect with the company. I advise it for all non-profit IT people and managers should encourage their IT staff to do so. At the very least you get a sense that there is more than a paycheck to work towards.

Resources for One-Man Non-Profit (or Otherwise) IT Departments

In response to the previous post I received many suggestions on resources and communities at my disposal. I appreciate the suggestions and thought I should summarize for everyone's benefit:

* Experts-Exchange (site). Fee based but has much information.
* Information Systems Forum (link) Yahoogroup
* Tek-Tips (site)
* 501 Tech Clubs (link) at NTEN (site)
* Riders' groups on non-profit tech news (link), general discussion (link), technology discussion (link).
* Techsoup forums (link)

Send in more suggestions if you have them.

Going Solo Can Suck

One huge benefit of working in a group is that problem solving can be done collectively. One person can't possibly know everything and have read every article or retain every detail of every knowledge base. Some solutions lie in different fields of interest. Having a group of technical people is quite beneficial because one solution can draw on several minds.

In the small companies I've worked for and with, there has always been a one-man IT department that must rely on his/her own resources. While this gives one tremendous room to grow, it also slows one's education because, of course, you always learn better in a group.

It's one reason I created this blog. I need other people's insights on things like alternative backup systems and how not to hurt my boss. It would be nice if there were more roundtables to assist with some of the bigger problems, as well as some of the more mundane. At the very least there must be some good tech forums (non-profit or otherwise) out there. Any suggestions?

EMC Retrospect anyone? Anyone?

I've asked far and wide and there is very little information to be had on Yosemite. The few reviews discovered online range from great to okay. I didn't see very much negative about the product but I didn't find very much at all.

A consultant pointed me towards EMC's Retrospect (info) (formerly Dantz Retrospect). The pre-sales rep at EMC told me that competative and non-profit pricing are offered. I'm assuming she's not mistaken but Retrospect, after discounts, comes out a hell of a lot cheaper than Backup Exec and Yosemite. One reason is that their Multi-server package allows for unlimited clients (!!??). For every other manufacturer, client licenses are additional. Also, EMC extends the discounts beyond the core product to the agents like those for Exchange and open files. Yosemite does the same but Symantec does not.

I have some more research ahead of me to make sure this is all kosher and Retrospect is a good choice. A quick Google search shows there is more to read about Retrospect than for Yosemite. Yes, it's true, I hate Symantec tech support this much.

Anyone have experience with EMC Retrospect? Your input would be appreciated. Anyone? Anyone? Bueller?

Yosemite Backup Standard versus Symantec Backup Exec

I'm considering Yosemite Backup Standard (site) as the backup solution for one reason: ever since Symantec took over Veritas the support for Backup Exec has been atrocious. I'd rather shoot myself than use Symantec's tech support. I can't believe we're supposed to pay maintenance to be placed on hold for an hour or spend days chatting online to solve a problem. If possible, I want to move away from this frustration.

We already have various flavors of Backup Exec but some of it is not licensed, and we need a couple of add-ons, so a purchase is necessary. Backup Exec seems to be the ubiquitous solution for non-profits probably because the base program is dirt cheap on TechSoup (site) and most consultants are very familiar with it. In our case, with the need for a few client licenses, an Exchange agent, and possibly an open file agent, Yosemite comes out a tiny bit cheaper with its non-profit and competitive upgrade pricing (contact them!). I'm not really looking to save money here, I just want the best backup program and decent support.

The trial version of Yosemite looks nice and works very easily but seems limited. The sales rep stated it actually can do more so I will have to reinstall it on a test server. So far a restore went smoothly. Also, Yosemite created an ISO and backed up to a CD with minimal effort. While I don't think those latter options would be used regularly, it's nice to see that kind of flexibility. I'm not sure Backup Exec can do the same.

Anyone out there have experience with Yosemite? What are your thoughts?

What Hath We Wrought - First Month's Review

I walked into my new job with all kinds of notions. Many of those were based on my last job, also a non-profit. There, as the one-man IT department, I had managed to encourage respect for the IT infrastructure as a business interest and the IT department as a staff resource. Observation told me this was happening at other non-profits as well and was encouraged when I was made an offer from the new company.

