IT Security Methods by Industry

After years (okay, decades,… okay, okay, centuries…..  damn it… alright! alright already, eons… are you happy now?  yes.  I’m THAT freaking old.  I still remember coal-fired computers and horse-drawn airplanes and shit.  My birthday cake is a slice of tree trunk of matching rings, but the table can’t hold the weight anymore.  sheesh!)

What was I saying?  …. (eyes wandering left and right…. … . . .          …  .         …. . .      .   .  )

oh yeah!  I’ve amassed a data set that accurately summarizes the predominant security practices or strategic “methods” leveraged by each major US industry. I warn you: this is highly scientific information.  It may require additional consumption of various questionable substances just to remain conscious while trying to read it all. Here goes.

Idiocracy-LB-1

Banking

Method: Place sufficient restrictions on the adoption of new technologies, so as to (A) mitigate unknown vulnerabilities and exploits, (B) insure that those with knowledge of older, proven exploits have died from old age, and (C) keep certain aging consultants employed (because they’re married into your family).  And besides, what’s wrong with COBOL?

Insurance

Method:  Never leave important IT decisions up to any one person, ever.  In fact, the more people involved, the greater insurance that the decision will eventually be reliable, maybe.  Larger companies focus on perfecting multi-role hyper-proliferated subterfuge logic branching and coalescing processes.  In layman’s terms: they foster greater variety among responses to decision inquiries.  Many have invested heavily in processes which depend entirely on custom hand-stitched, stone-carved, natural leather encased software, usually written by someone who left or died long ago.

Defense Manufacturing

Method: Implement dozens of stop-gap procedures to insure every motion of IT is slowed to the lowest possible, almost un-measurable, velocity.  Think of a Japanese rock garden, only slower.  Where the sand is executive processes and the stones are IT staff, now simply add quick-set cement to the sand mix and sprinkle some water on it.  This insures that even the bad stuff will take forever to make headway, and by that time, the entire system will have been eventually decommissioned.  Forget penetration attempts, even social engineering-based, because they’re often project-oriented, not departmental, so most people have no clue what that next cube is working on.  In fact, they probably don’t use the same network, computers or operating systems.

Legal

Method: Relegate “IT” to whomever answers the Craig’s List ad for an “IT Expert”.  Critical skills include: printer management, thumb drives, recovering lost files and emails, and using Excel databases” (that’s not a typo).  Must also have experience with Macs and Windows XP, particularly with kids games.

If they have any in-house “IT” capacity at all, it’s often enough shock to send a consultant into cardiac arrest.  Due to possible legal implications, it’s best to never change passwords for critical user accounts and never, I mean NEVER, delete anything.  Keep everything forever, or as long as you can afford somewhere to store it.

Travel

Method:  Agents need to be flexible and mobile.  Everything is done on laptops.  Everything remains on laptops.  No time for that silly, trendy, cloud stuff.  No backups, no cloud sync, but OMFG do NOT let anything happen to that precious data on those roaming laptops!  Thumb drives are forgotten like Matt Damon in Interstellar, waiting for someone to give them a hug, only to have their face shield cracked open and their chip tossed away.  Shit.  Did I give away the plot?

Advertising / Marketing

Method: Hire someone quick, and get back to the conference before the food runs out.

Transportation

If it’s airlines, use railroad standards.  If railroads, use airlines standards.  Either way, the older the technology the better.  It’s like a cast-iron frying pan, after years of seasoning, or a vintage wine.

 

Municipal

Method: Deny all requests for pay increases for five (5) years, reduce promotions from once every five (5) years to once every ten (10) years, discontinue any training programs, and for God’s sake: deny all requests for stupid things like newer software and hardware  It worked in 1995, so it should still work!  Hire a consultant to blame internal staff for every deficiency, terminate and reassign to avoid audit trails and blame the contractor afterwards.

Federal Agencies

Method: Same as municipal, but on a much larger scale.  Every four (4) years, change direction from in-sourcing to out-sourcing, and blame the opposite for any failures that remain.  If conservatives win, out-source to private contractors, where expertise and trust are premium values, after all, when has anyone ever heard of a private contractor doing something wrong in a government position?  Then blame liberals.  If liberals win, open up the job requisition flood gates and hire at will.  However, keep GS-rating pay scales at 1995 levels to avoid asking for tax increases.  This helps insure only the highest-quality employees are onboarded from their previous positions as private contractors or foreign exchange students.  Then blame conservatives for any failures.  Think of it as seasonable employment.

