Archive for 'May, 2010'

In my previous posts concerning my efforts at starting an IT business in my new home state of Arizona (Episode 0, part 1 and part 2), I had decided that a simple sole proprietorship was the way to go. However, I began to reconsider that course of action when I realized the liabilities involved in sole proprietorship (SP).

As a SP, all of my personal assets can be auctioned off to settle a debt. A Limited Liability Company (LLC) affords some protection to my personal assets. Furthermore, I began to have grand ideas of creating an actual business rather than simply acting as a hired gun. MSP, ISV, ASP, SaaS providor? It is all within the realm of possibilities… and it’s all suggesting an even greater need for some liability limitation. I figured it would be best to preempt the future and make an LLC now.

I found a law office in Arizona that has a ton of great information concerning the formation of LLCs in the state. While it’s specific to Arizona law, I believe that the information provided is still useful in general if you’re looking to form an LLC.

The basic information to take away is that LLCs are considered a “liability deflecting entity” that can and should be formed around any business venture. Some folks that own and rent property even create a separate LLC for each and every rental so the liabilities of one won’t threaten the others.

While LLCs can mitigate the risk of personal liability and increase the likelihood of creditors working out a deal with you, they are not bulletproof. If not formed correctly and with enough due diligence given to its continued operation, a court can “Pierce the Corporate Veil” and hold individuals accountable.

Depending on the state you live in, part of the due diligence of operating an LLC can include, but is not limited to (great, I’m sounding like a lawyer) not using corporate money to pay shareholder debts or expenses, not creating Articles of Organization, failing to hold director / manager meetings and keep minutes or filing actions by unanimous consent.

All of the specifics of the LLC formation process are dependent upon the state (or country) that you live in. Really, you should talk to a lawyer and have them set your paperwork in order.

Once you fill out the initial paperwork to establish your LLC, your state may require you to publish some kind of notice in a newspaper or on a public board and then send in an affidavit to your state’s corporate commission. For example, as of the time of this blog post Ohio and Arizona require all three steps, whereas Kentucky is one of many that doesn’t need a notice of publication.

At this point you’re finished or very near to it (depending on your state). You can then elect to receive an EIN number (again, this is specific to the USA) to use when creating business bank accounts. Business finances is a whole ‘nuther can of worms so I will leave you to consult with a tax and finance  professional (like I’ll be doing shortly).

As of this writing in May of 2010 my own LLC papers have been filed, accepted and are awaiting my Notice for Publication papers to be filed at a newspaper. once that is finished, I will have my very own LLC and will be free to take the business where I see fit.

Whew! What a responsibility. Have any of you readers trod this ground before me? Any advice would be greatly appreciated.

(Post updated to include backlinks to previous blog posts on my efforts to start a business. Thanks to Jon Angliss!)

I wasn’t terribly happy with my original theme. After hunting around for a few days, I think I found one that I’ll stick with for a while. I was hoping to find a good three column theme, but the text column was never wide enough for me.

Even this theme’s text column is a bit too skinny for me (and the text is too small). The theme is the free Typebased by WooThemes.

What do you think? Is is pleasant enough or is there an element that is too bothersome for you? Do you have any theme suggestions? I’m really looking for a wide, three column personal blog theme that has some space for ads (gotta pay the hosting fees) but gives a good wide column to the content.

It doesn’t have to be free, it just has to be good. Methinks I’ll peruse RocketThemes.com…

The Corporate Executive Board (CEB) has released yet another article that suggests we IT people will have to adapt or risk being disappointed when the inevitable changes take place. The article, published on BusinessWeek.com, predicts that within the next five years a major shift in corporate IT will be taking place. It’s already happening now.

The CEB’s survey showed that in 5 years it is likely that only 25% of most business’s current IT staff will remain within the internal IT department. The other 75% will be pushed to external service companies or into what the article refers to as “shared services groups” within the company.

