Author Archive: Matthew Herring

February 3, 2014

Risk Management: 5 Tips for Managing Risk in the Cloud

Security breaches have made front-page news in recent months. With stories about Target, Neiman Marcus, Yahoo! and GoDaddy in the headlines recently, the importance of good information security practices is becoming harder and harder to ignore — even for smaller businesses. Moving your business into the cloud offers a plethora of benefits; however, those benefits do not come without their challenges. Moving your business into the cloud involves risks such as multi-tenancy, so it's important to be able to properly manage and identify these risks.

1. Know the Security Your Provider Offers
While some SaaS providers may have security baked-in, most IaaS providers (including SoftLayer) leave much of the logical security responsibility of a customer's systems to the customer. For the security measures that an infrastructure provider handles, the provider should be able to deliver documentation attesting these controls. We perform an annual SOC2 audit, so we can attest to the status of our security and availability controls as a service organization. With this information, our customers use controls from our report as part of their own compliance requirements. Knowing a provider's security controls (and seeing proof of that security) allows business owners and Chief Information Security Officers (CISO) to have peace-of-mind that they can properly plan their control activities to better prevent or respond to a breach.

2. Use the Cloud to Distribute and Replicate Your Presence
The incredible scalability and geographical distribution of operating in the cloud can yield some surprising payoff. Experts in the security industry are leveraging the cloud to reduce their patch cycles to days, not weeks or months. Most cloud providers have multiple sites so that you can spread your presence nationally, or even globally. With this kind of infrastructure footprint, businesses can replicate failover systems and accommodate regional demand across multiple facilities with the minimal incremental investment (and with nearly identical security controls).

3. Go Back to the Basics
Configuration management. Asset management. Separation of duties. Strong passwords. Many organizations get so distracted by the big picture of their security measures that they fail to manage these basic rights. Take advantage of any of your provider's tools to assist in the ‘mundane’ tasks that are vitally important to your business's overall security posture. For example, you can use image templates or post-provisioning scripts to deploy a standard baseline configuration to your systems, then track them down to the specific server room. You’ll know what hardware is in your server at all times, and if you're using SoftLayer, you can even drill down to the serial numbers of your hard drives.

4. Have Sound Incident Response Plans
The industry is becoming increasingly cognizant of the fact that it’s not a matter of if, but when a security threat will present itself. Even with exceedingly high levels of baked-in security, most of the recent breaches resulted from a compromised employee. Be prepared to respond to security incidents with confidence. While you may be physically distanced from your systems, you should be able to meet defined Recovery Time Objectives (RTOs) for your services.

5. Maintain Constant Contact with Your Cloud Provider
Things happen. No amount of planning can completely halt every incident, whether it be a natural disaster or a determined attacker. Know that your hosting provider has your back when things take an unexpected turn.

With proper planning and good practice, the cloud isn't as risky and frightening as most think. If you're interested in learning a little more about the best practices around security in the cloud, check out the Cloud Security Alliance (CSA). The CSA provides a wealth of knowledge to assist business owners and security professionals alike. Build on the strengths, compensate for the weaknesses, and you and your CISO will be able to sleep at night (and maybe even sneak in a beer after work).

-Matt

December 30, 2012

Risk Management: Event Logging to Protect Your Systems

The calls start rolling in at 2am on Sunday morning. Alerts start firing off. Your livelihood is in grave danger. It doesn't come with the fanfare of a blockbuster Hollywood thriller, but if a server hosting your critical business infrastructure is attacked, becomes compromised or fails, it might feel like the end of the world. In our Risk Management series, and we've covered the basics of securing your servers, so the next consideration we need to make is for when our security is circumvented.

It seems silly to prepare for a failure in a security plan we spend time and effort creating, but if we stick our heads in the sand and tell ourselves that we're secure, we won't be prepared in the unlikely event of something happening. Every attempt to mitigate risks and stop threats in their tracks will be circumvented by the one failure, threat or disaster you didn't cover in your risk management plan. When that happens, accurate event logging will help you record what happened, respond to the event (if it's still in progress) and have the information available to properly safeguard against or prevent similar threats in the future.

