|
Whipstickagostop posted:Got the phonecall on Friday from one of the Directors that they want to start bringing me back to the office. You might want to preemptively talk to ACAS to get some talking points about The Equality Act 2010 the next time it comes up. If they really want to force you to come in then laying the ground work now for your constructive dismissal case will help. Or they may not realize they are being quite so dickish about this.
|
# ? Jul 15, 2021 17:52 |
|
|
# ? Jun 10, 2024 12:01 |
We got acquired a while back. We're migrating from our jira to the new company's jira. New company has a very robust standardized operating procedure (SOP) on how to use their Jira. It's mandatory for all users to comply with the SOP. And, frankly, the SOP is 95% brain dead common sense stuff, like defining exactly what counts as a P0 defect, etc. Two months ago I learned of the SOP. One month ago, I received agreement that the migration team would ensure all users migrated to the new system would be trained on the SOP. Support teams are supposed to escalate using the SOP also. I went on vacation. I come back. The first wave of migrations has been completed. I check with the Support teams about how it's going. Are escalations working? Are you using the SOP? "What SOP?" fuuuuuuuuuuuuuuck
|
|
# ? Jul 15, 2021 18:01 |
|
I'm on the Servers team, my boss Joe, is in charge of both the Servers and Networks team - I do not have access to network kit Approximately this time in 2020: Me: Ok Joe I've built this new server, can you sort it out for external access on these ports Joe: (Forwards the ports, gives me an external IP) Me: Ok, cool, this works, but you probably want to put this in the DMZ before we go live with this Me (A week later): Hey Joe, you really ought to put this in the DMZ it's going to be huge security risk once we get real users on here, and we're suppossed to go live Joe: Me (A week later): Ok the first users are connecting up to it. We really ought to put this in the DMZ as it's gonna be a lot harder to move Me (Two weeks later): Everyone is now on this system. I really think we should move this into the DMZ as a priority. Another two weeks and I basically gave up banging on about putting this thing in the DMZ Fast forward to today: Joe: Hey Lum, what's the internal and external IPs of this service Me: (Gives IPs) Joe: That's really bad, that's on the main server VLAN it should be in the DMZ it's a huge security risk Me: Yes I've been saying that for a long time Joe: Can you get it into the DMZ by the end of today Me: Yes but I'll need some work from Networks to do this. I'll need to know its new IP, the external address will need re-routing to the new IP. I'll also need these ports accessible from our internal network so that VPN users and anyone who returns to the office can still use it. Get me those and I'll arrange a downtime and move it for you Joe: (radio silence) End of the day has now passed
|
# ? Jul 15, 2021 20:29 |
|
Into the CYA folder it goes
|
# ? Jul 15, 2021 20:40 |
|
Can I give a hearty "gently caress you" to folder redirection and roaming profiles? Users in my company, plus another of our partnership companies are getting a JavaScript error relating to setting the download location when launching MS Teams. Only ones affected are WAH users, or otherwise users who connect in via a VPN tunnel. For some reason we are still using folder redirection of pretty much every profile folder except AppData to a users home profile server and on top of that we're using roaming profiles. Because the business has realised that Skype for Business is being turned off, suddenly Teams is front and focus and this JS error is unacceptable. I mean, I'll admit it's something that we should be trying to resolve, but I have said repeatedly that if we're using these outdated ways to store user data, we're going to get these problems. Except one of the partners doesn't have this issue. Why? Oh they're using this technology called "Work Folders". Whilst they are redirecting profile folders, it's still local redirection and not subject to the whims of Offline Folders, drive mapping issues, etc. I'm struggling to put my point across that Band-Aid fixes wont help, and we either have to suck it up or we have to retool our environment to not use outdated sync methods. I know that up and shifting from one sync method to another isn't trivial, but in my company we're building a new user data server to replace our Server 2008r2 cluster. It's not even live yet and we have a chance to up and shift, but too many of the "choice makers" (read: non technical managers), have no drive to make any changes, or listen to the peon who keeps getting asked to raise more support calls to get the answer someone wants.
|
# ? Jul 15, 2021 20:42 |
|
Lynxifer posted:Can I give a hearty "gently caress you" to folder redirection and roaming profiles? I do not even want to begin to imagine an environment using roaming profiles AND folder resurrection.
