| Carolinas IT

Experience peace of mind.

Client Portal

Contact Us Live Chat

Blog

Avoiding a “Zero Day” Attack

Posted on Mar 14 2013 by Mark Cavaliero

Over the past few months, we have seen an increasing threat to networks we support.  The problem is that the new viruses are changing so fast that the Anti-virus providers can’t keep up with them.  The pattern we are seeing is that code is embedded into an existing virus that causes it to change (mutate) into a new version that makes it look like something the anti-virus software hasn’t labeled as a virus.  This leads to what is known as a “zero day” attack, where you get hit before your AV product has the latest code.

A better long term solution is to upgrade the firewall to something that actually scans files as they enter your network and controls what your network users can do on the Internet.  A basic firewall is good, in that it blocks intruders from unauthorized access to your network.  It works kind of like the doors/windows on your house.  You can open certain doors or windows, and let things that normally come in to those doors through.  So for instance, you open the door (actually called a port) that web traffic comes in and out on so your employees can use the web for legitimate work.  Well, that port is now open, so in addition to legitimate work, they can browse facebook.  Unfortunately, if they click on a facebook post that has a virus, that virus can come in through the open port.

What is needed is something that not only controls ports, but actually looks at the traffic that comes in through the port, and allows you to control that traffic in a very granular manner (so for instance, you could allow certain employees to access Facebook during lunch, but not use Facebook chat)

We’ve seen these next generation firewalls in action and they are very impressive and give you great visibility to what is coming into and going out of your network.  The system uses built in intelligence, and links back to a research center to screen for threats that are known as well as threats that haven’t yet been documented.

Both Cisco and Palo Alto have some great solutions.   Which one you choose depends on your particular needs.   Here’s a link to an information sheet that gives a very good description of how they work. : http://media.paloaltonetworks.com/documents/datasheet-firewall-feature-overview.pdf

Here is some good Cisco reference material on their Intrusion Prevention System: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/data_sheet_c78-459520.html

Here is a link to some videos that describe how one of the the systems work: http://www.paloaltonetworks.com/literature/videos/    Check out the one labeled “Next-Generation Firewalls: A New Dimension to Network Security”  for an overview of the system.

A New Vision By Asking Some Tough Questions

Posted on Sep 02 2012 by Mark Cavaliero

Over the years, I’ve read volumes of books and articles that address the subject of maximizing business performance and operations.  Most all of them agree that one of the most critical things you can do as a business owner is to stake out your vision for the company.   The vision should be the statement of your intent as the business owner.  It describes how you as the business owner see the company evolving.  It is a statement of where you want the company to go.  Many years ago, we as a company embarked on a discussion to craft our own vision statement.  We were all proud of our completed product:

“Our vision is to be the technology support partner of choice for organizations in the Southeastern United States through our innovation, dedication to operational excellence, leadership, and effective delivery of professional services.”

Earlier this year, I began to ask myself some tough questions.  Does the vision truly reflect who we want to be?  Does it accurately represent why we exist as a company?   Does it reflect what makes us unique?   When you parse it out, is it in sync with my most basic ideas of leadership?  I had a nagging feeling that it was too similar to the vision of every other company whose leader read Good to Great.   That it sounded overly “corporate”.  That it was more about who I thought we should be than who I knew we should be, and who we truly were.  Over the course of a few weeks,  I began to work up a new vision.  I realized that the vision had to say things that only I could authorize.  I wanted it to be a bold pronouncement of who we were, of what made Carolinas IT such a special place.  It had to give guidance that a team member could use when making decisions.  With some help from our team, it  took shape.  I think we finally got it right.

Can you see any differences?  Let me know what you think.  What would the answers be if you asked yourself some tough questions?

“We are building a world class technology services organization where our team members are valued and treated with respect.  Our company provides talented professionals with a challenging opportunity to learn, contribute, and grow while supporting their families and maintaining a healthy work-life balance.   Our formula for providing great services to our clients depends on enabling and supporting our employees, enhancing their quality of life while enabling them to share in our financial success.”

