Appreciation Society

Given how crazy everything is right now, it’s important to try and stay sane. And that’s harder than it sounds to be honest. Our mental health is being degraded by the day. Work stress, personal stress, and family stress are all contributing to a huge amount of problems for all of us. I can freely admit that I’m there myself. My mental state has been challenged as of late with a lot of things and I’m hoping that I’m going to pull myself out of this funk soon with the help of my wife @MrsNetwrkngnerd and some other things to make me happier.

One of the things that I wanted to share with you all today was one of the things I’ve been trying to be mindful about over the course of the last few months. It’s about appreciation. We show appreciation all the time for people. It’s nothing new, really. But I want you to think about the last time you said “thank you” to someone. Was it a simple exchange for a service? Was it just a reflex to some action? Kind of like saying “you’re welcome” afterwards? I’d be willing to bet that most of the people reading this blog post say those words more out of habit than anything else.

I decided I was going to change that. Instead of just mouthing an empty “thank you” for something, I decided to turn it into a statement of appreciation. As a father, I often tell my kids that they need to include statements in their apologies. Not just “I’m sorry” but “I’m sorry for hitting my brother”. Intent matters. In this case, the intent and appreciation is the opposite feeling.

So, instead of “thank you” I’ll say “Thank you for bringing me that cup.” Or maybe “Thank you for helping change that tire.” Calling out the explicit action that caused your thanks shows people that you’re being mindful of what they do. It means you’re paying attention and showing real gratitude instead of just being reflexive.

This can apply to technology as well. Instead of just a quick “Thanks” when someone completes a job, try making it specific. “Thanks for getting that routing loop figured out.” Or how about “Thanks for putting in the extra effort to get those phones deployed by the end of the day.” Do you see how each of these more specific statements are mindful of actions?

When you show people you appreciate them as much as what they do for you, you change the conversation. Appreciation is one of the most power gifts we can give other people. Validation and praise aren’t just meaningless platitudes. Show people you care may be the best connection they’ve had all day. Or all week. And all it takes is a little extra effort on your part. Take my word for it and try it yourself. For the next week, go the extra mile and explain why you’re thankful for people. You’d be surprised how far you’ll get.

Fast Friday – Mobility Field Day 5 Edition

I’ve been in the middle of Mobility Field Day 5 this week with a great group of friends and presenters. There’s a lot to unpack. I wanted to share some quick thoughts around wireless technologies and where we’re headed with it.

  • Wireless isn’t magic. We know that because it’s damned hard to build a deployment plan and figure out where to put APs. We’ve built tools that help us immensely. We’ve worked on a variety of great things that enable us to make it happen easier than it’s been before. But remember that the work still has to happen and we still have to understand it. As soon as someone says, “You don’t need to do the work, our tool just makes it happen” my defenses go up. How does the tool understand nuance? Who is double-checking it? What happens when you can’t feed it all the info it needs? Don’t assume that taking a human out of the loop is always good thing. Accrued knowledge is more important than you realize.
  • Analytics give you a good picture of what you want, but they don’t turn wrenches. All the data in the world won’t replace a keyboard. You need to understand the technology before you know why analytics look the way they do. It’s a lesson that people learn hard. Look back at things like VDI boot storms to understand why analytics can look “bad” and be totally normal.
  • I’m happy to see the enterprise embracing Wi-Fi 6E (6GHz). Sadly, it’s going to be another six months before we see enough hardware to make it viable for users. And don’t even get me started on the consumer side of the house. I expect the next iPad Pro will have a 6E radio. That’s going to be the tipping point. But even after that we’re going to spend years helping people understand what they have and why it works.

Tom’s Take

There are some exciting discussions to be had in the wireless community. I’m always thrilled to be a part of Mobility Field Day and enjoy hearing all the great tech discussed. Stay tuned to the Tech Field Day Youtube Channel for all the great content and more discussions!

Video Meetings and Learning Styles

Have you noticed that every meeting needs to be on video now? Of course, that’s a rhetorical question. It’s one of the first and most constant things that is brought up in the pandemic-influenced tech community of today. Meetings that used to be telephone-only or even wordy emails are now video chats that take half an hour or more. People complain that they are spending time and money to spruce up their office to look presentable at 720p to people that likely aren’t paying attention anyway. It’s a common complaint. But have you ever thought about why?

Listening and Looking to Learn

There are three major styles of learning that get brought up in academic courses.

