Security

Bobbie1 Comment

It’s important to understand that the personal security space – that is, how you lock down your stuff – is a constant game of whack a mole. “For each fine cat, a fine rat” – as you close down some things, enterprising bad actors will find new ways in. Your very best option is to approach it as defense in depth by using multiple interventions to make it harder for them. Think of it like Swiss cheese slices: a single slice of Swiss cheese has many holes. Putting one slice of Swiss cheese on another limits the visibility of some holes but not others. Stacking a bunch of pieces of Swiss cheese will further close more holes.

This is a compilation of what I recommend for individuals and their (mostly cyber) security. A second post on Privacy is forthwith.

First, let’s get some terminology straight:

  • Security is the ability to ensure that we have Authentication and Authorization (AuthN and AuthZ). 
    • Authentication = we can verify you are really you. Examples are when you use a password and then get a code to your phone you have to enter, or have a PIN code to use, or a passphrase.
    • Authorization = once we know you are you, are you even allowed to be here and what are you allowed to do? For example, you can authenticate into your bank website as you, but you are not authorized to see anyone else’s stuff.
  • Privacy is the ability to ensure that ONLY authorized people get to see personal information (also known as PII, or Personal Identifying Information), and the person doing that authorization is the owner of the data (namely, you). 

Security Basics

The reality is there are a variety of different ways to secure things, and they are not employed consistently – so for example some sites have you authenticate in using your email, others require you to create a username. Some will send your second factor of authentication ONLY to a phone text, others will do email, still others will require or support an authentication app on your phone (and yet others will allow you to use a physical USB key you carry around with you). There are also “passkeys”, which are where a unique encryption is stored half on your machine and half on the server for the site you’re using, so unless someone has you, your machine, and that website, they can’t get in as you.

That said, there are some standardized ways to keep your stuff secure (or more secure):

  • Do not re-use passwords. I know, it’s tempting. But all it takes is someone getting ahold of one email/password combination, and they can feed that into a program and have it try a million different places to see what else they can get in to. There are password vaults that will create unique strong passwords for your sites, or you can use a pattern (a friend of mine uses album names and song names).
  • Regularly update your passwords. Passwords get leaked and stolen and bought.
  • Use a Password vault. I use Bitwarden.  Much like Apple’s Passwords, it will securely house your passwords, passkeys, etc. and will also tell you if that password is reused anywhere, and if it has been found on the dark web (where passwords are bought and sold). 
  • If you can use an authentication app, do so. It gets rid of the vulnerability that may happen if someone has access to your texts or emails.
  • Especially for banking stuff: you can set your communication preferences to tell you if a transaction more than $x has happened, or if someone has logged into your account.
  • Don’t click links in a text and be equally careful of links in email. If you get a “text” from GoodToGo, or your bank, or whatever, instead go directly to the website you know is theirs, and log in as you. If you don’t recognize the number, or if when you hover over the email “name” it’s an entirely different address (or the formatting is off, or there are misspellings, wonky grammar, or an inflated sense of urgency), do not click.
  • Have a separate email account for your banking/super important stuff, and your “shopping/etc” stuff. Online retailers can and often do sell your data and/or exploit cookie allowance for that purpose, so separate your concerns.
  • Do your security updates regularly: most of the iPhone updates you get (iPad, MAC, Windows, etc.) include a poop-ton of security patches and fixes and the longer you take to do your updates the longer you are leaving your barn doors open.
  • If you get a “here’s your code for logging in” *and you didn’t log in*, go to the website (open a fresh browser page and go there, don’t click on any links in the mail just in case), log in, see if anything has been messed with (especially for a bank account), *change the password immediately*, and notify the site owner via the site or the phone number on the site that you got a 2FA notification you did not ask for. Work with the site’s fraud department to address anything weird.

Secure your Credit and Identity

There are other things you should do to secure your credit and your information:

  • Freeze your credit with all three agencies (prevents anyone from using your data to open new credit lines/cards). Those three are Equifax, Experian, and TransUnion.
  • If you suspect your identity has been compromised and that someone is trying to or has used your social security information fraudulently, go to identitytheft.gov to report it and further lock down your information.

There are also subscription services you can use to monitor your credit and your identity for potential theft: oftentimes when you are notified of a data breach, the legal requirement is, at minimum, the breached party offer you this monitoring for one year for free. 

Securing your Networks and Devices

As we all know by now, all incognito mode spares you is someone identifying which pages you’ve visited when you lend them your browser — it doesn’t shield your internet provider from seeing them, or even your router. You’ll want to lock down who can see what.