Mark

 

Don’t Jerk the Trigger

Posted on Jul 12 2012 by Mark Cavaliero

I’ve always been fascinated with the power of words.  How words are used to convey ideas.  How a word can mean multiple things to different people, how words can inspire, and if used the wrong way, how damaging they can be.  Here’s a story to illustrate.   It’s a five minute read, but perhaps you will find something of value in return for your time.

Tim was on his high school football team.  He was fairly athletic, and fast enough to do the job, but just never seemed to have what it took to be on the starting squad.   His coaches usually put him in when the game had been decided one way or another.  The last game of the season, in the last few minutes when his team was in the lead, the starting defensive safety got hurt.  Tim was up, this was his chance.  If he could just keep the other team from scoring, his team would win.  As he buttoned his helmet and ran on the field from the sidelines, his coach said “OK Tim, just don’t get burned.”    Those words stuck with him as he ran onto the field…”don’t get burned”  he said it over a few times as the opposing team came to the line.   The play unfolded right at him, the receiver ran a quick pattern, smoothly accelerated around him as the ball met his outstretched hands just out of Tim’s reach.  He got burned.  He felt terrible.  As he came back to the sidelines, his coaches wouldn’t even look at him.  On the bus home, he was sitting behind the starting safety, Paul.  He told Paul he was sorry he blew it, and asked how Paul was able to consistently avoid getting burned.  Paul said, “Well, sometimes it happens to me too, but when I’m out there I look at the receiver and tell myself “I’ve got him covered.  If the ball comes my way I will be the one to get it or knock it down. I will get that ball.  I just keep telling myself that I will get that ball.”  Tim thought about it, he had a flicker of recognition that there was something different between what he had told himself and what Paul consistently did, but it soon got buried under the bundle of shame and guilt over the game.

A few years later, Tim had joined the Marines and was going through his initial training.  The candidates were being tested to see if they had the endurance to make it, and they were halfway through a ten mile hike with full gear.  Tim knew if he didn’t keep up it would hurt and even possibly end his career before it started.  He was hot, sore, tired and aching.  His platoon sergeant had just come by and noticed Tim was hurting.  He yelled at him…”I see that look in your eye, you better not fall out of this formation…”  Tim thought about all that was at stake and repeated it to himself….”you better not fall out”,   over and over to himself.  It helped for a bit, but after a few minutes he slowly fell behind.  Luckily, his platoon stopped for a quick break before it was evident.  One of the older guys in the platoon came over.  “What’s up with you?” he said.  “I’m hurting, I don’t know if I can make it.”  “OK, I hear you” the older guy said.  “Look at me.”  Tim looked up.  “When we start back up, I want you to tell yourself something, OK?”  “OK” Tim said.  “You tell yourself that you can do this all day.  You tell yourself that you are good to go and that you will stay in this formation.  You will make it. You will stay in this formation.  Got it?”  “Got it” said Tim.  The hike was tough, but as Tim finished with his platoon he was filled with pride and felt like if he could make it through that hike, he could make it through anything.  Later that evening, he didn’t remember much about the second half of the hike except the words echoing through his mind “you will make it.”

A week later, Tim was on the rifle range, qualifying with his weapon.   His shots were inconsistent.  Some would go high, some low, and some right on target.  His Platoon Sergeant came by and chastised him, “You’re jerking the trigger, that’s what’s causing that pathetic pattern of yours.  Don’t jerk the trigger.”  Tim tried not to jerk the trigger, and it worked for a little while, but he soon fell back into the same pattern.  The range coach noticed it and came by during a scoring break.  “OK, look at me.” He said.  “Now, when you are firing, I want you to remember something.  Are you listening?”  “Yes” Tim said.  “Slow steady  squeeze” said the coach.  “That’s what I want you to do.   Slow steady squeeze.”  The coach had him dry fire a couple rounds.  (pulling the trigger with no round in the chamber just to practice)   “Remember, slow, steady squeeze.  Say it back to me.”  “Slow, steady squeeze”, repeated Tim, with confidence.  From then on, his shots were consistently better.  It took him a while, but once he mastered the other techniques of marksmanship, they were dead center, every time.  As he pinned his “Expert” badge on his uniform, that flicker of recognition of the pattern that he had first noticed on the long bus ride home back in high school suddenly struck him.