  • Physical, or kinesthetic, learners learn best from touching things. They want to manipulate and feel things as they learn. They like to gesture when they talk. They also get bored quickly when things are taking too long or they have to sit still too much.
  • Visual learners learn best from seeing things. They like to look around and tend to think in pictures. They would rather see something instead of hearing someone speak.
  • Auditory learners like to hear things being spoken. They want to talk through everything and hear the words being spoken out loud. These are the kinds of people that tend to do things like repeat lists back to themselves over and over again to memorize them.

Now, if you found yourself agreeing with some of each of those things you aren’t crazy. There are some aspects of each of these that we all learn with. As much as I like getting the big picture, I often enjoy dialogue and telling stories as well as touching something to learn more about it. But at the end of the day I would consider myself a visual learner. I learn best when I can see things. I tend to get distracted when I have to listen to things a lot. You can probably figure out which learning style suits you best quickly.

Adjusting to Virtual Learning

That was the pre-pandemic world. With the advent of sheltering in place, we’re going to have to look at the way we do things now. Physical learning is out. We can’t just meet with people and invade their bubble to talk and touch and interact. So a third of learning styles are going to be severely impacted. What does that leave us with?

Well, auditory learners are going to be okay with phone calls. They learn best when they can recite information. But remember how it’s not so much about them learning best from hearing as it is from them engaging in dialogue? That’s where the auditory learning style seems to break down for people. It’s not that auditory learners get the best absorption of material from hearing it. They need to talk. They need to hear their voice and interact with the voices of others to process things. It’s not enough to just hear it spoken. Even if all they do is rephrase something you’ve told them they still have to speak.

Makes sense, right? But why video? Shouldn’t video meetings be the space of visual learners? In short, no. Because video isn’t about visual learning as a medium. Visual learning is about reading text and emails and seeing diagrams and drawing your own pictures to absorb ideas. Visual learning is about drawing out your network routing plan, not describing it to your peers. Visual learners gain little from video.

On the other hand, auditory learners gain a ton from video chats. Why? Because they can see their dialog partner and gain interaction. Video calls like Webex and Zoom aren’t for people that want to see the other side. They are for people to see and interact with their conversation. They want to be seen as much as anything else. Visual learners would get more out of the meeting notes along with some creative skills like Sketchnotes.

Learning Up The Ladder

Make sense so far? Good. Now, as yourself another critical question: who has more video meetings? Is it your team and peers? Or is it managers and executives? Here’s another thing to ponder: Who makes a better manager or executive? Someone who prefers to read or someone that prefers to talk?

I think you’ll find as you explore this idea that most people who are considered “management material” are known as people-oriented. They like to talk. They like to meet and discuss. They feel at their best when there is dialog and discussion. And who do you think feels the most left out in a world where everyone is isolated at home and can’t interact? Also, who has the power and desire to change the way meetings are held?

Managers and executives want to hear from their teams. They want to interact with them. Maybe they’re even fully auditory learners that want to dialog with people and hear them talk about status updates. That all makes sense. But because they’re not getting the interactivity part of the equation from being isolated they need to have the visual component of video chat to figure out what’s going on. I’d wager that the increase in video meetings isn’t among your team or for happy hour. Instead, I’m pretty sure it’s your manager and the executives above them that are in need of that face-to-video screen time with you.


Tom’s Take

I’m on the fence about video meetings. I don’t mind them. I don’t even really mind having a few of them. But I’m really curious as to why existing meetings that weren’t video had to be on video all of the sudden. I get that people are more in tune with interaction and auditory learning styles. I’m still more visual than anything else and the call summaries after meetings are more impactful for me than the video aspect of things. I don’t see the trend changing any time soon though. Which means I’m just going to have to spend more time in my unicorn mask!

The Silver (Peak) Lining For HPE and Cloud

You no doubt saw the news this week that HPE announced that they’re buying Silver Peak for just shy of $1 billion dollars. It’s a good exit for Silver Peak and should provide some great benefits for both companies. There was a bit of interesting discussion around where this fits in the bigger picture for HPE, Aruba, and the cloud. I figured I’d throw my hat in the ring and take a turn discussing it.

Counting Your Chickens

First and foremost, let’s discuss where this acquisition is headed. HPE announced it and they’re the ones holding the purse strings. But the acquisition post was courtesy of Keerti Melkote, who runs the Aruba, a Hewlett Packard Enterprise Company (Aruba) side of the house. Why is that? It’s because HPE “reverse acquired” Aruba and sent all their networking expertise and hardware down to the Arubans to get things done.

I would venture to say that Aruba’s acquisition was the best decision HPE could have made. It gave them immediate expertise in an area they sorely needed help. It gave Aruba a platform to build on and innovate from. And it ultimately allowed HPE to shore up their campus networking story while trying to figure out how they wanted to extend into the data center.

