You really didn't specify what kind of company you prefer. And the answer to your question will come down to that particular preference.
If you want a job in any Mid-Enterprise ($200M to $1B annual revenue) size company or above, you will generally *NOT* be a jack of all trades. These companies generally have HR personnel, and are big enough that managers are generally not plopping down on Monster.com and finding resumes. As such, any HR person or recruiter is going to cull resumes (no matter where they get them from) based on a few keywords. If their looking for a NOC technician, they'll search for network, monitoring, Cisco (or whatever the infrastructure is) and maybe a few other key pieces (CiscoWorks, etc.). If they find a resume with those keywords duplicated a few times, especially over a few jobs, they'll pass it on to the hiring manager. If they don't see those words, they generally just bit-bucket it and move on.
As such, as many other have mentioned, if you are looking at any larger organization, you need to target your resume to a real job. Sending in resume's randomly not knowing what jobs are open won't work. Sure, they'll have a policy that resume's submitted need to be kept on file for X months, but my experience is that older stuff, which isn't fresh in the persons mind, just never gets dredged up.
For full disclosure, my company does IT staffing, although I'm not in that portion of the business. However, I've now seen that from the inside and out, and every company we work with, and every staffing firm we work with, they all work the same way.
Now, if you're going for a small company, with fewer than 100 employees and not much in the way of critical needs, then you can play the jack of all trades and get away with it. These companies can't/won't afford an expert in each technology, and mostly need someone with enough knowledge to keep the running on a day to day basis, as well as plan for the future as it comes along. However, such jobs can be a pain (you'll never know when you'll simply get deluged with 20 broken laptops in one day right after the email server gets hit with a spam onslaught and the local phone company suddenly decided to route your main DID number to another county. And they can also cause stress in the sense that in many of those companies you'll be close enough to top management that you'll be forced to interact with them, but many, if not all, won't have a clue about what you do. Justifying upgrades can be a real pain in the a$$, and the overtime can get old.
I have a good friend who works for a fairly famous small firm here in my town. He's the go-to guy for everything more complicated than an electrical pencil sharpener. The smartest thing he ever did was go to the owner early on and let her know that there were some things he couldn't do, some things he wouldn't do, and there were times when he wasn't going to be able to do them. For each of these things, he gave her a strategy for supporting them (say, having service contracts on ultra-high end printers, or having a local company that could provide on-site and phone support when he went on vacation a few times a year.
So it really depends on what you want, and what kind of company. You have to tailor your resume and job search to that segment.
And remember: the best jobs never get posted on the internet, but get snapped up via word of mouth within days of someone deciding they're going to hire someone. Never, ever underestimate the power of networking and talking and keeping in contact with people from your past.
"The ACLU of Eastern Missouri launched the project Wednesday after television crews last year broadcast video of officers punching and kicking a suspect who led police on a car chase. "
This took place in a different jurisdiction entirely, with different police officers and a different city from where the cameras are being deployed.
Making it seem as if this particular crime happened in the same jurisdiction is completely wrong and at best misleading.
Its like saying that a crime in Chicago led the ACLU to deploy cameras in St. Louis.
Second, the area where they are deployed is a small section of St. Louis City proper. It is an area which has abnormally high crime rates if you break it down statistically. I'm all for this type of project, but you need to put the whole thing in context here. I hope that the people with video-cameras are equally willing to tape criminals and call police to help lower crime as much as tape only officers who are in a bad area and situation to begin with.
This thing appears to be 2-3 years old. So after reading a bit, it is interesting to compare their projections on some of these to the reality.
I have to second the thought that many of these were dreamed up by zealots.
However, at least one of them is easily challengable on facts, without quoting anything.
Take a deep look at #17. History (at least the 1+ years since the article was written) has proven that the oil companies have not yet benefitted from Iraq (and may never). The profits of the oil companies are a direct result of them avoiding R&D and, most importantly, strenuously avoiding the upgrade and replacement of aging infrastructure *WITHIN* the US. The reason oil prices are high is because our stateside refineries are a mess. Its supply and demand, but it has little to nothing to do with OPEC.
This is something the oil companies can/could/have done without ever invading Iraq. In fact, its been going on since Clinton was in office, if not before. Linking oil company profits to Bush is at best ludicrous.
I'd recommend taking a close look at these "articles". If any of them are comparable to #17, I'd have to say that the entire site is suspect.
Personally, I think the stress that many people feel regarding email has much more to do with the psychology behind the reszponse to the technology rather than the technology itself.
When I was in college in the late 80's, my girlfriend and I used snail mail to communicate. Its easy, you write a letter, stick it in an envelope, put a stamp, send. When you receive one, there is minimal pressure to respond right away, and you only have a very limited number of things to respond to, besides.
But the networked world, in which I include all communication technolgies (email, phones, cell phones, internet, etc.) have somehow gone from being occasional interruptions to constant ones. They have, even more importantly, gone from ones that require a delayed response to one that we somehow feel compelled to deal with right now, this very minutes, oh-my-god-I-have-to-work-overtime-because-my boss-emailed-my-blackberry-and-he-needs-this-sales -data-right-effing now. The line between work, friends, and personal time has not only become blurred, its often simply gone.
I think that we've undergone a psychological shift due to these influences that we're starting to feel compelled to respond now, to everything. Its a creep that is having a profound effect. I've actually had a boss (and owner of the company) who turned to me one day and said, "I'm always impressed at how you manage to separate your work and personal life," when I told her I had to leave to go coach one of my kids games.
I also think that there are lots of people who simply don't think about what they should be doing. Occasionally my HR department will send out HR updates (new insurance changes, vacation info, paydates that have been randonly moved) and I cannot believe how many idiots in my company respond to @Company revealing their health issues, personal problems, payrates and hours worked, etc. My wife, who is a VP with a team of 10 people, constantly complains that people copy her on *EVERYTHING*. She ends up deleting half her email straight out, and still has to go through most of it to figure out *WHY* she was copied in the first place.
However, using facts that I've pulled from my butt, I'd have to say that this isn't a technology problem. Its an issue of psychology and expectations and human nature. I've found it can generally be solved by decent etiquette and applying a weensy bit of brainpower, but I've also come to realize that most people are capable of neither of those.
I've been fired (or asked to leave) more than once in my career. The way that I've always handled it is to simply not lie, but I would strongly recommend not wearing a sign on your back that says "Hey, I was fired from my last job! Yay!", either. Usually when the question comes up, I simply say that I left because of a disagreement with the employer or something equally non-committal and non-antagonistic (to your old employer).
I've never gotten in a situation where I've had to flat out admit being fired.
Another thing to keep in mind, which has already been pointed out, is that legally, most companies won't admit anything other than employment. The last one I got walked from wouldn't say anything to prospective employers about me other than "He worked here from Aug 2001 to April of 2003."
They are scared of lawsuits, especially since they cannot verify who is asking, truly. For all they know, you have a friend in a company who is trolling. As unlikely as that may be, it generally works in your favor.
