stebswahili

Others already said it, but seriously. AI. This is what basic LLMs do best. If you’re an M365 shop Copilot offers the path of least resistance and security.

I’m in a sales-adjacent role. My most common uses are as a brainstorming assistant and researching topics I’m not as skilled in. I’ve also started setting up notebooks for specific projects or clients to limit what Copilot sees/can reference. One use case that could be helpful in your role is a notebook dedicated to the creation of SOPs, documentation, and checklists. If you aren’t an expert at project management, you could have a notebook dedicated to developing project plans or tracking the issues you encounter each time. Your AI could then assist in spotting problems that seem insignificant at the time but crop up consistently. I also use AI frequently to analyze ticket data. The analysis isn’t perfect, but it saves me a ton of time finding potential trends to look at more closely and has helped us uncover a few recurring issues we may have otherwise missed. Not sure if this would apply to you, as usually the sysadmins that struggle with this can’t write worth a damn (and you clearly can), but a lot of sysadmins struggle to get leadership from other business units to get behind IT strategy, understand the value of good IT, be engaged during major projects, and appreciate the role IT plays in their success. AI is no life coach, but it can show you strategies that can help you become a more effective leader. Oh and it can help you do your shopping a lot faster and with some oversight can help build reports for when you need to compare a few solutions and convince the bosses the one you like makes the most sense.

At least you know it is a meaningless measurement. I’m the type of person who will spend an extra incredible amount of time collecting data from various sources to shows leadership just how meaningless this will be for their bottom line and pushing back until they give me a valid reason not to or they get their shit together and start leading. But that’s just me…

Hooo boy… someone got bullied and decided to become a judge… That second video you can tell he just loves having power and is only being an asshole because he has the power to do so. What a loser.

There’s a massive cloud repatriation movement happening right now for this very reason.

Automation gets you promoted. Complacency puts you on the job market. There’s always more work to do. You got rid of the bullshit parts of your job. Time to focus on strategy. What you did thus far is outstanding! Now what is your company missing? What’s holding back productivity? What’s enhancements could help generate more revenue? What are boots on the ground asking for? You have a gift that very few of us have. Time. Use it wisely and show your company you’re worth keeping around.

Shit just said the same thing 8 hours later because I didn’t check the comments first

MDR is going to be invaluable with a team of three people. I was going to recommend huntress with defender because that’s what we use as an MSP and I’m wagering it’s more cost effective. The other thing is your user accounts are more at risk than your endpoints according to many of last year’s cybersecurity reports. Identify threat detection is a must for an org of your size. (As is email protection but if you have EDR I’m assuming email is covered too) 2

I suppose reading the transcript would be more akin to reading it like a movie script, which would space things out and could make the text a bit more digestible for someone who isn’t an avid reader. Chances are their head was elsewhere even tho their eyes, ears, and mouth were in the room. Or they’re just that stupid.

We use CodeTwo which lets the users edit their signatures, but removed a whatever they did and applies the correct one after they hit send.

Using an external application is the simplest most reliable way to accomplish your goal. Don’t bother reinventing the wheel on this one.

This is throwing technology at an HR problem. If employees aren’t being productive, their managers will know. Stand your ground and stay strong my friend.

But I thought IT people hated the sun and worked in locked rooms with no lights on.

I don’t do it anymore. I’m too damn busy.

Are profits keeping pace with the increased spend? Have you looked into VDI as an alternative to offset shipping/reclamation costs?

You should also buy a copy of Time Management for Systems Administrators! It’s a bit dated but will certainly help you if you stick with the methodology.

Pitch your boss on getting an MSP to help you out. It will give you additional resources and expertise without the additional overhead of hiring and training full time staff. Just be careful who you pick, because there are two kinds of MSPs: ones gunning for your job, and ones gunning for your promotion. Unfortunately the former are more common. (Bias check: I am a Director for an MSP)

Guest services should triage the issue and put in a ticket for the IT team. Then follow up once the IT team has acknowledged. Your IT team will kill you if customers contact them directly and your guests will kill you for making them work with IT.

https://preview.redd.it/p5vnw713ucmf1.jpeg?width=1258&format=pjpg&auto=webp&s=e2bee99cc5fafaead9ea73041dc5aec19f7c587b

I work for an IT service provider and I often see IT managers/sys admins who lack the confidence or “selling” skills to convince their bosses to make smart investments. It makes sense for vendors to try and help, but a template is still a template at the end of the day. You have to take the template and apply it to your business to be successful.

