My Wordspace

A dumpster full of various musings over life, God, scripture, and any random thought that may fly by meanwhile. Comments welcome.

Archive for the ‘Work’ Category

Am I Speaking Another Language?

Posted by Iszi on March 22, 2007

I’m really getting tired of dealing with idiots.

Generally, I try to be careful about how I word things and express myself. Particularly when it’s going to be in writing, and especially when I’m at work. In communications with end-users, all it takes is one poorly-written e-mail from IT to create hours of cleanup work. With that in mind, I like to say I try to “idiot-proof” my e-mails.

But of course, once someone makes something “idiot-proof” someone else is bound to come up with a smarter idiot. Or – in my case – three.

Consider this quote from an e-mail I sent regarding an access change request that was not properly submitted.

Due to security policy and audit requirements, I cannot process requests for access simply based on “match to” criteria. There needs to be a specific list of roles outlined in any given request, which should be tailor-fit to meet the individual user’s access needs.

The e-mail goes on a little longer to describe the approval process for after the list of roles has been laid out, but those were the first two sentences in that message, and they were also the most pertinent to why I could not process the request.

Please, if I did something wrong here or was ambiguous in any way, somebody let me know because I obviously can’t figure out why I received the following replies from some of the people CCed on the e-mail:

(From the requester, to the Service Desk support person who had originally contacted me regarding the case.) –

Per our discussion this morning, I am forwarding you the email that I spoke of.
Could you please intercede on this matter and work on getting me the appropriate access?

(Reply to the above, from the Service Desk person. Names changed to protect identities.) –

It basically looks like Iszi and Joe Security are saying the same thing:

We need approval from your manager.
We need approval from John DataOwner (which we already have below)
Then that would be forwarded to ID Admin.

(Reply to that, from the requester.)

But all 3 steps below have been done. (including the email to ID Admin).
What’s the next step?

Yes, all three steps in the Service Desk person’s e-mail were done, but that’s not the problem! Did no one read the first two sentences of my e-mail?!?!

(From the person the requester wanted their access matched to, in reply to my original e-mail.) –

The reason I asked for the role to be copied from my ID, is that he will need it. If not, I would not have asked for it. Please duplicate his ID with the same roles I have set up

Finally, after re-sending my original e-mail – with font emphasis on the pertinent lines – and discussing the issue over the phone with several individuals separately, the request got re-submitted properly and everything fell in line.

Still, could somebody please tell me what I did wrong in the original e-mail? Why is it that three people couldn’t seem to get the message right?

Posted in IT, Venting, Work | Leave a Comment »

I just can’t stand Service Desk stupidity!

Posted by Iszi on February 20, 2007

Working in IT, I get to deal with a lot of stupid stuff mostly due to user ignorance and/or laziness.  This is commonly known as PEBKAC and is generally accepted as part of the job.  So, in dealing with users I try to offer a bit of forgiveness whenever they say or do something that just doesn’t make sense in the given situation.  When the IT Service Desk exhibits user-level ignorance and moronishness however, that’s when I blow a gasket.  These people should know better.

In today’s example, a user is calling in to check on the status of a requested change to their SAP account.  SAP changes require a few approvals.  Firstly from the user’s manager, and second from the Data Owner in charge of whatever permissions the person is requesting.  If the request hasn’t yet been approved by the user’s manager, the Data Owners never see it.

In this particular case, the user’s request hasn’t been approved by their manager yet.  This is clearly visible on the online request form, and is also noted in a trouble ticket open from when the user previously called in to check on the status of his request.  After the manager approves the request, my approval will be needed for some basic display roles, and some other roles requested will need approval from another Data Owner.

Here’s a bit of my conversation with someone from the IT Service Desk (Referred to as ITSD) on the subject.   Names have been stripped and/or changed to protect identities:

ITSD says:
hey

Iszi says:
?

ITSD says:
i have john doe on the phone, he wants to know when his SAP CMP role change is going to be done

Iszi says:
Last I checked, my answer was “When it is approved”.  Did you look at his ticket?

ITSD says:
yes smarty pants

Iszi says:
well what are you coming to me for?

ITSD says:
and ibecause it doesn’t have that you approved it yet

ITSD says:
that’s why

ITSD says:
never mind i will talk to (ITSD Manager) about

Iszi says:
It’s not MANAGER approved yet.