Part of my company now specialized in staffing and head-hunting. One of the many lessons I've learned about that is that generally (at least for the hundreds of positions I've seen filled in the last three years) prospective employers are far mor interested in references rather than previous employer statements. Which strikes me as odd, simply because I've never given a reference that I hadn't pre-qualified and generally only gave friends. The biggest complaint I've received on my references was that they "weren't high enough" in the org chart, which was from a Senior VP at Symantec, so take that with a grain of salt. Make a few manager/director/VP friends that you can count on, and references are a slam dunk. I've interviewed lots of people, been witness to hundreds, if not thousands of others, and I've yet to hear a bad reference call.
For the life of me I can't remember where I read it, although I think it was a link on careerbuilder.com, that talked about this subject, finding a new job after getting canned. One of the things that interested me the most was a statistic that around 70% of all firings have nothing to do with performance. (Disclaimer, I can't remember the exact figure, but it was around 70%, okay?). And that's my experience, as well. Both as a boss and as an employee. I've been fired for doing my job (2 times, when the employer was hoping that either the project I was working on would fail, or when my employer set me up to fail), but it has never been my ability. I've also fired people, but it was purely about non-ability issues (abusing company resources, etc.)
I think that my experience has been that when you can't manage your manager (work together with them, put up with them personally, etc.) its past time to get out. For better or worse, if your manager dislikes or hates you, or acts in ways you can't stomach, its time to polish off the resume and start again. The sooner the better.
My customer base includes diverse clients and verticals, from Fortune 50 to SMB. Most if not all larger companies are currently wrestling with how to gauge overall IT performance. This is, in fact, one of the newest trends that is going to overtake much of the IT industry over the next few years, in my opinion.
However, there are other factors which should be looked at and different models for applying and measuring performance that should be considered before you simply go out and compare yourself to other companies.
One of the industry drivers that I have seen is the move to start treating IT as a real business within a business, and creating Key Performance Indicators and Benchmarks to measure the actual value of IT to the overall business. Historically, IT has been the dumping ground of the company. Every company has a product, whether that is a physical item or information or time. IT has been asked to supply some (and in many cases all) of the infrastructure to support these products, yet they are often not involved with much of the decision making process in developing the solutions. A COO or CSO or CEO makes a decision to sell something. They go to the CIO and ask, "How much will your portion of delivering X cost?", develop a budget, and then at some point equipment shows up and IT installs it and maintains it.
The key issue, however, is far more complicated. No IT department, even for a small company, is delivering a single service. Even a 1-man IT shop in a 10 person company is being asked to develop, purchase, install, and maintain multiple products. For this theoretical small company, at the minimum the IT guy is doing email, networking, web site maintenance, and supporting information stored on computers and servers.
The key is to begin treating these services as products, looking at the bigger picture, and then analyzing many well-established benchmarks against these services.
Right now, Service Delivery is really what IT is about.
Many companies and vendors that I work with are now starting to look at IT in this manner, and have come to the proper conclusion that a single corporate IT infrastructure is a business with in the business, and that it is possible to measure value and performance, as well as establish best-practices, benchmarks, and even future budgets against these benchmarks.
For example, one of my customers is in the information business. They sell access to up-to-the minutes (and in some cases, up-to-the-second) access to information. They currently sell hundreds of products, and until this point, each products was essentially its own entity, with its own supporting groups, and global IT infrastructure supporting these products.
Up until now, IT was simply told, "Here's a product we have developed. Our Global Product Manager is going to deliver this data to these customers. Our Development Team (with no common management short of the CIO) has used this architecture, this platform, and expects we will need X number of Y products (Servers, storage, network gear, etc) to deliver this service. Make it happen."
But think about that. They have at least 15 hardware platforms that I know of. They support at least 7 different OSes. The network group has no visibility into this process, and ends up adding blades and wiring and routers and everything else on virtually an ad-hoc basis.
So, what is the solution?
SOA. Service Oriented Architecture. This is, of course, the newest buzzword, but to me, it makes so much sense I wonder why no one thought of it sooner.
The basic gist is that you treat your IT infrastructure as a single architecture. Then you analyze each product on that architecture, and also begin analyzing what you really need to support Service Delivery of those products. In this case, you have the hundreds of client products. You also have the internal networks for the company, which deliver email, instant messaging, Internet access, database access (generally Oracle applications for C
"'I think if we can teach the computer to listen to the story that players are telling,' Wright said, a game could detect patterns of what the player wants, and adjust music, lighting, and other immersive elements to reflect the story that a player wants to play."
Does this remind anyone else of "Ender's Game"???
Now the government can actively train young killers at an early age!!!!
I live in Missouri, and during the acquisition days of the 90's these were everywhere. When the company I worked for was acquired (in the ISP business) all the employees were handed a non-compete to sign for our new owners. Thing was, the non-compete was written for the holding company of the company that bought us. As such, they barred employment within 250 miles of the north leg of the St. Louis Arch in *ANY* business that competes with the any business within the holding company. The terms were broad to begin with, but the scary part was that the holding company had about 18 companies in wildly varying industries. As such, none of us could work in realty, any restaurant or bar, food distribution, web development, IT, ISP, or telco companies, to name a few.
I had a lawyer vet it and basically the answer was that a non-compete in Missouri cannot keep you frmo working in your chosen industry. Simply put, they can't bar you from working in your field, and the law here was slighted in favor of the employee. I get to define my career.
While IANAL, it basically means in Missouri that non-competes are bogus. That company was an ISP, and while we never signed that non-compete, there was another one that got swapped in (regarding custmoers and stealing them, and such) and we did all sign that. However, within a week of quitting, I was employed in the same position at an ISP, and no one was concerned.
Generally speaking, a contact can't keep you from putting food on the table. If you are a graphic designer, and you sign one, the contract can't really keep you from working for another graphic design firm, although they can keep you from stealing their customers.
While I wasn't a developer, I made the move full time in 2001 to technical sales from a pure engineering/IT management roles.
The are several issues that arise from this, and they need to be broken out and analyzed separately.
1) If you are talking technical sales, rather than pure sales, those are generally two entirely different beasts. If you look at Cisco, the sales folks are true sales guys, while the technical sales engineers generally spend most of their time working with the technical groups in the company, demoing new products, working in the test labs, and doing presentations as required to higher management. So being a pre-sales engineer can be very technical and hands on, depends on the company.
2) Are you going to have to actually do "Sales"? When I made the switch, I realized that there are certain aspects of sales that I don't have the ability and/or will to do. For instance, I can't cold-call to save my life. In the pre-sales engineering roles I've had, I've made it very clear to employers that I am not the person who will find new customers. I tell them up front that given a qualified lead, I can convert a well-above average number to customers. My current position is the closest I've ever come to sales, as I am building a new practice within my company and therefore have taken over account management. However, I have several sources for leads, and I don't find new customers. I think the bottom line is to be very clear about what sort of sales role you want and make sure that you aren't signing up for something that you can't/won't be able to do.