Like any other facet of security, "event logging" can seem overwhelming and unforgiving if you're looking at hundreds of types of events to log, each with dozens of variations and options. Like we did when we looked at securing servers, let's focus our attention on a few key areas and build out what we need:

Which events should you log?
Look at your risk assessment and determine which systems are of the highest value or could cause the most trouble if interrupted. Those systems are likely to be what you prioritized when securing your servers, and they should also take precedence when it comes to event logging. You probably don't have unlimited compute and storage resources, so you have to determine which types of events are most valuable for you and how long you should keep records of them — it's critical to have your event logs on-hand when you need them, so logs should be retained online for a period of time and then backed up offline to be available for another period of time.

Your goal is to understand what's happening on your servers and why it's happening so you know how to respond. The most common audit-able events include successful and unsuccessful account log-on events, account management events, object access, policy change, privilege functions, process tracking and system events. The most conservative approach actually involves logging more information/events and keeping those logs for longer than you think you need. From there, you can evaluate your logs periodically to determine if the level of auditing/logging needs to be adjusted.

Where do you store the event logs?
Your event logs won't do you any good if they are stored in a space that is insufficient for the amount of data you need to collect. I recommend centralizing your logs in a secure environment that is both readily available and scalable. In addition to the logs being accessible when the server(s) they are logging are inaccessible, aggregating and organize your logs in a central location can be a powerful tool to build reports and analyze trends. With that information, you'll be able to more clearly see deviations from normal activity to catch attacks (or attempted attacks) in progress.

How do you protect your event logs?
Attacks can come from both inside and out. To avoid intentional malicious activity by insiders, separation of duties should be enforced when planning logging. Learn from The X Files and "Trust no one." Someone who has been granted the 'keys to your castle' shouldn't also be able to disable the castle's security system or mess with the castle's logs. Your network engineer shouldn't have exclusive access to your router logs, and your sysadmin shouldn't be the only one looking at your web server logs.

Keep consistent time.
Make sure all of your servers are using the same accurate time source. That way, all logs generated from those servers will share consistent time-stamps. Trying to diagnose an attack or incident is exceptionally more difficult if your web server's clock isn't synced with your database server's clock or if they're set to different time zones. You're putting a lot of time and effort into logging events, so you're shooting yourself in the foot if events across all of your servers don't line up cleanly.

Read your logs!
Logs won't do you any good if you're not looking at them. Know the red flags to look for in each of your logs, and set aside time to look for those flags regularly. Several SoftLayer customers — like Tech Partner Papertrail — have come up with innovative and effective log management platforms that streamline the process of aggregating, searching and analyzing log files.

It's important to reiterate that logging — like any other security endeavor — is not a 'one size fits all' model, but that shouldn't discourage you from getting started. If you aren't logging or you aren't actively monitoring your logs, any step you take is a step forward, and each step is worth the effort.

Thanks for reading, and stay secure, my friends!

-Matthew

November 14, 2012

Risk Management: Securing Your Servers

How do you secure your home when you leave? If you're like most people, you make sure to lock the door you leave from, and you head off to your destination. If Phil is right about "locks keeping honest people honest," simply locking your front door may not be enough. When my family moved into a new house recently, we evaluated its physical security and tried to determine possible avenues of attack (garage, doors, windows, etc.), tools that could be used (a stolen key, a brick, a crowbar, etc.) and ways to mitigate the risk of each kind of attack ... We were effectively creating a risk management plan.

Every risk has different probabilities of occurrence, potential damages, and prevention costs, and the risk management process helps us balance the costs and benefits of various security methods. When it comes to securing a home, the most effective protection comes by using layers of different methods ... To prevent a home invasion, you might lock your door, train your dog to make intruders into chew toys and have an alarm system installed. Even if an attacker can get a key to the house and bring some leftover steaks to appease the dog, the motion detectors for the alarm are going to have the police on their way quickly. (Or you could violate every HOA regulation known to man by digging a moat around the house, filling with sharks with laser beams attached to their heads, and building a medieval drawbridge over the moat.)