I’m still trying to grasp what exactly a “shared services group” is. The way the article defines it is a bit too heavy on buzzwords and corporate-isms. It seems to be a small group of IT generalists that serve the generic needs of business units in contrast to the predicted trend towards hyper-focused IT units within each distinct department. However, I’m  not sure about the article’s justification of the need for a “shared services group”.

I take issue with some of those reasons that the CEB listed for why IT departments will be fracturing. On the flip side, I tend to agree with some of their reasoning. Let me lay my thoughts out for you.

First to be mentioned in the article as a reason for IT department decentralization is the concept of outside service providers being able to better meet targeted needs: “This business shared services organization will have within it an “indispensible IT” function with specific responsibilities around managing the external providers to ensure service levels and integration with existing technology” (emphasis added)

That goes without saying, I believe. I’ll touch on service companies later in my post.

Another reason stated for decentralized IT is that: “the lines between what is “IT” and what isn’t will become so blurred that the activities may be rehoused elsewhere in the business services group.” I think that this methodology (at least, as I interpret it) may be attempted, but I’m skeptical that it will last in the long run. I see a chaotic future of disparate technologies between departments being selected and ultimately conflicting or being generally unsatisfactory. There needs to be some kind of centralization of IT, even if it’s within business units.

Speaking of business units, the next reason given for decentralized IT is that the technology that is truly making money for a business will be acquired and managed by the units themselves. The study states that the technology initiatives that add business value usually require a deep knowledge of that business function that could only be known by people who are in that unit daily. Thus IT workers will have the opportunity to be aligned directly with a business unit rather than a single internal IT department. I tend to agree with this based on my own experiences.

Finally, it is alleged that non-IT people are increasingly tech-savvy and can handle their own technology to a greater degree than previous workforces. While I agree that people have a greater appreciation for technology and aren’t so quick to make another paper workflow, I disagree that the increasing friendliness towards technology will translate into a Nirvana of shared IT duties between most members of a business unit. I believe there will still be a need for some kind of centralized strategy behind the selection, implementation and management of technology even if it’s within individual business units rather than a single monolithic IT department.

Stepping back from it, this is what I take away from the article:

First, big IT is, in most cases, dying. The centralized department of ten IT people that I was fortunate enough to work in for four years not too long ago may have been my last. Big IT is not responsive enough to justify itself.

Second, IT needs to provide actual business value. It’s not enough to just keep the lights on with services like anti-virus, application deployment, lifecycle management, asset management, email, collaboration and etc. Those services are great, but they’re as expected as water, electricity and HVAC in the building. Not one is terribly impressed with those projects anymore.

IT is expected to create systems that have a direct impact on customers. No matter what the industry, that concept seems to be increasingly focusing on either business intelligence (data mining) or some kind of web based interaction with users (in my opinion, that primarily takes the form of making user portals suck less with the help of UI people).

That puts me and every other IT person (SysAdmin, Developer, etc.) at a crossroads. In the next few years, do we want to be hyper-focused within a business unit or do we want to focus on providing services externally? Do we want to snuggle up to the marketing department or engineering or finance and learn their ways so we can create better systems that directly impact them? Or do we want to tend to a cloud provider’s server farms, work in datacenter infrastructure, provide SaaS or offer specialized consulting skills (security, ITIL, compliance auditing)?

The answer to those questions are largely personal and will reflect an individual’s personal preferences concerning what they like to do in their vocation.

Either way, it seems obvious that change is coming. Change that I wasn’t expecting just a year ago. Where you? Are you braced for it now or are you unconvinced? Take a look at the article and tell me what you think.

This has made for some unexpected decision making in my life.

I’m not an electrical engineer. The extent of my knowledge about electricity is that when I flip the power switch on the wall, the lights turn on or off. Oh, and something about not blow-drying your hair in the bathtub.

So what are volt amps, you say? I found an APC sponsored PDF called “Watts and Volt-Amps: Powerful Confusion” (direct PDF link) and gave it a read with the hopes that I would finally understand. It’s a quick read. Really quick. The PDF is 5 pages, but you can subtract 3 of them (front cover, back cover and author bio all get their own page) to get to only two pages of actual content.