This is the post

Happy to hear the cutover went well! Once you get settled in you should give strong consideration towards upgrading to business premium! From device management to strength never security controls, you get a lot more bang for your buck with Premium!

Have you looked up any of the companies they messaged? Were they larger in size than your company? Are they companies your company would do business with? It’s possible they may have been using your company as a proxy to land a bigger fish. Hack an account in your environment, send a few emails to some larger companies, and BOOM! Your regional healthcare provider is crypto locked!

Also, this could be a tough convo for an IT person to discuss, but the best thing a parent can do to stop their kids from viewing something they shouldn’t is talk to them about it. Let them know that they should tell someone if they see something that makes them uncomfortable. If the parent catches them looking for something they shouldn’t be, sit them down and tell them why it isn’t appropriate. Blocking content should be a last resort. It’s the parent’s responsibility to teach their kids what’s ok and what isn’t.

Honestly this is how I feel about it. We survived 2 girls 1 cup. The kids will be fine.

A lot of routers do have parental controls built in that you could explore, but I’d double down and create profiles for the kids on their PCs and set up Microsoft Family Safety.

That’s insane. I’d GTFO.

I work for an MSP, and when I run into companies like yours I will typically refer them to CISA, part of the Department of Homeland Security. CISA offers a free cybersecurity assessments to organizations in 18 critical industries. I’m not sure if they’re still offering these with the recent cuts to federal employment, but they might be. A lot of what you can do is improve your processes. Take a look at the Center for Internet Security’s CIS Controls. That’s the basis for the CISA assessment, and it might get you on the right track. If you would like to meet with CISA, I might be able to help. Shoot me a DM with the state your company is located in and your industry. I can ask my CISA reps who the CISA contact is in your region if you qualify for the free assessment. Shoot me a DM

Cyber Janitor is right. There are different categories of assets. Ssakaa is also right. Too much granularity will destroy you. Using your example, what is the likelihood you’ll experience the same issue with a RAM card across multiple PCs? Probably pretty unlikely. Even if you did, would reporting on ‘Kingston Ram Card Model #ABCD69691337’ provide any benefit over time? No. By the time you notice an issue that model won’t even be sold anymore. I used this guide a while ago to help clarify what made the most sense for my business: https://www.iseoblue.com/post/itil-ticket-types-explored We kept our hardware assets generalized, but added granularity to our software assets. Hardware issue were scarce, but in our previous system we had all Microsoft products lumped into one category. That made it difficult for us to identify common issues with individual applications, so we split them up. We also made sure certain functions were separated from the hardware. For example, while firewall was one potential tag, issues with VPN were tagged separately. Hope this helps.

Or tokens should be limited to supported platforms that can be revoked upon termination (for instance, through a password manager configured with SSO).

While I agree WFH is a privilege, the company should have requirements for WFH written as a policy. Their productivity policy needs to align with their work from home policy. If they are going to require staff use monitors, they need to provide monitors for WFH employees. Either staff needs to be provided with monitors at home, or WFH should be exempted from the monitor policy. Easiest way to solve this is to require approval before WFH is allowed. If approved, you buy a monitor, or you write an exception (for instance if the person’s role only requires them to open PDFs, answer emails, and browse the web — simple stuff that doesn’t require a big screen or the ability to multitask).

In line with what you said, monitoring employees might be necessary if there are suspicions of time theft, but it’s ridiculous to monitor everyone in the company. I’d argue that the person/department monitoring that system can provide a lot more value to the company doing something else. For every one person they catch doing something wrong they schedule 10 disruptive conversations with people who meet or exceed performance expectations. If an employee is underperforming, they either need more guidance/are under-skilled, need clarity on what’s expected of them, or are slacking/unmotivated. You can figure out which one it is in just as much time as a conversation about not using a monitor. Only in the slacking/unmotivated crowd is tech monitoring necessary. Even then, at least try to figure out why they’re underperforming. You really should be monitoring tech usage unless an employee has already been given a PIP.

