Sunday, November 25, 2018

Password Envy

123456
Marco Verch CC By 2.0

You guessed it, "123456" is the most commonly used password of 2017, followed by "password" in the runner-up spot. SplashData releases their annual list of the worst passwords based on their collection of over 5 million passwords leaked by hackers, according to a Fortune article posted in December of 2017. Although the 2017 list has been out for a while, it hardly changes from year to year and the struggle to educate users on a good password seems to never go away.

How Often?
Another piece of the password puzzle that is open for debate is how often should we change our passwords. A little research will show that best practices have moved over the years from every 30 days to 90 days and most recently in a released document by the National Institute of Standards and Technology, are recommending the removal of periodic password change requirements. Is it better to never require a password change or require frequent password changes that lead to habits that ultimately make our passwords meaningless? We all know the quickest way to retrieve a password in an office or classroom setting is to first check for the sticky note under the keyboard or in the top drawer of the desk. One step better is when the password is written in Sharpie on the bottom of the keyboard, and if there is a requirement to change passwords often, the previous passwords are crossed out with the newest in plain sight.

Passphrase or Password?
Another practice that NIST recommends moving away from is complex passwords with multiple special characters and number combinations. Extending the number of characters to 64 and encouraging the use of a passphrase to make it easier for the user to remember a passphrase unique to them. I agree with the logic behind this recommendation, however, it must be accompanied with some basic rules to ensure that the passphrase isn't easily compromised by context clues around the user's desk or office. A quote on the wall or a sticky note with my favorite animal in the desk drawer can still be a give away for someone physically looking for a password.


CC BY-NC 2.0 Duncan C
Weakest Link
There are numerous studies that show people are the weakest links in cybersecurity breaches. Generic passwords, standard new user account passwords, not having a way to require global password changes, and the lack of password education are all areas that we need to address. Each area has its own unique set of challenges but starting with our organization's users will provide a strong front line of defense in the cybersecurity battle. Don't wait, have the conversation today! 

Sunday, August 26, 2018

Island Life


Tropical Paradise
I want to talk about island life for a moment and full disclosure, I have never lived on a remote island, so no offense to those who have. Living on a remote tropical island really sounds good though, at least for a short amount of time, but long-term, being on an island can become isolating. Not interacting with others, sharing, and working alongside peers that challenge you, will keep us from growing as individuals and we can become stale.

Stay Fresh

It is easy to become isolated on internal islands within our own technology departments. With the grind that comes with answering help desk tickets and trying to maintain normal daily responsibilities while pushing ahead with additional projects, communication between our peers becomes increasingly more difficult. If we layer on top of that the rapid pace that technology changes and the amount of content generated on a daily basis, the island starts feeling like a safe place to be. We all know however that isolation will not help us solve the problems in front of us, keep us fresh with new ideas, and increase collaboration amongst our peers to better serve our students and staff. 
 


PLN Strong
The concept of a professional learning network has been around for quite some time now and still, in my opinion, the most effective way to connect with peers. The power of a PLN is the informal manner that a person can participate, share content as well as consume, and take advantage of a global community. Having a staff that has strong PLN's will benefit our internal technology teams that often struggle with getting out and allows that isolated island feeling to creep in. Although the PLN and PLC terminology is synonymous with teachers and administrators, there is a vast community of technology-related professionals waiting to connect. A few places to connect with other technology-related professionals.
  • Twitter: Search hashtagsie. #itdirector, #networkadministrator, #datasecurity, #programmer
  • LinkedIn
  • COSN: Consortium for School Networking
  • ISTE: International Society for Technology in Education
  • State and local listservs 

Creative Time
I am not sure that creative time is a thing, my point here is that time is the magical piece that there is never enough of. Instead of using the old saying that you will find time for what is important, be creative with time and find different ways to get together other than the traditional meeting. A recent post on Engage, an employee engagement blog, on "7 Fun Ways to Host Team Meetings", points out a variety of simple common sense ways to make meetings not boring. Three of my favorites are mentioned below that I have added some ideas on how to make these easily happen with minimal time involved in preparation. 