Medical/Dental Practices

Method: Hire the first contracting IT firm that actually shows up.  If they wear those spiffy-looking polo shirts with a slick company logo, they might be too expensive.  Ask if your cousin’s friend graduated tech school yet.  You know, the one who puked all over your sofa when he brought her to crash in your apartment while you were out of town.  That one.  If she’s not available, what about that kid that asked you about spark plugs while you were trying to inflate your car tires that day.

 

Summary

See if you can guess which of these most closely matches the photo above.

(Seriously) 5 Most Common SCCM Issues

Joking aside (for a few minutes anyway)…

teamamerica3

The five (5) most common root causes for SCCM site issues that I’ve seen over the past year, working as a consultant.

  • Site scale:  (smallest) 500, (largest) 180,000
  • Site types: CAS (5%), Primary alone (85%), Primary with Secondaries (5%), None (5%) aka “new install”
  • Avg staffing: (IT dept) 12-24 (SCCM admin) 1
  • Avg coffee consumption: 1 cup per 30 minutes
  • Avg sleep: 5.2 hours

1 – Lack of planning before installing the environment

In the past year alone, I’ve run across almost a dozen sites which had a CAS and didn’t need one, or Secondary sites, and didn’t need them, and so on.  Some didn’t have a FSP and could’ve used one.  Some weren’t using the appropriate credentials for client installations, network access and so on.  And lately, many seem to have pinned their plans on outdated platforms, such as Windows Server 2008 R2 or SQL Server 2012.  At least keep them patched (e.g. SQL 2012 SP3 CU9)

2 – Lack of monitoring and following-up on warnings/errors

Of the last 24 customer engagements I’ve been involved with, roughly 60% do not keep a daily watch over site issues (sites, components, clients, content distribution, deployments, etc.).  Of those that do monitor, about half ignore lingering warnings which impact site performance.

3 – Lack of cohesive management

This varies by scale/size of the organization (at least in my world).   Often it’s a matter of job roles and organizational divisions.  For example, DBA’s controlling the SQL Server environment without allowing SCCM admins any direct access (very bad).  Or AD admins who drag their feet (or push back) on requests for schema extensions, keeping AD accounts “clean” and so on.  Or Network Admins who fight back against using PXE, no matter what the rationale.  In many cases, it rolls up to team managers who don’t work well together, so resolving conflicts and barriers is difficult, especially when the CTO or CIO prefer to avoid dealing with it.  My advise: deal with it!  The good of the company outweighs your stupid personal disagreements.

4 – Lack of keeping up on updates

Whether it’s the Windows Server, SQL Server, ADK, MDT or Configuration Manager itself, all of these require persistent support and oversight. Keep them patched.  But more importantly, READ THE PATCH details first.  Understand what’s being “fixed” or “modified” (or deprecated) as well as “known issues”.  You can save yourself a shit-ton (that’s a scientific measurement, by the way) of headaches and support costs by not blindly installing without understanding.  However, do not avoid patching simply because of fear and doubt.  You work in IT, which means “change” is inevitable and continuous.  It’s why the “soft” in “software” exists (trust me, Babbage wasn’t kidding around).

5 – Inefficient use of features

This one alone could be broken out into sub-categories actually, and now that I mentioned it, I will…

a – Ignoring features which are not fully understood (not doing research)

b – Continuing to use outdated methods (disk imaging, for one, like Acronis or Ghost)

c – Ignoring other System Center capabilities (SCOM, Orchestrator, etc.)

d – Not following “best practices” (excessive permissions on common accounts, incorrect client installation settings

e – Paying for 3rd-party products which SCCM (or other System Center) capabilities could provide (depends upon the individual requirements of course)

f – Ignoring 3rd-party products out of fear of the unknown (FUD)

g – Ignoring new features added with each build (current branch), such as Azure, OMS, UA, and mobile device features

h – [my peeve] Inefficient mapping of tools to processes.  Such as ignoring Group Policy in favor of doing everything in SCCM or via scripts. Continuing to use familiar solutions even when newer and better (cheaper, faster, more efficient, more reliable) solutions are available.

i – Insufficient use of Internet search tools (Google, Bing, etc.)

Did I miss anything?