  • Use a VPN where you can – VPN stands for Virtual Private Network and it means that from your machine to the machine your machine is talking to (‘cos the internet’s a series of tubes), the “tube” is locked on either end. More to the point, your cellular service, internet service provider, etc. do not get to see what you’re looking at or what you’re doing.
  • Avoid using Free Wifi, or make sure to use a VPN if/when you do. Remember that if something is “free”, you are the product.
  • Use USB condoms wherever you can. Those “free chargers” are not really free and can be infected with junk; USB condoms short the two data pins in a USB connection to allow for “just power”. You’re better off bringing your own charging block tho.
  • Secure your Router – change the default password to a strong one (the Admin password and the access password, each). Enable encryption (WPA2 or WPA3), and make sure you do your security patches for the router firmware.
  • If you have “Smart anything” in your home: put it on a separate network from your computers/phones that you bank/do business on; make sure all the Smart gadgets have *separate passwords* (your Smart TV and your Smart Fridge should have different passwords, for example).

Next Up: Privacy.

DMV Beige

BobbieLeave a comment

I want you to imagine a color, a very specific color, that I think most US-based folks would recognize and it may have an international bent (I haven’t been to the motor vehicle licensing offices in other countries). This color is that sad, slightly icky beige color reminiscent of the transitional period of the 70’s to the 80’s where not everything was yet Duran Duran and you still had smokey glass tumblers and “non-smoking” sections in restaurants were new. It’s the kind of beige with no redeeming qualities- it’s not Indiana Jones Adventuring Beige, it’s not Tasteful Coat Beige, it’s not even Mid-Century Modern Influencer Revival Beige. This is that Beige of No Redeeming Attraction that can sometimes still be found on the walls of your local DMV (or other underfunded government office).

Yesterday I was feeling very DMV Beige.

I am *not* very good at discussing strong feelings because feelings are not logical, and they don’t follow a predictive pattern. When they happen, I end up having a “retrospective” to try to figure out why they happened. Nevertheless, I have them, they will surface. Yesterday I found myself talking with some good friends at work about feeling “beige” and… they got it. It resonated. A lot of us are feeling “beige”.

Beige isn’t bad, per se. You wouldn’t pick it on purpose, at least not this irredeemable beige. You’ve heard about “beige flags” and such and this is its cousin: the idea that “everything’s fine” but somehow it could be better and/or worse; it’s this liminal, waiting room feeling.

After noodling on this with a fellow engineering friend, we came upon a hypothesis: this feeling is appropriate and also going to happen a lot more. She and I both have A Lot Going On both personally and professionally, and those Lots Going On tend to be of an urgent and complicated nature. There are often fires, emergencies, or confrontations that have to be had to further the product (or to keep it alive). There are translations, meetings, “per my last email”, and “I think you’ll find that…”. This is not limited to our work lives but also to the complications of personal lives as you get to a certain age and stage (family members passing and estates must be settled, the additional attention your health requires as you advance, etc.). We’ve both been underwater on both fronts for so long that now, as we are bobbing on the surface and we see the rescue boat coming, we’re wondering if there’s a shark somewhere.

If you’re conditioned to be hypervigilant and constantly alert for a problem to solve, and no problem (that you can solve) presents itself, then what remains are the problems that exist and that *you cannot solve*. For an engineer, or any “go-doer”, this is problematic. Maybe it’s because you do not have authority to solve the problem, maybe it’s because you do not have the ability or technological understanding to solve the problem, and/or maybe it’s not necessarily *your* problem at all (but someone else’s), and the bias to action drives one part of your brain whilst the other part of your brain screams at it to stop wasting time and energy because surely, surely a You Problem will come along soon and you’ll need your energy for that.

There is no shortage of problems to be aware of and feel inadequate or unable to solve or even subdue them. Which problems those are and how focused or personal they feel are largely determined by where you live and what 24/7 news hysteria cycle you consume. I say “hysteria” not in a dismissive tone – real news is real news – but the objective McNeil Lehr News Hour/ 60 Minutes that I grew up with is gone and replaced with Alternative Facts and non-neutral phrasing like “crushed” and “slammed” and “outrage” and such. Curating the inbound flow is almost a job in and of itself – I mean yes, you can tweak your algorithms and provide feedback to the “machine”, but the machine doesn’t feed off of you feeling happy or even content.

It feeds off of you feeling sad, angry, outraged, or any number of negative emotions. The very *best* you can hope for, on some days, is that all it wants is to feed off you feeling DMV Beige.

