Back to school!

I began my IT career at a University. I was the computer handyman for the Development Office at The George Washington University. I learned a lot, paid for undergraduate and graduate degrees with tuition benefits, and launched into a successful career.

And now, perhaps as a bookend, I have returned to a University setting as the Director of IT for Emory University's Emory College of Arts & Sciences.

I think I've returned at a fascinating time. In 30 years, things haven't changed that much in Higher Ed IT. Sure, we used to be mainframe back then, but interestingly the system I worked with was IBM VM/HPO.  A mainframe that could run multiple virtual machines. So now we have servers running VMWare.

Back then, some common packages taught and used in research were SPSS, SAS, Mathematica and Matlab. We run those same packages today.

Back then there were Student Information Systems and Learning Management Systems. The same exist today, and by and large the same processes exist.

But I think education, which has been conducted under a Socratic model for a few thousand years, and education technology, are both at the curve in the hockey stick of growth and transformation. MOOCs may have marked the beginning. And I marveled at how viral Pokeman Go became, and think - somebody is going to do something similar in education - gamify simple augmented reality to make things fun.

So having returned to Academe, perhaps I'll return to blogging a bit. I arrived here just after the Spring Commencement, and I have 3 more weeks until classes begin again. This should be fun!

Read More

IT: It's Time to Become a Culture of Yes!

Here's the presentation I gave to Thornton May's Value Studio in Amelia Island, Florida on November 6, 2014.

I have never met a more neurotic group of people than CIOs. They are like teenagers around the lunchroom table, wondering if others like them and wondering why they aren’t fitting in with the cool kids.

There are these frequent topics that pop up in CIO magazine or conferences or discussion boards. How can we become more relevant? How can we add value? How do we align with the business.

Look at that tweet. Can you imagine any other customer service industry that would have a magazine article about why to listen to the customer?

So another frequent topic starter is – How Can IT Evolve?

I’m not crazy about evolution as metaphor

• It is mistake based
• It involves an incredible amount of time and iterations
• We don't have time
• If you look at a rapid environment change, you can see a lot of species extinction. Our IT environments are (or should be) rapidly changing 

But it's a good metaphor in that it is all about competition

And if we're not careful, our competition will be Shadow IT, consumer IT and IT department-circumventing SaaS

And from what I can see, we aren’t evolving. We’re making the same mistakes over and over again.

• We are Culture of No. Our default answer is no, we can't do that.
• Because we are arrogant, with a “we know best” attitude which implies the requester is stupid
• We spread FUD
• We think more about resume impact than organizational impact
• We think as technologists and missi out on the activities of true value to the businesses we’re in

CFO’s by contrast aren’t nearly so neurotic. They aren’t worried about aligning their activities with the business because their activities are the business.

When I recently googled the phrase CFO transition, I got 82,300 results and the top results are actually about individual CFO transitions.

Googling instead for CIO transition, you get 360 results. And the top 2 results aren’t about individuals but are about trends.

The message – businesses don’t seem to care about CIO transition. We are fungible putzes.

Maybe we’re viewed this way because what we seem to value and deliver is being increasingly viewed as a commodity.

Nicholas Carr's book, "Does IT Matter?" You've probably all read this book, so I won't belabor it. In summary, Carr pointed out that companies used to have VP's of electricity, back when those companies actually produced their own electricity. Today, they get their power from a utility and there are no more VP's of electricity. He extended this to say that sooner or later (and he thought sooner), IT would just become a utility, and IT departments would go the way of Departments of Electricity.

But wow, do we seem to be resisting this change with every fiber of our CIO beings.

The single most obvious utility I can think of in IT is email. Email was invented in 1965. We've been through all of the stages of product differentiation (remember PROFS and Higgins mail and cc:Mail) and now it is just SMTP standard mail. You can get a free gmail account that has a mailbox limit of 10 GB.

And yet so very many organizations have internal email servers, email administrators on staff, and 1 GB limits on mailbox size. Even zoos for heaven's sake! As a non-profit, we get Microsoft Office 365 for free. 50 GB mailboxes. 1 TB per user OneDrive, free SharePoint hosting. And yet at a recent conference of 40 zoos and aquaria I attended, only a handful took advantage of this. Zoo have tiny IT staffs - I have 3. And yet many of them are using part of that small staff to administer email.

 So my advice is, whatever you’re doing – start doing the opposite

Instead of your default answer of No, make your default answer yes.