Aruba was one of the last major networking players to announce a strategy based on SD-WAN. We’ve seen a lot of major acquisitions on that front, including Cisco buying Viptela, VMware buying VeloCloud, Palo Alto Networks buying CloudGenix, and Oracle buying Talari. That last one is going to be important later in this story. Aruba didn’t go out and buy their own SD-WAN solution. Instead, they developed it in-house leveraging the expertise they had with ClearPass. Instead of calling it SD-WAN and focusing on connecting islands together, they used the term SD-Branch to denote the connectivity was more about the users in the branch and not the office itself.

I know that SD-Branch isn’t a term that’s en vogue with most analysts. But it’s important to realize that Aruba was trying to say more about the users than anything else. Hardware was an afterthought in this solution. It wasn’t about an edge gateway, although Aruba had those. It wasn’t about connectivity, even though Aruba could help on that front too. Instead, it was about pushing policy down to the edge and sorting out connectivity for devices. That’s the focus that Aruba had for many years with their wireless roots. It only made sense to leverage the tools to get where they wanted to be on the SD-Whatever front.

Coming Home To Roost

The world of SD-WAN isn’t the same as the branch any longer, though. Now, SD-WAN drives cloud on-ramp and edge security. Ironically enough, the drive to include Secure Access Service Edge (SASE) in SD-WAN is way more in line with the original concept of SD-Branch as defined by Aruba a couple of years ago. But you have to have a more well-rounded solution that includes cloud.

Why do you need to worry about the cloud? If you still have to ask that question in 2020 you’re not gonna make it in IT much longer. The cloud operationalizes a lot of things in IT that we have just accepted for years. The way that we do workloads and provisioning has changed on-site as well. If you don’t believe me then listen to HPE. Their biggest focus coming out of HPE Discover this year has been highlighting GreenLake, their on-premises IT-as-a-Service offering. It’s designed to give you cloud-like performance in your data center with cloud-like billing options. And, as marketed, the ability to move workloads back and forth between on-site and in-cloud as needed.

Hopefully, you’re starting to see why Silver Peak was such an important pickup for HPE now. SD-Branch is focused on devices but not services. It’s not designed to provide cloud on-ramp. HPE and Aruba need a solution that gives you the ability to accelerate user adoption of software-as-a-service no matter where it lives, be it in GreenLake or AWS or Azure. Essentially, HPE and Aruba needed Talari for their cloud offerings. And that’s what they’re going to get with Silver Peak.

Silver Peak has focused on cloud intelligence to accelerate SaaS for a few years now. They also have a multi-cloud networking solution. Multi-cloud is the way that you get people working between two different clouds, like AWS and GreenLake for example.

When you tie in Silver Peak’s DC-focused SD-WAN solution with Aruba’s existing SD-Branch capabilities, you see how holistic a solution you have now. And because it’s all based on software you don’t have to worry about clunky integration. It can run side-by-side for now and in the next revision of Aruba Central integration with the new Edge Services Platform (ESP), it’s all going to be seamless to use however you want to use.


Tom’s Take

I think Silver Peak is a good pickup for HPE and Aruba. Just remember that when you hear HPE and networking in the same sentence, you need to think about Aruba. Ultimately, the integration of Silver Peak into Aruba’s SD-Branch solution is going to benefit everyone from users to cloud to software and back again. And it’s going to help position Aruba as a major player in the SD-WAN market. Which is a silver lining on any cloud.

Fast Friday Random Thoughts

It’s Friday and we’re technically halfway into the year now. Which means things should be going smoother soon, right? Here’s hoping, at least.

  • I posted a new episode of Tomversations yesterday. This one is about end-to-end encryption. Here’s hoping the Department of Justice doesn’t find a way to screw this up. And here’s hoping the Senate stops helping.
  • I saw a post that posits VMware may be looking to buy BitGlass. I know VMware’s NSX team pretty well. I also talked to the BitGlass team at RSA this year. I think this is something that VMware needs to pick up to be honest. They need to round out their SASE portfolio with a CASB. BitGlass is the best one out there to make that happen. I think we’re going to see a move here before we know it.
  • There are a lot of other acquisitions going on in the market. VMware bought Datrium. Uber bought Postmates. It’s typical to see these kinds of acquisitions during downturns because it becomes way cheaper to snap up your competition. I expect Q3 is going to be full of consolidation in the networking space. Cisco won’t start doing anything until August at the earliest, but once their numbers are finalized I’m sure we’re going to see them snap up a hot startup or two.

Tom’s Take

Here’s hoping the next six months are a little less crazy. I doubt that will be the case, but we’ll see!