Agreed. You can’t enforce a policy without giving your people the tools to comply with the policy. And I’ve always been against monitoring employee tech to gauge their productivity. I could give two shits if an employee’s mouse was idle or their monitor was off — as long as their work got done. Myself personally, I constantly switch between my computer, my phone, pen and paper, phone calls, pacing around my house in a brainstorming session, reading (business/career-focused) books for inspiration, etc. I’d be fired for time theft if someone was only looking at how many time my mouse jiggled. My performance, however, tells a very different story. Productivity isn’t measured mouse jiggles, or screen time, or monitor usage. It’s measured in results. In my experience, most organization analyzing tech usage are disorganized, lack proper leadership, and are looking for a quick fix to a complex problem. If any of those symptoms resonate with OP, good luck convincing them. Things will likely get worse before they get better.

Only if you’re auditing social security and wanna understand the results correctly.

Idk if this is even relevant for you, but I’d look at it like high school algebra. Sure, you can program your graphing calculator to do any equation you’re presented with! I programmed mine for the quadratic formula so I only needed to enter the variables. However, then the code doesn’t work as expected, you need the foundational knowledge to know how to fix it. AI is a tool, not a solution. Use it to make your work better, not to do your work for you. Your knowledge will allow you to use AI as a tool more effectively. Same goes for using AI to draft an email. Sure, you can give it some basic suggestions and get a perfectly acceptable email, but you will get much better results if you take some time to think about what inputs AI will need to create the end product you hoped for.

First identify which systems have a higher cost of downtime. What’s critical? What systems pose the greatest threat to production? What’s the average cost of employees sitting on their hands? How much opportunity is lost when a system goes down? From there, present those numbers to the money people. They’ll tell you what’s acceptable and what’s not.

Like others said, build some programs for yourself, even if they are dumb. I’d also get familiar with integrating AI into your coding process. It doesn’t matter what type of role you’re in, learning how to use AI effectively is going to give you an advantage over those who don’t.

Staff also needs to be shown how to manage their calendars effectively. I just had a conversation with a client earlier today where they divulged some of their staff didn’t know how to set an Out of Office. That’s the type of thing you need to nip in the bud first. I work for a small company, but I know I can confidently look at any other staff member’s calendar and know it’s accurate. Start with training management so they can train/coach their teams. For what it’s worth , we set up a Bookings calendar for each of our teams to accomplish what you were looking for. I can’t say it’s the best solution, but it worked as long as everyone kept their calendars up to date.

This is an HR/training problem and not an IT problem. No matter what solution you come up with, someone will find a way around it that causes headaches. You need policy, procedure, and training around whatever standard works best for your organization. I’d start with building a guide that describes how to configure a shared calendar based on what has been least problematic in your organization. From there, have HR make a policy around it. Host a training to help folks understand the process and get your current staff on board. From then on, you really just have to hope that enough people get on board with the procedure that when someone goes off in another direction, someone more experienced tells them they didn’t follow procedure and shows them how to correct it.

IMO it’s every employees responsibility to consult on any perceived risks. I’d encourage the OP to present their concerns and recommend the CEO consult with legal/anyone-more-knowledgeable-than-OP before doing anything. If I were OP I’d also ask the question of “why do you think this is needed?” to figure out the business reason behind the request. It’s not OPs job to say no, but asking the right questions shows business acumen and investment in the company. Acting like a consultant could make the CEO think of OP as a much more valuable employee. On the flip side, CEO could just tell OP to sit down, shut up, and do what you were asked to do. If that happens, OP should start looking for a new gig.

MSP here. I would just accept the offer from your current provider. If your current MSP does good work, it’s worth the investment. While the work sounds straightforward, a new MSP won’t have the same level of investment as your current provider. Not only that, but there are SO MANY terrible MSPs out there. I’d be worried about the consistency and quality of work that a larger MSP would provide. Even one tech at one location failing to follow your instructions correctly could easily turn your lower cost offer into a much more expensive ordeal. So stick with who you already trust! (And if you/they need boots on the ground in Wisconsin we’d be happy to work alongside of them)

1. Is your critical data backed up? 2. Can your environment be virtualized in the event of a disaster? 3. Can your employees access the virtual environment from personal devices? 4. How close is the nearest store that sells PCs? 5. Have you budgeted for a shit-hits-the-fan moment? 6. Do you have a complete cyber liability insurance policy? Laptops are the least of your concerns if your core infrastructure burns down too. Your primary focus should be on ensuring your critical data is backed up and secured, and that backups are tested regularly. It gets trickier from there, but if your core data is backed up and can be restored (or ideally virtualized), you’ll be in a much better spot than if it isn’t. Good backups are the difference between being down for days and being down for weeks/months.

