October 16, 2015
Gathering requirements (the hard way)
I’ve written about communication a few times; it’s an important part of my job, I enjoy it, and I’m always learning about it. Recently I’ve been involved in a project which included a requirements gathering phase, consulting hundreds of users across two Schools of the University, and what I learned there forced me to completely re-think my approach to this process, and to communication with users in general.
July 15, 2015
Anatomy of a banking trojan outbreak
It started innocently enough, a member of staff opened an email from their personal email account with a subject line “Confirmation of payment”. Unbeknownst to the unfortunate recipient the attachment contained malware from the Dyre banking trojan family (specifically Troj/Dyreza-FP). One week, 500 hours of staff time, and 128 infected systems later we’ve learnt a lot of lessons the hard way. Learn from our experience (we have).
June 9, 2015
How to manage emails
It’s everywhere. You can’t get away from it. It never stops. It can contain the most trivial of information, or the most important thing you’ll read that week. A recent study concluded we spend 28% of our time reading and answering email. I receive about 185 emails a day on average, on a bad day over 300, but my inbox is nearly empty and I know where everything is and what I have to do. How do I do it?
April 27, 2015
How not to do project management
Back in 2012 I wrote a blog post about the ‘new parent‘ method of project management. Now, I cringe when I read that article, because I was missing some fundamental principles behind the project management methodology. The proof of the pudding was definitely in the eating, as I ‘tested the theory’ in a deployment of a product called Druva InSync across our estate. Unsurprisingly, it was not as successful as I’d hoped, but the reasons why are useful lessons to learn.
January 7, 2015
Is user security awareness training worth it?
Back in August 2013 I blogged about the importance of IT staff training, and I’d planned to follow up shortly after that with a post about end user training. Unfortunately the challenges of a new role took over, and it’s only now I’m returning to the topic, with a particular challenge in mind, increasing end user awareness of information security threats.