Podcasts I’m Playing in 2020

Since I seem to have a lot more time on my hands without travel thanks to current…things, I’ve been consuming podcasts more and more during my morning workouts. I’ve got a decent list going now and I wanted to share it with you. Here are my favorite podcasts (not including the one that I do for Gestalt IT, the On-Premise IT Roundtable:

  • Packet Pushers – The oldest and best is still my go-to for listening. I started back at Episode 3 or 4. i can remember the intro music. And I’ve been a guest and a participant more times than I can count. Greg, Ethan, and Drew do an amazing job of collecting all the info about the networking world and pushing it to my ears daily. When you through in their news feed (Network Break), cloud (Day Two Cloud), DevOps (Full Stack Journey), IPv6 (IPv6 Buzz), and one-off stuff (Briefings in Brief) there’s a lot to consume aside from their Heavy Networking “main” feed. You can sub to any or all of these if you want. And stay tuned because you might hear me from time to time.
  • Network Collective – Jordan is one of my old and dear friends. And I’ve been a fan of his work since he started it back in the day. Network Collective has gone through a lot of changes over the years, from flirting with video to changes in the host lineup. But one thing has remained the same. Network Collective captures the spirit and camaraderie of the old Community shows that so many podcasts have gotten away from over the years. When the focus moves to making the podcast into a business or on other topic areas, often the community aspect is the first thing to go. Jordan and Tony do a great job today of keeping the focus on the community.
  • Risky Business – This is my favorite security news podcast. It’s slick. Professional. And Patrick does a great job of blending news and interviews with sponsored segments. Risky Business also helps me keep a more global perspective on the world of security. It’s often far too easy to become insular and forget that not everyone lives in the US or faces the same challenges we do. The release cadence of episodes ensures that I always have something Risky to listen to on my walks.
  • Darknet Diaries – If Risky Business is the nightly news, Darknet Diaries is the drama that comes on right before. Each episode has a compelling hook to get you listening and then keep you there while the story unfolds. I’ve been known on a few occasions to do an extra lap around the block so I didn’t miss a juicy tidbit in the story. Jack Rhysider has that kind of voice that makes you feel like he’s just about to drop the biggest twist of the century with every statement. You should listen if you like long-form content.
  • The Contention Window – Gotta have a wireless podcast, right? Scott Lester and Tauni Odia are good friends from the wireless side of the house that break down the latest news and updates and have fun. Seriously. I don’t think there’s been an episode that I haven’t chuckled at yet. Their recording schedule has been a bit sparse this year with job changes and COVID craziness, but make sure you subscribe so you’ll be updated the next time Scott finishes editing something.
  • Current Status – Current Status is a podcast from my friends Teresa Miller and Phoummala Schmitt. I was honored to be Guest #1 back in the day. They’ve tackled some pretty heady subjects over the years. For a while it looked as thought real life had claimed another podcast and left it fallow, but the tenacity of these two ladies can’t be denied. Current Status has been resurrected and is broadcasting live on Youtube every Thursday night. Make sure you grab a drink and join in the fun! You can also subscribe to their feed to pull down the episodes after the fact.
  • Nerd Herd Podcast – Not every podcast in my feed is about tech. Sometimes it’s just tech-y friends being nerdy. The Nerd Herd Podcast is all about the nerdy stuff that goes on around us. Rocket launches, app security issues, and even the occasional sing along are a great way to unwind and not think about work for a while. Plus, check out Episode 26 to watch cast favorite Amy Lewis sing her heart out!

Tom’s Take

Consuming these podcasts during my morning walk or run helps me focus on keeping my head in the game as well as keeping up with what’s going on. Plus, I don’t typically trip and fall like I would if I’m reading my phone. Unless Tauni is making fun of Scott again. If you’ve got a favorite podcast (tech or otherwise) that I should check out, leave a comment below. And yes, it’s totally okay if you’re the host! You never know when someone is going to find your hard work and enjoy it!

Data Is The New Solar Energy

You’ve probably been hearing a lot about analytics and artificial intelligence in the past couple of years. Every software platform under the sun is looking to increase their visibility into the way that networks and systems behave. They can then take that data and plug it into a model and make recommendations about the way things need to be configured or designed.

Using analytics to aid troubleshooting is nothing new. We used to be able to tell when hard disks were about to go bad because of SMART reporting. Today we can use predictive analysis to determine when the disk has passed the point of no return and should be replaced well ahead of the actual failure. We can even plug that data into an AI algorithm to determine which drives on which devices need to be examined first based on a chart of performance data.