SCCM and Chocolatey

browsers

Trying to leverage goodness from various mixtures of Chocolatey with SCCM is definitely not new. Others have been playing around with it for quite some time. However, I wanted to pause from a month of mind-numbing work-related things to jot down some thoughts, realizations, pontifications, gyrations and abbreviations on this.

Much of this idiotic rambling that ensues hereinafter is based on the free version of Chocolatey.  There is also a “Business” version that offers many automation niceties which you might prefer.  There’s a lot more to this Chocolatey thing than I can possibly blabber out in one blog post (even for yappy little old me), such as the Agent Service features, packaging, and so more.  Visit http://chocolatey.org for more.

1 – Is it “Better”?

No.  It’s just different.  But, regardless of whether if “fits” a particular need or environment, it’s often nice to know there’s another option available “just in case”.

2 – Who might this be of use to?

I can’t list every possible scenario, but I would say that if the potential benefits are lined up it kind of points to remote users without the use of a public-facing (or VPN-exposed) distribution point resource.  It also somewhat negates the need for any distribution resource, even cloud based (Azure, AWS), since there’s no need for staging content unless you want to do so.

3 – How does SCCM fit?

At this point (build 1703) it’s best suited for use as a Package object, since there’s no real need for a detection method, or making install/uninstall deployment types.  A Program for installation, and another for uninstallation, are pretty much all that’s needed.

4 – How does an Install or Uninstall work via SCCM?

As an example, to install Git, you would make a Package, with no source content, and then create one Program as (for example only) “Install Git” using command “choco install git -y”, and another as “Uninstall Git” using “choco uninstall git -y”.  (Caveat: some packages incur dependencies, which may throw a prompt during an uninstall.  For those you can add -x before the -y, but refer to the Chocolately documentation for more details)

5 – How do you push updates to Chocolatey apps via SCCM?

You can use the above construct with a third Program named “Update Git” (for example) with command “choco upgrade git -y”.  Another option (and my preference) is to deploy a scheduled task that runs as the local System account, to run “choco upgrade all -y” at a preferred time or event (startup, login, etc.).  And, as you might have guessed by now (if you haven’t fallen asleep and face-planted into your cold pizza), someone has done this for you.

6 – Can you “bundle” apps with Chocolatey with or without SCCM?

Absolutely.  There’s a bazillion examples on the Internet, but here’s one I cobbled together for a quick lab demo a while back.  This one feeds a list of package names from a text file. You can also hard-code the list, or pull it from anywhere that PowerShell can reach it (and not just PowerShell, but any script that you can run on the intended Windows device).

7 – What about MDT?

Here’s a twist, you can deploy Chocolatey packages using MDT, or deploy MDT using Chocolatey.  How freaking cool is that?  If you sniff enough glue, you might even construct a Rube Goldberg system that deploys itself and opens a wormhole to another dimension.  By the time you find your way back, America will be a subsidiary of McDonald’s and we have real hoverboards.

8 – What about applying this to Windows Server builds?

You can.  I’d also recommend taking a look at BoxStarter, and Terraform.  I built a few BoxStarter scripts using Github Gists for demos a while back.  Here’s one example for building and SCCM primary site server, but it’s in need of dusting off and a tune up.  You can chop this up and do things all kinds of different (and probably better) ways than this.

The list of automation tools for building and configuring Windows computers is growing by the day.  By the time you read this sentence, there’s probably a few more.  Hold on, there’s another one.

PS – If you get really, really, reeeeeeally bored, and need something to either laugh at, ridicule or mock, you can poke around the rest of my Github mess.  I don’t care as long as you put the seat back down after flushing.

Interview: Julie Andreacola

wpid-wp-1409886754092.jpeg

julie

Julie Andreacola is a Premier Field Engineer with Microsoft specializing in client operating systems. For the last 15 years, she has been working for medium to large enterprises in Retail, Finance, and K-12 Education. Her past areas of focus include Configuration Manager, Application Packaging, and PowerShell scripting, In her free time, she enjoys trying out great local restaurants, travel, and cheering on the Virginia Tech Hokies with her husband, Michael.

1. Describe what you do for a living – to someone who has no idea what it means.

I help the technical teams of large enterprises with their Microsoft software. My specialty is Windows 7, Windows 10 and System Center Configuration Manager. Configuration Manager is the way enterprises setup computers and take care of all the updates and software for the user.