I use the example of securing a house because it's usually a little more accessible than talking about "server security." Server security doesn't have to be overly complex or difficult to implement, but its stigma of complexity usually prevents systems administrators from incorporating even the simplest of security measures. Let's take a look at the easiest steps to begin securing your servers in the context of their home security parallels, and you'll see what I'm talking about.

Keep "Bad People" Out: Have secure password requirements.

Passwords are your keys and your locks — the controls you put into place that ensure that only the people who should have access get it. There's no "catch all" method of keeping the bad people out of your systems, but employing a variety of authentication and identification measures can greatly enhance the security of your systems. A first line of defense for server security would be to set password complexity and minimum/maximum password age requirements.

If you want to add an additional layer of security at the authentication level, you can incorporate "Strong" or "Two-Factor" authentication. From there, you can learn about a dizzying array of authentication protocols (like TACACS+ and RADIUS) to centralize access control or you can use active directory groups to simplify the process of granting and/or restricting access to your systems. Each layer of authentication security has benefits and drawbacks, and most often, you'll want to weigh the security risk against your need for ease-of-use and availability as you plan your implementation.

Stay Current on your "Good People": When authorized users leave, make sure their access to your system leaves with them.

If your neighbor doesn't return borrowed tools to your tool shed after you gave him a key when he was finishing his renovation, you need to take his key back when you tell him he can't borrow any more. If you don't, nothing is stopping him from walking over to the shed when you're not looking and taking more (all?) of your tools. I know it seems like a silly example, but that kind of thing is a big oversight when it comes to server security.

Employees are granted access to perform their duties (the principle of least privilege), and when they no longer require access, the "keys to the castle" should be revoked. Auditing who has access to what (whether it be for your systems or for your applications) should be continual.

You might have processes in place to grant and remove access, but it's also important to audit those privileges regularly to catch any breakdowns or oversights. The last thing you want is to have a disgruntled former employee wreak all sorts of havoc on your key systems, sell proprietary information or otherwise cost you revenue, fines, recovery efforts or lost reputation.

Catch Attackers: Monitor your systems closely and set up alerts if an intrusion is detected.

There is always a chance that bad people are going to keep looking for a way to get into your house. Maybe they'll walk around the house to try and open the doors and windows you don't use very often. Maybe they'll ring the doorbell and if no lights turn on, they'll break a window and get in that way.

You can never completely eliminate all risk. Security is a continual process, and eventually some determined, over-caffeinated hacker is going to find a way in. Thinking your security is impenetrable makes you vulnerable if by some stretch of the imagination, an attacker breaches your security (see: Trojan Horse). Continuous monitoring strategies can alert administrators if someone does things they shouldn't be doing. Think of it as a motion detector in your house ... "If someone gets in, I want to know where they are." When you implement monitoring, logging and alerting, you will also be able to recover more quickly from security breaches because every file accessed will be documented.

Minimize the Damage: Lock down your system if it is breached.

A burglar smashes through your living room window, runs directly to your DVD collection, and takes your limited edition "Saved by the Bell" series box set. What can you do to prevent them from running back into the house to get the autographed posted of Alf off of your wall?

When you're monitoring your servers and you get alerted to malicious activity, you're already late to the game ... The damage has already started, and you need to minimize it. In a home security environment, that might involve an ear-piercing alarm or filling the moat around your house even higher so the sharks get a better angle to aim their laser beams. File integrity monitors and IDS software can mitigate damage in a security breach by reverting files when checksums don't match or stopping malicious behavior in its tracks.

These recommendations are only a few of the first-line layers of defense when it comes to server security. Even if you're only able to incorporate one or two of these tips into your environment, you should. When you look at server security in terms of a journey rather than a destination, you can celebrate the progress you make and look forward to the next steps down the road.