The power of this kind of data-driven network and systems operation does help our beleaguered IT departments feel as though they have a handle on things. And the power that data can offer to us has it being tracked like a precious natural resource. More than a few times I’ve heard data referred to as “the new oil”. I’d like to turn that on its head though. Data isn’t oil. It’s solar energy.

As Sure As The Sun Comes Up

Oil is created over millions of years. It’s a natural process of layering organic materials with pressure and time to create a new output. Sounds an awful lot like data, right? We create data through the interactions we have with systems. Now, let me ask you the standard Zen kōan, “If a tree falls in the forest and no one is there to hear it, does it make a sound?” More appropriate for this conversation, “If two systems exist without user interaction, do they create data?”

The fact is in today’s technology-driven world that systems are creating data whether we want them to or not. There is output no matter what happens with our interactions. That makes the data ever-present. Like our glorious stellar neighbor. The sun is going to shine no matter what we do. Our planet is going to be bathed in energy no matter if we log on to our email client today or decide to go fishing. Data is going to be generated. What we choose to do with that data determines how we can utilize it.

In order to use oil, it must be processed and refined. It also must be found, drilled out of the ground, and transported to stations where it can be converted to different products. That’s a fairly common way to look at the process of turning data into the more valuable information product we need to make decisions. But in the world of ever-present data do we really need to go looking for it? Honestly, all you need to do is look around and you’ll see it! Kind of like going outside and looking up to find the sun shining down on us.

Let’s get to the processing part. Both forms of energy must be harnessed and concentrated to be useful. Oil requires refineries. Solar power requires the use of plants to consolidate and refine the collected energy from solar panels that generate electricity or heat energy that is converted into steam-powered electricity. In both cases there is infrastructure needed to convert the rew data to information. The key is how we do it.

Our existing infrastructure is based on the petroleum economy of refinement. Our standard consumers of oil are things like cars and trucks and other oil-powered fuel consumers. But the world is changing. Electrically powered vehicles and other devices don’t need the stopgap of oil or petroleum to consume energy. They can get it directly from the electrical grid that can be fed by solar energy. As we’ve adapted our consumption models of energy, we have found better, cleaner, more efficient ways to feed it with less infrastructure. Kind of like how we’ve finally dumped clunky methods for data collection like SNMP or WMI in favor of things like telemetry and open standard models that give us more info in better fashion than traps or alerts. Even the way we handle syslog data today is leaps and bounds better than it used to be.

Lastly, the benefits to standardization on this kind of collection are legion. With solar, the sun isn’t going away for a few billion more years. It’s going to stick around and continue to cause amazing sunrises and give me sunburns for the rest of my days. We’re not going to use up the energy output of the sun even if we tried. Oil has a limited shelf life at best. If we triple the amount of oil we use for the next 30 years we are going to run out completely until more can be made over the next few million years. If we increase the amount of solar energy we use by 10x over the next hundred years we won’t even put a dent in the output of the sun that we received in a minute during that time.

Likewise, with data, moving away from the old methods of collection and reporting mean we can standardize on new systems that give us better capabilities and don’t require us to maintain old standards forever. Anyone that’s ever tried to add a new entry to an archaic old MIB database will know why we need to get more modern. And if that means cleaner data collection all around then so be it.


Tom’s Take

Generally, I despise the allusions to data being some other kind of resource. They’re designed to capture the attention of senior executives that can’t imagine anything that isn’t expensive or in a TV series like Dallas. Instead, we need to help everyone understand the merits of why these kinds of transitions and shifts matter. It’s also important to help executives understand that data needs time and effort to be effective. We can’t just pick up data and shove it into the computers to get results any more than we can shove raw crude oil into a car and expect it to run. Given today’s environmental climate though, I think we need to start relating data to newer, better forms of energy. Just sit back and enjoy the sunshine.

The Conundrum of Virtual Conferences

Okay, the world is indeed crazy. We can’t hide from it or hope that it just blows over sooner or later. We’re dealing with it now and that means it’s impacting our work, our family lives, and even our sanity from time to time. One of the stalwart things that has been impacted by this is the summer conference schedule. We’ve had Aruba Atmosphere, Cisco Live, VMworld, and even Microsoft Ignite transition from being held in-person to a virtual format complete with shortened schedules and pre-recorded sessions. I’ve attended a couple of these so far for work and as an analyst, and I think I’ve figured it out.

If you come to a conference for content and sessions, you’ll love virtual events. If you come for any other reason, virtual isn’t going to work for you.

Let’s break this down because there’s a lot to unpack.

