Last Week’s Internet Outage: What Your IT Team Should Do Next

GettyImages-537812190As you have probably read—and may have directly experienced—there were major Internet outages on Friday, October 21, caused by a distributed denial of service (DDoS) attack on Dyn’s Managed DNS Infrastructure.

That resource provides Domain Name Service management for Web sites around the world, including some of the most popular, which is why those sites were inaccessible during the attack.

The next day, a statement was issued by Dyn regarding the attack and its aftermath.

What Dyn CSO Kyle York knew as of October 22:

“At this point we know this was a sophisticated, highly distributed attack involving tens of millions of IP addresses….The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm…that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed tens of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.”

Others have already begun to try to sort through those possibly responsible and their motivations.

LANDESK experts weigh in

Meanwhile, here’s what some of our security-minded experts, including Chief Security Officer Phil Richards, VP of Engineering Rob Juncker, Principal Product Manager Eran Livne, and Senior Product Manager Chris Goettl, know and recommend:

  • Friday’s DDoS attack on Dyn was implemented with Mirai and variants of Mirai, which is readily available, “off-the-shelf” malware.
  • The attack succeeded largely by enslaving very large numbers of (largely residential/consumer) Internet-connected devices, from Webcams to “smart home” accessories, as well as poorly protected computers.
  • Those “Internet of Things” (IoT) devices were and are particularly vulnerable because many if not most come with default passwords users can’t change. (Some manufacturers have already announced recalls of compromised devices.)
  • Enterprise IT leaders and teams can’t do much about residential IoT devices. But those IT people should use the attack as a reminder and warning that they need strong passwords on every connected device that has a password that can be changed. IT also needs to implement tools and processes that help them to detect, prevent, and remediate malware, to keep their computers from becoming botnet slaves.

Solutions

LANDESK Password Central enables users to recover, reset, and synchronize their own passwords with no IT intervention required. The solution also ensures that passwords comply with company-defined policies and are strong enough to provide adequate protection.

LANDESK Security Suite includes multiple features designed to improve detection, prevention, and remediation of malware. And there are several other LANDESK, AppSense, and Shavlik solutions that can increase and improve patch management of client and server operating systems, virtual infrastructures, and third-party applications.

Visit LANDESK online, or talk with your LANDESK, AppSense, or Shavlik representative today. Together, we can help to ensure that your enterprise is as protected as possible from future attacks—even those that aren’t targeted directly at your enterprise.

Blog-CTA-Whitepaper-527x150

Personal Privacy: The Currency for Convenience

Privacy News of the recent Heartbleed vulnerability blew up my work email, my favorite IT websites, and the tech blogs I follow, and part of me believed that perhaps the digital Armageddon had finally started. The nervous IT world scrambled to understand the impact that the vulnerability would have on their secured information, and press releases from tech companies immediately started filling up inboxes. Yet, even after all the hype, after the alarm bells were blaring at deafening sound, and the voices of security executives were all but completely hoarse from yelling breach, I haven’t changed any of my passwords.

Help I’ve Forgotten My Password…again!

Reset my password!

I’m writing this blog while waiting for a response from whom I shall refer to as “Your Company IT Failed Me” to my email – “Help I’ve Forgotten My Password”. Yes, once again I’ve forgotten my password and “Your Company IT Failed Me” doesn’t have any way of recovering or resetting passwords, so I’m twiddling my thumbs waiting for someone to email me and get me back into the system.

Woolley Headed End Users

Meanwhile it got me thinking. How many times has that email or phone call hit that company’s call queue in the last month and how much time have they wasted responding in person? For many of you in service desk land I guess it’s a pretty typical daily occurrence that takes up valuable time of analysts. Analysts, who at the same time are getting frustrated and annoyed with woolley headed end users like myself, because we are stopping them from doing real IT work.

Sometimes It’s The Little Things You Do That Make a BIG Difference

LittleThingsToday’s blog article is a little different. We often talk about big themes and about how technology can improve our lives and the productivity of the employee, about the value of improving IT maturity and expanding best practice processes. However, sometimes big improvements can feel like too big of a step right now. Words like ‘phases’ and ‘culture’ and ‘people’ and ‘project’ and ‘rollback’ start to be bounced around.