Now What, Part II

Bobbie2 Comments

We’ve discussed before of what to do when you’re facing a layoff/Reduction In Force (RIF). It would appear that “the market” has decided the latest vogue is to do straight firing, based on “performance”. I put those in scare quotes because there is no small amount of evidence that some folks being let go for “performance” were under the impression– with receipts — that they were not under any form of performance improvement plan and/or had stellar reviews. Even if you were, being let go with no warning and no health insurance sucks. So let’s do this:

  1. Take a deep breath. Panic will not serve you now; and the energy you used to put into your job you now need to put into YOU. If you need to take a moment to scream into a pillow or sob in the shower or make a little felt voodoo doll, well, do you. Don’t take too long, because there’s more to do.
  2. Are you covered for health insurance? E.g., do you have a spouse and can they cover you on theirs? If you’re under 26 you may be able to be covered by your parents. Being let go (for whatever reason) is a “qualifying event”. If not, check out your state’s health insurance exchange. (If that doesn’t work, type your state name and “health insurance” into your browser… because that previous link is a federal government link and some of the sites are being “updated” lately).
  3. Different states have different rules for unemployment – in some there’s a waiting period if you’ve been “fired”, in others it “depends”. Put your state name into your browser along with “unemployment” and follow the links on how to file and what is needed. Do your best to NOT be emotionally compromised during this, you’re going to need patience. I find it useful to pretend it’s not for me, but for my kid or my mom. How would I advocate for them? Then I do that.
  4. Review whatever paperwork they gave you as part of your “firing”. What happens with your 401k, your pension, etc. … when does your last check drop – make a note of that too.
  5. If your insurance covers you “through the month” or suchlike, get an emergency appointment with your doc (if you can) and refill all your prescriptions, etc. Insurance goes by date of care.
  6. Take a look at your budget at home and, if you don’t have one, now’s the time. You need a hard list of the things you cannot NOT pay (like rent, food, utilities) and things you can cut out if you need to (like subscription services, dining out, etc.). Will it suck? Yes. But let’s get with Maslow on this one: needs first. Then figure out the gaps.
  7. Time for some math: you have whatever’s in your account, plus possibly an inbound “last check”. That “account” balance may include your emergency fund (this, friend, is an emergency) or you may not have one. Take that into account, along with how long before you can get unemployment, and compare that to your budget – are you going to be in the hole, and if so how much? (Then start trying to figure out what you can do to bridge the hole: how fast can you get a new job (any job), where can you pull cash from to bridge the gap, etc.). You can also negotiate with companies as to payment plans and hardship stays.
  8. Brush up that resume, your LinkedIn, etc. Network. Have informational “coffees” with people. Scour the job boards (e.g. Indeed).
  9. Have your talking points ready as to why you were let go. If you have references from coworkers, previous managers, etc., have those at the ready. Those employers know the score and they watch the news too: this is not necessarily a scarlet letter.
  10. This too shall pass. It’s going to absolutely suck, but you’re resilient, and you can do this.

Antici…pation

BobbieLeave a comment

Twenty-five years ago (and five days) I was at a gas station in Oceanside, California. It was something like 2pm and this was the era of TV screens in gas pumps being the Hot New Thing. You couldn’t control what was on them and mostly they were set to a news channel. It was December 31, 1999, and the United States was on the precipice of the year 2000. The world was angsty for a variety of reasons, geopolitically, but also for administrative ones: most computing software (including operating systems) had been programmed for a two-year date. So in 1977 or 1986 or what have you, the developers would have the year of the date stored as 77 or 86, respectively. This wasn’t the case with all software but it was the case in enough places that when 99 rolled over to 00 we would have a problem – HG Wells had written the Time Machine but should enough machines and systems decide it was 1900 instead of 2000 all hell would break loose.

Much as with the traveling barge of garbage, this was a wake up call to folks who hadn’t had to think about the dependency on computing and technology. In 1999 there was email, and you could apply for jobs and get your bank statements and purchase things online, but it wasn’t as default as today – many people still got paper statements, it was very common to get regular mail from regular people, and though we were on the verge of the dot-bombs in 2000 online shopping did not as yet compete with brick and mortar.

The reminders were everywhere: Y2K news stories, mail with updates from every OS and software provider about what they would be asking folks to do to update their stuff. Towers (aka “desktops”, so named because it was a tower-shaped box you kept under your desk or in a separate compartment to it, because your monitor most definitely was NOT flat) came with stickers reminding people to turn off their machines by 12/31/1999 just in case. There was both too much, and not enough information about what Could happen, what Should happen, and what Would (probably) happen.

As we know, in the end what happened was Not Much. The thousands of people set forth (if not millions) across the globe as part of their “IT Departments” (or consultants that would come out, for not every business had one), updated software, operating systems, and sometimes hardware, to avoid the potential disaster.

But we didn’t know that then.

There was palpable apprehension as the world rotated towards 2000, many folks took out extra cash, got extra groceries, had paper copies of everything to Prove what they owned/should have. This was juxtaposed with the idea that as a globe we were headed into not just a new century but a new millennium, that the Cold War was still over (and we didn’t have one again yet in the Middle East), and Europe was doing its collective government thing which looked hopeful. The biggest scandal in the US was that our President had gotten a consensual blow job in the Oval Office and repeatedly lied about it.