Certainly we have to perform our due diligence and steer our users into wise decisions. But if our initial answer is an obstinate "no, and prove to me why it shouldn't be no", then the utility model will kill us. People will get their own mail accounts, their own dropbox accounts and so on. If we block these with our policies and firewalls, there will be a revolution. At a minimum, "Shadow IT" will pop up all over, and sooner or later people will figure out that they don't really need the real IT department, those Soup Nazis who always talk about problems and not solutions.

Nicholas Carr was largely correct. As technologies develop, they become utility. This is good. Complexity should disappear. People want services, they don’t care how you do it, and they want them cheaply.

So my advice is to LET GO. Embrace the utility model as much as possible. Outsource anything that is not unique and critical to your mission. At the zoo, we run, in-house, our gate admissions, retail, membership, fundraising and animal husbandry software. But we also outsource email, Lync, SharePoint, OneDrive storage, our backups are to the cloud and we co-source our network management. I am constantly re-evaluating. At some point, maybe I can finally have my dream of having zero on-prem servers.

And while you’re at it, don’t be so dismissive of consumer IT. Your employees are bringing their own devices anyway, so embrace that. Allow them to use Dropbox and Evernote. Maybe you can make use of something like dropcam. Don’t block employee use of social media – it’s how the younger workforce operates. If you have concerns over their productivity, then maybe your managers don’t know what work looks like, and so are relying on the appearance of work. Because people can look at Facebook on their phones now anyway.

Again, to point to CFO's. They clearly have to be concerned about risk. Yet they have setup internal and external audit, policies and procedures, tests and measures in such a way that the risk management machine is efficient. They are then able to use the bulk of their functions resources and pour that into value creation activities.

In many ways, I have it easier at a non-profit than at a publicly traded company. I don't have to concern myself with SOX, for one. But I do have a million visitors a year and several million credit card transactions, so I can't escape PCI. I'm just trying to keep as much of that off my plate as possible. Part of me longs for the day when IT can be about system and process value creation, and the "preventing of bad things happening" can be under a risk management group, and perhaps largely farmed out like external auditing is. For now, I am just trying to find the right balance. That means doing what's necessary - the minimum that's necessary - from a risk and compliance perspective, and not going overboard. I want the bulk of my time to be on creating demonstrable and tangible things of value.

Take action on the endless conversation about "aligning IT with the business". Make sure you and everyone on your staff knows each business function as deeply as possible. By being able to sit above all of the functions, you'll see value creation opportunities that those in their silos will miss.

Talk in business terms like ROI, productivity, opening up adjacent opportunities. Develop business cases for projects and form a governance group to beat up on those.  Use the results to present a project portfolio to your board that speaks to them about business transformation and productivity.

And stop the endless pursuit of “best practice”. Get things “good enough” and then work on new things. If you keep on tweaking accomplishments of the past, you will get increasingly less and less payback on that investment of time and resources.

One thing to start off with is the challenge of working at a small non-profit. My whole budget is a rounding error on a line item of your budget.

I had an English teacher in the 7th grade ask this interesting question. I think she meant it as a zen koan – she wasn’t really expecting an answer. But the question stick with me all these years.

Do the rules of constructing a sonnet (14 lines, iambic pentameter, certain rhyming scheme) – do those rules enhance or inhibit the poet’s creativity?

And so now, I like to think that my non-profit, resource constrained world is just making me be more creative and way less wasteful

A lot of people when they first talk to me are a little perplexed on how IT can be aligned with the business of a zoo. But I can quickly dispel that.

One example is how we used to process memberships and how we now do it.

When I arrived at the Zoo in February of 2013, one of my benefits was a membership. And I soon discovered that membership fulfillment took 6 weeks to get a cheap looking paper membership card. The card had a barcode on it, but evidently just for decoration. When a member visited, they checked their ID and then scanned in a generic member visit. No record of the individual membership usage was being kept.

I think one of the enduring benefits of an IT background is it teaches you about process design. This is a real benefit you can bring to every area of your organization. So, now at the zoo:

• You get a PVC card, complete with adorable picture of our twin pandas, at the point of sale
• When we scan you in, we record your visit
• The zoo is able to have 2 fewer FTE's in fulfillment
• We're saving on postage

Another thing we’ve been able to pull off this year is zoo wide Wi-Fi.

I started that project through a donation from Aruba networks. Then we worked on and won a grant that funded the rest of the project.