3) Any salesperson who lies to the customer is a F@#*$-ing idiot. Period. The truth in the IT business is that your best business is repeat customers, and its a lot easier to get more business from a happy customer that it will ever be to find the 60 new prospects that will eventually convert into a few paying customers. At one job, I supported 5 sales guys, three of whom were ex-cell phone sales guys. One was a former field employee, and one was from a technical engineer/development background. For the three cell-phone guys, I had to force them to stop with the lying/exaggerating that they started out doing. It wasn't necessary. We had a great product, and we were competing in a market where our sole true competitor was a company everyone hates. Hell, I'd tell customers we could do some of what they needed and lay out where we wouldn't be a good fit and they'd still sign just because they were sick of our competition. The bottom line is that if you have a decent product, and you target someone with a need for it, lying will simply get you in trouble. I find that telling a customer the truth is a clear differentiator to everyone else, and more often than not, they come to me anyway. A corollary to this is that with many products, there is *NO* single product that does everything the customer needs/wants. Right now, one of my key products is a network management solution. Truth is, there are hundreds of products in that space, and every single one fails in some way for every customer. It might be too expensive, or lack support for a specific protocol, or require a programmer to maintain it, etc. This list goes on. By telling customers the truth you often win their respect and loyalty because most of them aren't stupid enough to actually believe the lies.
4) Being in sales can be fun. I get to take customers to ball-games, strip-clubs, casinos, expensive dinners, and happy hours. I get to travel a bit. There are definitely perks to having an expense account, and to be honest, its fun.
5) I'm an introvert too. I have a wife and kids, and when I travel, it bothers me to not be home with my kids. But generally speaking my interaction with customers is exactly the same as it was when I was an engineer and a technical manager. I spent all day on the road as an SE, going from company to company, interacting with customers. As a manager, I spent a lot of time on the phone with technical support, a
As a disclaimer, I spent a large chunk of the 90's working for several large Apple Ressellers.
However, I think the basic problem here is one of approach, rather than Apple's response.
Let us put this in another way, altogether:
You run a small business, and you use HP/Compaq machines.
Who do you buy it from?
Most small businesses will probably go to either a large VAR (CDW, etc.) or find a local reseller of HP, who also provide support.
However, I suspect that it is safe to say that you probably aren't going to trundle down to Best Buy and purchase all of your hardware for you business from them.
When you purchase a computer (including support) from someone who understands the needs of the business community, your response to any problem will be significantly different than purchasing from a consumer-oriented store.
This is the same situation with Apple. Apple Stores (at least where I live) are in shopping malls. They are pandering to people who think that every computer should come with a free IPod, because that is their market.
However, again, at least where I live, there are at least two Apple resellers that specialize in business and know perfectly how to support a business customer.
At the time I was a tech, working for one of these companies, we supported every Fortune 1000 company in 40 miles who had a Mac in the office (which was most of them). When they called, we understood the difference between business support and everything else. When a marketing department for a Fortune 500 calls because their server died, it needs to be fixed now, not next week.
Not only that, but we were properly equipped and trained to support the business community. At the time I did this, I knew virtually everything there was to know about upgrades, patches, memory fixes, and hardware that Apple sold. Not only that, but I knew the same thing about every 3rd party product that my customers used. This included Quark, Adobe's full line, Macromedia, and hundreds of other programs, including business support software such as 3270 emulators and 3rd party software to connect Mac's (this was mid-90's) to Windows networks and servers, as well as mainframes.
The reality is that if you are purchasing your business hardware from a mall-store, you've made a serious error in the first place. Find a local reseller, preferably one who sells Mac's to businesses.
The other support issue is one of being able to determine software versus hardware errors. I can't tell you how many times some bizarre piece of shareware that some idiot long-haired birkenstock wearing graphic artist installed that caused problems with memory. A less savvy tech could very well have spent a day or two RMA'ing the memory to Apple, rather than knowing enough about the systems to properly diagnose.
In order to get business class support, you need to find a business class reseller. Relying on the home user support mechanisms won't buy you anything.
My advice: get out a phonebook and find a few Apple resellers nearby. Call them up and maybe meet with them. If you have a decent number of machines (which when I did this was usually about >2) and agree to buy through them, I'll bet money they will assist you with issues. The other place they will be able to assist is in working with Apple's AppleCare process. They do this every day. They know how to get through the system, and have done it countless times.
The original post didn't truly define several of the key points that are required to make this decision. I think that you need to define whether you are simply looking at a ticket management system or something that is more geared towards tracking actual source code and changes, or something in between. I think that the long term needs play a huge issue in selecting the proper tool for this as well. If you are going to be routing user-base information later, or adding 20 more developers, it might make sense to go for a more robust professional solution now. On top of that, you also need to factor in how much extra time 5 people are going to have to set up, customize, and maintain a system that will require more initial customization than a larger, more professinoal tool that has more functionality out of the box. My guess is that if it is a 5 person company, they need to be taking care of business rather than spending days or weeks customizing a lower-end package.
If the emphasis is more on the ticket-tracking side of things, there are many programs out there available to do this, from the absolute low end (such as the Sharepoint solution mentioned above) to the high-end tools such as Peregrine, Remedy, or CA Service Desk.
My company uses CA's Service Desk internally for IT tracking, and we also provide our clients with Help Desk Services. Service Desk has a ton of functionality out of the box, generally requires little or no fooling around with to get running for issues-tracking, and also has some great functionality in terms of scripting calls to other applications. It also has a complete Workflow process built into that allows Visio-like creation of workflows, which can streamline any number of processes.
In the past, I've run helpdesks, and I now work for a IT consulting company that provides help desk solutions as part of our repretoire.
It sounds like you haven't actually identified the problem, and you need to look at the whole picture to determine the solution.
I'd start with doing some research on best practices for help desks. While ITIL might be a huge stretch for your needs, it certainly is a great source of information about *HOW* and *WHY* a help desk should be run. Buy a book, or at least hit Google and figure out what your help desk needs to provide the best service to your company.
Next, take a good hard look at your processes. I will guarantee that, as some other users have pointed out, your call statistics are an incredibly important measurement of your success. Having access to that data will help you make the right decisions on providing service to your company. Without it, you don't have a clue about what you are doing or why.
A few examples:
How do you prioritize the duties you have to fulfill? Is it more important to build a new server, or to spend 30 minutes researching a users problem? How much time should you be allocating for the different functions? How many people do you really need to do your job properly?
How do you identify problems that interfere with your job duties? Do you actually know which users are uselessly sucking up time with repeated calls about the same problem? With 3 people, you might have 2 users in your company that are consistently consuming large percentages of your help desk resources and no one has really identified that. Being able to spot trends (the same problem occuring on the server over and over, clueless users, bad desktop software after an upgrade, etc.) will help you keep your own stress down while benefitting the company.
Have you actually taken a good hard look at your homebrew help desk software? If your average call is 1 minute, and it takes 1 minute to log all the call information, its no wonder your people aren't logging things. Can you link the PBX to the software to auto-identify and populate user info fields? Does your software have the ability to auto-complete all extra fields once the user is identified?
How much time are you spending on password resets? Can that be automated or simplified to the end users to save you time?
Today, there are quite a few good help desk packages available. From low end off-the-shelf packages to the commercial packages. A full-blown professional system will still run you less than $30k fully installed and will probably up your productivity by 50% or more. The lower end packages will be considerably less and have similar effects, but your choice will be made by the functionality you really need.
Also, you should be tracking *EVERYTHING* your employees do. Not just help desk calls. The only way for you to measure your actual performance will be to treat server builds (or any other function) as if it were a help desk call. This will give you *REAL* statistics to carry back to the bosses and make actual decisions. If you only log help desk related tasks, then a huge percentage (possibly more than 50% of your time) could be black hole time that has no quantification. If you spend 4 hours one week coding, it should be logged. If one of your techs spends the entire week building new servers, it should be logged. Again, a halfway decent help desk software will allow you to parse functionality and see what you are doing, and help forecast and justify your time and see the problems.