From what I understood this was a company waiting for change; one whose staff was fed up with the structural neglect. I thought I would be able to bypass the part where I must encourage business interest in the information technology and convince staff to use the IT department (i.e. me) as a resource for accomplishing their goals. I was quite wrong and quite unprepared and this led to much frustration. I realized that despite wanting change, the company was not ready for it (post). The psychological component, the Technical Social Working skills I've mentioned, really needed to be implemented.

Still, despite politics, bureaucracy, and an uncooperative work environment, some things were accomplished in this first month. As a result of the Exchange service reaching its maximum (post), for the first time mailboxes have been capped preventing a repeat of this occurrence. Staff were then instructed on how to maintain mailbox size in a way that gave them some control over the situation. No one likes being dictated to, so a tiered warning system was implemented (post).

To combat the spam plague (post), it looks like a contract for an offsite spam filter will be signed this week.

I'm finalizing a plan to upgrade the hardware and software in the company. Fighting with TechSoup and Microsoft licensing (post) I think I have devised the most cost-effective solution that should keep the company current for several years. On the hardware side, setting up accounts with favored vendors has helped me obtain great pricing (post).

Most important to me was security vulnerabilities (post). The greatest hole in our system is human. I seem to have made some progress. At the very least our backup tapes will be in an in-house safe for most of the week. Once a week they will still be leaving the premises to go to the boss's home. Despite his reluctance, I have been speaking to professional offsite archival companies.

Additionally, every computer was patched. Some needed over 100 MB of patches. The last admin thought it best to leave automatic updates off but I see no reason for that on workstations until I've setup WSUS (post).

Considering it's the first month on the job, I'm satisfied that several necessary changes have been set in motion. I suppose I should not have expected much more so early since learning the company's setup, culture, and workflow will be ongoing for a little while longer. I am determined to make the basic changes as soon as possible so then I can focus on specific business needs. Still the struggles at work (post) make my status unstable. Wonder what the next month-end review will bring.

Windows Automatic Update rocks!

Heh. Well...okay, they don't rock but despite so many administrators' hardline positions against the function, I think there is tremendous use for it by a one man IT department. Especially in an office where most people use common Windows programs. It automates part of my work and keeps PCs regularly protected. I feel there is a greater chance of a vulnerability being exploited in the OS than a bad patch being deployed.

I only do this for the workstations, of course. I also don't leave the default "everyday" schedule, instead picking arbitrary days and times. The purpose for the latter is to stagger the updates so by chance MS puts out a bad patch, I can do something or they have time to do something. Also all the computers don't hit the site together dragging down our T.

I know I can set up WSUS (info) but honestly I don't have the time to manage MS's patches right now. And I'm satisfied enough with the staggered schedule that bandwidth won't be an issue...

Alright, alright, I'll set it up soon. Sheesh!

Elizabeth's Comment

I've been thinking about Elizabeth's comment (post) for the last couple of days. Even though she wasn't exactly stating this, I think it's fair to reconsider the source of my frustration because she makes a valid point, that the inability for an organization to change is not necessarily wrong. Is my frustration because of me or my employer?

My impression after the interviews was that the organization was hiring to make necessary changes. I suppose it was naive of me to think this meant that they were *ready* to implement changes. Of course my recommendations required explanation, and I did provide with relevance, but the initial inability of this company to accept any change, no matter how necessary, was surprising.

Soon after starting I was told I was in a "privileged position" (post). This reinforced my notion that the company wanted change, however, the notion was so far out of the scope of reality. I should not have been so ready to accept that line because it really meant my boss did not want me to look at the books. Which brings me to another point...

The dot-com and my last non-profit allowed me to develop my skills in relative autonomy. Here I walked into a distrustful, hostile environment. Among many things I was informed I had to do things my boss's way and that I would be evaluated on how well I did that. This is the path to failure and there was no reason to hire me. If I do things only his way, despite my better judgment, and fail, the failure would be mine. If I don't do things his way and yet succeed, I actually fail. The only option is to work as hard as possible to make his way work and I'm not one to waste my time like that.