It was challenging. It’s a hilly zoo, with winding paths and lots of trees. Bamboo, it turns out, is murder on RF signal. And being, by necessity, frugal, I did a lot of the installation myself. You haven’t lived until you’ve mounted an access point on the roof of the gorilla yard.

But now – it’s a demonstrable thing of value to thousands of people. Our guests get free WiFi. Our staff gets a secure network to do things like enter veterinarian reports from within the zoo, using a tablet.

And it has laid the foundation for lots of fun stuff in the future. Apps and iBeacons and interactive educational programs.

One of the fun and quick things the Wi Fi did for us is to allow us to put in some dropcams in animal enclosures. This is embracing consumer tech and the cloud - $200 cameras that stream to a cloud DVR, where for $50/year you can store a week’s worth of recording.

The team has been using them on some of our nocturnal creatures, to see what the heck goes on at night.

With the Wi Fi in place, getting the dropcams operating was literally a 3 minute job.

Read More

My Zoo now 100% WiFi'd for the public

A few recent blog posts have journaled my journey:

• Planning a high density outdoor wifi deployment
• Onprem versus cloud, aruba compared to Meraki
• WiFfi scarecrows

Well, last week saw the completion of the public side of Zoo Atlanta's WiFi. Today, every square inch of public space at our zoo has great WiFi signal and bandwidth. Come and enjoy it!

Next up will be to finish the behind the scenes areas where staff are located. We have some of those completed, and we should have the remainder done in the next few weeks.

What have I learned from putting in WiFi at a 40 acre urban zoo?

• I am not terribly allergic to bee stings, because the 30 or so stings that I got from disturbing yellow jackets didn't send me to the hospital. We eradicated that nest.
• I am allergic to poison ivy, as that's the only explanation for what happened to my calves; but I wasn't able to locate the patch to have it dealt with.
• Planning the placement of AP's by using the scarecrow method linked above was a tremendous help.
• PoE+ (802.3at type 2 at 30 watts) can be a challenge with switch configurations. There were a few tricks to getting the HP-2530 to deliver the proper power.
• Bamboo is murder on RF signal.
• Aruba handles "sticky clients" quite well. When you approach an access point at, let's say Elephants, your smartphone connects. All is good while you're there, but as you move away, you have much stronger signal from the AP at Pandas. Yet your phone (iPhone seems to be the worst) seems to suffer from separation anxiety, and holds onto the Elephants AP much longer than it should. Aruba does a thing they call "client match" which seems to force the switch to the better AP much more quickly.
• In monitoring usage, Apple iOS devices account for about half the traffic. But each week, I see Android creep up:

• Monitoring also reveals that Facebook is still a top site; Instagram, twitter and the other usual suspects aren't routinely in our top 20. But Amazon Cloud Drive is! Pandora and youtube are also getting some good traffic. I should probably block Netflix, but so far I am keeping things open.

And so now that the infrastructure is there, it's time to turn our attention to app development. What would you like to see in a zoo app? Post a comment here or email me at steve@ciodojo.com

Read More

WiFi Scarecrows - tip #2

In this article, I suggested what I've come to call WiFi scarecrows. Mount your outdoor access points up on a temporary, tall-ish tripod. Figure out where they work best before committing to a more permanent installation.

But I just found something better. It's free and much taller, and can't be knocked over by kids.

So at my zoo, I just mounted an AP on bamboo:

This has the air of something temporary that will work so well, I am at risk of forgetting about it! I have left a few feet of slack, so when it grows in the spring I should be OK. I'll have to report back then. In the meantime, this access point is ideally situated in the upper zoo, giving great coverage from small African primates over to gorillas in one direction and otters in the other.

Read More

OnPrem versus Cloud, Part 2: Aruba compared to Meraki

In part 1 of this series, we looked at SharePoint and compared an On Premise installation with a cloud-based one. In this article, we do a similar comparison with WIFI gear, comparing the controller-based Aruba with the cloud-based Meraki.

Every time we need to decide between two competing products, a series of tradeoffs arises. It is usually the case that there is no perfect answer, only indications as to which way might go better in most circumstances.

I recently faced this conundrum in comparing the enterprise WIFI offerings of Aruba and Meraki. These offerings take a completely different approach.