And you need to remember, this isn't about "Big Brother" watching. Its about having a true measurement of effectiveness and function. This information will let you go back to management and say, "Look, we're spending 10 hours a week each working overtime, which is costing you more than an additional tech and we've been doing this for 4 months," to justify the fact that you need help. Or finding out that your on-call guy is spending 20 hours a week wo
I've worked in both large corporate environments with high security, as well as working for small companies. I've done work regulated by HIPAA, SOX and government regulations in the past. Not only that, but I served as Director of Technology for several middling size ISP's, all of which I served as unofficial security liason/abuse person.
Seems to me that, as with anything, any company should consider the risk, and try to set rules based on acceptable risk as well as best practices. Using google should allow you to research both.
For instance, there may be situations where a company needs to restrict information. I can think of several ways off the top of my head to do this, even with email. Lets say you have a company, large or small, that deals with Intellectual Property, patents or code or somesuch. There is an obvious need to restrict access to some of that information, if only legal discussions or strategy. For such a firm, information *IS* the most important thing. So find a strategy to segment information. Put the code on its own server, instead of a share of the main fileserver for every Tom, Dick, and Harry. If email is a necessary evil in sharing information, then segment the key users on their own server. If that company has several admins, identify the trusted admins and only give them access to those servers. It should be obvious that the low-end tech who sets up normal file sharing and printer shares doesn't need access to the IP information, so use AD or *nix to ensure his access. As well, make sure that you have proper legal coverage in place in the forms of contracts, NDA's and other such things.
For every issue, it comes down to cost versus benefit, but there are both technical and non-technical mechanisms in place to do this. They may not be free, but they exist. Compared to the risk of losing millions of dollars when some disgruntled tech steals your code and gives it to a competitor, an extra server makes sense.
No matter, there are always ways to minimize risk and the amount of hassle while still having some assurance that your security needs are met.
I'm also reminded of a few experiences I've had. My favorite was when I found out that my boss, a director of a Fortune 500 company, had completely and utterly shared is Exchange Email folder with the entire company. I never abused it, but every single person in the company could have read his email 24 hours a day, even from OWA.
Another anecdote comes to mind. When I worked for the ISP's, I had access to tremendous amounts of user information. I got every bounced email, had access to news server logs, could read anyone's email spools, etc. Looking back, I'm still amazed by what an end-user would put and/or attach to an email sent to an address that didn't exist, whether through typos or just stupidity. I can't tell you how many users of that ISP I saw butt-naked, but it was a damn significant percentage.
Bottom line is, we have rules because you simply can't underestimate human stupdity.
From the description, there appears to be no policy in place governing how IT information can be used by company management. The problem lies in that fact, not the fact that someone is requesting the information.
I suspect that this is also further complicated by the fact that employment is regulated at the detail level on a state by state basis, and therefore the legal aspects of your situation will be influenced by local laws.
However, what I would do if this is the first time this has happened is to run this by the head of the HR department or someone who handles such things within the company. Where I live, if there is no policy, the employee whose information is being disclosed might have some legal rights, or could simply try to sue everyone involved if something negative happens. I suspect this could happen anywhere, as well. If HR has a discrete policy, then you are covered and the rules are clear.
Personally, I'd get someone in authority (boss, HR, legal) to give you in writing their guidelines, and perhaps take the opportunity to help create a policy if it doesn't exist.
I have worked for/with several large corporations, and each one has had very clear guidelines, spelled out in detail in the AUP for computer/internet use which employees must sign as part of the hiring paperwork. My wifes' company, for instance, (a large multinational news firm) allows any line manager to request the internet records of any employee after discussing it with their appointed HR rep (each manager has his/her own HR rep who handles such things and is involved with the managers on a daily basis). I've also worked with other organizations where only the security team, who had independent authority and worked hand-in-hand with management and HR, had direct access to the records.
However, I must mention the most brilliant and most efficient filtering scheme I've ever seen: make everything public. I worked with one of the large credit card corporations a while back, and when they first allowed general internet access, they had a website that simply logged *EVERY* employees browsing history (not urls, just domains). An employee could see his managers, the managers could see the employees. It worked brilliantly, since no one was going to risk being exposed as having gone to even questionable sites, so there were very few abuses. Plus it required no upgrades, no computers, no power, and virtually no effort. I suppose this was a good implementation of Cory Doctorow's recent suggestion about making security public. Too bad they discontinued it because of lawsuit concerns.
First off, one of the biggest telco's in the US used, at least the last time I checked, about two years ago, the last four digits of their employees' SSN's as *EMAIL* addresses. Emails were initials followed by the last four. Sad and pathetic...
However, if this is truly something you want to see changed, it might be worth calling around to a local reporter or television stations and seeing if you can hook a reporter on the idea of getting a good story out of this. Privacy concerns these days are no laughing matter and I've found recently that sometimes corporations have individuals in them with good intentions but beauracracy and inertia make it difficult for even some of the highest placed individuals to effect real change.
And just think about how exciting it would be to the the "Anonymous Source" in a nice little news story...
This happens to be a great business plan if you own the company. However, at the billing rates you're talking about, its unlikely that the regular worker in your company is benefitting much at all.
But the fact remains that this business plan has been used with varying degrees of success for many, many years. Some efforts are successful, some are flameouts...
I worked for many different companies like this in my early IT career. The last time I was did this for a job, my boss was paying me $13.25 and billing me at $90.00 or so. We were a fairly specialized provider of a particular field of IT support, and owned the market we were in. The owner needed myself and the other tech to justify her hardware sales, because she was selling commodity hardware at or above MSRP. (Go ahead, see if you can pull that off for a decade!) The engineers were good enough that clients payed more for hardware because they knew that when anything bad happened, it would get fixed and fast.
In fact, I left because one of the owners had just bought property on Nantucket after giving herself a $50,000 bonus (on top of salary and commission) and I got $2000 bucks and a drink. My leaving made them realize that they couldn't find people with my skillset and changed the company policy to reflect profit sharing and a host of other things.
However, your employer probably knows that he can (and undoubtedly will) be able to replace you with another adequate tech for the same amount (or less, as you get raises) and simply doesn't care.
Several of the companies I've worked for doing break-fix jobs had gobs of talent walk in and out of their shops, but simply didn't care. Guys I've worked with have ended up at important jobs running IT departments for huge companies or doing other similar things but started out building PC's or fixing them for $7.00 an hour in the nineties...
Remember that if you do your own consulting, if you pay taxes on that you'll lose a huge chunk of the hourly. Its tough to run your own business, especially finding new clients and getting enough clients to actually pay the rent *AND* food *AND* high speed internet. I did that for a year or so as well, and while it was fun for a while, it got old quick, especially during tax season when I had to fork a decent chunk of change for my accountant to get everything in order.
The good news is that your can likely learn as much as you want and actually start a career doing what you do now. Just don't plan on doing it where you are currently at...
Slashdot Mirror
You really didn't specify what kind of company you prefer. And the answer to your question will come down to that particular preference.