And so there I was, pumping gas into a 1996 Dodge Neon, watching the TV screen… and it showed Moscow as the clock turned midnight there. There were fireworks, people partying in the streets… but most of all there was power to the buildings, and amidst the celebrations it looked like everything was “normal”. In my head I figured, “if Russia can get through Y2K, so can we”. Remember, the iron curtain had collapsed, and Russia was in a conflation of oligarchic battles and a seriously unstable government.

Here we are 25 years (and some days) later, and we are again on a precipice — or many of them. What is AI going to do, really, in this next century? How are we (the collective we) going to deal with the impacts of climate change (rising sea levels, increased intensity hurricanes, no-snow winters, etc.). How does the world work without polarity of superpowers (it used to be pretty much one or two — and now it’s more than that). We live in a world where we can now vaccinate against some cancers, treat still others successfully; we can 3-d print heart valves and we have mapped the human genome so successfully you can figure out who you’re really related to with a cotton swab and a relatively small financial outlay. We have meat alternatives and organic farming and bitcoin and electric cars.

We also have increased conflicts, questionable ingredients, vaccine hesitancy and/or denial, four or five wars (depending on how you’re counting them vs “armed conflict” — but someone who dies in an armed conflict is just as dead as someone who dies in a war), a craptastic healthcare system (in which we pay more in premiums and personal outlay than we would in taxes to support a nationalized one, and in which drug makers have essentially carte blanche to set their prices (unlike everywhere else in the world)), billionaires publicly calling the shots (instead of in private like the good ol’ days), and a general decrease in civility in society (it is now perfectly acceptable to be an asshole in public apparently).

In 1899, the world was on a precipice, too; they just didn’t quite know it. I mean, sure, new century; but in their heads there was the Big Global Power (hello, England), your food came from your local farms and may get in by train, if you got a severe infection you very likely died (penicillin wouldn’t be around for another 28 years), and two World Wars and a Great Depression were in the next 50 years. The people who went in to New Years on 1900 had had trains and telephones and typewriters and cars, but they didn’t have planes and space shuttles and computing machines. If you had said the United States and China would become superpowers in the coming century, your peers would have thought you were absolutely bonkers. I’m sure that as 1899 rolled to 1900 there was apprehension and agita much as today: those kids were listening to the radio too much or using paper in class instead of a slate (so wasteful!), the prospect of bank runs was fresh (the Great Panic of 1893 had only been seven years prior), the Boxer Rebellion and the Philippine American war were active (apologies this post is very US centric). Those things that they knew about were, historically speaking overshadowed by the things that came — good and bad.

We go into 2025, that “perfect square” of a year, with a mix of hope and dread, exacerbated by a 24/7 news cycle that is fragmented, biased, hysterical, and algorithmically defined. We can posit, speculate, and make educated guesses at what the future holds. We will not know, though, until it is here.

Planning

BobbieLeave a comment

Life is a funny thing, in and of that it is short and the more you live it, tho more you learn; and the more you wish you could take those learnings and go back to your younger self and make all kinds of corrections. In a way, most of the tension of parenthood is the fact that you’ve made these mistakes, you’ve learned those things, and you want your children to somehow learn from your mistakes. Very few do, most of us have to step in it so we can learn. It’s a challenge.

I haven’t posted much recently, because I was handling a family affair. Specifically, I was handling the imminent death of a loved one. As somebody who has a collection of doctors (fewer than a dozen but not by much), I’m a big believer in doing whatever you can to live as long as you can, as long as the quality of life you have is good. The previous generation in my family is made up of two camps: one who take the similar approach to me, and the other of the camp that you just don’t go to the doctor, and therefore you don’t have to deal with anything. In the experience of two in that camp, you *do* get to keep your independence, and you do get to live your life; the end is nasty, brutish, and short. It is almost always unpleasant for those who are trying to help you, or accommodate you, in those final days, weeks, and months. I do not begrudge that generation their choices: they made them, as is their privilege. But I have learned from that mistake.

The aftermath is equally unpleasant. There is a surprising amount of administration required after one passes: paperwork, communications, certified copies of this and that, difficult discussions, and all kinds of things come out of the woodwork; skeletons laid bare. This is even after people have taken pains to be very clear on what needs to happen when they go: they have fully thought out wills, they have directives, even for their end of life they had all kinds of documentation as to what was to happen and how it was to happen. As the person responsible now twice for that administration: no matter how carefully and thoroughly you document, it is going to be hard on the people you leave in that position. I was, despite some very frustrating points, equal to the task. But when my parents had this conversation with me, and I said, “Oh Sure!”, I did not understand the depth of difficulty I would be working through, and there is nothing that could have been written in those documents that would have helped. It was all in there: but having to be the one to *defend* that document, and work with countless nurses and doctors to ensure that the wishes set forth were enacted, was the hardest thing I’ve ever had to do in my life.