Aruba - The Controller Approach
Aruba makes wireless gear and associated network components, and nothing else. Their access points are extremely well built and engineered, and the price reflects this. While they do have a primitive cloud-based solution as well as an "Instant" embedded systems that autoconfigures access points for you, the flagship product requires the use of a controller and several sets of software.

In order to make your first access point operational in this environment, there is a long list of activities:

1. Order everything you need. And that turns out to be harder than you would think. They have a broad range of access points, antennas, controllers, and mounting brackets. To order the gear, you really need a knowledgeable rep or reseller
2. Buy the licensing you need. This may include the controller as well as Airwave and Clearpass software.
3. Install the controller, and get it licensed. The controller has an interface that only an engineer could love. There are so many tabs, menus, sub tabs, sub menus and expanding areas to even get to a page that has 100 different settings on it.
4. Configure the controller. So, you use this complex interface to setup your SSIDS, VLANS, radio settings and many other areas. At a minimum for this first AP, you'll need an SSID and a VLAN, possibly firewall settings and a DHCP server
5. Rack the controller, power it, connect it to your network switches and routers
6. Connect an Access Point to a POE+ port (or injector) into your network
7. If the controller was setup correctly, it will find that AP and present it under the configuration tab, AP installation menu. You select it, then click the provision button. This takes you to a page full of text boxes, radio buttons, and not much in the way of explanation. It's here that you name the AP, tell it about the controller, set its radios and IP address
8. Will you want to report on wireless usage? If so, you'll need to buy, then download and install their Airwave software. To do that, you'll need to build a server to host it (the server can be virtual)
9. Will you want to see things from outside your network? Then you'll need to setup a VPN connection to your controller and to Airwave.

All in all, and assuming you have solid networking skills and VMWare skills going in, you're looking at probably something on the order of 100 hours worth of work. I guess the good news is subsequent installs can get down to an hour or two.

Cisco Meraki - The Cloud Approach

Meraki, in contrast, is astonishingly simple:

• Order the gear. They only have a few models of access points and antennas. Basic mounting kits are included. They'll also send you eval units so you can see for yourself how simple this is. While Aruba will also give you an eval, they're not going to give you 100 hours worth of install.
• Order the cloud license. 
• Install the AP. Once it arrives at your office, connect the AP to a POE port on your network. See this article for a useful tip on installing your AP and deciding locations prior to making a commitment.
• Go to the Meraki site and setup your account. They have a wizard to walk you though setting up SSIDS and everything else you'll need.  Next enter the serial number of your AP.
• Um, that's it. The AP comes up. You position it on a map. The reporting interface immediately starts recording user activity. You can reboot the AP, flash its lights, and override a limited and understandable set of features.

All in all, even if you're pretty new to this stuff, you're looking at an hour or two of work.

Cost Comparison

I am nothing if not a keen negotiator, and I work at a non-profit where pricing tends to be great. So YMMV, but I got the 5 year cost of a Meraki outdoor AP down to about $800 and the 5 year cost of Aruba at $950. In fairness to Aruba, that per AP cost will go down the more I add (but I am licensed to 128 APs. Go over that, and the next tranche would kick me over $1000).

So Why on Earth Did I Choose Aruba??

So it costs more and is hugely more complex. Why did I go with Aruba?? A big reason was certainly that Aruba started a relationship with me with a sizable donation. Then they followed up with a discount that I imagine is deeper than most could get. But even so, I wanted to make the right decision, and Meraki was a definite contender all the way along.

Truth be told, there wasn't a bad decision to be made here. But my reasoning was as follows:

My Trade-Off Analysis

• Relationship. Aruba became very personally involved with my account. I know engineers by name, and have their cell phone numbers. My experience with Meraki certainly wasn't a bad one, but if you're going to go with a cloud-managed provider, then by its very nature it will be more cookie cutter and less personal.
• Technology. The outdoor Aruba AP-275 is an AC model. The Meraki MR66 is only N, and so far Meraki doesn't have an outdoor AC unit. I wanted to future-proof my installation as best as possible.
• Performance. In my own testing, both Meraki and Aruba performed well, but my testing wasn't really under any kind of load. Then I read Tom's Hardware "Cage Match" and developed great concerns over Meraki, both under load and in its "air fairness" practices. I did not however do my own testing to this level, and if I were to take everything Tom's article said to heart, I would have ended up buying Ruckus!
• Tweakability. This is a tough one. I think Meraki is this >< close to making this unnecessary. And Aruba quickly loses me with complexity; I don't really want to be an RF engineer. I just want WiFi to service a few thousand people flawlessly. But I have found that a call to Aruba support will get an engineer who remotes into my PC and I get to watch while they make changes.
• I already paid the heaviest price in setup. I spent more than 100 hours setting up controllers and software. But now, adding an AP is a simple matter, and takes 10 minutes. Installing it outside is another matter (Atlanta heat, angry yellow jackets, and poison ivy all awaited me), but that would be true no matter what gear I used.
• Warranty. The Aruba outdoor AP has a lifetime warranty. Meraki's outdoor units are only 1 year.