I do understand that it can be intimidating when faced with a big IT change. So I thought I’d lighten the Blog content a bit by taking time to share a few of the little Service Desk operational hints and tips I’ve received from our customers  that show how a delicate touch or subtle change can still make a big difference. They are all incident-related, and require very small pieces of design in your Service Desk tool. You may be doing these already – if so, yay! – well done you. If not, take them as some small shiny gifts. Maybe they could work for you?

Let’s look at four little tweaks

1.     Next Action

Now we all know ‘Status’ on an incident can tell – duh – what the status of the incident is. Is it closed? Open? Waiting for feedback from the end-user? With a third party? Trouble is that status doesn’t tell you WHY it is in that status. It doesn’t tell you WHAT needs to be done. Yes, you will have its of notes and emails attached, but you need to know at a glance, (without going into the detail and reading lots of updates). So, add a new field to your incident. I call it ‘Next Action’. Update that field every time you take any action on an incident. Now, you can see at a glance not only that an incident is waiting on the end-user, but what exactly you are waiting for.

2.     Due Date

These two go together like bacon and eggs. If you are happy that you can record briefly what you are waiting to have happen next on an incident, then add the second half; when is that action due to be completed? Add a date field. Add it to your Incident and put it on the window next to your ‘Next Action’ field.

Let’s look at the difference. Here’s a list of incidents.

ID User Title Status
1234 BobSmith Error Message Open
1235 SueJones Can’t Print WithUser
12347 ChrisHarris Burning Smell WithUser

Now, let’s add those two fields and see the difference:

ID User Title Status Next Action Due Date
1234 BobSmith Error Message Open Send KB Article 12/12/13
1235 SueJones Can’t Print WithUser Confirming Prints OK Now 10/01/12
12347 ChrisHarris Burning Smell WithUser Drying Water off Laptop 15/10/12

See, how just from looking at that list I can tell what’s going on? The first Incident is waiting for IT to send the answer, the second looks like we fixed it, but months ago so we can expect that we’re all good there, and the third seems to be more of a personnel/HR safety issue.

3.     Assignment Gates

Have you ever had problems with assignments bouncing back and forth as firstling hand work on to other teams? Only to have them bounce them back as lacking the basic diagnostic steps they require done? It causes frustration for everyone, makes firstling feel like they are being patronized, makes other groups feel like they are being imposed upon, and slows down support dramatically. No problem – put it in a ‘gateway’. A nifty little piece of process design can present the assigner with a window asking for the basic requirements that are needed to be answered before the assignee group can accept the incident.

For example, if I wanted to assign to DESKTOP SUPPORT, with an assignment gateway, when I select that assignment I get asked to complete a simple form:

DESKTOP OS?

DESKTOP BUILD?

CONFIRMED patches all up to date?

NOT RESOLVED BY DEFAULT REBUILD?

MACHINE-SPECIFIC or REPLICATED?

SEARCHED KB for the ERROR CODE?

REMOTE CONTROLLED?

So I know I have to complete those fields before I can assign to that team. Great, I know what I have to do to move it on. More often than not that will fix it and there is no way it’ll then bounce back to me. The best bit? Get the assignee recipient team to define their gateway criteria to accept new work. They then ‘own’ the information they require to do their job more effectively and never bounce. Everyone wins.

4.     Finally, a bit of subtle Gamification

Do you have group-queues where new work sits waiting for members of a team to pick the work up and assign it to themselves? If you do, and you have more than one person in a group, then you’ll probably find some people grab the easy quick incidents, whereas others spend time working through the tougher harder issues. End of the day, who has resolved more? Yes, the quick-grabber of the easy work has a higher number resolved, yet they are not necessarily the ‘best’ or most valuable contributor. Those tough incidents are – if anything – more important, yet the praise goes to the quick-grabber.