Information Ingestion

Conferences are first and foremost about disseminating information. Want to learn what new solutions and technologies have been launched? It’s probably going to be announced either right before or during the conference. Want to learn the ins-and-outs of this specific protocol? There’s probably a session on it or a chance to ask a professional engineer or architect about it. There’s a lot of content to be consumed at the conference. So much, in fact, that in recent years the sessions have started to be recorded and posted for consumption after the fact. You can now have access to a library of any topic you could ever want. Which comes in really handy when your boss decides in November that you’re going to be the new phone person…

Because all this content has been recorded and published before, transitioning the content to a virtual format is almost seamless. The only wrinkle is that people are going be recording from their home instead of a blast freezer ballroom in the Mandalay Bay. That means you’re going to need tighter control over things like environment and video recordings. Your people are going to have to get good and talking and setting up their screens to be effective. Most good presenters can do this already. Some need some coaching. Most are going to need a few takes to get it right since they aren’t going to be editing together their own video. But the end result is going to be the same. You’re going to have great content to share with people to be consumed over the course of days or weeks or even months.

Keynotes are a little bit harder to quantify in this content category. They are definitely content, just not for tech people. Keynotes are analyst and press fodder. It’s a packaging of the essence of the event in an hour-long (or longer) format designed to hit the important points for tweets and headlines. Keynotes are very, very, very rehearsed. No one tends to go off the script unless it’s absolutely necessary. Even the off-the-cuff remarks are usually scripted and tested for impact ahead of time. If a joke fails to land, just imagine the three others they tried that were worse.

But keynotes at a virtual event can be more impactful. Because you can do some editing you can put together different takes. You can inject some emotion. You can even use it as a platform for creating change. I specifically want to call out the Cisco Live keynote from Chuck Robbins this year. It wasn’t about tech. We didn’t really hear about protocols or hardware. Instead, Chuck used his platform to talk about the drivers of technology. He stood up and told the world how we need to use our talents and our toys to build a better world for ourselves and for everyone around us. Chuck didn’t mince words. He postponed Cisco Live by two weeks to highlight the struggles and causes that are being shown nightly on the news. He wanted us to see the world he and his company are trying to help and build up. And he used the keynote slot to push that message. No flashy numbers or sparkly hardware. Just good, old fashioned discussion.

Virtual Hallways

Every positive thing should have something corresponding to balance it out. And for virtual conferences, it’s the stuff that’s not about content. Ironically enough, that’s the part that I’ve been so steeped in recently. Sure, Tech Field Day produces a lot on content around these events. I’m happy to be able to be a part of that. But the event is more than just videos and slide decks. It’s more than just sitting in uncomfortable chairs in a meat locker nursing a hangover trying to understand the chipset in a switch.

Conferences are as much about community as anything else. They’re about seeing your friends in-person. Conferences are about hallway conversations about random topics and taking a taxi to a bar halfway down the Vegas Strip to meet up with a couple of people and some person you’ve never even heard of. It’s about meeting the co-workers of your friends and pulling them into your circle. It’s about sharing hobbies and life stories and learning about the crazy haircut someone’s kid gave themselves right before they left.

Community matters to me most of all. Because a conference without a community is just a meeting. And that part is missing virtually. I did my best with an attempt to do Tom’s Virtual Corner with our community. I was shocked and pleased at the number of people that joined in. We had over 50 people on the calendar invite and over a dozen connected at any one time. It was wonderful! But it wasn’t the corner that we know and love. It’s not that it wasn’t special. It was totally special and I appreciate everyone that took time out of their day to take part. But there are some things that are missing from the virtual experience.

I’ll take myself for example. I have two problems that I have to overcome at events:

  1. I’m a story teller.
  2. Other people need to talk too.

If I get on a tear with number one, number two won’t happen. At an in-person event it’s easy enough for me to deal with the first one. I just pull interested people aside for a small group conversation. Or I wait for a different time or another day to tell my story. It’s easy enough to do when you spend sixteen hours around people on average and even more well into the night with friends.

However, those above things don’t really work on Zoom/Webex/GoToMeeting. Why? Well, for one thing you can only really have one speaker at a time. So everyone needs to keep it short and take turns. Which leads to a lot of waiting to talk and not so much for listening. Or it leads to clipped quips and not real discussion. And before you bring up the breakout room idea, remember that mechanically there is a lot of setup that needs to happen for those. You can’t just create one on the fly to tell a story about beanbags and then just hop back into the main room. And, breakout rooms by their very nature are exclusionary. So it’s tough to create one and not want to just stay there and let people come to you.