But that's me and my tradeoff analysis. You have your own set of unique circumstances. Cloud managed WIFI is very compelling. The Meraki interface is a thing of design beauty. You don't need to know dBI from SNR. You can order some eval units and see for yourself, without any commitment (not even return shipping). You can't really do the same thing with controller-based solutions like Aruba or Ruckus.

Read More

Never be responsible for something that's only valued when absent

I wish I could follow this advice. I heard it from one of Google's CIOs. He said he never wanted to be a CIO because you end up being responsible for things that are only valued when they are unavailable.

Like email. Or worse, voice communications. There is a 100% expectation of dial tone. So people don't care about you meeting your 99.99% SLA. No, you are at risk of getting fired over the .01%

When in IT Operations, I used to whine that nobody notices when the train runs on time. It is only that one, cold, rainy morning that it was 20 minutes late that is remembered. Of course in the US, this is a bad example. The trains running on time would actually be notable. But you get the idea.

I sometimes envy actuaries. They make great money and can't be proven wrong until they are long retired. In IT, you can be proven wrong instantly and publicly.

Read More

"Best Practice" so often isn't

I was at a conference a year or so ago and watched a brilliant presentation by a Verizon scientist. His presentation was on virus patching. and he was making the point that our relentless multi-day patching is at best a waste of money and at worst it is making our systems less secure and less reliable.

At conferences, I feel as if it was worth attending for one bit of wisdom to carry forward. In this case, it was his words that I noted:

Doing the same thing, only better, is almost always a waste of money.

His presentation used car safety as an example. He showed how safety was vastly improved by a seat belt. A standard vinyl seat belt is strong enough to lift the car it is in. He said for $1000 you could put in a titanium seatbelt that would be strong enough to lift the building we were in. This titanium seatbelt would improve your chances of survival by 2%. He plotted a graph, showing the improvements from nothing, to kite string, to rope, to vinyl seatbelts and finally titanium seatbelts.

It was a masterful speech, so I was thinking sure, I'd spend $1000 to improve my chances of living. He then drew something along the lines of the graph above and marked that zone of "best practice" and spoke the line that I wrote down: "doing the same thing better is almost always a waste of money." Because he then drew a different line that showed how an air bag (duh!) costs only $100 but increases survival chances by something like 30%.

So, he was doing something different, not just the same thing better.

I remembered this as I am now having that loathsome term "best practice" thrown at me left and right. The latest example is password policy. I am told that best practice involves complex passwords that require:

• upper case letters
• lower case letters
• numbers
• special characters

Curiously, there is a limit of 6 to 12 characters. Six is too small a lower range, and 12 is also too small for an upper range. I pointed out that according to this "best practice" passwords such as Pass!1 followed by Pass!2 would be perfectly acceptable. That's the wrong argument, though. It just gets the auditors to add more rules (no password that contains contiguous letter similarities with the previous 100 password).

Human nature is such that nobody is going to pick a password like $fHY^*L MkL~ü. People will game any system that you make too hard for them.

I point out to internal auditors that certainly one "best practice" concerns itself more with password length than character set. "bestpracticesooftenisnot" would be an obscenely good password. It's 24 character length makes it, with current technology, uncrackable for more than a century. It is also something a user can remember, and so they are less likely to write it down. And on an iPhone or other small device, it avoids the giant pain (and inevitable mistakes) associated with special characters.

So my suggestion is a minimum password length of 15.  Also,  issue some guidelines to help people pick better rather than worse passwords. Perhaps show them diceware. I find that fascinating - even given a known list of only 7,776 words. a password of 5 words constructed with diceware, all lower case, is resistant to years of brute force attack. That would be another lovely thing to get past the "best practice" crowd - if a strong password is safe for years, why does policy force you to change it every 30 days?

