Profile picture
Gravis: The Posts Lizard
@gravislizard
, 25 tweets, 4 min read Read on Twitter
"shadow IT" is the worst condemnation of a companys IT department. like if it happens it means you fucked up bad enough people couldn't do their job
friend asked me to post an explanation of what shadow IT is so i'm gonna give you an example
about eight years ago my company had a problem: new VOIP phones would get shipped out configured to point to our servers, and would just arrive ready to use, but if a customer factory reset one, or otherwise messed with it, they could lose those settings.
there was no solution to this, because - oops! - turns out all the phones, everywhere, used the same password to talk to our system, and we couldn't tell customers that password. the engineering-approved solution was a miserable, 30 minute process
this process only worked if the customer had one of our special internet routers on site, which many did at the time. but if they didn't ,you were just fucked. literally, there was NO SOLUTION. this was the case for YEARS and nobody did anything.
agents would say "I can't actually fix this. it's impossible. what do I do?" and management just shrugged at them as far as i know. i think sometimes phones got shipped back to the office or agents just gave the customer the password, an absolute security violation.
but what do you DO? what's the solution in that situation? the customer is upset for a really good reason, and management is shrugging at you. the one option available to you, you're told you can't do.
so S, my predecessor, got fed up with this. he scrounged up an old PC, installed a fileserver on it, put a configuration file on it that contained nothing but a pointer to the correct server *with the password*, and wrote up instructions for the support teams
the support team would then instruct customers to put in the server address with no creds, the phone would connect, get the URL and creds, flip to the correct server and be off to the races. and the customer never saw the password.
of course, they could then go to their web browser, put in that URL and the mac address of their phone, and see the password. but they'd have to know to do that.
the machine was also firewalled and we had to open a pinhole for every IP address we did this with so it wasn't WIDE open, but anyone sniffing on that network would absolutely have caught this, and we have evidence I think that this happened at least once
obviously this is deeply nonsecure. i mean, it was an HTTP server! sending the password for our ENTIRE config server in the plain!! terrifying! and what about the responsibilities and maintenance?
some random employee shouldn't be turning up a SERVER on the companys behalf!! where was this server hosted? a random internet connection we had for hardware testing. who got called when it broke? nobody. S fixed it the next day when he got in.
the bureaucracy is ALLERGIC to this but *there were no alternatives.* the solution offered to the support teams was nothing. eat shit and enjoy it. get yelled at by a customer with a perfectly good phone who you're forcing a 48 hour RMA on.
i inherited this system, and it was something nobody wanted to talk about. everyone assumed this problem was solved some other way, so whenever someone found out this was how we were doing it they'd go "wait, you can't" and we'd go "we are. stop us."
literally, S and I both asked to have this system taken over by the Systems team dozens of times. nobody would do it. they also didn't tell us to shut it down more than mildly, but we made it clear it wasn't going anywhere without a replacement solution.
Finally, a year or two ago, it got replaced by an official, Systems-managed tool, and it sucks ass. It's terrible. I hate it, everyone hates it, and it's because the guy they gave it to didn't want to make it.
That part at least is a personnel issue we won't get into, but the point is, it basically took a DECADE to get Systems to do something A) trivial B) their fucking job and C) a critical part of the companys product support infrastructure
I know it was trivial, because *I ran it*. it was a fucking webserver with a shell script that called ufwadd and copied a file to a directory. It was two hours of work on the outside that nobody considered important.
There were MASSIVE security problems here, yes, but they were caused by an architectural issue that was essentially unfixable. Using one password for all your voip phones is a really bad idea! But you can't just pretend you didn't do it!
They caused this problem, then refused to solve it in any way that wasn't hellish for the support and provisioning teams. So my friend solved it by adding a network element that IT knew nothing about, and that's shadow IT.
The problem, of course, is that sometimes an employee "helps" by doing things that IT should have done, and other times they "help" by introducing a security hole you can drive a ship through.
And if you had a process for distinguishing the two, it wouldn't be shadow IT, it would just be someone doing a side job for the IT department.
i would love to say that the moral of the story is "listen to your users or they will go over your head" but the fact of the matter is that my experience was caused by personnel failures at multiple levels and there's not much you can do about it
I don't think competent and properly staffed depts necessarily end up with this problem at all, but idk. There are probably examples that you could say technically fit in the box.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Gravis: The Posts Lizard
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @gravislizard see all

Profile picture
Gravis: The Posts Lizard
@gravislizard
i bought a new mouse with a sniper button on it that drops the mouse DPI by 80% so you can dial in those noscopes, which is funny because - and this isn't what i came here to talk about but - that's absolutely cheating, like playing baseball with a hollow bat. but,
"well anyone else could buy one too" yeah and all the other batters could hollow out their bats, but it's cheating if you don't tell anyone else that you're doing it, because they don't have an opportunity to choose to either do it also or not play against you.
i just think this is wild that these things are just out there and i feel like i've never seen anyone complain about them. but anyway, that's not what i came here to talk about
Read 11 tweets
Profile picture
Gravis: The Posts Lizard
@gravislizard
fallout after FO3 mocks an advertising culture as if it were the past. it isn't. it got worse. "eat Kradbury donuts - chock full of Vitamins" was just the immature form of it. all advertising is as disgusting and false as the 50s.
it's why we "respect the hustle" because it turns out none of us ever had a problem with promotion, we just hate lies. we know the corporate product is made of the wrong plastic and will break. we know the electronics are piss poor. we know the food is 45% soy filler.
turns out humans love each other and understand easch other and everyone understands that everyone's gotta eat and so on and so advertising was never the problem, Advertising was. the idea that anyone can run a college course on marketing is revolting. it's fucking immoral.
Read 9 tweets
Profile picture
Gravis: The Posts Lizard
@gravislizard
i love the new troubleshooting process at work
- get ticket on system i've heard of once, three months ago, referencing system component i've never heard of
- search email for any way to log into that system, or even a URL; none
- look for system owner
- find reference that Bradley Fartwinkle is on that legacy team
- he's a VP in outlook
[ ENTER "CRISIS" DIAMOND ON FLOWCHART ]
A) does he still work here or did he quit to escape the sinking ship
B) if he still works here, will emailing him be a gaffe
- check ORGANIZATION tab in Outlook
- oops; they merged email systems and we weren't the acquiring company so we're now second-class, meaning they broke our entire hierarchy in Exchange and will never, ever, ever fix it because nobody knows how to do that
Read 7 tweets