2. How did you get into this type of work?

This is my second career. I grew up with computers (my Dad worked for IBM). He insisted that I know how to fix the computer when it broke or didn’t work correctly so I was always learning. He sent me off to college with an IBM portable computer. It weighed 30 lbs and I still have scars on my shin from hauling that thing around. After graduating with a degree in forestry, I worked out of a pulp mill helping land owners manage their forests. Computer skills were scarce in those days, so I was often called on to fix the office computers. I shifted into manufacturing management until I chose to leave the workforce and raise my young children.

Continuing to build my computer skills, I had a part time opportunity to do helpfile work and some light coding during this time. When I returned to the workforce after being home full time with my children, I got a job with the local school system fixing the school computers. Hardware, software, networking, there was always something new to learn and I loved working with the teachers to help them leverage technology in the classroom.

When the school system installed SCCM 2007, I packaged all of the applications for deployments and walked into the world of system management. I learned PowerShell and became active in the local PowerShell user group. My next job change brought me into the world of consulting with a focus on SCCM. I recently started with Microsoft and am loving all of the amazing learning opportunities.

3. What area or aspect of technology are you most excited about?

I’m excited about all the different devices available, phones, tablets, laptops. I love how you can do work across all these devices while keeping all the content in the cloud.

4. What gives you the most satisfaction today?

Teaching or helping others be successful. I love to mentor others and watch them grow in their career.

5. Name the 3 most inspiring people in your life or career?

In my current career, my father. He expected me to know and use technology. He didn’t fix it for me, but would teach me how to troubleshoot it.

Kent Agerlund, his teachings through books, blogs and MMSMOA has really helped me learn and grow. He spends a lot of time and energy to make self-learning for Configuration Manager available for everyone.

Ed Wilson (The Scripting Guy) – I met him after a presentation for a local IT Pro event. He convinced me to come to the Charlotte PowerShell User Group. I did and loved it. Once a month, we had free pizza, great discussions, and help with any scripting questions. Whatever the topic, Ed would participate and eventually say “I wrote a blog about that.”

6. If I hadn’t gone into this field, I’d probably be… ?

Some sort of planner? maybe events or travel planning?

7. Favorite place to travel?

Mountains feed my soul, but I love traveling everywhere. In the last year had great trips to Italy and Paris.

8. What 3 books, movies or other works have inspired or influenced you most in life?

The Bible, taught me about life and my place in the world.

The Five Love Languages by Gary Chapman showed me how to have better relationships with others.

Gone With The Wind showed me a strong woman finding a way to provide for her family in a man’s world.

9. There’s never enough ____.

Time to learn all this new technology.

10. There’s way too much ____.

Hate and division in the world.

11. What are your thoughts about the roles of women in technology today? And does the discussion topic bring up hope or dread when you hear it?

I think women can be extremely effective with technology. As a community, we need to continue to reach out and mentor students and women already in the profession, especially in technical roles. While there are large numbers of women in technology, there is a small percentage who are in a purely technical role. This results in many people with a unconscious bias that the woman in the room or in the meeting is not technical.

As a technical woman, it gets old really fast to always have to work to change people’s perceptions. The continuing discussion of women in technology brings me hope. I’m hopeful the discussions will encourage women, and everyone might consider how gender bias manifests in the workplace.

12. If you could go back in time and change the course of any one, specific, area of technology, so that it turns out different today, what would it be, and why?

It would be wonderful to change history so that there are no chemical weapons. Genocide, terrorism, and war are all awful and chemical weapons are an easy weapon of evil.

On a lighter note, ink jet printers. I so wish they had never been invented. Dried up ink cartridges, terrible USB drivers, and those evil all in one machines. So cheap, so slow, so problematic, the discarded carcasses just stack up at Goodwill.

13. How do you feel about the importance of college degrees, and certifications as it pertains to IT careers? Do those credentials mean as much, or more, than they use to?

This is always a hot topic in my household. I’m a firm believer in the importance of a college degree (but don’t pay a fortune for it, be savvy in your choice). It opens doors and the process of obtaining that degree teaches a person many things that are not academic.

I do pity those organizations that require a college degree, no exceptions. This eliminates some fantastic people who have found success through a different path. For example, military service teaches many of the same life lessons learned when getting a college degree.

An organization should recruit the best people for the role regardless of academic accomplishments. Certifications don’t mean much as the experience and actual accomplishments of an individual, but they are a resume checkbox recruiters love. Certifications can get you that first interview, but you better have a thorough understanding of the product and be able to articulate it. For those in consulting, they are often a requirement of the customer.