If you want a job in any Mid-Enterprise ($200M to $1B annual revenue) size company or above, you will generally *NOT* be a jack of all trades. These companies generally have HR personnel, and are big enough that managers are generally not plopping down on Monster.com and finding resumes. As such, any HR person or recruiter is going to cull resumes (no matter where they get them from) based on a few keywords. If their looking for a NOC technician, they'll search for network, monitoring, Cisco (or whatever the infrastructure is) and maybe a few other key pieces (CiscoWorks, etc.). If they find a resume with those keywords duplicated a few times, especially over a few jobs, they'll pass it on to the hiring manager. If they don't see those words, they generally just bit-bucket it and move on.
As such, as many other have mentioned, if you are looking at any larger organization, you need to target your resume to a real job. Sending in resume's randomly not knowing what jobs are open won't work. Sure, they'll have a policy that resume's submitted need to be kept on file for X months, but my experience is that older stuff, which isn't fresh in the persons mind, just never gets dredged up.
For full disclosure, my company does IT staffing, although I'm not in that portion of the business. However, I've now seen that from the inside and out, and every company we work with, and every staffing firm we work with, they all work the same way.
Now, if you're going for a small company, with fewer than 100 employees and not much in the way of critical needs, then you can play the jack of all trades and get away with it. These companies can't/won't afford an expert in each technology, and mostly need someone with enough knowledge to keep the running on a day to day basis, as well as plan for the future as it comes along. However, such jobs can be a pain (you'll never know when you'll simply get deluged with 20 broken laptops in one day right after the email server gets hit with a spam onslaught and the local phone company suddenly decided to route your main DID number to another county. And they can also cause stress in the sense that in many of those companies you'll be close enough to top management that you'll be forced to interact with them, but many, if not all, won't have a clue about what you do. Justifying upgrades can be a real pain in the a$$, and the overtime can get old.
I have a good friend who works for a fairly famous small firm here in my town. He's the go-to guy for everything more complicated than an electrical pencil sharpener. The smartest thing he ever did was go to the owner early on and let her know that there were some things he couldn't do, some things he wouldn't do, and there were times when he wasn't going to be able to do them. For each of these things, he gave her a strategy for supporting them (say, having service contracts on ultra-high end printers, or having a local company that could provide on-site and phone support when he went on vacation a few times a year.
So it really depends on what you want, and what kind of company. You have to tailor your resume and job search to that segment.
And remember: the best jobs never get posted on the internet, but get snapped up via word of mouth within days of someone deciding they're going to hire someone. Never, ever underestimate the power of networking and talking and keeping in contact with people from your past.
Bill
From the OP:
"The ACLU of Eastern Missouri launched the project Wednesday after television crews last year broadcast video of officers punching and kicking a suspect who led police on a car chase. "
This took place in a different jurisdiction entirely, with different police officers and a different city from where the cameras are being deployed.
Making it seem as if this particular crime happened in the same jurisdiction is completely wrong and at best misleading.
Its like saying that a crime in Chicago led the ACLU to deploy cameras in St. Louis.
Second, the area where they are deployed is a small section of St. Louis City proper. It is an area which has abnormally high crime rates if you break it down statistically. I'm all for this type of project, but you need to put the whole thing in context here. I hope that the people with video-cameras are equally willing to tape criminals and call police to help lower crime as much as tape only officers who are in a bad area and situation to begin with.
Bill
This thing appears to be 2-3 years old. So after reading a bit, it is interesting to compare their projections on some of these to the reality.
I have to second the thought that many of these were dreamed up by zealots.
However, at least one of them is easily challengable on facts, without quoting anything.
Take a deep look at #17. History (at least the 1+ years since the article was written) has proven that the oil companies have not yet benefitted from Iraq (and may never). The profits of the oil companies are a direct result of them avoiding R&D and, most importantly, strenuously avoiding the upgrade and replacement of aging infrastructure *WITHIN* the US. The reason oil prices are high is because our stateside refineries are a mess. Its supply and demand, but it has little to nothing to do with OPEC.
This is something the oil companies can/could/have done without ever invading Iraq. In fact, its been going on since Clinton was in office, if not before. Linking oil company profits to Bush is at best ludicrous.
I'd recommend taking a close look at these "articles". If any of them are comparable to #17, I'd have to say that the entire site is suspect.
Bill
Personally, I think the stress that many people feel regarding email has much more to do with the psychology behind the reszponse to the technology rather than the technology itself.
s -data-right-effing now. The line between work, friends, and personal time has not only become blurred, its often simply gone.
When I was in college in the late 80's, my girlfriend and I used snail mail to communicate. Its easy, you write a letter, stick it in an envelope, put a stamp, send. When you receive one, there is minimal pressure to respond right away, and you only have a very limited number of things to respond to, besides.
But the networked world, in which I include all communication technolgies (email, phones, cell phones, internet, etc.) have somehow gone from being occasional interruptions to constant ones. They have, even more importantly, gone from ones that require a delayed response to one that we somehow feel compelled to deal with right now, this very minutes, oh-my-god-I-have-to-work-overtime-because-my boss-emailed-my-blackberry-and-he-needs-this-sale
I think that we've undergone a psychological shift due to these influences that we're starting to feel compelled to respond now, to everything. Its a creep that is having a profound effect. I've actually had a boss (and owner of the company) who turned to me one day and said, "I'm always impressed at how you manage to separate your work and personal life," when I told her I had to leave to go coach one of my kids games.
I also think that there are lots of people who simply don't think about what they should be doing. Occasionally my HR department will send out HR updates (new insurance changes, vacation info, paydates that have been randonly moved) and I cannot believe how many idiots in my company respond to @Company revealing their health issues, personal problems, payrates and hours worked, etc. My wife, who is a VP with a team of 10 people, constantly complains that people copy her on *EVERYTHING*. She ends up deleting half her email straight out, and still has to go through most of it to figure out *WHY* she was copied in the first place.
However, using facts that I've pulled from my butt, I'd have to say that this isn't a technology problem. Its an issue of psychology and expectations and human nature. I've found it can generally be solved by decent etiquette and applying a weensy bit of brainpower, but I've also come to realize that most people are capable of neither of those.
Bill
I've been fired (or asked to leave) more than once in my career. The way that I've always handled it is to simply not lie, but I would strongly recommend not wearing a sign on your back that says "Hey, I was fired from my last job! Yay!", either. Usually when the question comes up, I simply say that I left because of a disagreement with the employer or something equally non-committal and non-antagonistic (to your old employer).
I've never gotten in a situation where I've had to flat out admit being fired.
Another thing to keep in mind, which has already been pointed out, is that legally, most companies won't admit anything other than employment. The last one I got walked from wouldn't say anything to prospective employers about me other than "He worked here from Aug 2001 to April of 2003."
They are scared of lawsuits, especially since they cannot verify who is asking, truly. For all they know, you have a friend in a company who is trolling. As unlikely as that may be, it generally works in your favor.
