Tag Archive: planning


How likely am I to recommend Windows 10 to a friend or colleague?

Filed under: Compliance, SecurityLeave a comment
November 27, 2018

WhyMicrosoftThe moment I almost forget what a pain Windows 10 is, this message pops up on my PC.  Why did you have to ask me this question again, Microsoft?  Why must you remind me of my suffering?  All the details of what I have experienced are too much to cover in a single blog, so I will do my best to focus on the big issues.  As such, I won’t be whining about Windows 10 not consistently recognizing my finger, but that is a common theme here.

Nor will I spend the time rehashing various feature disruptions associated with forced updates to the degree that they deserve.  Most notably, Bitlocker comes to mind, but I cannot bring myself to go there in any significant detail. Suffice it to say that when I lost access to my encrypted Bitlocker drive due to an update, the documented fix required reinstalling an older version of Windows 10 to recover my data.  I chose to buy another hard drive since it was less complicated and time-consuming.

At one point in January of this year, I estimated that the combined dysfunction of Windows 10 and Office 365 had cost me at least two full days of productivity for my own system, never mind other people that I provide support to.  In that month alone, I personally spent over an hour a day on average dealing with issues that you would never see on a Windows 7 PC running a non-365 version of Office.

As an IT professional with thirty years of experience, I can honestly say that the Windows 10 operating system (OS) may be the most intrusive and unreliable OS ever created by Microsoft.  Computers and operating systems are intended to make our work lives more efficient and less challenging, not less efficient and more challenging.  On a regular basis, Windows 10 and its cohort, Office 365, thwart productivity through seemingly incessant and meaningless updates performed in the almighty name of compliance and security.

artificial-intelligence-155161_640

Even the most basic functionality of turning off your computer is challenged by the HAL-like behavior of this OS.  On my way out for a recent Thanksgiving road trip, I attempted to shut down my PC (four times).  Each time, my PC appeared to shutdown it came back on again.  It was clearly going to do this ad infinitum, which led to a few expletive laden Google searches like, “Windows 10 will not $&%#ing shut down!”

This is not the first time I have seen this particular issue in Windows 10 or similar quirky bugs like the black screen issue, so my patience was tested.  Eventually, I rediscovered and used the “hold the left-shift key and shutdown” method to wrestle my insubordinate PC into submission, then for good measure I actually unplugged it too.  Let’s see you restart now, Windows 10!  Thankfully, it didn’t.

Sure, this OS looks good on the surface, and in some ways it is better than its predecessor, but there are some major drawbacks.  For example, trying to use an app arbitrarily deemed as “not stable” or “incompatible” results in Windows 10 uninstalling that app without users’ permission.  Windows 10 won’t necessarily remove the app as soon as you install it, but when Windows applies updates again, it will remove the offending app and does not notify users.

Want to postpone an update or set the time updates are supposed to occur? … Go ahead.  There are settings for that, but whether you go through the exercise of configuring those settings or not, Windows 10 pretty much seems to do whatever it wants to do when it wants to.  I feel like I have lost control of my computers that run Windows 10.  Microsoft is in charge of them now and decides when and how I can use them.

If you have a critical online meeting, work that needs to be done right now, or a plane to catch, you can almost count on Windows 10 attempting to update or do some other thing that doesn’t need to be done at that exact time.  I don’t know how it does this, but it does.  It could just be that it is always doing an update.  In a nutshell, if you are familiar with the printer in the movie Office Space, Windows 10 is that printer.

Given my experiences, recommending this OS to anyone before they felt that they truly needed to move to it would be willfully irresponsible.  That said, I suspect there is a small contingent of users that Windows 10 helps stay out of trouble.  I know some of those people, but the masses should not have Windows 10 on their computers when there are other more reliable – as defined by computers that do what you want them to do when you want them to do it – alternatives.

Many of my financial services customers have likely moved to Windows 10 or plan to move to Windows 10 in the future.  For those businesses where compliance and security are paramount, staying the course on an aging OS like Windows 7 will become more difficult, given that Windows 10 is widely perceived as being more secure.

Understandably, for corporate use Windows 10 may just be a desktop environment that is used to gain access to a more secure and redundant cloud environment.  As such, the pain points I describe related to Windows 10 could be less of an issue for these users.  However, consigning users to Microsoft’s decisions about how they can use their PCs at any given time is scary.

Ultimately, the path Microsoft is on with Windows 10 is either headed toward total authoritarian rule over personal computer systems, or toward the eventual demise of Microsoft’s stranglehold on the PC OS market in favor of a more agreeable and obedient operating system.

lord-of-the-rings-the-one-ring_800

By way of disclaimer, I am using Windows 10 Professional, but know that Windows 10 Enterprise LTSB, which will soon be renamed to LTSC in 2019, follows the more traditional release policy and is not updated with the frequency of Microsoft’s other versions of Windows 10.  Based on my experience to date with Windows 10 Professional, the Enterprise LTSB product would probably be a much better user experience.  Also, related to Windows updates, my advanced options are set to Semi-Annual Channel (Targeted) with the option to defer feature updates by up to 180 days and security updates by up to 30 days.  I realize that I could gain a greater level of reliability and reduce the problems I experience by changing to the straight Semi-Annual Channel, which would delay feature updates by an additional 4 months.  My opinions are the result of using Windows 10 as both my primary desktop and notebook OS for the past two years.