The wisdom regarding best practice applies to much more than passwords, of course. So whenever you find someone talking about best practice, pause for a moment. What is really being discussed is an incremental investment. So the decision doesn't have to be obedience to such an obvious term as best practice (who would be against doing things the best way?). You have to rise above that and ask if the incremental investment will yield a reasonable incremental benefit. And then you need to look at all of the things you are considering, and pick the ones with the best cost/benefit. In this way, you may find your current practices may not be the theoretical "best", but they are good enough. This might result in you inventing the next airbag instead of titanium seat belts.

Read More

SysAdmin; OnPrem versus the Cloud

It used to be I hated the letters e and i. Everything in the 90s was eSomething or iSomething. Heck, one of the companies I worked for started with a lowercase i.

Now I hate the word Cloud. Everything is branded that way, whether it deserves it or not.

But while I hate the term and its marketing overuse, I am completely bought into the concept and the value proposition. Take my recent experiences with SharePoint, both an on premise version and the hosted version from MS 365:

Getting Ready
On premise: I have to find a physical server or make a new virtual server. I have to size it appropriately and then load Windows Server. I'm not really up on the latest versions of Windows Server, so this is 2008R2. Of course, before then, I had to buy Windows Server. Oh, and now I realize that I have to do the hardware and software thing all over again for SQL Server. While you can run both on the same hardware, it's not "best practice." I also have to worry about disk space on my SAN. SharePoint, if it's successful, can gobble up a lot of space. So now I have a Windows Server and a SQL Server, I need to buy and install SharePoint server. Same with SQL Server. It's not particularly onerous, but it's definitely a couple of days of work. So, lots of time and money later, I have the basic infrastructure to run SharePoint. But I still have to make sure I am monitoring the servers, backing them up, applying patches and anti-virus updates. So much work, and I haven't published the first page in my first site. Also, if I want this to work outside my LAN, I need to setup firewall rules.

Office 365: OK, I'm very lucky to work at a non-profit where Microsoft gives us Office 365 for free. SharePoint 365 is included. From a setup basis, I am done! And I have some ridiculous disk allocation - something like 1 TB if I want it.

The winner: Office 365 (even at commercial rates)

Deploying
On premise: Being fairly experienced with SharePoint, this is familiar ground for me. I map out sites and subsites. I create a navigation structure. I am tied to our internal Active Directory, so user setup is straight-forward. And being on my own server, I can add in 3rd party webparts easily, or even write my own. I can review logs and dive directly into the SQL Database.

Office 365: In this environment, I am using SharePoint 2013. It's nearly identical. I have my AD federated with MS, so user setup is easy. A downside I discovered: 3rd party webparts are more limited - only what you can get from the MS SharePoint store. And a real bummer: logging is almost non-existent. I can't see what pages are being accessed the most, or which users are contributing the most. MS really needs to fix that.

A major bonus with 2013, especially in the O365 offering, is Office Web Apps and OneDrive (nee Skydrive). With these apps, users can edit (heavily, although not as complete as the full Windows applications), view, share, version control and even group edit all documents, spreadsheets and presentations, all within a browser window. All of my users have 25GB of personal space, and I have a few hundred GB devoted to shared documents.

The winner: A toss-up, but the OneDrive integration with Web Apps has me giving the nod to Office 365

On-going support:
This is where the hosted variety really shines. I don't need to worry about the underlying infrastructure at all. It's being patched, virus protected, backed up and updated. It's load balanced across Microsoft's elastic cloud.

Of course, sometimes the all-included model can cause problems. MS recently released a patch (in some non-traditional way) that caused all O365 applications to say "something went wrong" or "we're sorry, but try again later." Late last year, the migration from SP 2010 to SP 2013 was not friendly. But they fixed these things pretty quickly, and you always run a risk of down-time with on-premise services, especially if you are a jack of all trades (master of none).

The winner: Office 365

Summary
I work for an organization with a small IT shop and a small budget. We don't have the resources to dedicate to server management, database management, SharePoint administration. Our Exchange server, SharePoint, and Office Apps with OneDrive all benefit from being hosted. We can quickly use these tools instead of spending all of our time and money preparing them for use. Sure, some of the use may be more limited than would be the case "On Prem", but if you don't have the resources to make all that other goodness work, it's not worth it.

I will be curious to see how my opinion may change with Lync. At the moment, we are making limited use of Lync in O365. But when we upgrade phone and video systems, we may find that this integration is too valuable to give up. Of course, by then Microsoft may have done a better job with this integration. And also, perhaps the VOIP phone system of our future will be cloud-based itself.