  • Use grouping: We know birds of a feather flock together right, so instead of having everyone count off from 1-5 then split up, which is boring, pass out different pieces of candy to everyone when they arrive and find their table of like sugary fun. Substitute anything you would like if candy isn't your thing. 
  • Change the scenery: This one is very self-explanatory and why not meet at the local coffee shop, nothing makes a meeting more enjoyable than sitting in a comfortable chair with an iced coffee. One notable mention here is as the leader, you need to reassure your leadership team that this is OK. Let them know your expectations, traveling an hour across town to a nice speakeasy is probably not what counts as productive for most organizations. 
  • Switch up positioning: This is similar to grouping in moving people out of their comfort zone by not having them sit in the same exact chair every week. Here is where you need to lead by example, the next time you walk into the meeting room, you start it off by sitting in a different spot every time. If we expect others to venture out of their comfort zone, we must lead by example.

Sharing is Caring
I would love to hear what others are doing with their staff for staying fresh, building their PLN's and being creative with time. Leave a comment, tag me on Twitter @jcastelhano, share the great things you are doing!





Friday, July 20, 2018

Soft Skills vs Tech Skills

Dark Cave
One of the most common things I have heard from business owners about high school students is the lack of soft skills they possess. The technical skills are there and they can learn, but it is difficult to teach the soft skills. The issue is not specific to high school students, but in the tech world, that generalization has been there for many years. The dark caves stories that make up an IT shop exists for a reason, many are like that. If you only know that your help desk ticket goes into a secret cyberspace and eventually someone assists without any human contact, is a giveaway that your IT department is operating under the dark cave model. This model does not promote soft skill expectation or development.

Tech Savvy?
Make no mistake, hard or technical skills are necessary to keep any environment running smoothly for the end users. Problem-solving, project management, coding, and technical writing are all important hard skills that make this possible. Under good leadership, mentoring, and training, these hard skills can be learned by a motivated person. The question becomes can someone be taught the soft skills necessary to balance and provide the best customer support possible to the end user? In January this year, LinkedIn released the "The Skills Companies Need Most in 2018-And The Courses to Get Them". Top four soft skills include leadership, communication, collaboration and time management. According to LinkedIn, 57 percent of leaders say soft skills are more important than hard skills, makes sense in a customer service focused environment. 

Organizational Chart     
We know the dark cave model does not work in today's world, but what organizational structure best works for an IT department to provide the best end-user support with customer support as the ultimate goal? If we are working to shed the stereotype of the dark cave, then our IT team needs to be visible and accessible to the end users. So where do we start with setting the customer service expectations desired?

Job Description
When researching job descriptions recently for technicians that are in the field with our end users I noticed that technical skills are still the priority. It was not until I searched for "customer care representative" that I found the soft skills listed on job descriptions that are needed for any technology department to be successful. If we are going to set an expectation that relationships are the number one priority for our teams, then soft skills should be on the top of any application.
  • Positive attitude
  • Build and maintain positive relationships with students, staff, and stakeholders
  • Go the extra mile to engage end users
  • Greet customers warmly 
  • Customer orientation and ability to adapt/respond to different types of users
  • Resolve end-user issues via an in-person visit, phone, help desk, or email, based on the individual needs of the user
Get Out
It is not a new concept that creating an environment that places end-user support at sites, allows access and relationships to develop between end users and technical services support. Knowing that shoulder to shoulder support is nearby is comforting for those that still feel they are not good with technology and at the same time gives the early adopters a place to bounce ideas and be innovative knowing someone has their back when needed.

Soft skills and relationships are not an option, they are key to a successful customer care environment. Take the time and step out of the dark cave and look around, you may find it is a great place to be!