Tom’s Take

This is just a small part of the missing aspect of virtual conferences. Sure, your feet don’t hurt at the end of the day. I’d argue the food is way better at home. The lack of airports and hotel staff isn’t the end of the world. But if your primary focus for going to events is to do everything other than watching sessions then the virtual experience isn’t for you. The dates for Cisco Live 2021 and Aruba Atmosphere 2021 have already been announced. I, for one, can’t wait to get back to in-person conferences. Because I miss the fringe benefits of being in-person more than anything else.

Security and Salt

One of the things I picked up during the quarantine is a new-found interest in cooking. I’ve been spending more time researching recipes and trying to understand how my previous efforts to be a four-star chef have fallen flat. Thankfully, practice does indeed make perfect. I’m slowly getting better , which is to say that my family will actually eat my cooking now instead of just deciding that pizza for the fourth night in a row is a good choice.

One of the things I learned as I went on was about salt. Sodium Chloride is a magical substance. Someone once told me that if you taste a dish and you know it needs something but you’re not quite sure what that something is, the answer is probably salt. It does a lot to tie flavors together. But it’s also a fickle substance. It has the power to make or break a dish in very small amounts. It can be the difference between perfection and disaster. As it turns out, it’s a lot like security too.

Too Much is Exactly Enough

Security and salt are alike in the first way because you need the right amount to make things work. You have to have a minimum amount of both to make something viable. If you don’t have enough salt in your dish you won’t be able to taste it. But you also won’t be able to pull the flavors in the dish together with it. So you have to work with a minimum. Whether its a dash or salt or a specific minimum security threshold, you have to have enough to matter otherwise it’s the same as not having it at all.

To The Salt Mines

Likewise, the opposite effect is also detrimental. If you need to have the minimum amount to be effective, the maximum amount of both salt and security is bad. We all know what happens when we put too much salt into a dish. You can’t eat it at all. While there are tricks to getting too much salt out of a dish they change the overall flavor profile of whatever you’re making. Even just a little too much salt is very apparent depending on the dish you’re trying to make. Likewise, too much security is a deterrent to getting actual work done. Restrictive controls get in the way of productivity and ultimately lead to people trying to work out solutions that don’t solve the problem but instead try to bypass the control.

Now you may be saying to yourself, “So, the secret is to add just the right amount of security, right?” And you would be correct. But what is the right amount? Well, it’s not unlike trying to measure salt by sight instead of using a measuring device. Have you ever seen a chef or TV host pour an amount of salt into their hands and say it needs “about that much”? Do you know how they know how much salt to add? It’s not rocket science. Instead, it’s the tried-and-true practice of practice. They know about how much salt a dish needs for a given cooking time or flavor profile. They may have even made the dish a few times in order to understand when it might need more or less salt. They know that starches need more salt and delicate foods need less. Most importantly, they measured how much salt they can hold in their cupped hand. So they know what a teaspoon and tablespoon of salt look like in their palm.

How is this like security? Most Infosec professionals know inherently how to make things more secure. Their experience and their training tell them how much security to add to a system to make it more secure without putting too much in place to impede the operations of the system. They know where to put an IPS to provide maximum coverage without creating too many false positives. And they can do that because they have the experience to know how to do it right without guessing. Because the odds are good they’ve done it wrong at least one time.

The last salty thing to remember is that even when you have the right amounts down to a science you’re still going to need to figure out how to make it perfect. Potato soup is a notoriously hard dish to season properly. As mentioned above, starchy foods tend to soak up salt. You can fix a salty dish by putting a piece of a potato in it to soak up the salt. But is also means that it’s super hard to get it right when everything in your dish soaks up salt. But the best chefs can get it right. Because they know where to start and they know to test the dish before they do more. They know they need to start from a safe setup and push out from there without ruining everything. They know that no exact amount is the same between two dishes and the only way to make sure it’s right is to test until you get it right. Then make notes so you know how to make it better the next time.


Tom’s Take

Salt is one of my downfalls. I tend to like things salty, so I put too much in when I taste things. It’s never too salty for me unless my mouth shrinks up like a desiccated dish. That’s why I also have to rely on my team at home to help me understand when something is just right for them so I don’t burn out their taste buds either. Security is the same. You need a team that understands everything from their own perspective so they can help you get it right all over. You can’t take salt out of a dish without a massive crutch. And you can’t really reduce too much security without causing issues like budge overruns or costly meetings to decide what to remove. It’s better to get your salt and your security right in the first place.

Attention Resource Deficit

How much did your last laptop cost? You probably know down to the penny. How much time did it take for you to put together your last Powerpoint deck or fix an issue for a customer? You can probably track that time in the hours you recorded on your timesheet. What about the last big meeting you had of the department? Can you figure out how many hours combined of time that it took to get the business discussed? Pretty easy to calculate when you know how many people and how long it took.