Apparently both terms refer to power draw. While watts are referred to as the real amount of power that a piece of equipment draws, the PDF describes volt-amps as being “used for sizing wiring and circuit breakers.” No solid definition was supplied.

The VA and watt ratings for a single device can differ, with the VA number always being equal to or more than the watt rating. Never less than the watt rating. The ratio between the VA and watt rating of a device is known as the “Power Factor” or PF and can vary between 0.55 and 1 with a typical number around 0.60 (also represented as 60%) for consumer electronics devices. E.g. A 1000 VA device can pull between 550 and 1000 watts, but never more than 1000 watts.

Watts and volt amps come into play when you realize that there are two types of power supplies in common usage: Power Factor Corrected (PFC) supplies and capacitor input supplies. PFC supplies have a power factor (PF) of 0.99 to 1.0. That means if it’s rated to pull 1000VA, it pulls 1000 watts (and vice versa). Capacitor input supplies have a PF typically between 0.55 and 0.75 which means if it’s rated to pull 1000 watts, it will pull between 1550 and 1750 VA.

Great! Just buy things that only have PFC supplies and you won’t have to do any mathematical gymnastics! One problem: you can’t tell which kind of power supply is which. There are no external indicators (usually). The general rule, which seems to be pretty solid to rely on, is that all major devices such as business class networking equipment, servers, appliances, drive shelves and etc. manufactured after 1996 use PFC power supplies. All home and user equipment typically have capacitor input power supplies. That means desktops, desktop switches, scanners, printers, etc.

What this means is that when making specifications for a UPS system, if you’re working on enterprise class equipment in the server room, VA and wattage numbers can be virtually interchangeable. However, if you’re putting a UPS on a more consumer level device, possibly things like a POS system that includes a switch, printer and scan gun, you’ll need to keep those ratios in mind.

According to the APC PDF, it’s an industry standard to use 60% as the power factor when sizing a UPS. To use the above POS scenario, if you have four devices that total 500 watts, you’ll need a UPS that is rated at least for either 500 watts or 700 VA. However, if a piece of equipment is rated not in watts but in VA, you know you can use the VA number as a ceiling since it can’t pull anymore watts than it’s rated in VA. Of course, this can lead to way oversized UPS solutions. Maybe a wattage meter is in order.

Of course, the APC paper points out that they have some nifty online sizing tools that can help you make those decisions.

Reiterating my earlier question: What exactly are volt amps? The answer is: I don’t know, but at least I know how not to blow my UPS up! Seriously, I need to get edukatated in electricity. I’m ashamed to admit it, but I think “The Manga Guide to Electricity” might be a good book for me. Not because I like manga (I don’t particularly), but because I’m that stupid and need lots of pictures.

Oh sweet! The Manga Guide to Electricity is available on my Safari account!!

A recent article at queue.acm.org piqued my interest. Titled “Overspecialization can be the kiss of death for sysadmins”, a budding SysAdmin asked “What is the biggest threat to systems administrators?”, specifically referring to the SysAdmin profession.

The answer was a 14 paragraph monologue that, in my interpretation, was very good advice but answered a completely different question. The answer boiled down to two points:

1. Work smarter, not harder
2. Communicate better with your bosses concerning what it is that you do all day

I think that is great advice for keeping your job today, but doesn’t seem to answer the bigger question that the budding SysAdmin asked concerning where the SysAdmin profession is going as a whole. Either that or I’m hyper-sensitive to this topic since I’ve been all abuzz about it in the last few months and I’m misinterpreting everything I read.

First, I’ll address the well meaning advice that was offered to the budding SysAdmin.