|
# ? Jul 15, 2021 20:47 |
|
Lum posted:I'm on the Servers team, my boss Joe, is in charge of both the Servers and Networks team - I do not have access to network kit Document and CYA, like other poster said. If your manager is not giving you the resources to address, he's accepting the risk.
|
# ? Jul 15, 2021 20:53 |
|
CommieGIR posted:Document and CYA, like other poster said. If your manager is not giving you the resources to address, he's accepting the risk. ^^ This. Also, if you *really* care (you shouldn't) you can directly tell the manager that he is accepting the risk due to his radio silence.
|
# ? Jul 15, 2021 21:57 |
|
hahahahahaha we're migrating a large customer, they have so many clients in their accounts DB queries are taking 15+ min, which can't be cached because we're stuck in 2007, and we needed to bump our k8s services' pods' memory requests from 2GB to 20GB per pod. just shoot me, this is inefficient as hell. e: 36.5M rows in the table and no filter in the where clause. no pagination whatsoever for the event handler queries. The Iron Rose fucked around with this message at 22:25 on Jul 15, 2021 |
# ? Jul 15, 2021 22:09 |
|
The dude spearheading our cloud migration told me that NAT is a security boundary.
|
# ? Jul 16, 2021 01:21 |
|
MustardFacial posted:The dude spearheading our cloud migration told me that NAT is a security boundary. I vomited a little. For laughs, ask him about IPv6
|
# ? Jul 16, 2021 01:48 |
|
Or UPnP. Though I'm sure in his extensive security reviews he always untoggles that on the router.
|
# ? Jul 16, 2021 01:58 |
|
Thanatosian posted:I do not even want to begin to imagine an environment using roaming profiles AND folder resurrection. Neither do I... Common issues include: Broken permissions on the server side folder because the computer account created it and when that happens the folder doesn't inherit any NTFS permissions. I have a PS script that runs nightly to fix this, but what the actual. Windows "deciding" that the link is slow between device and server so it puts it into Offline Mode and devices stop syncing home drive content. Users deciding "oh hey, I think I want my team drives offline!" and then turning on the cache for drives with TB's of content. This always ends well. Home Drives not syncing ever, so when they lose "important client database final (only copy)(1).xls", we can't restore it because it never made it anywhere we backup. My company really is the bitch partner in the partnership, so whatever we say or think is ignored and we're told what to do by the "bigger" one. Sometimes months later we get our own ideas told back to us, although they've been tweaked slightly so they don't make sense, but whatever. As always, it ends really well.
|
# ? Jul 16, 2021 08:12 |
|
Foxtrot_13 posted:You might want to preemptively talk to ACAS to get some talking points about The Equality Act 2010 the next time it comes up. Finally got a response from the Director. A week later. Sent to me when I had the day off to travel to the next county for a medical appointment as the NHS is so backlogged at the moment I couldn't get seen at my local hospital for 2 months. Started by saying they understood my health issues, and then pretty much ignored what I said about the issues I was having. The reason he put in writing as to why he wants me back? "other staff have been covering your work while you have been at home". What. The. Actual. gently caress. I am the sole IT employee for the company. I have never asked anyone to do any of my work for me, nor can anyone else in the company do my work for me. To make things worse, I am quite often asked (and quite often offer) to do bits and pieces for other departments if they are short staffed and I am not working on anything urgent. I sent an email back explaining this and asking for examples of what other staff have done that he feels I should be doing. I expect it is either going to be something stupid like "user replaced their own keyboard", or "user phoned up the copier supplier and booked a service". Spoke to another manager that I am friends with outside of work. He had no idea what the Director was talking about either - they just have to email or call me now instead of walking down to my office.
|
# ? Jul 17, 2021 11:19 |
|
you really need to start job hunting soon because it doesn’t sound like you’ll be keeping this one for much longer. It would also behoove you to start talking to an employment lawyer.
|
# ? Jul 17, 2021 12:04 |
|
Whipstickagostop posted:Finally got a response from the Director. A week later. Sent to me when I had the day off to travel to the next county for a medical appointment as the NHS is so backlogged at the moment I couldn't get seen at my local hospital for 2 months. Yeh, they want you back in the office because they are dicks and don't give a poo poo about your health or the law. If you are part of a union have a chat with them now. If not ACAS or even an employment law solicitor. Your days are probably numbered already, now it is about gathering the evidence to get a nice payout for disability discrimination. You did well with asking what people had to do because you were in the office. It will be worth keeping your own copies of everything as well and keep up with pressing them for details and examples.