Now if you'll excuse me, I have to go to a meeting where I'm proposing moats, drawbridges, and sharks with laser beams on their heads to SamF for data center security ... Wish me luck!

-Matthew

October 16, 2012

An Introduction to Risk Management

Whether you're managing a SaaS solution for thousands of large clients around the world or you're running a small mail server for a few mom-and-pop businesses in your neighborhood, you're providing IT service for a fee — and your customers expect you to deliver. It's easy to get caught up in focusing your attention and energy on day-to-day operations, and in doing so, you might neglect some of the looming risks that threaten the continuity of your business. You need to prioritize risk assessment and management.

Just reading that you need to invest in "Risk Management" probably makes you shudder. Admittedly, when a business owner has to start quantifying and qualifying potential areas of business risk, the process can seem daunting and full of questions ... "What kinds of risks should I be concerned with?" "Once I find a potential risk, should I mitigate it? Avoid it? Accept it?" "How much do I need to spend on risk management?"

When it comes to risk management in hosting, the biggest topics are information security, backups and disaster recovery. While those general topics are common, each business's needs will differ greatly in each area. Because risk management isn't a very "cookie-cutter" process, it's intimidating. It's important to understand that protecting your business from risks isn't a destination ... it's a journey, and whatever you do, you'll be better off than you were before you did it.

Because there's not a "100% Complete" moment in the process of risk management, some people think it's futile — a gross waste of time and resources. History would suggest that risk management can save companies millions of dollars, and that's just when you look at failures. You don't see headlines when businesses effectively protect themselves from attempted hacks or when sites automatically fail over to a new server after a hardware failure.

It's unfortunate how often confidential customer data is unintentionally released by employees or breached by malicious attackers. Especially because those instances are often so easily preventable. When you understand the potential risks of your business's confidential data in the hands of the wrong people (whether malicious attackers or careless employees), you'll usually take action to avoid quantifiable losses like monetary fines and unquantifiable ones like the loss of your reputation.

More and more, regulations are being put in place to holding companies accountable for protecting their sensitive information. In the healthcare industry businesses have to meet the strict Health Insurance Portability and Accountability Act (HIPAA) regulations. Sites that accept credit card payments online are required to operate in Payment Card Industry (PCI) Compliance. Data centers will spend hours (and hours and hours) achieving and maintaining their SSAE 16 certification. These rules and requirements are not arbitrarily designed to be restrictive (though they can feel that way sometimes) ... They are based on best practices to ultimately protect businesses in those industries from risks that are common throughout the respective industry.

Over the coming months, I'll discuss ways that you as a SoftLayer customer can mitigate and manage your risk. We'll talk about security and backup plans that will incrementally protect your business and your customers. While we won't get to the destination of 100% risk-mitigated operations, we'll get you walking down the path of continuous risk assessment, identification and mitigation.

Stay tuned!

-Matthew

March 26, 2012

Planning Your Server Infrastructure = Buying a House

With a little one on the way, I've been spending a good amount of my free time starting to search for a new home for my growing family. While the search continues, I've learned a thing or two about what to look for and what should be done before taking the plunge, and as I've gone through the process, I can't help but notice lot of parallels to what it's like to purchase a new server:

  • It's an Investment

    Just like purchasing a new home, deciding to purchase a server is a huge investment. As you start shopping around, the costs may seem staggering, and while most servers don't cost as much as a small home, your new server will be your business's new home online. When you consider the revenue your site will generate (and the potential cost of not being able to properly support demand), you won't want to skimp on the details. The truth is that like any investment, you can reap great rewards with proper planning and execution.

  • You Have to Know What You Need

    One of the best tips I've incorporated in my home-buying process is the need to differentiate what you want, what you need, and what you can live without. Unless you're royalty, you're likely living on a budget. As cool as it would be to live in a 10-bedroom mansion with an indoor Olympic size pool, there's a lot there that I don't need. That sort of home palace also falls way outside of my personal budget. The same could be said about a business.