As Tolkien said, “All we have to decide is what to do with the time that is given us.” Part of that decision should include review and preparation for the inevitable conclusion, both for the one exiting, and those left after the exit. Life is short, and we do the best we can with what we have.

Posted in Uncategorized

Tell the Story

BobbieLeave a comment

About 11 years ago, I left a job because my interests were not aligned with those of the people I reported up to. Not my immediate manager, she was great, but the leadership in that particular organization was interested in “telling the story”, and I was not. Allow me to explain: by “tell the story”, they specifically meant altered data to fit their preconceived narrative.

Storytelling serves a purpose: it provides a grounding for people to understand the message you were trying to convey. Most of the stories that we have align to some form of learning mechanism: either about human nature, or what to do or not to do in a situation, or why a particular belief is correct. Stories are not always accurate, but they are a useful tool. I have no problem with “telling the story”.

The difficulty for me is when somebody wants to tell a story for which the data do not match. The data tell story A, and the person wants me to tell story B. There are people who can spin an A to B, who can make silk out of a pig’s ear or gold out of flax. I am not that person. If it is in fact, silk, I can wax on relentlessly about the properties of the silk. If it is in fact, gold, I can illustrate all the ways in which that gold can be used. I am not going to tell you that flax is gold. Flax has its place, and it can be useful, but I’m not going to tell you it is something that it is not.

This “tell the story” requirement was handed down repeatedly, in various business meetings, over a six-month period and it drove me nuts. I was “mad” in the traditional sense, and I took the first job that presented itself to me in order to get out. This was a rash decision: it meant going to a place where I took what ended up being a pay cut, for work that ended up changing in charter. I lasted at that job exactly one year, before coming to where I am now. Or at least the company that I am in now.

I continue to hear the “tell the story” requirement, through various roles. In program management, you are often required to tell the story: in a technical way to engineers, and in a less technical way to management (depending on your management). It’s a sort of translator function: I enjoy it, particularly in the role I’m at. This is because I am not asked to fabricate a story, rather I can take the data presented and tell the *actual* story.

The thing is, that six months did so much damage in my head, that every time I hear “tell the story”, it rankles me. I remember being asked to change the data to suit the narrative that was provided, rather than the one the data told. As we increasingly have more immediate, multiple, and popular social media platforms, the desire to “tell the story”, and the use of that phrase, increases. The rankle in my brain also increases.

A further complication is that there are a seemingly endless supply of people who are willing to tell a story, to illustrate a point, that is not based in any sort of data or fact. Or, perhaps worse, are based in cherry-picked facts, ignoring other data (“oh those are outliers”). They would not survive peer review. Sometimes you can see it right away, and sometimes you cannot; this leaves the audience to bicker amongst themselves as to what counts as real, and which stories are right.

We are, as ever, in an election year. Technically speaking, every year is an election year: it’s just that most people tend to focus on the ones that happen every four years, as they offer a change in the highest offices of our country, as well as the entire House of Representatives, and about a third of the Senate. There are other posts and positions up for grabs as well, and ballot measures that fund schools, and fire departments, and port commissioners, and judges, and all kinds of roles. Most often, the stories we are inundated with are for the highest roles, though there are smaller stories for smaller roles as well. We are left to pick through the stories, and look for the data, and “do our research”, which is rather difficult in the absence of real data, which itself has been supplanted with stories.

There comes a time where every story ends. The book closes, or the campfire gets quiet, and you are left with the story in your mind, and the choice to do something with that story. You can take the analogy, you can take the lesson, you can take the idea; or you can leave it. The important thing to understand, is stories are just stories: they are one of several means of conveying information. It is up to the listener to understand the nuance, and the context, of that information, before making any decisions.

The Cost Basis of Non-Monetary Recognition

BobbieLeave a comment

Recognition, without an understanding of the value of it, is worthless. Or at least, discounted.

On one hand, it’s a bit daft to say that: the very definition of recognition (say that five times fast) in the sense of a positive acknowledgment is “appreciation or acclaim for an achievement, service, or ability” (per the OED). If you do not understand or value what is behind that appreciation or acclaim, it is difficult to understand or value the recognition itself.

Sometime between 2009 and 2012 at the end of a PTA year I was awarded the “Golden Acorn“.

At the time I was awarded this I did not know what it was. I mean, I got a nice certificate, and a cute little pin (indeed, a little gold-colored acorn with WAPTSA on it – Washington PTSA), and everyone clapped, and it was nice. I still had no idea what it was. I was thankful of the clapping and of the little get together our PTSA had, where folks were verbally recognized and got little certificates and we put to rest another PTSA year. (I was on the PTSA board from 2008 to 2021 – the years, they blend together).