|
# ? Jul 17, 2021 12:08 |
|
Make sure you maintain independent documentation of those emails.
|
# ? Jul 17, 2021 12:32 |
|
Foxtrot_13 posted:Yeh, they want you back in the office because they are dicks and don't give a poo poo about your health or the law. Yeah going to give ACAS a ring on Monday. I know they use a third party HR outsourcing service for employee related stuff - not sure if we all have access to it too or just them. The Director has a history of giving these non-committal, vague reasons when getting staff to do things they may not like. Most staff will just do what he asks after an initial period of questioning as it is quite often easier as he will just hand-wave any concerns away. The few times people do push back both Directors act so suprised and shocked that the member of staff would leave/take them to court. Problem is for them, this time they are seriously risking my health so I'm not going to just back down and accept it. I would put money on the 3rd party consultants advising them to be loving careful what they say too. I expect both my emails have been forwarded to them for advice, and they both clearly state how unwell I am, my underlying health conditions (that are classed as a disablity so hello 2010 equality act) and my request for clarification of what part of my job other staff have coverd. I was talking about it to my partner earlier and had a thought that it could just be down to a misunderstanding. Another employee who answers to this Director has a track record of getting involved in other peoples work. Not sure if he thinks he is trying to help, or he just wants to feel like big dick of the office. Either way, there was a period of about a week when he was phoning me multiple times a day, from other peoples phones to report issues on behalf of them. After getting sick of hearing his voice, I sent a company-wide email out reminding people to contact me directly when they have issues. I wouldn't put it past him to end up behind on his own work and use that week as an excuse when called out. But to be honest, even if that is the case, I wouldn't expect the Director to "back down" now he has the idea in his head.
|
# ? Jul 17, 2021 21:36 |
|
Whipstickagostop posted:Finally got a response from the Director. A week later. Sent to me when I had the day off to travel to the next county for a medical appointment as the NHS is so backlogged at the moment I couldn't get seen at my local hospital for 2 months. hey get the gently caress out, who knows what other illegal loving horseshit they're up to
|
# ? Jul 18, 2021 14:09 |
|
It sounds to me like a perfect example of a manager who is of the opinion that work cannot be getting done unless he sees an rear end in the seat. He doesn't see an rear end in the seat, so he's assuming that the work is being done by other people. If this is the case it also means that your manager doesn't have a clue what you or any of his other reports actually do, which is a bad sign.
|
# ? Jul 19, 2021 17:46 |
|
doing soc 2 interviews w/ IT and this is some clownshoes poo poo i don't mean the controls or lack thereof, but we've taken 15 minutes to cover "IT uses SnipeIT + Okta"
|
# ? Jul 19, 2021 18:13 |
|
Whipstickagostop posted:Yeah going to give ACAS a ring on Monday. I know they use a third party HR outsourcing service for employee related stuff - not sure if we all have access to it too or just them.
|
# ? Jul 19, 2021 20:40 |
|
Speaking of soc2 - got sprung on me last week that they want to try to go for soc2. I feel like I should talk about incorporating in a bonus when we get it. Because loving christ i'm a one woman IT show and currently there's literally zero employee hardware management so I got a hill to climb.
|
# ? Jul 20, 2021 00:06 |
|
Even an annual compliance review for pre-existing SOC controls can be a poo poo ton of work. Building those controls from scratch and then revising them over multiple years as you get feedback from your auditors is probably another several poo poo tons of work. Have a raise discussion now, before you start.
|
# ? Jul 20, 2021 00:45 |
|
When I was at a small shop, I told them I couldn't handle compliance and everything else. I told them that I would handle the tech side, but the actual project needed to be a team effort and I couldn't lead it. I'm not going to say it worked out well, but I am sure glad I didn't take on ownership of it. I'm not sure why people think it's strictly an IT thing. The tech part is a subset of a larger framework.
|
# ? Jul 20, 2021 00:54 |
|
Yeah this is a small business/start up growing into their big boi pants for the first time and like there's just zero fuckin documentation or security in place. I'm about a month in now and I finally understand the scope of work im looking at just to get things to where i'd feel comfortable, not counting any sort of compliance or audits.
|
# ? Jul 20, 2021 00:58 |
|
Been there, done that (same situation, small business wanting to SAS70 which was the name at the time.) Ask them what pillars they are going for and if it's Type I or Type II. If they can't answer that, they aren't even close to being ready to start this process. I am so glad I don't have to deal with that poo poo anymore.