It became clear to him that his mind and body were connected far more than he ever realized.   More importantly though, he realized that his subconscious mind was really the one in charge much of the time.    Especially when there was no time to think, or during periods of stress, or when he was just running on “autopilot” and not really thinking.   At a deeper level, his subconscious mind didn’t seem to recognize words negative commands, or “do nots”.  While his conscious mind heard “Don’t get burned.”, his subconscious mind landed and stuck on the word “burned”.  When the conscious mind heard   “Don’t jerk the trigger, or “don’t fall out”,  what stuck were essentially commands to  “Jerk” and “Fall out”. 

Not convinced?

Don’t think about penguins.

 What kinds of things do you tell yourself?  What do you tell your spouse, your kids, and your co-workers?    What if you made a subtle change to how you talked to yourself and those around you every day?

My Report Card

Posted on Jun 08 2012 by Mark Cavaliero

As previously noted, each time a client gives me feedback telling me how my team did, I forward it out to the entire company with a quick quote or summary of the note as the subject.   I posted a screenshot in April, but I thought I’d post an update with comments since then.

I’ve come to view this folder much like a part of a report card.  If I’m providing proper guidance, leadership, training, and structure for our company, this folder will tell the story.   Obviously there are there are other important metrics to evaluating how we’re doing, but to me, this one is a key indicator.

Last time I posted concerning client feedback I did have a few questions:

Q. Is this all the feedback?

A.  No, I only forward the feedback that comes directly to me from clients/employees or comes from our ticketing system and has the maximum score (15) , along with comments.  If I forwarded all the 15s without comments it would generate a flood of email.  To me, a comment reflects a level of satisfaction I want to share.

Q. What about negative comments?

A.  True negative comments  are very rare.  I do see a comment every other month or so that provides constructive criticism, usually dealing with communications issues.   However, instead of forwarding out to the group, we handle in private via the leadership chain of command as appropriate to the feedback.

 

Top 5 Causes of Micromanagement and What You Can Do About It

Posted on May 30 2012 by Mark Cavaliero

When I interview candidates, one of the most frequent complaints I hear is “I hate being micromanaged.”  If my small subset of interviews is any indication, there is an epidemic of micromanagement going on out there in the business world.  I suspect if you got a sample of 100 people in a room and asked them to list the top 3 mistakes their leaders make, micromanagement would be on at least 90% of the lists.  So why does it happen?  What is the root cause?  What is it that leads someone to take actions that are generally agreed to have a negative impact on an organization?

Leaders usually micromanage because they are afraid and fearful.  They feel like unless they hover over the subordinate and give step by step guidance and supervision, the task won’t get done the correct way.  Sometimes there’s an element of ego involved, in the sense that the manager knows no one can do the job as good as he can, so he constantly nitpicks a subordinate.  This is toxic to good working relationships, and shouldn’t be tolerated at any level.

Here’s my take on the top 5 causes, along with some quick guidance for how to avoid micromanagement.

1. Failure to adequately baseline the responsibilities of the job or task and the expectations of the leader for accomplishment.  One of the first things a leader should do jointly with a subordinate is to outline the responsibilities of the job/task, document it, discuss it and modify if necessary.  This should be done on a macro level with the entire job, and on a quick, micro level with a task.  See previous blog posts concerning providing clear guidance.

2.  Lack of prioritization.  Micromanagement is often the result of a jumble of tasks that get dumped on someone  with no guidance as to priority.  If a leader doesn’t make the priority of work clear, precious time may be spent on a low priority task, setting the subordinate up for increased pressure to avoid missing expectations for a higher priority task.