I still had no idea what the Golden Acorn was. I didn’t have a background in its value, or understanding of its place, priority, or frankly, point. I mean, thanks for the recognition in the meeting, but did I need a tchotchke? Not really. Did I ever really look it up? Nah. I still have the little golden pin in my “collection of weird little things I’ve acquired” drawer.

Last night we (the Royal We) finally got around to voting – in Washington State voting is done by mail, so the three of us dutifully sat around the dinner table, one with their computer up to do research, one reading the voter’s pamphlet, and the third asking pointed questions here and there (and/or running explainers when needed). As part of this the pamphlet reader would read out the position, education, community service, and qualifications of each candidate. We found two Golden Acorns in there.

It was hard for me to figure out why those would be so declared on a voter’s pamphlet, nestled among information like where someone got their JD from, or which Rotary club they were board chair of. To me, this was a chintzy little pin and nice piece of paper that I was certain no one outside of my little PTSA would be familiar with. I was wrong.

Here’s the thing: because I didn’t know this, the *complete value* of the award went over my head. Had I known and understood what it meant, I would have written thank you notes (I am not joking). I would have been much more humbled. Heck, it’s 10-15 years since I got this thing, and it’s tickled my brain repeatedly in the last 12 hours. Yet at the time I didn’t know the full value of the award and therefore the full value of the recognition escaped me.

Recognition in the workplace takes many forms: you can get a shiny new title. You can get money. You can get your name checked in large bold font across emails or reorganizational announcements or “shout outs” at meetings. You can get pizza lunches, Door Dash gift cards, or even 20-sided die. Unless the person *receiving* it values those things, though, it’s not as impactful as one would hope.

This is further complicated by the fact that not everyone values the same things. Some of us are more mercenary than others and straight cash will do, thank you. Some of us like our name in bold letters more. Some of us are food-hounds. Leadership therefore has a tricky problem: how do you properly recognize and individual, or a team, in such a way that *they* value it? In large teams — where you have hundreds of people — finding out if they are more into visibility or cash is problematic; a direct line manager should have that understanding of their team(s) but rolling that up into a nice neat “delivery” that accommodates all is impossible. Even if you knew that person A, B, C preferred money and person D, E, F preferred visibility, once the rewards are out there, minds can change.

The solution, then, is to do both. One of those things costs *nothing* in fiscal terms. It’s fairly obvious that cash rewards (or similar financial rewards: stocks, etc.) has a cost associated and that has to fit within an overall budget for the company, etc. etc. Genuine verbal and visual recognition of folks for a job well done, however, can and should happen publicly and directly. While folks understand the value of a dollar, they need to understand the value of the non-monetary recognition as well.

What does it mean for this VP or that VP to call out your name? What does it mean to have your name identified in a given mail, or proffered in a given meeting? And how is that meaning, and value interpreted based on its origin?

The Golden Acorn award I got was meaningful at the time (and still now) because my *peers* and my board chair were the ones to present it. That it was backed by state PTA was not known to me at the time and now the value that that imparts is a calculation of breadth and an understanding of rarity – there isn’t always one per PTA per year, and its value is understood across the state in the context of PTA. Similarly, the value of verbal or visual recognition (in *addition to* the practical rewards of money) is directly related to the *recipients* understanding of the breadth and rarity of the person or entity providing it. If I don’t know you and/or understand what it means to be praised by you, the value of that praise is somewhat diminished from what it could be.

Productive Tedium as Therapy

Bobbie1 Comment

About six or seven months ago some enterprising individual got ahold of my work email, my personal credit card, and did some damage: desiring to hide their purchase of a trip to Cancun, they created a spam bomb attack which flooded my mail with something like 2500 subscriptions.

One of the older “features” of Outlook and the instantiation of it in our company, was that if mail was in your junk folder, you could *not* click on links. That makes sense – phishing is as phishing does. When it’s not phishing and instead is noise, one wants the noise to stop.

Complicating this is that in response to the attack I set my junk folder on the highest threshold – meaning that a good many *real* mails got sent to junk. This has meant, for the last six months, me going into my junk folder several times a day to weed through hundreds of mails to find the pearl that is, for example, my company’s newsletter telling us how we should be all more secure (we’re working on it). It has given me the opportunity to be smug on a few occasions when someone says, “oh check your junk folder it might be in there”, which is nice.

After some resistance I have clicked the little slider on “New Outlook”, which instantiates a whole separate app. While I am disheartened to give up in-mail anchor points and jump links (I assume they want me to use the newsletter function, but I am obstinate), what has happened is we now have the ability to click an “unsubscribe” link from junk without sending the mail first to the inbox. In the last two weeks I have gone from hundreds of junk emails a day to about seven. It’s cathartic.