    I've heard plenty of stories about companies who slash their IT budgets in order to cut costs, and even the greatest IT departments have to live within their budgets. As you're determining what your next server will be, you need to understand the purpose (and needs) of your workload: Will it be database server? An application server? Will it be an additional web head? Are you using it for mass storage? You need to plan accordingly. I'm sure you'd want a new Xeon E5-2600 server with all of the bells and whistles, but if you don't need that kind of performance, you're likely just going to burn through your budget quicker than you have to. Know your budget, know your needs and purchase your server accordingly.

  • You Should Get to Know the Neighborhood

    I don't intend on purchasing a home in a high-crime area, nor do I plan on moving into a neighborhood with exorbitant HOA dues for services I don't intend to use. Your new server is going to have a "neighborhood" as well when it comes to the network it's connected to, so if you plan on outsourcing your IT infrastructure, you should do the same research.

    You want your critical environments in a safe place, and the easiest way to get them in the right "neighborhood" is to work with a well-established host who's able to accommodate what you're doing. A $20/mo shared hosting account is great for a personal blog site, but it probably wouldn't be a good fit for a busy database server or front-end application servers for an application dependent on advertising for revenue. A mansion worth of furniture doesn't fit very well in a studio apartment.

  • You're Responsible for Maintenance

    Ask any homeowner: Continuous improvements — as well as routine maintenance &mdashl are a requirement. Failure to take care of your property can result in fines and much more costly repairs down the road. Likewise with any server, you have to do your maintenance. Keep your software up to date, practice good security protocols, and continue to monitor for problems. If you don't, you could find yourself at the mercy of malicious activity or worse — catastrophic failure. Which leads me to ...

  • You Need Insurance Against Disaster

    Homeowner's insurance protects you from disaster, and it provides indemnity in the event someone is hurt on your property. Sometimes additional insurance may be required. Many professionals recommend flood insurance to protect from flood damage not covered under a typical homeowner's insurance policy. Ask any systems administrator, and they'll tell you all about server insurance: BACKUPS. ALWAYS BACK UP YOUR DATA!!! The wrong time to figure out that your backups weren't properly maintained is when you need them, more specifically in the event of a hardware failure. It's a fact of life: Hardware can fail. Murphy's Law would suggest it will fail at the worst possible time. Maintain your backups!

I can't claim that this is the guide to buying a server, but seeing the parallels with buying a new home might be a catalyst for you to look at the server-buying process in a different light. You should consider your infrastructure an asset before you simply consider it a cost.

-Matthew

January 16, 2012

What I've Learned About Leading

What does it take to be a good leader? What kind of leader do you want to follow? Throughout my life, I've gravitated toward leadership positions. Even when I was young, I tended to take charge of a group to achieve a goal or accomplish a mission ... though most of the "missions" in my younger days happened to be some sort of mischief. Having participated in the Boy Scouts and JROTC, I joined the Marine Corps where I served for seven years, and throughout my life, I've been fortunate to have more than my fair share of incredible mentors.

When my service in the Marine Corps concluded, I "enlisted" at SoftLayer as a data center technician. My primary responsibilities included building severs to order and installing software for our customers in four hours or less, and it was all pretty foreign to me. I had a lot to learn about the technical side of operating a data center, but based on my impression of the company, I was confident that I'd be in good hands.

Because I always find myself asking for more challenges and additional responsibility, I transitioned into a Customer Systems Administrator role. The CSA position required a lot more learning (at a breakneck pace), and in addition to the technical aspect of the job, I found myself learning just as much about the 'soft skills' required to provide the great customer service. Equipped with that knowledge (and a bit more experience), I pursued a leadership role on the team, and I made it my goal to use what I'd learned in the data center and in support to lead my team. I'd be lying if I said it wasn't a challenge, but I've never backed down from one before.

I don't mean to make this post all about me ... my goal in sharing a little of my background is to give a little context for what I've learned about leadership. It goes without saying that I've been fortunate, both in the Marine Corps as well as with SoftLayer, to have some of the most intelligent, talented and sometimes downright enigmatic leaders. I've managed to pick up advice, tips and tricks for handling all of the curveballs that are thrown on a daily basis, and over my years as a leader, I've developed a few philosophies (an amalgam of some of the key points I absorbed from all of those who have led me in the past) that I try to abide by daily:

Lead by Example.