All of these examples are ways that we track resources in the workplace. We want to know how many dollars were invested in a particular tool. We want to figure out how many hours someone has worked on a project or a proposal. We want to know how much of the company’s resources are being invested so we can track it and understand productivity and such. But when’s the last time you tracked your personal resources? I’m not talking about work you do or money you spend. I’m talking about something more personal than that. Because one of the things that I’ve seen recently that is starting to cause issues is the lack of attention we pay to our attention resource.

Running in Overdrive

Our brains run a lot of processes in our body. And a lot of those processes work without attention. Bodily functions like breathing, digestion, and our endocrine system work without us paying attention. That’s because these systems need to work for us every time without stopping. That’s the power of automation.

But the rest of our processes need our attention. Our cognitive processes and higher-order functioning need us to pay attention. Yes, even those tasks that you say you can do without thinking. They require you to pay some sort of conscious attention to what’s going on. And that comes out of your attention budget.

Ever wonder why people are good at multitasking? It’s because they are capable to splitting their attention budget up and paying attention to a couple of different things at the same time. Just like a multitasking computer, human multitasking is just devoting a portion of your attention to a different task for a little bit while you work on something else. But have you ever seen what happens when a CPU gets overloaded with tasks? Sluggish, slow, and unusable.

The same thing happens to people when their attention is drawn in too many different directions. When we exhaust our attention budget we let tasks drop and we stop being able to do things effectively. We have a pool of resources we can use and when those run out we have to take resources from other places. That’s when tasks start getting dropped and such.

People don’t tend to see attention as a finite resource. They see it as a bottomless well that always has a little more available when it’s necessary. We create tools and ideas and systems to help us manage it better. But all those tools are really designed to add a bit more of our fracture attention back to the resource pool. In reality, we’re still shuffling resources back and forth and not really adding to the overall pool. It’s not unlike dealing with a CPU with a finite amount of resources. You can’t get more than this no matter what tricks you use. So you need to learn how to deal with things as they are.

Retreating From the Redline

Internal combustion engines work best when they’re running in their power band, which is the area where they are most effective. The effectiveness of the engine drops off as it approaches the redline, which is the maximum amount of performance you can get without causing damage to the engine. It’s the hard limit, if you will. To apply this to our current discussion, you need to run your brain’s attention span in the power band of focusing on the right tasks as you need to and avoid pushing past the redline of inattention and letting things drop. But how can you do that knowing you have to work from a finite pool of resources? Your brain isn’t a CPU or an RPM gauge on a car. There isn’t a magic meter that will tell you when you’ve exceeded your resource pool.

Step One is the reduce the number of distractions you have. That is way harder than it sounds. There are some easy things you can do that have been documented over the years:

  • Set your email to only update in time segments. Every 15 minutes or even every hour for non-critical stuff. The less time you spend attaching yourself to a constantly-updating mailbox the more productive you can be.
  • Sign out of unnecessary Slack channels. The more you have open, the more attention you’re going to pay to them. And the less attention you have for other things too.
  • Limit social media engagement. Ever find yourself sucked into Facebook or TikTok? That’s by design. The operators want you to stick there and not do anything else. If you have to monitor social media for your job, create rules and lists to keep you focused on task. And save the causal stuff for another day.
  • Use the Pomodoro Technique. I’ve written about it before, but this is a great way to force your brain into focusing for short bursts. Once you can train yourself to block out distractions you can get a lot accomplished.

The second way that I find that I can help refuel my attention pool is to use checklists or some other method of dumping my brain contents in a way that lets me focus. I can put down things that need to be done and check them off as they are completed. But I don’t just put major projects like “Boil the Ocean” or “Put a spaceship on Mars”. Instead, I break everything down into simple, achievable tasks. Why? Because crossing those off the list gives you back some of the attention you dedicated to them. It’s like the programming equivalent of garbage collection. By returning your attention resources back to the pool you have more available to tackle bigger and badder things on your list. And when you ever feel like you aren’t getting enough done you can go back and see all the things you’ve crossed off!


Tom’s Take

I have a double whammy of being unfocused on my best days and being too forgetful to write things down. So I understand the issues of attention resource problems. As much as anyone I really wish I could just wave a magic wand and be able to pay closer attention to what I’m doing. The tricks above are ways that I cope with what I have to deal with. In fact, the number of times I got distracted even just writing this post would probably shock most people reading this. But we work with what we have and we do what we can. The key is to recognize that your attention is a resource that is just as valuable as money or work time. Treat is as such and plan for use and you may find yourself feeling better and being happier and more productive in a number of ways.