Iszi says:
I can’t approve anything until the user’s MANAGER has approved it.

ITSD says:
there is no need for you to get smart

ITSD says:
at all

Iszi says:
Not getting smart, getting defensive…

ITSD says:
well you don’t need to do it with me

What part of “not approved, I can’t do anything” is hard to understand?  It’s in the ticket, it’s on the form, why am I even hearing about it?  Sadly, this is not a rare occurrence.  All too often the ITSD (not this person most times) calls me with an issue, and it goes like this:  Me – “Did you check the ticket/form?”  ITSD – “Yes, and you said this in it…”  Me – “Does it look like there’s been any change in the situation on the user end?”  ITSD – “No”  Me – “Then why are you coming to me with this?!?!”  ITSD – “…”

Or worse:  Me – “Did you check the ticket/form?”  ITSD – “No”  Me – “Well all the info you need is in there, go look and then come to me with questions!”

This is just ridiculous, and I’m getting tired of it.

</end rant>

Posted in IT, Venting, Work | Leave a Comment »

Password Maintenance Woes

Posted by Iszi on February 12, 2007

I’ve just got to vent this right now.

My company has got to have quite probably the STUPIDEST password maintenance rules and policies in the world! Not only are there probably a dozen different systems that you might have a password in, but each one of them has their own specifications to be followed.

For example, differences may be:

  • Length requirements.
  • Dictionary exclusions
  • Allowed characters
  • Required characters
  • Expiration schedules
  • Reuse schedules
  • Change frequency

So, if I would want to have one password for all systems (which is a general security no-no of course, and even against written policy for some systems) or even a few systems, I would have to first make sure that it meets the length and character requirements of the system that demands the most complex password, then make sure that it doesn’t fall under any dictionary exclusions in another system (which has been known to kick passwords out for words of as few as three letters), and then make sure it isn’t excluded by the reuse policy in any of the others! Oh, and if I change a password in one system but it doesn’t jibe with another, I might have to wait a whole day to update the first one again!

Yeah, and by the way: You’ve got to do this every month, or 60 days, or 90 days, or whenever depending on which system you’re in! Sound confusing? Well it is! Of course, on the technical end, it’s supposed to be confusing – it is a security matter after all. But, on the human end the extreme complexity in itself can become a security risk. People will naturally want to simplify parts of their daily life which are complex. And the more complex, the greater the desire to simplify.

For example, let’s say you want a person to change their password once a month. Consider this a conversation between user and their computer. User is italicized, computer is bolded:

Okay password change today, no big deal. We can handle this. Just breathe in, breathe out. Concentrate. Yeah, I’ve got it!

Good job. One problem. The password has to be longer than that! Oh, really? Hmm, let me think. Okay, I’ll add another word or throw some prefixes/suffixes on there, how about that?

Great, but… What? You need more character types. *sigh* Fine. I’ll throw in a number and a special character here and there. Happy?

Almost. What now? Well, you’ve got some words in there. Isn’t that what a password is? No, I mean *real* words. You know, stuff I could look up in a dictionary? We can’t allow that. Oh my God. Okay, how about I substitute some l337 5p34k in for some of this? Is that good enough?

I think so, let me check… Oh, no no no no! We can’t have this! What the bloody hell now?!?! Well you see, you used this password last year one time when you came up for renewal. Remember, (insert number) passwords ago? What the F&$K?!?!

Okay, that does it. I’ve got to be able to remember this thing somehow! I know: I’ll use my son’s name, the nickname we use for his soccer team – I know *that* can’t be in the dictionary – a number sign, and his jersey number! How about that? Well, let me see. Wow, that’s PLENTY long enough, you’ve got all the character types, no dictionary matches, and I don’t think you’ve ever used this before. It looks like a great password! No one will ever guess it, superb job!

Finally, thanks! Now let me update this other system that I use in the same program. Oh, wait. This one doesn’t like that password. Some of the characters you used aren’t recognized. Well $#%&! Fine, how about I change this bit? Is that good?

Yeah, that’s fine. Okay, thank you! Now let me go back and make that other one the same, so I don’t forget…

Woah, wait. You want to do what? I don’t want to forget these passwords, so let me change the first one that I made to match the other one! Well, I don’t have a problem with you doing that… just not now. See, you just changed your password a few minutes ago and I can’t let you change it again now until tomorrow.