I appreciate the comment, Elizabeth. It started me thinking about where to focus my frustration and also how better to handle the circumstance. I've decided not to directly confront him on the issue because no good would come of it. Once I figure out what to do I'll make sure I blog on it.

SpamStopsHere...Soon

A 30-day trial, very good pricing, non-profit discount (if you call and ask the sales person, eh-hem (post)!), and it's all handled offsite. I believe SpamStopsHere (site) is what I was looking for. I haven't signed up and obviously I'm being premature as it might not be the solution, but I read good things about the service and it feels right. The trial-run will be beneficial and I will keep you posted on the outcome.

Crying Louder

Often only the IT person can raise a red flag. Sometimes we don't because we fear losing our job or creating friction. While I haven't mentioned it much, a lot of my frustration with the job actually stems from the thick politics and poor work environment. It's been so bad that I have seriously contemplated quitting over a dozen times in the three weeks I've been there. I have never worked anywhere for less than a year. My last two jobs were four years each. There was enough excitement going in that I started this blog. It has been a shock to feel my morale sapped at such a rate.

The environment has left me in such a state that I don't care what happens. I still want to fix what ails this organization because I know I can and should to help all the people that the non-profit aids. But it is tough to look beyond the bad vibes. Never have I experienced a work situation like this. Doubly surprising since it is a small company.

The comment a reader made in a previous post, Laximum Security (post), helped me some. I suggested placing the tapes in an in-house safe and one or two a week in a secure offsite location. The boss agreed to half but still insisted on taking one backup a week home as the offsite solution. In response to my objections the boss threaten me, informing me to leave the issue alone. Of course I can't and won't. Aside from tons of donor data involved, there is employee data, company data, and most importantly (at this point), my personal information. I would rather lose my job than be victim to identity theft, which could be crippling for years. If the rest of the staff knew what was going on...

I will press him on the issue again next week. It will get nasty and I will have to go over his head or resign or something. He is simply being much too liberal with confidential information. As the only person in a position to do something about this I cannot allow it. There must be something in Sarbanes-Oxly, HIPAA, or some other law that I can use to convince him. Otherwise this blog may end quite prematurely.

File and Folder Nirvana

For a few days I will be focused on files and folders. If you were here you would easily recognize them because they can be found everywhere. About 100 GBs worth of them. I was fortunate at my last gig to have a predecessor that was quite anal about keeping the servers clean. No such luck here. Seeing the file server max out, the last IT Manager simply moved things to different servers then manually (i.e. inconsistently) created drive mappings on every workstation.

Without an ounce of sarcasm I want to state that this is SO AWESOME! I get to figure out the purpose of each folder, document everyone's individual drive mappings, create naming conventions because there were never any, develop security structure cause everyone's got access to everything (even you!), and create login scripts and group policies to automate some of this crap. FUN!

Okay, so there was a little sarcasm.

Legacy Issues

I wonder how my replacement at my old job views the work I did there. Spending several years at one place as a one-man department, you tend to make the quirks and inaccuracies in your network, and the band-aids you apply, effective and efficient. It works for you but wouldn't work in a multi-man department or for anyone else, including the replacement.

I find myself facing that issue here. I'm constantly saying things like "Why would he do things like this?" "What was he thinking?" etc. I bet my replacement is saying the same things. How easy it becomes to badmouth and blame the other guy.

Laximum Security

I'm under the belief that backups should be done nightly and, possibly every few days, an archive should be sent offsite to a safe or safety deposit box. That's the way it has worked at my last two jobs, one a dot-com, the other a non-profit. Here they do backups nightly and my boss takes the tapes home with him every evening. Am I wrong to find this unsettling? I've approached the topic twice and both times the boss has reacted defensively. I don't plan to back down but this is a problem.

I understand his concern. If nightly tapes are left near the servers and a catastrophic event occurs we lose a few days worth of data. My concern is that with tapes constantly traveling with him there is much greater risk of data on our donors, and everyone we help, getting into the hands of identity thieves. I'd rather lose a couple of days data to a catastrophe than a lifetime's work to identity thieves. I'm sure everyone that helps us would prefer it that way too.

Suggestions? Opinons?