So here’s one fun way to fix it. Put a field containing a Value representing the difficulty on each category definition. Simple categories are, say one point, and hard investigative ones are ten points. Ten easy incidents are worth the same as one real toughie. Now you can go into much more detail, but the idea remains the same. Set everyone a goal of number of POINTS (not number of incidents) they need to resolve. Sit back and watch as people chose work based on how much they have done and how much time they have left. Expect to see a great improvement in morale and efficiency. You can take that idea further once it’s been in process but it’s your first step into influencing behaviour by ‘gaming’ support.

There you have it. Four suggestions that are not a huge effort, are not intimidating, yet make a big difference to the support experience for both IT staff and their customers.

Would these tips work for you? What similar quick yet powerful wins have you seen make a difference? Let me know in the comments.

The Billy Haters

Billy expects the world and leaves nothing for IT except contempt. His voice volume averages 105 decibels when he’s “talking” on the phone with IT, and he probably doesn’t have a mother who taught him any manners.

Yesterday I was reading through the “Tales from Tech Support” subreddit and was floored by the things I was reading about. From the most unpleasant help desk calls to the frustratingly low amount of resources that IT was given, I walked away from that learning experience with a brand new perspective on the challenges that IT faces day in and day out. One challenge seemed to rise to the top over and over again and has proven to be true in a multitude of customer visits that we’ve made: It was the challenge of dealing with Billy.

Billy has many different faces depending on where you work, but the personality behind the face is always the same. He’s pompous and arrogant, knows little and cares even less about what IT does, and every time his name is mentioned your teeth clench together and your eyes dilate slightly. He expects the world and leaves nothing for IT except contempt. His voice volume averages 105 decibels when he’s “talking” on the phone with IT, and he probably doesn’t have a mother who taught him any manners. (This article is meant in no way to reflect poorly on the name Billy or any derivative, it was just the first name that was rattled off when I asked my coworkers for a random name).

In interviewing customers and reading through forums, Billy seemed to come up again and again. Some organizations had many Billys while others only had one or two. Yet Billy seemed to be taking up 90-95% of all discussion topics a lion’s share of IT’s time and energy. What jumped out to me was how stark the difference was between how IT organizations approached dealing with Billy. I learned that there were two types of organizations, (1) those who allowed Billy to affect how they did their job, and (2) those who saw Billy as an opportunity to be more effective in their job.

The Billy Haters
Many IT organizations were consumed by Billy; they threw darts at his picture in the IT break room and made memes that were circulated internally defacing Billy’s already stained reputation. Billy ruled their every thought and added unnecessary stress to their life outside of work. They would think about how depressing and emotionally taxing their job was because of Billy. In other words, Billy had accomplished exactly what he wanted to accomplish. He was the center of IT’s attention.

What is interesting about Billy Haters is that they tended to separate themselves from end users in general. They approached IT with the “us v. them” mentality. Billy Haters tended to demand more control over all users, and saw themselves as the policemen over the company. Users working with Billy Haters were treated with more disdain by IT, and they were usually less likely to ask for help from them. Users were also less likely to follow IT policies and IT was less aware of user activity. Billy Haters were being circumvented by the good users, and being inundated by the Billys.

The Billy Opportunists
The second group of IT organizations saw Billy as an opportunity. These organizations thought of Billy as a customer who was keeping IT in business. While still bothered by Billy, they treated him with respect and never reacted to his rants. Billy never got under their skin, and he rarely entered the minds of IT outside of his requests for help. Sometimes Billy would pass by in the hall and IT would smile and say hello. Billy was an opportunity to stretch the limits of IT.

The Billy Opportunists had a very strategic role inside of the organization. They were very often contributing to top line revenue growth by improving company production. Billy Opportunists worked  collaboratively with users to define security policies and management practices that met corporate requirements while still helping the company be productive. Users embraced IT as a source of knowledge and expertise, and Billys left IT alone.