Some computers just deserve to be shot.

Anyway, my key point is here. See what password the user ended up going with? Believe it or not, this accounts for the way probably 75% of users end up making their passwords. When I was doing computer migrations – where we needed to know the user’s password – I saw this all the time. Kids’ names, jersey numbers, pet’s names, vacation plans. Anything that will be easy for them to remember, all common-knowledge stuff for anyone who might know the smallest bit about these people. Or worse, they end up writing their password down somewhere near (or attached to) their computer so they won’t forget it! (Yes, I have seen this done.)

They choose the simplest way to deal with the most complex system, thereby nullifying any security benefits that are supposedly gained by making the system so complex! And for those who don’t do this? Well, I used to wonder why people called in so often with forgotten passwords. I guess I have my answer.

Posted in IT, Office Life, Venting | Leave a Comment »

Patience

Posted by Iszi on January 23, 2007

I usually consider myself a pretty patient person when it comes to waiting on things and dealing with people. I mean, I’ll usually get inwardly aggravated and frustrated to one degree or another – often to the extent of expressing it to whomever will listen nearby – but usually when it comes to the person that I’m actually dealing with, I’m pretty cool. I usually try to give them their time to do whatever it is I need them to do, or try to give them some extra forgiveness as I attempt to get them to understand one thing or another.

Today though, that patience is gone. I don’t know exactly where it went, but all of a sudden my tolerance level for anything has dropped to nil. Someone tried to ask for a status update on some tasks which I’d only recently been given, and not had nearly sufficient time to even look at, and my first (internal) response to them was “Cease ye thou senseless drivel, lest I layeth my smack-down upon thee!”. The external response was slightly more courteous, but still to the same point. Where I would normally try to make some small show of apologetics and attempt to settle them down, I just flat said in short: “You’re not giving me enough time, and your expectations aren’t even consistent enough for me to understand what time you are giving me, so just back off and I’ll get to it when I can!”

Another instance, one guy asks me for an update on a case that he’s been asking me about for a good week or so. There’s really nothing I can do from my position right now, and I’m waiting on response from another company before I can do anything at all. He knows that already, so I told him to try contacting another group in our company that is more specialized for handling these types of cases. He says they told him there’s nothing they can do either, and wants to know if there’s any way I can force the other company into action. My response, summarized: “Well, if there was, wouldn’t the more specialized team have known this and possibly told you about it?”

Quite frankly, I don’t know what my damn problem is today, but I’m starting to get tired of dealing with it! Sure, I doubt the caffeine I’ve been taking lately (in the form of one daily dose of Starbucks Doubleshot, and occasionally another “energy drink”) hasn’t helped, but right now that’s about the only thing that can keep me going after lunchtime.

In the words of Bilbo Baggins:

“I need a holiday. A very long holiday. And I don’t expect I shall return. In fact I mean not to.”

Of course, if I were to take the 5 days of vacation time I still have left over from last year, I would probably come back. But by “vacation” I really mean a vacation from everything. Work, home, family, life, the whole shebang. I just want to get away where no one can find me for awhile and chill out. Get some time to shake the world off of me, and get refreshed.

I just want to get in my car, take nothing but the clothes on my back, and leave nothing behind but rubber and road. Then, when I get where I’m going, I don’t want to be bothered. I don’t want anyone to call me, talk to me, or even see me. I want to just spend some time somewhere that the whole world will just leave me the hell alone!

Maybe that’s an extreme end of my frustration, but that’s really what I’m feeling. Until then, back to the daily grind…

Posted in Venting, Work | 1 Comment »

ZUJU Sounds Like A Cool Word…

Posted by Iszi on January 22, 2007

Okay, this is further proof that (caffeine == bad for brain cells)! The last four characters of one person’s alphanumeric ID number in our system are “ZUJU” and I couldn’t help but think when I saw that, “that looks like a cool word – gotta find some meaning for it”!

So, zuju – pronounced “z00-j00” – is my new favorite word. I’ve just gotta figure out what it’s supposed to mean now. Any ideas? It would be such a shame to see this cool sounding phonetic arrangement go to waste. Maybe I’ll give up on meaning and just make it my new screen name. Yeah, maybe…

Somebody help me, please!

Posted in Random Musings, Work | 4 Comments »