It’s also very, very tedious. Many of the mails are in a foreign language, so I’ve learned that things like “abstellen” and such are the “opt out”/”unsubscribe”/”stop” links. Edge translate has also been my friend. I’ve equally been fortunate that the bulk of the newsletters I got subscribed to are harmless — products and services from around the world (though there was one that I ended up having to email my manager to let her know what I was doing because I’m pretty sure the site I visited to unsubscribe was NSFW).

So here I am, each early morning, click, unsubscribe, click, unsubscribe, click, unsubscribe, and so on. For low effort “productivity” you can’t beat it. And I need some low-effort productivity right now.

This electronic version of doing a laundry load of towels is helping me avoid the crazed hype machine that is our current media and particularly the media circus around our elections. The ads, the next-minute analysis, the fearmongering, the rage, the hysteria, the 20/20 hindsight, and so forth: the exhausting part of politics is doing its thing, and we will be in it for another four and a half months. Given the last round, we won’t be done after election season, either. “If it bleeds it leads” is a disgusting phrase that turns out to be true and as such we get fed a steady diet of screaming rage.

I have voted in every election (even the teeny local ones) since about 2000. While I appreciate the phrase that “all politics is local” – it isn’t, or not really. The bulk of the politics that directly affect *you now* is/are local. The politics that will directly affect you *and your offspring* are more likely state and federal, and in a country that cannot seem to decide who is in charge (state or fed) it makes for an erratic tug of war.

I click, I unsubscribe, I delete the mail. I click, I unsubscribe, I delete the mail. With this, at least one small part of my world gets a little more orderly.

In the End it Catches Up with You

BobbieLeave a comment

I am at present paying dearly for not reading the fine print.

I work at a large company, and we have SharePoints. We have more than one. Just in my group I think we have four. In some cases, the SharePoints are tied to a Teams instance, which means the security for access to said SharePoint is driven by membership to the Teams team. Because Teams does not restrict membership to security groups and instead does membership to individual humans, this can make for an administrative nightmare.

At any rate, I am having to move things from Teams-SharePoint-Locked-Folder to Regular-SharePoint-Locked-Folder and in order to do that there’s this handy-dandy little “move” function right at the top navigation. You can select all manner of things, select “move”, tell it where you want to move it to, and just hit go. It’s just that easy.

Except it is not.

Because the move functionality has unexplained and unannounced limits – at least no process on the site tells you about those limits, you have to actually RTFM, which is found at the very bottom of this page. Those limits are both in file size, number of files, and total file size. I did not know this two days ago, when I hit “move” and walked away thinking in 30 minutes everything would be magically done.

Instead, what happens is SharePoint looks at its old location (hm…) and at its new location (hm…) and starts to build out the folder structure in the new location before moving files. So that when it chokes — and it will choke — you are left with folders that are empty in your new location, and all your files still sitting merrily in your old location. Then, if you try to move folder by folder, it will give you a duplicate of your new folder, in your new folder location (e.g., now you have Folder and Folder1). Seamless transition this is not.

I am a victim of my own shortsightedness, and now I must pay – delicately and carefully deleting empty folders, then manually chunking and moving files, all in an environment where people are trying to use said files. Don’t even get me started on the One Note. I am, at present, 9 hours into this endeavor (of course I am multitasking).

The thing is, we set ourselves up for failure – or headaches – when we don’t read the fine print. Reading the fine print takes time, and effort, and sometimes it is incredibly boring, and often complex: it’s the written equivalent of bran. We all know we should do it and some of us do but you only get the benefit at the very end of the process (and depending on how long you waited to do it, it can be a really messy end).

We’re in that time of year (at least at my company) where we are evaluating again: ourselves, our teams, our output, our goals, our objectives, how we measure people/teams/features and how we should think about strategy. In times where there is Too Much Going On it is tempting to have the mindset of “I’m sure this will just work” because 1. in so many cases it just does and 2. the idea of investing the time into reading the documentation “just in case” seems limited. Until the end.

Choose your shortcuts wisely.

Confirmation

BobbieLeave a comment

I grew up in Southern California until I was 12 and part and parcel of that experience included a regular round of field trips via our school: to the Getty Museum, to the Zoo, and to the La Brea Tar Pits.

The La Brea Tar Pits are in, cleverly enough, La Brea, California (formerly Rancho La Brea) and are as advertised: several pits of bubbling black tar (and one bubbling black lake of tar) that have been around millions of years. As such, they are a treasure trove of fossil record in that part of North America – thousands and thousands of fossils have been found in the tar pits, including my favorites: Mastodons and Saber Tooth Tigers.

I mean, when you’re a kid, are you going to be wowed by the pinecone they found in there or the small bird bones? Or are you going to be wowed by the giant, large, toothed creature whose skeleton now rises over you as you read the little plaque?