Part of my company now specialized in staffing and head-hunting. One of the many lessons I've learned about that is that generally (at least for the hundreds of positions I've seen filled in the last three years) prospective employers are far mor interested in references rather than previous employer statements. Which strikes me as odd, simply because I've never given a reference that I hadn't pre-qualified and generally only gave friends. The biggest complaint I've received on my references was that they "weren't high enough" in the org chart, which was from a Senior VP at Symantec, so take that with a grain of salt. Make a few manager/director/VP friends that you can count on, and references are a slam dunk. I've interviewed lots of people, been witness to hundreds, if not thousands of others, and I've yet to hear a bad reference call.
For the life of me I can't remember where I read it, although I think it was a link on careerbuilder.com, that talked about this subject, finding a new job after getting canned. One of the things that interested me the most was a statistic that around 70% of all firings have nothing to do with performance. (Disclaimer, I can't remember the exact figure, but it was around 70%, okay?). And that's my experience, as well. Both as a boss and as an employee. I've been fired for doing my job (2 times, when the employer was hoping that either the project I was working on would fail, or when my employer set me up to fail), but it has never been my ability. I've also fired people, but it was purely about non-ability issues (abusing company resources, etc.)
I think that my experience has been that when you can't manage your manager (work together with them, put up with them personally, etc.) its past time to get out. For better or worse, if your manager dislikes or hates you, or acts in ways you can't stomach, its time to polish off the resume and start again. The sooner the better.
Bill
My customer base includes diverse clients and verticals, from Fortune 50 to SMB. Most if not all larger companies are currently wrestling with how to gauge overall IT performance. This is, in fact, one of the newest trends that is going to overtake much of the IT industry over the next few years, in my opinion.
However, there are other factors which should be looked at and different models for applying and measuring performance that should be considered before you simply go out and compare yourself to other companies.
One of the industry drivers that I have seen is the move to start treating IT as a real business within a business, and creating Key Performance Indicators and Benchmarks to measure the actual value of IT to the overall business. Historically, IT has been the dumping ground of the company. Every company has a product, whether that is a physical item or information or time. IT has been asked to supply some (and in many cases all) of the infrastructure to support these products, yet they are often not involved with much of the decision making process in developing the solutions. A COO or CSO or CEO makes a decision to sell something. They go to the CIO and ask, "How much will your portion of delivering X cost?", develop a budget, and then at some point equipment shows up and IT installs it and maintains it.
The key issue, however, is far more complicated. No IT department, even for a small company, is delivering a single service. Even a 1-man IT shop in a 10 person company is being asked to develop, purchase, install, and maintain multiple products. For this theoretical small company, at the minimum the IT guy is doing email, networking, web site maintenance, and supporting information stored on computers and servers.
The key is to begin treating these services as products, looking at the bigger picture, and then analyzing many well-established benchmarks against these services.
Right now, Service Delivery is really what IT is about.
Many companies and vendors that I work with are now starting to look at IT in this manner, and have come to the proper conclusion that a single corporate IT infrastructure is a business with in the business, and that it is possible to measure value and performance, as well as establish best-practices, benchmarks, and even future budgets against these benchmarks.
For example, one of my customers is in the information business. They sell access to up-to-the minutes (and in some cases, up-to-the-second) access to information. They currently sell hundreds of products, and until this point, each products was essentially its own entity, with its own supporting groups, and global IT infrastructure supporting these products.
Up until now, IT was simply told, "Here's a product we have developed. Our Global Product Manager is going to deliver this data to these customers. Our Development Team (with no common management short of the CIO) has used this architecture, this platform, and expects we will need X number of Y products (Servers, storage, network gear, etc) to deliver this service. Make it happen."
But think about that. They have at least 15 hardware platforms that I know of. They support at least 7 different OSes. The network group has no visibility into this process, and ends up adding blades and wiring and routers and everything else on virtually an ad-hoc basis.
So, what is the solution?
SOA. Service Oriented Architecture. This is, of course, the newest buzzword, but to me, it makes so much sense I wonder why no one thought of it sooner.
The basic gist is that you treat your IT infrastructure as a single architecture. Then you analyze each product on that architecture, and also begin analyzing what you really need to support Service Delivery of those products. In this case, you have the hundreds of client products. You also have the internal networks for the company, which deliver email, instant messaging, Internet access, database access (generally Oracle applications for C
NETHACK!!!!!!
"'I think if we can teach the computer to listen to the story that players are telling,' Wright said, a game could detect patterns of what the player wants, and adjust music, lighting, and other immersive elements to reflect the story that a player wants to play."
Does this remind anyone else of "Ender's Game"???
Now the government can actively train young killers at an early age!!!!
Bill
I live in Missouri, and during the acquisition days of the 90's these were everywhere. When the company I worked for was acquired (in the ISP business) all the employees were handed a non-compete to sign for our new owners. Thing was, the non-compete was written for the holding company of the company that bought us. As such, they barred employment within 250 miles of the north leg of the St. Louis Arch in *ANY* business that competes with the any business within the holding company. The terms were broad to begin with, but the scary part was that the holding company had about 18 companies in wildly varying industries. As such, none of us could work in realty, any restaurant or bar, food distribution, web development, IT, ISP, or telco companies, to name a few.
I had a lawyer vet it and basically the answer was that a non-compete in Missouri cannot keep you frmo working in your chosen industry. Simply put, they can't bar you from working in your field, and the law here was slighted in favor of the employee. I get to define my career.
While IANAL, it basically means in Missouri that non-competes are bogus. That company was an ISP, and while we never signed that non-compete, there was another one that got swapped in (regarding custmoers and stealing them, and such) and we did all sign that. However, within a week of quitting, I was employed in the same position at an ISP, and no one was concerned.
Generally speaking, a contact can't keep you from putting food on the table. If you are a graphic designer, and you sign one, the contract can't really keep you from working for another graphic design firm, although they can keep you from stealing their customers.
Bill
While I wasn't a developer, I made the move full time in 2001 to technical sales from a pure engineering/IT management roles.
The are several issues that arise from this, and they need to be broken out and analyzed separately.
1) If you are talking technical sales, rather than pure sales, those are generally two entirely different beasts. If you look at Cisco, the sales folks are true sales guys, while the technical sales engineers generally spend most of their time working with the technical groups in the company, demoing new products, working in the test labs, and doing presentations as required to higher management. So being a pre-sales engineer can be very technical and hands on, depends on the company.
2) Are you going to have to actually do "Sales"? When I made the switch, I realized that there are certain aspects of sales that I don't have the ability and/or will to do. For instance, I can't cold-call to save my life. In the pre-sales engineering roles I've had, I've made it very clear to employers that I am not the person who will find new customers. I tell them up front that given a qualified lead, I can convert a well-above average number to customers. My current position is the closest I've ever come to sales, as I am building a new practice within my company and therefore have taken over account management. However, I have several sources for leads, and I don't find new customers. I think the bottom line is to be very clear about what sort of sales role you want and make sure that you aren't signing up for something that you can't/won't be able to do.