For things unique to your business or those that confer a competitive advantage, by all means run them in-house with in-house expertise. But for everything else, it's a better decision to forego a little control and a few features by going into the cloud. It frankly blows my mind that anybody runs in-house Exchange servers anymore. Servers, electricity, data centers, disaster recovery, software licenses, software upgrades, the cost of Exchange Administrators, disk space, etc. The cost is staggering, and all for email.

Read More

Planning a High Density, Outdoor WiFi Deployment - Seeing is Believing

In approaching adding WiFi to a 40 acre, heavily landscaped and rolling outdoor venue, I have had a number of experts suggest very expensive modeling exercises. Like the consultant who asks for your watch to tell you what time it is, these folks want building maps, topographical maps, satellite photos. They do a complex modeling job and come up with a "heat map" that indicates where you should place Access Points.

And that would be the right approach if there were no other choice. For example, if I was constructing the venue, or if I didn't have existing LAN drops within the 300' cable length limit of Ethernet.

But I do have these LAN connections, at least for the most part, and so the better approach was the empirical method. Vendors of enterprise gear, justifiably proud of their engineering accomplishment, are happy to give you evaluation units. And so I got a handful of access points from a variety of vendors. I bought lighting tripods, the kind you'd use on a stage. I bought some pre-terminated 300' CAT 6 ethernet cables.

And I built myself WiFi "scarecrows":

And voila, I no longer have to worry about how it works in theory, I can actually see it working in practice. This is incredibly easy with cloud based access points like Meraki or Aerohive. Aruba has an "instant" that is accessible. Ruckus would be harder with their controller approach, but if you can get an eval unit, then it's just a bit more effort.

So, get 4-6 scarecrows together and start to position them around. Test the mesh capabilities. Test the ease of configuring and monitoring. And get a very good, non-theoretical basis for where your production access points should be. Test with a wide variety of devices. Test under load. Test how well a brand releases "sticky clients" or practices air fairness. Test different antenna approaches (for me, I am trying to cover paths, so directional sectors appeared to be a better choice than omnis).

None of that would be achievable with the heat map model approach. And I had one vendor quote me $75K on that model alone! Doing it the scarecrow way, you can see how the actual, real world channel interference is, the impact of rain on foliage, and so forth.

And finally, when you have made your purchase decision and are performing the physical implementation, the scarecrow allows you to test out subtle differences in placement before everything gets screwed into place and cut to length.

Read More

10,000 steps with the iPhone

Over the years, I'm sure most of us have heard the common wisdom that walking 10,000 steps a day is a great way to get and stay in shape.

Until recently, that would have been hard for me to achieve. But I now have a walking commute of 0.4 miles. So back and forth, plus back and forth for lunch is 1.6 miles right there. Plus I extend my "commute" by coming in a side gate and walking the zoo grounds.

So I dug out my old Omron  pedometer, replaced the battery, and added it to my belt. The belt is staring to get Batman-envy, but hey, this is science in the name of health!

I quickly discovered that even with my walking commute and extensions, it's hard to walk 10,000 steps in a day! That's about 5 miles. If I walk the zoo in the afternoon, or have a particularly busy time supporting the staff, or if I walk the dogs... then I hit 10K (haven't yet hit 11K). I make it to 10K about 1 or 2 days out of seven.

I was perusing some twitter posts and came across an article that mentioned a free app called Moves. Oh my goodness, an appaholic's dream come true. Moves records your steps as well as other "moves" you make throughout the day. So if you drive a bit, then walk, then bike, it gives you a nifty timeline of your activity. Clicking on one of the legs, you get a map marked with your route. Neat!

I love that this app is just on all the time - no need to start if up or even think about it. It is a bit of a battery drain, but nothing that a nightly recharge doesn't solve. I've gotten rid of the Omron pedometer (sadly, but probably accurately, Moves seems to record fewer steps than the pedometer. I think the pedometer was easily fooled by other movements like rocking in a chair). I have my phone on me all the time, anyway. And now I can go back in time and see what I did yesterday or last week. I suppose I should be creeped out or worried that this level of personal detail is being uploaded to the web, but somehow I don't care. The app is just too useful. It's 4 in the afternoon and I know that today I have walked 8,570 steps so far, walking a total of 1 hour and 34 minutes and covering 3.4 miles.

Read More