I don’t expect this to change as it an easy way for companies to create a vendor requirement. I am interested to see how certifications will keep up with rapid change in products. A great example is the Azure certifications. With the product changing and evolving monthly, the certification test has to change to keep up. At what point does the test become a different test?

14. Will most people still be using desktop computers in 2022? Why or why not?

I don’t think most people are using desktops now, especially in the consumer space. I think they will disappear just like floppy disks and CD drives. As tablets and phones continue to become more powerful, why have a desktop that stuck in one place? Technology is racing to provide the security needed with mobile devices to make this a reality.

15. If you could transport yourself back to ancient times, like say the 1100’s AD, somewhere in Europe, and you brought along a Surface Book (with a full battery charge), and you turned it on and used it in a room full of town locals, what do you think would happen?

Since most would be illiterate, I think they would find the device confusing and frightening. The glowing display and keyboard would seem very magical. With my red hair, I would probably be labeled as a witch and killed. I think I will stay firmly in the current century clutching my Surface Book tightly because it is just that awesome!

I don’t have any links to add.  Blog in the process of getting created.

(note: I will gladly update this when the link is ready)

Interview: Ami Casto

Preface

Ami is one of the people on my shortlist for information about Microsoft infrastructure management tips, news, and advise.  One of many people I’ve only followed online, but haven’t met in person yet.  Being a father of three daughters, I’ve always tried to find examples for them when it comes to charting a career path, and I’m happy to say that the list of impressive women in IT has continued to grow.  Unlike some career paths, technology is one in which you can’t flub your way ahead very long.  Sooner or later, skills become apparent and you either progress or find something else to earn a living.

Forbes posted a list of “The World’s Most Powerful Women in Tech 2016“, but in my opinion, the women who set the most valuable example are those in the trenches of IT.  They’re the ones who have proven they can handle the challenges that the majority of IT workers in general contend with every day.  They’re people that we can relate to (even if they often make us feel we need to catch up on our studying, ummm).   You’ll want to add Ami to your list of people to follow (online of course) when it comes to streamlining and automating your Windows environment as well.  Anyhow, let’s go…

Name: Ami Casto

Job Title: Technical Evangelist

Home town: Chicago

1. Describe what you do for a living – to someone who has no idea what it means.

I get to travel the world and tell people don’t worry be happy 🙂

2. What aspect or area of technology are you most excited about?

Peer to Peer tech

3. What gives you the most satisfaction today?

Helping people.

4. Name the 3 most inspiring people in your life or career?

Mindy Kaling

5. What 3 books, movies, or other works, have influence or inspired you the most?

Why Not Me, Yes Please, Atlas Shrugged

6. What new or promising technology do you see that can’t get here soon enough?

Intel’s Optane tech – it’s just now arriving and it needs to saturate, like NOW!

7. If you could magically introduce modern technology and supporting infrastructure to one place on Earth that currently doesn’t have it, would you? And if so, where?

Yes – Rural Appalachia.

8. Do you think the general process of deploying operating systems and software will ever become so automated or simple that the need for customization will become extremely rare? If so, how soon?

Yep. It’s already happening now, but I’m guessing it will be the absolute norm within the next 10 years.

9. There’s never enough …

Family Time

10. There’s way too much …

Housework

11. What are your thoughts about the roles of women in technology today? And does the discussion topic bring up hope or dread when you hear it?

I’m all for Women in Tech. I don’t want to force anybody into tech that doesn’t want to be there, regardless of gender. I don’t dread the topic, I just expect I won’t make any friends when I stand up for myself and other women.

12. In the future do you see major tech vendors divesting more, or less, of their customer-facing services to partners? Will it vary by service type? How and why?

Yeah, it’s all about partnerships/relationships. If you want buy-in from the market, you need bring both the goods and the community that goes with it.

13. How do you feel about the importance of college degrees, and certifications as it pertains to IT careers? Do those credentials mean as much, or more, than they use to?

College degrees are a great way to show your dedication to learning, they should not be the de facto standard to measuring a person’s suitability for a role. We all know tech changes so fast that it’s kind of pointless to major in “computers”. Get a business degree and learn to write and speak well. Minor in tech, get certifications, and get involved in the community. And don’t ever look down on yourself because you don’t have a degree. If you have real-world hands on experience and you can prove what you know, I’ll pick you over some stinky degree candidate any day of the week.