3.  Lack of regularly scheduled, ongoing ”huddles” to allow the subordinate to provide status reports for situational awareness, and ask for direction as needed.  These huddles also allow the leader to check status on a regular basis, so there’s no last minute scramble to get a task done that was supposed to be in progress.  Having them scheduled regularly makes it a part of your Operational Rhythm, so it becomes a natural part of your week instead of an unwelcome intrusion.

4. Failure of the subordinate to provide meaningful feedback on the duties of a job.  If you need training/assistance but don’t discuss it, or tell them you think there’s a better way of doing business, it should be no surprise when you don’t perform up to your potential and you find your boss hovering because her expectations aren’t being met.  If you feel like you’re being micromanaged with no good reason, let the boss know that you’ve got the situation under control, ask that they give you some space, and give them your word that you’ll make them glad they did.

5.  Overall chaotic environment.  Leaders set the tone for the environment.  If there’s a aura of constant churn and chaos, it doesn’t provide that solid structural foundation for accomplishing tasks in a well thought out, orderly fashion.  The mode of operation becomes fighting fires and getting things done as quick as absolutely possible.   A supervisor may be able to accomplish the task faster, but that’s not necessarily the long term most effective way to get it done.  Much more productive would be to have the supervisor sit with the subordinate, go through the task together and document the steps.  If the organization has inadequate resources, it’s even more important that everyone pulls their weight.  A poorly performing staff member who requires constant guidance should be put on an immediate performance improvement plan with clear goals and consequences.

Notice a trend?  The root cause is “failure to communicate” on the part of both parties.    No matter what your position is in an organization, you must actively engage your team to communicate.  That means talking and listening.  That means telling someone if they aren’t meeting your expectations.  It also means documenting those expectations, providing guidance/feedback, and  agreeing on how to handle the situation going forward.  Effective leaders can’t afford to micromanage, they realize that it is a waste of time and energy.   If you’re a leader, don’t put up with under performance.  If you feel you’re being micromanaged, ask yourself what you can do to put a stop to it.   That leads me to the question I usually follow up with when someone complains to me about being micromanaged, “Well, what have you done about it?”

“The Big Eye”

Posted on May 15 2012 by Mark Cavaliero

If you want to get a laugh, ask any of my leaders if they’ve ever gotten “The Big Eye”.  Should make for some interesting conversation.    Over the years, I’ve noticed that sometimes what you say as a leader isn’t exactly what is heard.  What you think is crystal clear somehow becomes jumbled up.  The thing that you thought you had perfectly explained becomes tortuously convoluted.   When this happens, it’s easy to just dismiss it and chalk it up to “he didn’t listen”, or “she wasn’t paying attention”.    Effective leadership demands a level of communication that exceeds normal conversation.   The foundation for this type of high level communication is a shared understanding of intent.  Your team member should not just know what you are tasking, but should understand the “why” of it.  This is the “big picture”, the reason the task is being assigned or delegated.  Usually takes the form of “I want you to do X in order for us to accomplish Y and Z.  My intent is that when the dust settles, the end result will be <what it looks like when Y and Z are accomplished>.”

The X is the “what”, and it is very important.   The Y and Z are the “why”, and it is the most important.   If the situation changes, it may not make sense to do “X” in order to get Y and Z.    Understanding the intent is what allows a team member to use his initiative, innovation and judgment to accomplish the intent in the face of a changing situation.    Even the best plan requires flexibility in the face of uncertain or changing variables.

So, where does “Big Eye” fit in?  The task has been assigned, explained, including a background and intent.   The team member is then asked something to the effect of “OK, do you understand?”  Response: “Yes, I got it”.  That’s when the Big Eye comes in, I usually open my eyes as wide as I can for emphasis, and say “Good.  Are you sure?” and then “Tell me what you’re going to do”.  They tell me in their own words what’s going to happen and why.  If there’s any pause, hesitation or uncertainty, we’ll go back through it until there’s a shared understanding of not only what is to be done, but why.  Communicating in this way breaks the normal patterns and demands interaction on the part of both parties.  As you gain confidence that tasks get done according to your intent, there will be less temptation to micro-manage along the way.