About the Author: Kevin Shea is the Founder and Principal Kevin Shea Impact 2010Consultant of Quartare; Quartare provides a wide variety of technology solutions to investment advisors nationwide.

For details, please visit Quartare.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@quartare.com.

Tags: , , ,
Comment

End Nearing for Some Microsoft Systems

Filed under: Best Practices, Business Continuity, Investment Operations, SecurityLeave a comment
May 31, 2013

HourglassWindows XP was a mainstay at many financial services firms for nearly a decade.  In keeping with the Microsoft Lifecycle Support Policy, support for Windows XP and similar aged software must eventually end.  You can learn more about the policy here.

According to Microsoft, extended support for Windows XP is scheduled to end on 04/08/2014.  If your office is using Windows XP, you should be working on plans to phase out XP by replacing those systems with new PCs or upgrading the PCs to a more recent workstation operating system in the next six to nine months.  There is no good reason to wait until or beyond April 2014 to perform these upgrades.

Why should you care?

Most security standards – for instance, 201 CMR 17.00 – require that you apply security patches on a regular basis.  It is the extended support from Microsoft that allows you to do this.  After extended support has ended, there is no guarantee that any security patches will be released for these systems.  In order to stay compliant with security standards, firms using Windows XP will need to upgrade to other systems.

Hasta la vista, Vista!

androide

Currently, we are recommending that business users implement Windows 7 Professional on workstations.  Windows 8 makes sense for home users with touch screens, but we prefer not to implement operating systems before they have become mainstream in the workplace; Windows 8 just isn’t there yet.

Vista extended support is good through 04/11/2017, but Vista has always been a dog, and any business users still using Vista should strongly consider moving to Windows 7 Professional immediately.

Server-based systems affected by the Microsoft Lifecycle Support Policy

Windows 2003 Server extended support is good through 07/14/2015.  Nevertheless, Windows Server 2008 R2 will likely be the most widely used network operating system among investment advisors by the end of 2013.  Windows Server 2012 was released on 09/04/2012 and hasn’t yet been widely implemented among SMBs we are familiar with.

Exchange Server 2003 extended support also ends on 04/08/2014.  The implications of this related to security updates are the same as those detailed above regarding XP.  If you know which version of Exchange is in use at your office, you can check Microsoft’s site here to determine when the end of extended support for Exchange will affect your firm.

Like Vista, extended support of Exchange Server 2007 is good through 4/11/2017, so there is no need to upgrade in the near term future.  Exchange 2010 adds OWA support for Firefox and Chrome.  In addition, Exchange 2010 makes better use of lower-cost disk subsystems, allowing you to get a performance boost over 2007 without spending a premium.  Those are nice features, but not nice enough to push an Exchange upgrade before a normal IT lifecycle replacement demands it.

Exchange Server 2003 will be phased out by many advisors this year, and most will move to Exchange Server 2010.  Though Exchange Server 2013 was technically released in November 2012, it may be premature for the SMBs that dominate the investment industry to adopt Exchange Server 2013 over Exchange Server 2010.  Presently, there is no direct migration path from Exchange 2003 to Exchange 2013.  A number of small investment advisors will move to hosted Exchange solutions and no longer keep Exchange servers at their offices.

With this many possible changes slated for the next ten months, now is a good time to make sure your firm has addressed the issues or has a plan to upgrade any systems affected.

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide.

For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

Tags: , , , ,
Comment

10 Things Every IT Manager Needs to Know

Filed under: Best Practices2 Comments
November 11, 2011

I just received an ad for “500 Things Every IT Manager Needs to Know:  Volume 1.”  I am sure there are 500 things, but none of the IT managers I know have the time to read about all of them.  Maybe that’s a good resource for somebody who has never been an IT manager.  I don’t even want to crack open the document for fear that I’ll spend valuable time reading about the 500 things, but thinking about it for a bit made me come up with my own abbreviated list.

In order of priority:

1.  Backup.  Backup.  Backup.  If you don’t know what I mean, read my blogs “Five Rules to Stake Your Plan On” and “Is Your Most Valuable Data Safe in the Cloud?

2.  Communication is key.   Setting expectations and meeting or exceeding those expectations is instrumental to keeping your co-workers satisfied with the quality of your work.  Failure to communicate sends a message clearer than words.  In contrast, good communication establishes a rapport that makes your work easier.

3.  Document your systems and your work.  If you keep things organized, required information is readily available when you or others need it.  I keep a running log that details almost every important thing I do.  If I need to refer to work I did last Friday, last month or last year, chances are I can find it in my log.