3) Any salesperson who lies to the customer is a F@#*$-ing idiot. Period. The truth in the IT business is that your best business is repeat customers, and its a lot easier to get more business from a happy customer that it will ever be to find the 60 new prospects that will eventually convert into a few paying customers. At one job, I supported 5 sales guys, three of whom were ex-cell phone sales guys. One was a former field employee, and one was from a technical engineer/development background. For the three cell-phone guys, I had to force them to stop with the lying/exaggerating that they started out doing. It wasn't necessary. We had a great product, and we were competing in a market where our sole true competitor was a company everyone hates. Hell, I'd tell customers we could do some of what they needed and lay out where we wouldn't be a good fit and they'd still sign just because they were sick of our competition. The bottom line is that if you have a decent product, and you target someone with a need for it, lying will simply get you in trouble. I find that telling a customer the truth is a clear differentiator to everyone else, and more often than not, they come to me anyway. A corollary to this is that with many products, there is *NO* single product that does everything the customer needs/wants. Right now, one of my key products is a network management solution. Truth is, there are hundreds of products in that space, and every single one fails in some way for every customer. It might be too expensive, or lack support for a specific protocol, or require a programmer to maintain it, etc. This list goes on. By telling customers the truth you often win their respect and loyalty because most of them aren't stupid enough to actually believe the lies.
4) Being in sales can be fun. I get to take customers to ball-games, strip-clubs, casinos, expensive dinners, and happy hours. I get to travel a bit. There are definitely perks to having an expense account, and to be honest, its fun.
5) I'm an introvert too. I have a wife and kids, and when I travel, it bothers me to not be home with my kids. But generally speaking my interaction with customers is exactly the same as it was when I was an engineer and a technical manager. I spent all day on the road as an SE, going from company to company, interacting with customers. As a manager, I spent a lot of time on the phone with technical support, a
As a disclaimer, I spent a large chunk of the 90's working for several large Apple Ressellers.
However, I think the basic problem here is one of approach, rather than Apple's response.
Let us put this in another way, altogether:
You run a small business, and you use HP/Compaq machines.
Who do you buy it from?
Most small businesses will probably go to either a large VAR (CDW, etc.) or find a local reseller of HP, who also provide support.
However, I suspect that it is safe to say that you probably aren't going to trundle down to Best Buy and purchase all of your hardware for you business from them.
When you purchase a computer (including support) from someone who understands the needs of the business community, your response to any problem will be significantly different than purchasing from a consumer-oriented store.
This is the same situation with Apple. Apple Stores (at least where I live) are in shopping malls. They are pandering to people who think that every computer should come with a free IPod, because that is their market.
However, again, at least where I live, there are at least two Apple resellers that specialize in business and know perfectly how to support a business customer.
At the time I was a tech, working for one of these companies, we supported every Fortune 1000 company in 40 miles who had a Mac in the office (which was most of them). When they called, we understood the difference between business support and everything else. When a marketing department for a Fortune 500 calls because their server died, it needs to be fixed now, not next week.
Not only that, but we were properly equipped and trained to support the business community. At the time I did this, I knew virtually everything there was to know about upgrades, patches, memory fixes, and hardware that Apple sold. Not only that, but I knew the same thing about every 3rd party product that my customers used. This included Quark, Adobe's full line, Macromedia, and hundreds of other programs, including business support software such as 3270 emulators and 3rd party software to connect Mac's (this was mid-90's) to Windows networks and servers, as well as mainframes.
The reality is that if you are purchasing your business hardware from a mall-store, you've made a serious error in the first place. Find a local reseller, preferably one who sells Mac's to businesses.
The other support issue is one of being able to determine software versus hardware errors. I can't tell you how many times some bizarre piece of shareware that some idiot long-haired birkenstock wearing graphic artist installed that caused problems with memory. A less savvy tech could very well have spent a day or two RMA'ing the memory to Apple, rather than knowing enough about the systems to properly diagnose.
In order to get business class support, you need to find a business class reseller. Relying on the home user support mechanisms won't buy you anything.
My advice: get out a phonebook and find a few Apple resellers nearby. Call them up and maybe meet with them. If you have a decent number of machines (which when I did this was usually about >2) and agree to buy through them, I'll bet money they will assist you with issues. The other place they will be able to assist is in working with Apple's AppleCare process. They do this every day. They know how to get through the system, and have done it countless times.
Bill
The original post didn't truly define several of the key points that are required to make this decision. I think that you need to define whether you are simply looking at a ticket management system or something that is more geared towards tracking actual source code and changes, or something in between. I think that the long term needs play a huge issue in selecting the proper tool for this as well. If you are going to be routing user-base information later, or adding 20 more developers, it might make sense to go for a more robust professional solution now. On top of that, you also need to factor in how much extra time 5 people are going to have to set up, customize, and maintain a system that will require more initial customization than a larger, more professinoal tool that has more functionality out of the box. My guess is that if it is a 5 person company, they need to be taking care of business rather than spending days or weeks customizing a lower-end package.
If the emphasis is more on the ticket-tracking side of things, there are many programs out there available to do this, from the absolute low end (such as the Sharepoint solution mentioned above) to the high-end tools such as Peregrine, Remedy, or CA Service Desk.
My company uses CA's Service Desk internally for IT tracking, and we also provide our clients with Help Desk Services. Service Desk has a ton of functionality out of the box, generally requires little or no fooling around with to get running for issues-tracking, and also has some great functionality in terms of scripting calls to other applications. It also has a complete Workflow process built into that allows Visio-like creation of workflows, which can streamline any number of processes.
In the past, I've run helpdesks, and I now work for a IT consulting company that provides help desk solutions as part of our repretoire.
It sounds like you haven't actually identified the problem, and you need to look at the whole picture to determine the solution.
I'd start with doing some research on best practices for help desks. While ITIL might be a huge stretch for your needs, it certainly is a great source of information about *HOW* and *WHY* a help desk should be run. Buy a book, or at least hit Google and figure out what your help desk needs to provide the best service to your company.
Next, take a good hard look at your processes. I will guarantee that, as some other users have pointed out, your call statistics are an incredibly important measurement of your success. Having access to that data will help you make the right decisions on providing service to your company. Without it, you don't have a clue about what you are doing or why.
A few examples:
How do you prioritize the duties you have to fulfill? Is it more important to build a new server, or to spend 30 minutes researching a users problem? How much time should you be allocating for the different functions? How many people do you really need to do your job properly?
How do you identify problems that interfere with your job duties? Do you actually know which users are uselessly sucking up time with repeated calls about the same problem? With 3 people, you might have 2 users in your company that are consistently consuming large percentages of your help desk resources and no one has really identified that. Being able to spot trends (the same problem occuring on the server over and over, clueless users, bad desktop software after an upgrade, etc.) will help you keep your own stress down while benefitting the company.
Have you actually taken a good hard look at your homebrew help desk software? If your average call is 1 minute, and it takes 1 minute to log all the call information, its no wonder your people aren't logging things. Can you link the PBX to the software to auto-identify and populate user info fields? Does your software have the ability to auto-complete all extra fields once the user is identified?
How much time are you spending on password resets? Can that be automated or simplified to the end users to save you time?
Today, there are quite a few good help desk packages available. From low end off-the-shelf packages to the commercial packages. A full-blown professional system will still run you less than $30k fully installed and will probably up your productivity by 50% or more. The lower end packages will be considerably less and have similar effects, but your choice will be made by the functionality you really need.