Point number one of the original article states that it should be a SysAdmin’s priority to strive to know what to do more than merely how to do something. You need to be a decision maker. Those that are merely grunt workers, churning out mod_rewrite rules on command or twiddling ACLs in the ASA are easily outsourced. Those that primarily decide why a rewrite rule is needful or what threats need to be mitigated at the gateway are the valuable ones. Double points if you do both. In fact, it is my opinion that the separation between decision makers and implementers is closing. due to cost and a greater potential for miscommunication.

The article also lumps overspecialization into it’s first point. Not only is it bad to stay comfortable with being told what to do rather than learning why to do something, it’s equally bad if you only know one thing very well. If demand for that thing goes away (and it always will, in some capacity), you’re left out in the cold. However, in my opinion, that’s merely a symptom of choosing to think about how to do something rather than why you should do something. It’s one thing to know everything about how to run a web farm using NCSA HTTPd. It’s a more valuable thing to know why you shouldn’t. Overspecializing is a symptom of not thinking hard enough.

The number two point in the article points out that even if you’re awesome at what you do, make great decisions and implement stunning examples of systems engineering perfection, if no one knows about it then it’s essentially useless to you and your department. That’s true enough. People need to know what you do so you can justify your budgets and positions. This isn’t about slimy self-preservation and self-promotion. This is professionalism. If you want your company to succeed, then they need to know what you do, why it should be done and how much it costs. If you communicate well with those around you, you will have less frustrations and more success. Fairly simple, but it’s a tried-and-true concept.

My argument is that this has nothing to do with the original question about the SysAdmin profession. Any professional in any field should be heeding this advice, which is great, but isn’t addressing the larger shifts in the profession towards outsourced and decentralized IT that are being seen.

A budding (or veteran) SysAdmin will probably be confused and angry if he defines his role well and communicates with his superiors, peers and users and yet still finds that his job at an internal IT department is hanging in the balance or changing into something that’s terribly foreign to him.

Well defined job roles and good communication are essential, but we’ll probably have to be doing this from within individual business units or from outside service providers.

I will give my own answer to the budding SysAdmin that asked a very good question: “What is the biggest threat to systems administrators […] as a profession?”

The biggest threat to Systems Administration as a profession is: Telepathic robot drones.

Seriously, until machines become sentient and can read the minds of the directors and executives of a company, I don’t think we’ll be obsolete. Our job is secure. However, don’t expect our roles to look the same in 10 years. Not even 5 years. I think there will be fewer specialized techs within corporate IT departments and more of them will cluster into service companies that provide their specialty with great precision.

I do not believe that all kinds of specialization are a fast track to obsolescence. If you focus on one solid thing (operative word being solid; COBOL is not solid), such as storage area networks, network security, Active Directory, you can develop along with the technology. You can watch trends and see the signs of change better as a specialist than as a generalist. From there, it’s a simple matter of choice to change with the times before you’re left in the dust.

Internal IT departments will become more mediators between the outsourced specialists and the needs of individual companies or business units. Internal IT people will take care of the company’s fragile, custom solutions or systems that are not trusted to outside providers such as databases with sensitive information.

In the end, as long as there are computers there will be SysAdmins. We may become a bit specialized and we might not have the same opportunities to work internally to a company, but we’re here to stay.

Oh, and the advice about working smart and communicating? That’s true for any profession whether you’re a plumber, welder or pogo stick designer.

And you? Are you specialized and worrying about obsolescence? Are you a generalist and feeling secure in your position? What do you believe about the future of systems administration?

(Edited May 26, 2010 for grammar)

This week saw a regression and an epiphany. The regression was that I lost some of my ability to focus on the text at higher speeds and had to step back to lesson 9. I also missed several lesson times. The epiphany was that fatigue and burnout changethings.

While trying to work two jobs, start my own business, deal with insurance issues as well as general housekeeping (did you know that cockroaches in Arizona can reach sizes so big they’re protected under the Fourth Amendment?) I forgot that the body has a tendency to need rest. Not just the body, but the mind. My brain has achieved escape velocity and left a note scribbled in cerebrospinal fluid raving about Maggie’s farm and that this is bat country.