Related threads

Profile picture
West Wing Reports
@WestWingReport
All Americans should be pleased that the job market continues to grow:
Last 24 months of Obama: +5,132,000 (Feb. 2015 to Jan. 2017)
First 24 months of Trump: +4,801,000 (Feb. 2017 to Jan. 2019)
data.bls.gov/timeseries/CES…
#Job growth since 2008 (millions)
2008: -3.56
2009: -5.06
2010: +1.06
2011: +2.09
2012: +2.14
2013: +2.30
2014: +2.99
2015: +2.71
2016: +2.24
2017: +2.06
2018: +2.56
2019: +304 (K)
(U.S. Labor Dept./Bureau of Labor Statistics)
Why did the unemployment rate go up - after 304K jobs were added to the economy? Of course you're dying to know this, and that's where WWR's Paul Brandus comes in. The simple answer: the two data points - jobs created and the unemployment rate - come from two separate surveys /1
Read 8 tweets
Profile picture
Melissa Anelli
@melissaanelli
Okay. Let’s go.
Nine minutes in and my mind is already blown. Whenever we utter the phrase “we’re spending a lot of money” it it’s not followed by “so we get to pet some pigs.” It’s more like “ouch ooh oh wow we are spending a lot of money AHHHHHHH” #fyre
we are doing this “OK stop" style and so far it’s been 35 minutes and we’re 9:30 in
Read 128 tweets
Profile picture
Teri Kanefield
@Teri_Kanefield
(Thread) Trumps wrecking ball: Lies & victimhood

“Trump doesn’t seem worried to me,” a friend said. “It’s like he has a trick up his sleeve.”

He does have a trick: But it isn’t hidden. It’s in full view:

Lie. Ratchet up the race-baiting—then blame others and be the victim.
1/ When asked whether his rhetoric creates violence, he pointed to the media and “You’re creating violence by your questions.”

washingtonpost.com/politics/2018/…
When humans commit atrocities, the perpetrators of violence often believe they are the victims.
2/ From Snyder👇Trump's trick is to fill the public sphere with fiction, then blame the other side—the Democrats or journalists.

From Jason Stanley and others: When the dominant culture began to lose its dominance, it sees itself as the victim.

Read 21 tweets
Profile picture
Edwin Hayward
@uk_domain_names
A BREXIT OPEN LETTER TO POLITICIANS (PDF version at end)
Brexit impacts everything. It looms like a black hole, sucking all other considerations into its gravitational field.

Do you truly care about austerity or Universal Credit, if you don't also care about Brexit? 1/32
Brexit will spread like a cancer through every aspect of life in the UK, making us poorer, less competitive, more isolated in the world. The damage has already begun, be it the £4 billion spent by Government on Brexit preparations, or the £500 million a week in lost growth. 2/32
Your heart may be so full of compassion that it threatens to burst, but can you truly say you care about disabled people, mental health, food security, or the provision of children's services unless you also care about Brexit? 3/32
Read 37 tweets
Profile picture
Emily G, Cville.
@EmilyGorcenski
In the Charlottesville Unite the Right Discord logs, I have seen so far four mentions of running down protesters. To date, I've identified three of the four individuals. I'm about to release a suspected ID on the fourth.
First up is Andrew Blair. Click through the thread for the details. He talked explicitly about running me down with his Lexus.

Next, is SSgt Michael Chesny, who was the most egregious of the four.

He asked multiple times, and even made clear that he was not "shitposting," about the legality of running down protesters.

Read 12 tweets
Profile picture
A.B.
@AlannaBennett
I want to talk real quick about why this Aziz situation has so many people unable to deal. Not saying I'm the first one saying these things — but I've had this conversation like 10 times in the past few days.
The whole narrative surrounding Harvey let us — BEGGED us — to put him in a box and call him a monster. It was easy to do, and easy to make the case that he — or a Spacey, or other serial allegedly violent offenders — be cast out, ostracized.
But we were always going to come up against the reality: If so many people have been abused, it's probably not just the straight-up monsters of the world abusing them. It might have been your friend. It might have been YOU.
Read 12 tweets

Trending hashtags

#NeverAgain #Parkland #FyreFestivalNetflix #Beer #SimplifyYourLanguage #bigdara #bigdaga #WeekendHumor #water #bigdata #winning #CarKeys #Rindfleischetikettierungsüberwachungsaufgabenübertragungsgesetz #ItsTime #table #smartcites #opendara #Docs4GunSense #smartciities #PaulMcCartney #Ozark #opendsta #tjto50K #LookNow #bills
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!