Conclusion
While not every organization fits perfectly into one of these two camps of customers, I’ve found that it’s a good way to think about IT. More importantly, by illustrating these two types of organizations, it becomes quite clear who the superior organization is. Billy Opportunists understand the meaning of user-oriented IT. In fact, they are the ones who invented user-oriented IT. Billy Opportunists see end users in a different way than Billy Haters, and by treating them like a customer, they effectively became an integral part of the business. The business saw the Billy Opportunists as a money maker, and the Billy Haters as a black hole of cost.

Have a good story about Billy in your organization? Thoughts around Billy Haters and Billy Opportunists? I’d love to hear your comments.

The 5 Biggest IT Headaches

Despite your valiant efforts, you better have some ibuprofen, caffeine and a cold compress ready as you draw the curtains closed and prepare for the five biggest IT headaches.

No matter how much you think you know, working in IT will teach you that you don’t know it all.  In this rewarding, but very challenging field, there will always be a case where things just don’t work out like they’re supposed to.  Despite your valiant efforts, you better have some ibuprofen, caffeine and a cold compress ready as you draw the curtains closed and prepare for the five biggest IT headaches.

  1. The Users– The first headache to note is the “users” themselves.  From user error, to lack of technological knowledge, users that don’t know how to run certain programs or systems tend to try and fix things themselves.  This usually leads to bigger problems since they are not taking the correct steps to fix the problem.  Anyone in IT can recall countless situations in which users click on banners that should never be clicked or open that email attachment that looks suspicious.  Users are becoming more technical overall but that just means they create more technical problems.  User error is definitely one of the top ranking headaches for IT; however, looking on the bright side, job security is always something to look forward to!
  2. Viruses/ Malicious Software– It seems as though we’re always hearing about a new virus or malicious software that has deviously attacked and infected thousands of computers.  As technology becomes increasingly integrated into our daily lives, it is imperative for users to know how to defend their devices against attack.  Not too long ago we had a client that acquired a virus that infected their whole network and every PC attached to it.  It took them down for a whole day and a half and we had to put in some serious hours to wipe the slate clean.  Making sure that your system is fully protected is crucial, especially when you’re dealing with time sensitive contracts and deadlines in which you can’t afford to be down for long time frames.
  3. Backups/backup management– Users constantly complain about backups taking too long or running at the wrong times.  An issue can arise when we think something is getting backed up only to have the system crash, and then realize that certain files were never backed up in the first place.  This reliability issue is a huge complaint and will cause a big headache in the data recovery process, if it’s even possible.  Therefore, things like application control and file encryption help prevent backup issues from surfacing in the first place, but be sure to backup as well.  Backups come in all shapes and sizes, and there are backup management solutions to suit everyone.  Sifting through all of your options can be overwhelming, and although cloud based options like Dropbox add convenience to the IT department and the user, they can create additional headaches such as the wrong files being put into an unsecure container in the cloud.
  4. Patch management– We’ve all dealt with the issue of updating your software or system, which causes certain programs stop working or start doing some funny things.  We worked with a client that ran their Windows updates and afterward they could no longer use Outlook.  It ended up being something as simple as a licensing issue, which one of the updates had changed for some odd reason, but it took forever to research and fix.  One of the largest challenges with patches is the inability to recognize or identify a patch that will create issues.  There have been many circumstances in which we have installed a patch to a driver on graphics cards just to have the PC crash anytime a graphic extensive program is run.  This will be a constant battle for all in the IT field.
  5. Outdated hardware integration/ Compatibility with new software– We all deal with these types of problems constantly.  From older software that doesn’t work on a new OS to finding compatible drivers for newly released hardware, sometimes it is a struggle to get everything to work.  In some cases it may be beneficial to continue using your older software or OS, since the newer product may have too many bugs, is completely incompatible or just won’t run.  We have clients that still utilize Windows XP for their critical systems since the software company never released any updates or patches to make it compatible with newer OS.  You may even see cases in which the company that produced the software is no longer in business, thus making it unable to ever upgrade to a better system.  These issues can be extremely frustrating and time consuming when trying to research and find better solutions.

We can only dream that one day these problems won’t exist.  In a perfect world, everyone would work together to make cross compatible system integration and we would have a unified tech world.  But until then, we’ll keep the aspirin close by.