I hope it comes back sometime before I have to talk to take a support call. Then again, that might be amusing enough to be worth it.

• Monday:
  • Morning: Lesson 10
  • Evening: Missed
• Tuesday:
  • Morning:  Lesson 10
  • Evening:  Lesson 9
• Wednesday:
  • Morning:  Lesson 9
  • Evening:  Lesson 9
• Thursday:
  • Morning:  Lesson 9
  • Evening:
• Friday / Saturday: FAIL

I think I’ll take extra care to factor in fatigue, start back at lesson 7 or 8 and gradually regain and hopefully surpass what I had previously attained.

Instead of posting mostly unedifying laundry lists of my weekly speed reading process, I’ll suspend regular updates in favor of occasional check-ins. I’ll try to research speed reading a little more and post some critical and supporting arguments for it.

Does anyone else have experience and opinions concerning speed reading that they’d be willing to share?

Recently while trying to connect to a remote PC using the Remote Desktop manager called “mRemote”, I received a rather unhelpful error message:

RDP Disconnected! Error Code: 2825 Error Description:

However, if using Windows built in Remote Desktop Connection software (mstsc.exe) I was able to connect.

The answer was so simple, I almost did a facepalm. The remote machine had remote desktop enabled, but required Network Level Authentication (NLA). As soon as I enabled the option “Allow connections from computers running any version of Remote Desktop (less secure)” I was able to connect via mRemote.

My only guess as to why mRemote couldn’t connect is that I’m using the portable version of mRemote which requires you to manually register the various components used to connect to remote clients. The version of “AxInterop.MSTSCLib.dll” that came with mRemote and is registered for remote desktop usage must not support NLA. I couldn’t find an updated version of that file.

Maybe someday I’ll spring for VisionApp Remote Desktop, which is the product that the mRemote creator merged all further updates of mRemote into. You can also read my review of mRemote over here. </shameless plug>.

I’ve never had to transfer a domain before. However, my dissatisfaction with my current registrar led me to seek out and decide upon a new registrar/webhost. What followed was an unexpected complication involving EPP codes that were “too complex” for my new host.

Simply put, an EPP code is what is used to prevent unauthorized transfers of a domain. To transfer a domain, you first request an EPP code from your current registrar and then submit it to your new registrar along with the domain name. In essence, it’s a password. You can read more about it at Wikipedia.

A modern EPP code looks like this (Note that this is not a real EPP code): 8BrJ*9G+4To-*2z). Nice and entropic, no? Those fancy symbols must lend some strength to the code. I’m warm with security.

When I submitted my EPP code to my new web host, I received the error: “You have entered an invalid EPP code.” Curses! I contacted the new hosting provider for more information. Apparently, special characters are not accepted by their registrar (they use eNom). I contacted my old registrar to see if they could create a less complex EPP code. They responded that they could not because they only dealt with the latest VeriSign EPPs.

I contacted my new host and sent out a cry for help. Fortunately, even though the wording of their KB article placed the blame on their registrar (eNom) the limitation could be worked around. It was merely the web form’s input sanitizing. I imagine there must be some kind of internal warring among teams over this. The host’s own knowledgebase articles are very well stocked with information concerning the limitation with complex EPP codes. In fact, the number 1 return for a simple Google search for rejected EPP codes comes back with a KB article from my new host.

To get the transfer process rolling, I had to swap out the complex characters (such as +, –, *) and replace them with a regular character (In my case, I chose the letter ‘Q’) in the web form. After submitting the form, I then had to update my help desk ticket that was already opened about this situation and give them the real code along with the modified code I supplied to the web form. Within minutes the proper EPP code had been manually put in place and the process for transferring started.

All of this to say: beware that there is a difference in EPP codes and that some registrars may be unable to process certain types. Caveat Emptor!