14. Will most people still be using desktop computers in 2022? Why or why not?

Yes, but they will get smaller and smaller. There are still a lot of things that smart phones can’t do, like drive a giant display and still have 4 days standby time on the battery.

15. If you could transport yourself back to ancient times, like say the 1100’s AD, somewhere in Europe, and you brought along a Surface Book (with a full battery charge), and you turned it on and used it in a room full of town locals, what do you think would happen?

LOL. There would be some jousting I’m sure. While humans were (and at times still are) controlled by superstition and fear, let’s not forget how curious we are.

And there’s more…

Deployment Research articles

Adaptiva blog post

MMS Speaker Info

Deployment Artist channel (YouTube)

CMWT 2017.04.24.01 Released

cmwtlogo5

I’m trying something different this time, so I will let you tell me if it’s better or worse than what I was doing.

What I was doing: Uploading raw files to the Github repo, and uploading a .ZIP to a separate repo under the same account.

What I’m trying now: Uploading raw files to the Github repo and let everyone download the entire stack using the Github “clone or download” feature.  The Download option makes a .ZIP of the entire mess, so it seems like a better option (so far).

What’s new in 2017.04.24.01

  • Bug fixes to AD users, groups and SCCM device details
  • AD user page now allows adding to AD groups
  • AD groups are filtered using the _protectedgroups.txt file (you can edit this to your liking)

More info here

Interview: Jon Szewczak

wpid-wp-1409886754092.jpeg

Name: Jon Szewczak

Job Title: Official: Programmer III
Job Title: Unofficial:  SQL Server DBA / .NET Web Architect / Windows / Intel Server Administrator / Pain in the a$$

Preface

I first met Jon somewhere between 2000-2004, while working on a rather large CAD software development project.  Me being older, and somewhat stuck in my ways, at first I had a tough time being questioned about “why” when it came to API choices and strategic decisions.  But it turned out to be a life-changing experience for me.  I had forgotten the adaptive mindset that has to exist when working with software, relying instead on hard-worn habits, some of which were from lack of being immersed in more dynamic environments.

After a few months of being a one-man-team, I had a tough time getting used to someone asking questions and offering other ideas to the project.  But Jon has a way of presenting ideas that make you listen, rather than just shoving it in your face.

We initially disagreed on quite a few technical aspects, but over time our thinking became more in sync, which I attribute much towards me learning to listen more.  Everyone I’ve ever worked with has rubbed off on me in various ways, and Jon is one of those who left a positive influence on me (I don’t have many positive attributes, so even one is better than none).  Anyhow, let’s get to it…

1. Describe what you do for a living – to someone who has no idea what it means.

Hmmm. That can be hard. My job title is Programmer III – like Superman III only not as cool and no Richard Pryor. That title means that I make computers do things by typing in commands that it can understand after a bunch of translating.

I have designed and implemented a vast majority of the programming code that runs the complex website at http://www.mdvnf.com. I also develop, maintain, and support several custom desktop applications that the associates at my company use on a daily basis.

But over the years, I have taken on other roles within the IT department. When I was brought in, I was immediately the “subject matter expert” on SQL Server, by virtue of having worked with it in my previous job. I was by no means an expert. However, lots of querying and reading and researching allowed me to actually morph into a much more competent data professional.

I manage the non-mainframe data warehouse, and I make sure that any applications or users that are touching it, do so in a manner that is nearly transparent to all parties involved. It’s a really tough job now because of aging hardware and increasing demands.

A few years ago, our parent company decided to implement a “Shared Services” IT model. Which means that all of the Network and Server support teams across many different locations were merged into one team – including the few that worked at my office. What that effectively did, was make all of team members work everywhere but my office and server room. The servers were suffering from neglect. So, since it was critical to my SQL Server(s), I started taking over the admin duties.

2. How did you get into this type of work?

I originally didn’t set out to be a computer programmer or an IT person. I was originally going to be a Drafter. I went to school to be a drafter and earned in an Associates in Computer-Aided Drafting (CAD) and Design. While I was there I took one class in CAD programming with AutoCAD. It was interesting, but I didn’t really see the huge potential of it at the time.