I make it a point to never ask someone to do something that I've never done or something that I'd never be willing to do. This is the keen avoidance of the "do as I say, not as I do" mentality. Failing to do this hands-down one of the easiest ways to lose your team.

Employ Your Team to Their Abilities. Empower Them to do Their Best Work.

It's very important to know your team's strengths and weaknesses and use those to make everyone better. Using the strengths of one team member, I can push another outside of his or her comfort zone to improve his or her overall skill set. I've also seen amazing results from providing freedom for my teams to make decisions. Not only does that freedom build trust, it also gives some real "ownership" to every person, and with that sense of ownership, each team member does better work. I've been a little surprised to notice this empowerment coming from the coffee juggernaut Starbucks: Starbucks baristas and store employees are encouraged to make real-time decisions in the interest of taking care of their customers.1

Keep Learning.

Leading a team requires that you stay on top of what they're doing. Always ask questions. Continue to research so you can be a resource for your team. Find opportunities to learn and take advantage of every one of them.

Most Importantly: Learn how to Have Fun.
I see this cliché often, so when you see, "Have Fun," I wouldn't be surprised if you just rolled your eyes. I'd be lying if I said that things were great all of the time ... Realistically in any business, there's going to be a time or two when the *&#@ is going to hit the fan. It's important to find opportunities to cut loose and relax a bit. Cooking steaks for the group during a long overnight shift, grabbing a bite after work or a providing a happy hour once in a while builds a great deal of cohesion outside the office walls. Providing a relaxed environment does not prevent your team from doing stressful work ... It actually builds camaraderie, and it will help the team get through those tough times. The brutal honesty is that if people aren't enjoying where they're at, they'll look elsewhere – leaders have to help foster an environment that enables success.

At the end of the day, these tips may not work for everyone. There are a plethora of studies out there pertaining to the different leadership styles, the different types of leaders and how they influence teams. What's important is that leaders need to be intentional about bettering their teams (and ultimately bettering their businesses).

Along the lines of continuous education, I'd love to hear the leadership philosophies you've learned in your experience as a leader. Leave a comment on this article to share what you think has made you successful.

-Matthew

1This comes from both observation and talking to current and past employees. I've never worked for Starbucks, so I can't cite a specific company policy to back this up, but that evident organic culture is probably worth more than a million company policies that would try to create that culture.

October 28, 2010

Settling In

One of the small thrills in life is settling into a new house. While moving can be stressful, once you get settled into your place, there’s a certain feeling of pride associated with the new move. In the not-too-distant past our staff moved over to the new corporate headquarters in Dallas. Given, there’s the obvious unpacking and exploring every nook and cranny. Once you get settled in, though, set up all your stuff, and explore every corner of the new place, you can finally hang your name on the mailbox and call it your own.

It’s a far cry from our previous space (equate it to moving from a decent apartment, to a squeaky clean new house, full of nifty bells and whistles). We’ve got a brand new A/C system (that works almost too well in the opinion of some), a sonic-style ice machine, and room for three new datacenter pods. We’ve got coffee makers in almost every department (what’s a large scale data provider without caffeine). We’ve got a nifty display in the NOC that gives us an at-a-glance idea of what’s going on within our network. That’s just a few of the things. Ask anyone in our new “house” and they’ll tell you they like the new digs.

I’ve gotten fairly well settled in, and am starting to fall into my new daily routine at the new home. Admittedly I got lost the first few days, but now I can navigate with a fairly reliable degree of certainty. I can locate the coffee machines blindfolded as well. I’m also enjoying the privilege of working so closely with our other departments, now that we’re all housed in the same location. I’m certainly looking forward to seeing what the future has to offer in our new home.