I remembered six specific things about the tar pits: the wall of dire wolf skulls (they’ve found so, so many), the giant Mastodon (and accompanying Mammoth) skeletons (so you could compare them!), the black iron fencing outside the pits so you can “get close” without being “in danger”, the interactive pulley system they have with large and small footprint cylinders stuck in tar (so you can do your darndest to pull them out and discover that the wider the footprint the more stuck you would be), and the La Brea Woman.

They’ve only ever found one human skeleton in the tar pits, and that was of a woman. I remembered this, because there was an exhibit where if you looked at it from one angle you saw a human skeleton (hers), and if you looked at it from another angle you saw an artists’ representation of what she may have looked like. (They still have one of these perspective-view thingies for a Saber Tooth Tiger and it’s cool). As a kid it left an indelible impression.

I had recent occasion to revisit the Tar Pits, for the first time in something close to 40 years. Fortified with these memories I checked them off as we went through: yep, there’s the iron fence and the bubbling lake tar pit. Yep, there’s the large skeletons rising over us. Yep, there’s the dire wolf skull wall. Did I try to pull the cylinder with the biggest footprint? Absolutely. And while I did find the perspective-view for the Saber Tooth Tiger, I found no La Brea Woman.

Well, I do have lapses in memory, and maybe the exhibit I was remembering was from somewhere else. But it *felt* wrong that that box could not be checked. It tickled the brain.

You know what didn’t tickle the brain? The smell of the tar pits is akin to fresh tires, but like, a LOT of them. I didn’t remember that. The bulk of the exhibits are really the tar pits themselves, in a winding outdoor walkway of the park. I hadn’t remembered that either. The actual inside museum is not as “big” as I remembered it, the scientists in the lab (there’s one of those “hey look at our scientists doing lab things”, like in Jurassic Park) looked more like regular people, the gift shop treasures were okay but with adult eyes I know that I do not need a fridge magnet that says “Live Laugh Love” with a mastodon face on it. (No. Not hyperbole.)

I was only in California for two days, one of which was occupied already with an important endeavor (if you can, support your local community college), and for the other my dad asked me what I wanted to do. “Let’s go to the La Brea Tar Pits” was my reply. It is both what I remembered and not.

Memory is a funny thing. It latches on to things, burnishes them and stores them neatly into little labeled shelves in your brain… for some things. For other things it evaluates the inbound information, says, “meh”, and dumps it. The La Brea Woman was on a neatly labeled shelf, and the smell of the tar pits had probably been ejected from my brain each time I visited as a kid. The mind takes in what it thinks will be useful (I didn’t quite go this far in school, but I think there’s some play of what hormones are running around in your brain when the memory is being stored) and in my case it absolutely ejects the rest. My parents, who are older than I and have more cause to forget things, can remember crisply things from when I was 8/10/12 and into and up to when I was 18 that I just do *not* remember. Not the faintest of a hint of a memory: my brain ejected it as “not useful” and went on its merry way. But I can remember the Sunday edition cover of the Los Angeles Times in 1984 (I was 10) for the Olympics, and the tan 2″ tile on the backsplash as I looked at it, and that it was breakfast time. What possible use that has is beyond me.

Memory relies on an incomplete and biased data set: for better or worse, and with no malicious intent, the data stored is “curated” by this proxy self and sometimes you don’t get a choice. When it comes time to recall and to make forward-looking decisions, without additional data, the memory can lead you to a different destination.

Now, I’m NOT saying I wouldn’t have selected the Tar Pits if I had looked it up online and gathered the additional information that in 2004 the museum removed the La Brea Woman exhibit in order to be sensitive to the native population and culture of which she was (which wasn’t quite clear anyway and the artist rendering was also perhaps stylized/influenced). I am saying that took me going there, walking through the memories and matching it up to reality, to seek the additional information (when I got home) of what happened to the La Brea Woman.

Relying on memory is a useful capability we have in the absence of additional objective data — or even shared memory. It cannot be the only thing we rely on when making critical decisions, should we have the luxury. “It’s okay we can dig for a new bush there I’m pretty sure I remember there aren’t any cables/lines in that part of the yard”; “I’ll get this bottle of hoisin sauce at the market I’m pretty sure I’m out”; “I remember this code does XYZ and there’s just no way we can have a memory leak…” Famous last words.

It is hard, in the moment, to remind yourself that a brain and memory can be fallible, even for those of us with a reputation for near-total recall (it works *great* when it’s in a topic I care about). It can be humbling to have to say, “I don’t know” or “I am pretty sure I remember X but let me check on that”. It can also be freeing to do so.

Re-reading, double-checking, and cross-referencing can take some time. If the worst that happens is your memory is confirmed accurate? Well, that’s a nice confirmation to have.