When I graduated and got my first job as a drafter in the Shipbuilding industry, I went to work for a place that used AutoCAD software, but it was highly-customized with the same programming techniques as I saw in college. That’s where I met an individual who is still a veritable genius in CAD programming.  This guy took me under his wing and showed me how AutoCAD could be made to do things that I never even dreamed of.  I started working right away on programming AutoCAD to do all kinds of things for me. Anything that I did more than once, I tried to figure out how to make it a one step command.

When some of my co-workers saw that, they wanted the shortcuts and macros and programs that I had developed too. So I started to share. Many more years later, I met Dave Stein (of this illustrious Blog [edit: his words, not mine, I promise, and no, I didn’t pay him for that]) and we (along with a few others) started really working on ShipWorks. ShipWorks was an automation tool-suite for AutoCAD that put the phrase “tool-suite” to shame. It was more of an application unto itself than a tool-suite.

Anyway, my CAD programming went on for many more years, but it was never my main job. It always was filler work. That is until I finally got an opportunity to program full-time – in the Modeling and Simulation arena.

3. What area or aspect of technology are you most excited about?

That’s kind of tough. There is so much cool programming out there that I look at and say “how did they do that? I wanna do that!” I am fascinated by wireless tech, and the way it has interconnected so many aspects of our life. Game programming is also another arena that amazes me. Getting 3D graphical characters to do things on the television screen with so much realism is just incredible.

4. What gives you the most satisfaction today?

I like to see things working the way they were meant to. Whether it’s an API, or a web page, or a desktop application, it doesn’t matter. I like to see it work and work efficiently. There is so much “just get it done” crap code in my company that it is really hard to describe. The people who originally wrote the legacy applications, really had no idea what they were doing to make an efficient application – it bugs every time I have to fix a bug or something. I have to fight the desire to rip it all apart and do it right.

5. Name the 3 most inspiring people in your life or career?

The first would be Brad Hamilton. He is the individual who took me under his wing as a “wet behind the ears” kid and showed me how and encouraged me to really dig into CAD programming to make things better, quicker, more robust, and more efficient.

The next would be Dave Stein – and no that’s not just a shameless “suck up” plug. Dave welcomed me as a partner in the ShipWorks venture and then handed the management of it over to me when he needed to move on. This allowed me to grow as an application manager and showed me that there is much, much, much more to programming and application development then just typing some lines of code.

The last, and most important is my wife. Without her I would not be where I am, I would not be as successful as I am, I would not be anything.

[edit: I’m hoping to get Brad involved with this interview effort as well.  Like Jon describes, Brad is someone who made a huge impact on me for many years.  Words like genius, visionary, and Grateful Dead fan, don’t begin to describe him.  I’m not so sure about that Dave guy.  But 2 of 3 isn’t bad.]

6. If I hadn’t gone into this field, I’d probably be ____?

Still working as a CAD designer in the shipbuilding industry. I am not one who changes things often or lightly, so I probably would have stuck to it. I am so glad that I did not.

7. Favorite place to travel?

I don’t really have one. Some place that is relaxing. I don’t do much of that, and I always think it would be nice to find a place where I can do nothing – guilt free.

8. What 3 books, movies or other works have influenced you most in life?

I am not a person who reads a lot of self-help or motivational things. I watch movies for the escapism, so there’s hardly anything influential there. I love the well written poetry of Robert Frost, Edgar Allen Poe and others.

But, really, the only two influential things I can think of here are controversial, depending on your personal beliefs and stances.  The first is The Bible. And I’m more specifically talking about the New Testament and the teachings of Jesus Christ. I am Catholic – but I’m also a progressive Catholic. I don’t always agree with everything the Catholic Church teaches or espouses, but overall I am in line with it. At any rate, the most important things I have taken from Christ’s teachings are acceptance and a need to care for those who cannot do it for themselves.

The other book that I always come back to is Six Hours One Friday by Max Lucado. In it he makes this point: Life is not Futile, Failure is not Fatal, and Death is not Final. It’s a wonderful way to try to live.

9. There’s never enough ______.

Time.

10. There’s way too much _____.

Stress.

But, That’s Not All…

I sometimes do work on the side for people, setting up websites and what not. One of the sites I helped out with is for THE UNBATTLE PROJECT (http://theunbattleproject.org). It is a non-profit organization helping to provide much needed counselling and therapy services to Veterans and Active Duty Military members.

It’s a very worthy cause, and (full disclosure) I am friends with the CEO of the organization. It’s in its beginning phases and could use all of the publicity and help that can be provided. So please spread the word.

Dave: Thank you!