-Matthew

October 14, 2010

Full Circle

One of the great things about working in the Hosting industry is knowing that lots of cool stuff is right at your fingertips. Our data centers host tens of thousands of servers, many with several sites, from the smallest mom and pop “about me” type site, to the large scale social networking sites. Another interesting facet of the job is curiosity. I find myself trying to figure out where some of my favorite sites are hosted.

When we get tickets from our customers oftentimes we’ll have to do extensive research to get to the bottom of an issue. As much as I’d like to claim to be a walking tech-dictionary, I’m a horrible liar. Google is a good friend to us, and points us to a wealth of resources. Around the internet there are plenty of white-papers, how-to’s, forums, and tech blogs. Where this gets interesting is when Google points us to a location hosted here at SoftLayer!

I look at this as an example of things going full circle. Customers helping us help customers. The beauty of the tech industry is there really are no trade secrets. The open-source community is great about assisting each other, and those who lean towards Microsoft have tons of tech forums, Technet and MS KB articles. Being able to host many of these types of sites is an honor to me, because we’re doing our part in assisting the IT Community as a whole.

-Matthew

September 10, 2010

Who is Your IT Guy?

In any environment where the need for quick transfer and access of information is required, an “IT guy” is a must. Most people have a bit of a preconceived notion as to what a tech should look like. Most think of large glasses, pocket protectors, and a social anxiety that is idiosyncratic to that particular group. Fans of Saturday Night Live will recall Nick Burns, the condescending technician who fixed the computers in his little corner of TV Land.

SNL IT Guy Nick Burns

While popular culture seems to think that the standard IT Guy fits the above criteria, allow me to be the first to dispel that rumor. For living proof, I submit to you, the SoftLayer NOC.

The technicians here are more exceptions to this seemingly universally accepted rule of what an IT Technician should be. While we possess a large wealth of knowledge, our technicians are all but condescending. To those who don’t know, we’re here to teach you. Being a server administrator has it’s challenges, but our technicians can be your eyes and ears in the datacenter, and instead of replying with “was that so hard?!”, we’ll provide as much information and assistance as we can to get you back on your feet. Our technicians are not just the geeky typecasts that one would expect. Our techs come from all walks of life. Some are self taught, some were taught in a university, while others learned their skills in the Military. Our hobbies run the gamut, including the piloting of aircraft, gaming, sports, outdoor activities, and music – Heck, we even have some former rock stars in our ranks.

Just remember, don’t be afraid to ping your IT Guy for information. A lot of us like to share some of the ninja tricks, war stories, and other anecdotes about our times in battle with hardware, software, and everything in between. Not only do we like to share our technical knowledge, but our individual stories, interests, and fun facts as well. Remember: IT guys are people too!

August 4, 2010

All in the Family

Any place you spend hours upon hours every week, you tend to get to know people pretty well. During my time on my shift, I’ve gotten to know my fellow SLayers quite well. You learn their favorite foods (I’ll tell you right away what almost everyone on my shift orders from our favorite Chinese deliver place – almost like clockwork), their choices in music, their favorite computer games (yes, WoW tops this list, seemingly a standard in the IT Industry), and even how they react in certain situations. While the operations team is a tight knit group, we also have our extended families in SLales, InfoSys, Dev, and the other departments.

As many know, they recently opened up our new HQ. Yes, it’s as awesome as every has said it is. Lance made it a point to acquire a Sonic-style ice machine, our facilities are state of the art, and the building is just simply awe-inspiring. I suppose you could consider it our new home. As a new home, we’ve recently brought all of our departments together under one roof. Operations can grab a quick break with SLales, Dev can bounce some questions off of the CSAs or SBEs simply by walking a few feet, and even better, the friendly trash talking and joking just got easier (we’re a family, of course we’re going to mess with each other every chance we get!).

I’m sure employees everywhere are akin to this metaphor, but here it seems to ring true. We have our family quarrels, we know each other like the backs of our hands, and when things get heavy, we’re there to watch each others’ backs to ensure the mission is accomplished, and we continue to dominate the hosting industry.

Subscribe to Author Archive: %