Doesn’t have to take long, once your team is trained to work together it becomes natural and flows quickly.  If it’s a longer term task, I find that a quick email or tasking note to confirm helps to serve as a reminder for both of us.

 

 

 

Who’s in Charge? (Part II)

Posted on May 04 2012 by Mark Cavaliero

The ability to delegate tasks is one of the key skills an effective leader must develop.  No matter how productive a single individual is,  time and space limit the amount of things they can personally handle.  Unless they can successfully engage others in the accomplishment of tasks, the organization and mission will be constrained.   Delegation might appear very simple on the surface, “…go do x, y and z.”, but all to often it becomes a point of failure in an organization that severely impacts operational tempo.  There are several key concepts to effectively delegating a task.

- Ensuring that a task is very clearly understood. It often helps to have the person you delegate to repeat back to you what they are tasked with in their own words.

- Most importantly, they must understand the “why” of the tast.  That’s the “Commander’s Intent”, and it should serve to guide their actions when circumstances change or a better way of accomplishing the mission is found.  They should undersand very clearly how the task fits in to the overall plan.

- Provide guidance as to how they will keep you informed during the process, and how they will notify you once the task is complete in order to close the loop.

I find that using the ”5 W’s” as an outline (who, what, where, when, and why) helps clarify the information that needs to be conveyed in order to delegate effectively.

And finally, supervise what’s going on.  That doesn’t mean micro-manage, it means check in every once in a while as agreed upon, see how things are going, and look for red flags or areas where you can offer guidance.  Remember that you can delegate authority, but not responsibility.   The person in charge is the one ultimately responsible.   You have delegated the authority to get the job done, make decisions, and take steps to complete the mission, but you still retain the ultimate responsibility.  It’s of little use to tell someone to go do something, then come back a few weeks later and blow up because it didn’t get done right.  Shape the action, exert positive leadership to ensure success.  Provide your team with the guidance they deserve so they can live up to your expectations.   In my experience, if you do that, you’ll be pleasantly surprised with the results.

Who’s in Charge? (Part I)

Posted on Apr 27 2012 by Mark Cavaliero

One of the traditions I have with my kids is to always put one of them in charge when I’m away.  I’ll say something like, “Evan, I’m going to the store, you’re in charge of the kids until I get back.” Now of course Elizabeth is always there, but I like giving them the experience of responsibility and thinking about how to make decisions, deal with conflict and small issues that come up. I think it develops character and makes them think about their position as a member of the family. It also serves as a catalyst for some interesting conversations. One evening around bedtime, Evan (6) said “Daddy, I want to be in charge right now.” I suspect the motive was a raid on the pantry for cookies or a change to his bedtime schedule. I reminded him that it was night time and I was still around. He said it didn’t matter, he was taking over. I reminded him that the person in charge is the one to deal with the “bad things” that might come around, and ask him if he was ready to take on whatever scary thing might happen to crawl up out of the woods that night. ( I know that sounds cruel, but developing mental toughness is important to me) He thought it over, laughed and said that he would just tell Ethan (4) to deal with whatever came up, since he was in charge he could just order him to do it and sit back and watch. About what I’d expect from a six year old, but how many leaders take exactly that mentality?

What if our leaders actually took their positions seriously and didn’t try and pawn off the tough calls or tasks? Positions of leadership demand the courage and decisiveness to make tough decisions and deal with the “bad things” that sometimes have to be handled. Leaders must be present, both physically and mentally in times of challenge. Now delegation is an important tool, and I’m all for it when it is appropriate (more about that in part II). Leaders have to set the example and lead from the front. Make a decision, chart a course and go with it. Don’t hide behind a title so you can avoid risk and deny involvement later on if it goes poorly.

 

What do our clients say?

Posted on Apr 23 2012 by Mark Cavaliero

Every time a client gives me feedback telling me how my team did, I forward it out to the entire company with a quick quote or summary of the note as the subject.  Thought I’d share a screenshot of the folder where I keep them…notice the time frame, these are from around a 1 month span.

 

 

Page 1 of 3