|
# ? Jul 20, 2021 03:08 |
|
Someone is pissed off today, but it's not my problem. I find it loving hilarious. We have a new bespoke(ish) stock system, and I waa brought in to troubleshoot an SFTP connectivity issue. It's configured correctly. If I run portable WinSCP on the stock server I can connect fine. Hey, stock guy can you share your screen so I can see how you're configuring it. Stock guy did nothing wrong. He chose SFTP from the connectivity options, filled in the server name, changed the port to 22 from its default of 21, filled in his usern... hold up Yup, it turns oit the developer of this system implemented FTPS and labelled it SFTP
|
# ? Jul 20, 2021 12:24 |
|
They're both secure
|
# ? Jul 20, 2021 12:40 |
|
Perhaps, but SFTP was in the spec we gave them, and is what we paid for, because that's what the server runs. It's Server 2019s implementation of SFTP (so SFTP accounts are restricted AD accounts etc.), and yeah I could install IIS in FTP-only mode, but then I have to administer IIS.
|
# ? Jul 20, 2021 12:50 |
|
Happiness Commando posted:They're both secure FTPS = SFTP It's the associative property of FTP!
|
# ? Jul 20, 2021 13:02 |
|
Doesn't matter anyway. It turned out they didn't implement PROT P, so encrypted creds, unencrypted data
|
# ? Jul 20, 2021 18:12 |
|
Lum posted:Doesn't matter anyway. It turned out they didn't implement PROT P, so encrypted creds, unencrypted data Ahh the true way to do it.
|
# ? Jul 20, 2021 18:25 |
|
One of our users applied updates to their OS on their company-owned device and it broke an app and we're mad at the user because "we've told them not to update their OSes" and I said "if we don't want them to update their OSes, then maybe we should make it so they can't" and apparently that went over like a lead balloon. So apparently we're telling people not to apply updates to their machines and then yelling at them when they do? Did I step through some loving time portal?
|
# ? Jul 21, 2021 23:49 |
|
Will they also yell at users when a device gets owned due to an unpatched security issue?
|
# ? Jul 22, 2021 00:24 |
|
I think we all know the answer to that one.
|
# ? Jul 22, 2021 01:07 |
|
Internet Explorer posted:One of our users applied updates to their OS on their company-owned device and it broke an app and we're mad at the user because "we've told them not to update their OSes" and I said "if we don't want them to update their OSes, then maybe we should make it so they can't" and apparently that went over like a lead balloon. I think you need to
|
# ? Jul 22, 2021 07:20 |
|
This seems like the place this belongs, but if not I apologize for subjecting you to this absolute violence. I started a new job last week. My company is being hosted within another's building, so all of this is their stuff, I don't have to run it or anything, but I do have to connect with it. We moved from a temporary office in their space to more permanent spaces this week while I am just learning and doing discovery on all our infrastructure. The first several images are from the IDF closet that supports the offices we just moved in to. That's a Cisco switch that is hanging from the cable management rungs by a ziptie. Note that it is on the right side rack with all the patch panels, this will be relevant shortly. Also note the orange fiber cables. There's one that is not connected to anything just lying on the floor. That is my main target. Yup...by a single ziptie. The left side rack where all the (properly mounted) switches are. Yes, this is directly across from the patch panels, so all the cables go above, below, or just straight across (cause why not?) so tracing a cable or actually seeing the switches is impossible. There are so many cables you can't even get a hand in to take a photo from your phone. So that is all in the IDF closet for the small (15 or so ports) space that we'll be occupying, but it also serves like 300 other ports around the floor that have nothing to do with us. All we needed to do was find what fiber patches were coming in there from the central datacenter so we could patch in a switch to our ports. But we couldn't find a fiber patch panel in the DC for that IDF. Then I thought to go look behind the fiber patch panels in the datacenter in case they had some extra panel hidden back there and.... None of those are labelled for the IDF that serves our space, but I've ruled everything else out so it has to be the pile on the right.
|
# ? Jul 22, 2021 08:00 |
|
liking the pre-prepared label that says LABELING that is completely ignored
|
# ? Jul 22, 2021 08:48 |
|
|
# ? Jun 10, 2024 12:01 |
|
Just ask them to please identify the pair they'd like you to use.
|
# ? Jul 22, 2021 10:03 |