4.  Learn what is good enough for your firm.  Very few people that want systems to be perfect actually want to pay for perfect.  Many SMBs operate with a mandate of what is good enough for today and the near future.  IT managers at SMBs need to be adept at juggling priorities moment to moment.  In priority, your firm should want things to work securely, reliably, efficiently and as fast as possible.  Knowing what type of investment your firm is willing to make in each of these areas will help you understand what is good enough, and facilitate your ability to manage the IT objectives of your firm effectively.

5.  It always takes longer than it should, and usually doesn’t work quite the way it is supposed to.  That’s why you have a job.  If you are an IT manager, you fix IT.  Over the years I have learned to multiply my time estimates by two to offset my optimism.  Figure out what your multiplier is.

6.  Newer is cooler, but typically more time-consuming and consequently more expensive in terms of implementation and maintenance.  I like cool new stuff too, but losing a day of productivity to have the latest iPhone OS may not be worth it.  Staying mainstream is ideal and most efficient from a labor perspective, while being on the leading edge or lagging behind technologically carries a labor premium.

7.  Proactive is better than reactive.  Proactive IT management is the Holy Grail of IT.  It appeals to IT managers because we would rather take preventative measures than deal with the carnage of system failures.  It is attractive to the financial decision-makers in management because less downtime means more productivity.

8.  Decide whether you want to wear a lab coat or a tie.  It’s hard to do both, but if you must, tread carefully.  Otherwise, troubleshooting system issues can consume a large part of your day.  We all want to know why, but sometimes finding out why can be counter productive.  From a business perspective, a one-time glitch that you’ll never see again doesn’t merit a half a day of your time.   You probably have other more important things to do.  When you do attack a pesky bug or system issue, understand your options and budget your time accordingly.  Know when you have had your lab coat on too long, and make sure you can find the tie again.

9.  Centralized and standardized systems are almost always preferred.  Occasionally, there are users that need to be set free of the limits placed on the rest of the herd.  These power users may be set apart by their need more rights, faster systems or flexibility, and it’s typically in your best interest to give them what they need so you can limit the time you spend catering to or denying their demands.  Conversely, you may also run into some technologically challenged individuals that need their rights further limited to prevent them from hurting themselves or driving you crazy.

10.  You are only as good as what you have done or are responsible for today.  A lot can happen in 24 hours.   IT is a high-profile area where bad performance is readily apparent and rarely tolerated for long.

About the Author:
Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide. For details, please visit isitc.com or contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

Tags: , , , , ,
Comment

Five Rules to Stake Your Plan On

Filed under: Business Continuity1 Comment
November 29, 2010

I started setting up contingency plans and disaster recovery (DR) sites for financial services firms ten years ago. Initially, the goal was to reduce the expected recovery effort from an insane week to a few difficult days, but in relatively short time the new standard became less than 24 hours. Given the SEC’s increased scrutiny of business continuity (BC) plans most investment management firms should now have a detailed plan that includes access to offsite servers, and a level of routine data updates to an offsite facility.

To ensure that your BC plan is successful follow these simple rules:

1. Plan to fail
Most plans are too optimistic. When things go awry, they typically go from bad to worse — rapidly.  Planning to fail means envisioning and detailing potential failure scenarios and documenting your contingency plan for each situation.

For example, we recommend three forms of backup (with the assumption that one or two of the backups may not be sufficient). While many of the firms we work with could probably get away with a single backup method, each method that we implement lowers the overall risk of losing any data.

2. Don’t set it and forget it
Remember, there is no silver bullet. The day you don’t check your systems is the day you should expect them not to work. Systems are ultimately managed by people and even the most competent people sometimes make mistakes. Beware of vendors that tell you, “It’s automatic. You don’t have to do anything.”

If you have a metered Internet backup service and you are getting billed monthly, the invoice amount should never be the same. If it is, it may indicate that the data being backed up isn’t changing.

Absolute vigilance is required to be successful at planning for a contingency.

3. Establish strict and coherent responsibilities
Who is the steward of your firm’s plan? How do they validate the plan? How does the plan work? Our real-world experience indicates that multiple parties need to understand and check the plan for problems on an ongoing basis.  When new systems are implemented a disciplined approach to adding and updating the contingency plan needs to be executed.

4. Institute operational checks and balances
We recommend a multi-faceted approach designed to ensure that multiple parties independently share ultimate responsibility for backing up your company’s data and validating that the contingency plan works. Your firm cannot afford to make assumptions about whether those responsibilities are being met.

If you think you’re ready, test it. Ask your IT folks to throw the switch with little or no warning to see how well your plan really works. You may want to think about this carefully since some plans are like having a gun that can only shoot one bullet. In order to test the system again you may need to rebuild the system.

5. Continuously improve and refine
Contingency plans fall into five basic categories: non-existent, poor, okay, good and excellent. As a decision maker and responsible party at your firm, do you know how your firm’s plan would rate? Moreover, IT systems are in a nearly constant state of change. If your plan was “good” last year, is it as “good” today?

A company that has an excellent contingency plan for a catastrophic event may not have a good plan for the more likely event of losing Internet access at their office tomorrow.

There is always room to improve your plan.

About the Author:
Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide. For details, please visit isitc.com or contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

View the original document.

Tags: , , , , , , , ,
Comment