Also, you should be tracking *EVERYTHING* your employees do. Not just help desk calls. The only way for you to measure your actual performance will be to treat server builds (or any other function) as if it were a help desk call. This will give you *REAL* statistics to carry back to the bosses and make actual decisions. If you only log help desk related tasks, then a huge percentage (possibly more than 50% of your time) could be black hole time that has no quantification. If you spend 4 hours one week coding, it should be logged. If one of your techs spends the entire week building new servers, it should be logged. Again, a halfway decent help desk software will allow you to parse functionality and see what you are doing, and help forecast and justify your time and see the problems.
And you need to remember, this isn't about "Big Brother" watching. Its about having a true measurement of effectiveness and function. This information will let you go back to management and say, "Look, we're spending 10 hours a week each working overtime, which is costing you more than an additional tech and we've been doing this for 4 months," to justify the fact that you need help. Or finding out that your on-call guy is spending 20 hours a week wo
I've worked in both large corporate environments with high security, as well as working for small companies. I've done work regulated by HIPAA, SOX and government regulations in the past. Not only that, but I served as Director of Technology for several middling size ISP's, all of which I served as unofficial security liason/abuse person.
Seems to me that, as with anything, any company should consider the risk, and try to set rules based on acceptable risk as well as best practices. Using google should allow you to research both.
For instance, there may be situations where a company needs to restrict information. I can think of several ways off the top of my head to do this, even with email. Lets say you have a company, large or small, that deals with Intellectual Property, patents or code or somesuch. There is an obvious need to restrict access to some of that information, if only legal discussions or strategy. For such a firm, information *IS* the most important thing. So find a strategy to segment information. Put the code on its own server, instead of a share of the main fileserver for every Tom, Dick, and Harry. If email is a necessary evil in sharing information, then segment the key users on their own server. If that company has several admins, identify the trusted admins and only give them access to those servers. It should be obvious that the low-end tech who sets up normal file sharing and printer shares doesn't need access to the IP information, so use AD or *nix to ensure his access. As well, make sure that you have proper legal coverage in place in the forms of contracts, NDA's and other such things.
For every issue, it comes down to cost versus benefit, but there are both technical and non-technical mechanisms in place to do this. They may not be free, but they exist. Compared to the risk of losing millions of dollars when some disgruntled tech steals your code and gives it to a competitor, an extra server makes sense.
No matter, there are always ways to minimize risk and the amount of hassle while still having some assurance that your security needs are met.
I'm also reminded of a few experiences I've had. My favorite was when I found out that my boss, a director of a Fortune 500 company, had completely and utterly shared is Exchange Email folder with the entire company. I never abused it, but every single person in the company could have read his email 24 hours a day, even from OWA.
Another anecdote comes to mind. When I worked for the ISP's, I had access to tremendous amounts of user information. I got every bounced email, had access to news server logs, could read anyone's email spools, etc. Looking back, I'm still amazed by what an end-user would put and/or attach to an email sent to an address that didn't exist, whether through typos or just stupidity. I can't tell you how many users of that ISP I saw butt-naked, but it was a damn significant percentage.
Bottom line is, we have rules because you simply can't underestimate human stupdity.
Gybrwe
From the description, there appears to be no policy in place governing how IT information can be used by company management. The problem lies in that fact, not the fact that someone is requesting the information.
I suspect that this is also further complicated by the fact that employment is regulated at the detail level on a state by state basis, and therefore the legal aspects of your situation will be influenced by local laws.
However, what I would do if this is the first time this has happened is to run this by the head of the HR department or someone who handles such things within the company. Where I live, if there is no policy, the employee whose information is being disclosed might have some legal rights, or could simply try to sue everyone involved if something negative happens. I suspect this could happen anywhere, as well. If HR has a discrete policy, then you are covered and the rules are clear.
Personally, I'd get someone in authority (boss, HR, legal) to give you in writing their guidelines, and perhaps take the opportunity to help create a policy if it doesn't exist.
I have worked for/with several large corporations, and each one has had very clear guidelines, spelled out in detail in the AUP for computer/internet use which employees must sign as part of the hiring paperwork. My wifes' company, for instance, (a large multinational news firm) allows any line manager to request the internet records of any employee after discussing it with their appointed HR rep (each manager has his/her own HR rep who handles such things and is involved with the managers on a daily basis). I've also worked with other organizations where only the security team, who had independent authority and worked hand-in-hand with management and HR, had direct access to the records.
However, I must mention the most brilliant and most efficient filtering scheme I've ever seen: make everything public. I worked with one of the large credit card corporations a while back, and when they first allowed general internet access, they had a website that simply logged *EVERY* employees browsing history (not urls, just domains). An employee could see his managers, the managers could see the employees. It worked brilliantly, since no one was going to risk being exposed as having gone to even questionable sites, so there were very few abuses. Plus it required no upgrades, no computers, no power, and virtually no effort. I suppose this was a good implementation of Cory Doctorow's recent suggestion about making security public. Too bad they discontinued it because of lawsuit concerns.
First off, one of the biggest telco's in the US used, at least the last time I checked, about two years ago, the last four digits of their employees' SSN's as *EMAIL* addresses. Emails were initials followed by the last four. Sad and pathetic...
However, if this is truly something you want to see changed, it might be worth calling around to a local reporter or television stations and seeing if you can hook a reporter on the idea of getting a good story out of this. Privacy concerns these days are no laughing matter and I've found recently that sometimes corporations have individuals in them with good intentions but beauracracy and inertia make it difficult for even some of the highest placed individuals to effect real change.
And just think about how exciting it would be to the the "Anonymous Source" in a nice little news story...
This happens to be a great business plan if you own the company. However, at the billing rates you're talking about, its unlikely that the regular worker in your company is benefitting much at all.
But the fact remains that this business plan has been used with varying degrees of success for many, many years. Some efforts are successful, some are flameouts...
I worked for many different companies like this in my early IT career. The last time I was did this for a job, my boss was paying me $13.25 and billing me at $90.00 or so. We were a fairly specialized provider of a particular field of IT support, and owned the market we were in. The owner needed myself and the other tech to justify her hardware sales, because she was selling commodity hardware at or above MSRP. (Go ahead, see if you can pull that off for a decade!) The engineers were good enough that clients payed more for hardware because they knew that when anything bad happened, it would get fixed and fast.
In fact, I left because one of the owners had just bought property on Nantucket after giving herself a $50,000 bonus (on top of salary and commission) and I got $2000 bucks and a drink. My leaving made them realize that they couldn't find people with my skillset and changed the company policy to reflect profit sharing and a host of other things.
However, your employer probably knows that he can (and undoubtedly will) be able to replace you with another adequate tech for the same amount (or less, as you get raises) and simply doesn't care.
Several of the companies I've worked for doing break-fix jobs had gobs of talent walk in and out of their shops, but simply didn't care. Guys I've worked with have ended up at important jobs running IT departments for huge companies or doing other similar things but started out building PC's or fixing them for $7.00 an hour in the nineties...
Remember that if you do your own consulting, if you pay taxes on that you'll lose a huge chunk of the hourly. Its tough to run your own business, especially finding new clients and getting enough clients to actually pay the rent *AND* food *AND* high speed internet. I did that for a year or so as well, and while it was fun for a while, it got old quick, especially during tax season when I had to fork a decent chunk of change for my accountant to get everything in order.
The good news is that your can likely learn as much as you want and actually start a career doing what you do now. Just don't plan on doing it where you are currently at...