Fun fact my boss always likes to tout: The technology for fax was invented in 1843 and became commercially available in 1863, and it really hasn’t changed much since.

After reading through some more comments, I see you’re tied to grants. Does that mean the budget is tied to hardware, or is it just a general networking bucket? How strict are the limitations on where the funds are spent? You could make a case that replacing other types of hardware (anything that is super old, unsupported by the manufacturer, end of life, etc) is “improving the stability of the network.” Also, if you’re government, would something related to compliance work under the guise of “improving network”?

I like the pen test idea someone else proposed, but I’ve had mixed experiences with them in the past. It really depends on the intent of the firm providing the service. Pen tests are almost always expensive, but the focus is rarely on fixing the underlying issues that lead to whatever a pen test turns up. A lot of companies just give you a 50 page document with 10,000 vulnerabilities and a presentation where they inform you that Susan at the front desk let them wander around the building, and the only solution is “fix this yourself and train your people better or hire us to do it for you.” I’ve never found that productive. Especially for someone like you, who might get thrown under the bus for whatever they find. Pen tests are great at finding existing problems, which is valuable, but you can get a lot more value in assessing your cybersecurity practices as a whole. Finding gaps in your process and procedures helps you build a more sustainable plan around cybersecurity, and helps you build a proactive approach, rather than a reactive one. Rather than a pen test, I’d recommend finding a partner who is familiar with the CIS controls or NIST, and do an assessment focused on improving your network security practices. —- If you’re already NIST or CIS compliant, are there any tools on the market that can make your job easier?

I can’t even. All I know is the SIC is going to run that place into the ground.

I get the impression that you aren’t stupid but perhaps lack experience. Next time you find yourself sitting on your hands, ask yourself, “what can I do right now that will make tomorrow easier.” Start simple. What’s the most common request you get? Can you make it so those requests happen less? Ask the people around you what they think could be improved. Figure out ways to make that happen. Talk to the dept. heads and ask what their struggles are. Be their ally. Keep building from there. You’re asking the right question ready in asking how you can do more. Build on it.

Reading this was painful for me. Why are you waiting for work to come to you? It sounds like you have a misconception about what the company you work for pays you to do. They aren’t paying you to respond to support requests. They’re paying you to keep operations running smoothly. Your goal should be to have 0 support requests every single day. If you’re sitting on your hands you should be trying to figure out how to make that happen. If (and you never will, but) you achieve 0 support requests, you should be finding ways to align your infrastructure with the company’s long term goals. What I can’t tell is if you asked this question because you were sick of being bored, or if you asked because you’re ambitious and didn’t know where to focus your energy. If you’re like me, ambition can be one hell of a cure for boredom, and if you’re wondering where to focus your energy, I’d start with finding ways to improve the tasks that annoy you most.

I work in sales but also do vendor management and product development for my company, so I field all the solicitation calls. Most of them I just ignore. Sometimes a vendor slips through the cracks and I offer them 5-10 minutes to shoot their shot. They always want a follow up within 7-15 days. I just tell them no. Let them send me some material. If they ask for a 3 month follow up I tell them we don’t have the resources to implement whatever they are selling and to try again in 6. By that time I’ve either had enough time to research their product and determine if it provides value, or I’ve received enough crap that their domain has been blocked. Pushy sales is a sure sign that whatever they’re selling isn’t going to live up to expectations.

I work on the sales side of IT, not the admin side, but this comment hits it on the head. What is a salary negotiation other than an opportunity to sell yourself? The best way to sell yourself is to display problem solving ability. Fixing problems as they come is far less valuable than identifying the source of those problems and preventing them from happening again. Preventing problems from occurring is far more valuable than fixing problems quickly. You can land that higher paying job! You just need to shift the focus of your story a bit. If you only focus on the labor you provide you’ll be seen as a replaceable commodity, and your pay will reflect that. If you focus on the value you provide, you’ll be recognized and compensated accordingly.