Network Computing recently reported that Verizon has entered the cloud services market with the help of a McAfee backend. Apparently in June of 2010 Verizon SMB customers with 50Mbps or less connections will be given free e-mail and Web security powered by McAfee’s MXLogic service that Verizon itself hosts in their own datacenters.

But that’s not all. That is merely phase 1 of a 3 phase plan. According to the article, phase 2 will introduce “cloud-based network firewall and intrusion detection/prevention services” in the fall of 2010 and phase three will add DDoS mitigation in 2011.

Interestingly, Verizon currently offers to manage on-site firewalls, but their cloud services based network protection will be able to consolidate thousands of clients and polices on blade chassis systems in their datacenters. That same infrastructure is how Verizon handles DDoS attacks on current customers (built itself off of Arbor Networks technology). The firewall is pushed out of the customer’s building and into Verizon’s network.

Yes, these services will be given to customers for free. The marketing thought behind that is to wrest business away from other carriers as well as prepare Verizon customers to buy other services such as on-site security services which are provided through McAfee.

An interesting observation is that SMBs are asking for email and web security features to be free, but are willing to pay in other areas (so then it’s not really “free”, but I digress…). Jonathan Nguyen-Duy, Verizon Business director is quoted as saying: “Clients say they won’t pay for the services, but will consolidate all my MPLS traffic onto you.” So seemingly they will be willing to pay higher connection prices for the simplification of hosted services.

What’s the primary interest in this article to SysAdmins? My first thought was: “The systems that we as IT people are often paid to engineer and support are being moved away from us.” However, I stared at that sentence for a moment sensing that something was wrong.

Then it hit me. The systems aren’t being moved away from us! They’re being moved away from the places we have traditionally been employed. The systems are moving away from the high liability and high cost of being on-site under the direct care of individual businesses and towards the (supposed) safety of offsite specialist providers.

I used the word “supposed” because the true safety and service provided is purely determined by the practices of the services provider which will vary. However, in theory a hosted services provider should be more capable of securing a few specialty services for less cost than an individual business’s internal IT departments would be at generalizing in many different areas.

Nuts-and-bolts services like email, collaboration tools and even client backups and anti-virus management will probably be increasingly outsourced. SysAdmins take note: They are not being outsourced away from us! They are moving to different groups of SysAdmins. If the job is moving away from you, change positions to be where it is moving to.

Those worried and/or complaining about the changing IT landscape (such as myself in the very recent past) should not ask “Who Moved My Cheese?!” but should simply move to the cheese… or make their own cheese as the case may be.

I’m curious to know who is pushing for these services to be outsourced to service providers. Is it the IT departments themselves or is it management? In my experience as a SysAdmin, I’ve lobbied both for and against hosted services.

What do you think about this push towards hosted services? Have you moved anything in your IT department over to a hosted provider? Have you fought against it? (I raised my hand for both of those questions) Do you think IT departments are going to be thinned out and moved to hosted services providers? Are you preparing for it? I am. More an that in future posts…

I was going good this week, hitting lesson 10 which is the last lesson in the first part of this Speed Reading system I’m using. However, I lost steam on Saturday. Not much to give as an excuse. I just gave up that day.

• Monday:
  • Morning: Lesson 8
  • Evening: Lesson 8
• Tuesday:
  • Morning: Lesson 9
  • Evening: Lesson 9
• Wednesday:
  • Morning: Lesson 9
  • Evening: Lesson 9
• Thursday:
  • Morning: Lesson 10
  • Evening: Missed
• Friday:
  • Morning: Lesson 10
  • Evening: Lesson 10
• Saturday:
  • Morning: Missed
  • Evening: Missed

I’m struggling with developing new habits in my vision as I read. It’s mostly coming together, but I’m in an awkward stage where I understand the change that needs to be made, but get tired of consciously having to implement it. That merely takes time to develop the habits.

I took a speed reading test on the web and was clocked at 377 WPM. I was taking my time and I was also tired. I’m not focusing on a number very much. Only on results. I’ll stick to lesson 10 for a few more days before moving on.