11 Things I’ve Learned For Working From Home Effectively

I’ve been meaning to write this blog post for a while now. With recent events, it seems like there are a lot of people out there that could use some advice about how to work effectively from home for a long period of time.

I’ve been working from home regularly for almost a year and a half now. It’s been a bit of a journey, and I’ve learned a lot about myself and my own work habits. I’d like to share some of the things that I do in my day-to-day to keep me motivated and effective while working at home.

Wake Up At The Same Time You Normally Do

It’s super easy to think to yourself, “I don’t have to drive to work, so I can sleep in!” Don’t. First off, if you’re only working from home temporarily due to the current state of events, you don’t want to re-adjust your waking schedule in order to go back.

Secondly, you don’t want to be rushing through your house 15 minutes before a scheduled call to get a shower and shave in. You have some added time in the mornings now. Let’s appreciate what you can do with that time…

Start the Day With a Win

I still get up pretty early in the morning, even though I work for a remote first company. But instead of rushing out of the door to get into my car and make my commute, I take the time to prepare myself mentally for the day. I take time to grind some fresh coffee from whole beans and the let it steep in my french press. While I’m doing this, I’m going through my mental checklist of things to do. I might also kick off a load of laundry – or even jump on for a quick match or two in my favourite video game before sitting down in my office and getting started.

What does a video game have in common with a load of laundry? It’s really about accomplishment – a small win can go a long way for setting the tone for the day.

Have a Designated Work Space

Maintaining work/life balance is important. Oftentimes, in your mind, where you work from at home becomes associated with work. Keeping your desk in your bedroom where you’re supposed to rest, or in your living room where you relax, can cause stress as time goes on. So if you can, keep a completely separate space for this.

It also helps you to set your mind on work. Going up the hall to your designated office is kind of like commuting to work. As you walk down the hall to your office, your mind starts preparing you for the day’s business.

It’s okay if a room for work doubles as a guest room. As long as that room is not regularly used by you. If you don’t have spare space, try to keep your working area removed from parts of your home that are used the most frequently. Maintain that separation as best as you can.

It’s okay to have a space that is both productive and comfortable. Personalize it and have fun with your decorum!

Dress Appropriately

You don’t wear pajamas to the office. Don’t wear them when you work from home. Getting dressed for work is quite possibly the most important routine to setting your mental tone for the day. You may be able to relax your style of dress a bit. For example – if you wear a full suit to the office, then perhaps you can get away with a button up shirt without a jacket and tie. But stay away from wearing anything too casual. You’re working – not on vacation. I’ll often change out of my work clothes at the end of the day to transition myself out of the working mindset.

Avoid Unnecessary Distractions

Listening to music while you work is fine, but avoid things like television, social media, or any types of activities that will draw your attention from work. A quick check of Facebook or YouTube can quickly devolve into a couple of hours of productivity lost.

The same goes with doing things around the house. It’s not bad to wash a few dishes at lunchtime, or pop in a load of laundry between meetings, but stay away from more time consuming tasks. Vacuuming or mopping can wait until later.

Manage. Your. Time.

I track just about everything in my calendar. Meetings, tasks, follow-ups, etc. The reason why I do this is that it allows me to be able to manage my time effectively through the day. For example, if I have a follow-up email that requires some time to research, I schedule the time I need to do that research and draft the email. If I need to take 45 minutes to do that, I schedule 45-minutes. I may also add some padding in those time estimates so I can take breaks (nature will call), and transition my mindset from one task to another. This provides some additional benefits as well…

First, you can effectively manage your work day. If you run out of time in your allotted work hours, schedule tasks to the next days. This allows you to stay within a reasonable distance of your targeted 40 hours.

Secondly, you can also manage expectations regarding your deliverables. If you have a follow-up promised, you can set an expectation with that person of when they will see it. “I can have an email with all of the information you requested on X day around Y time.”

Third, as current events are forcing companies that may have been adverse to working from home, you may get questions on what you’re doing with your time. Having your calendar populated with these tasks allows you and your manager to review your workload.

Always remember that tasks can be moved, but when you do, make sure that you’re managing your expectations with others effectively when you do.

Avoid Generic Task Windows

Two things I absolutely hate seeing in peoples’ calendars – Focus Time, and Email Follow Ups.

Focus Time – What are you doing during this time? Do you know? Does your manager know? *Insert shrug emoji here*

Having generic time with no set tasks often time leads to ‘goof off time’, or at least the perception that that’s what is going on during that time. Set meaningful tasks as calendar subjects. Then you have a goal, and your managers know what you’re doing (if they like to micro-manage).

Email Follow Ups – How many emails do you need to follow up on? How much time do you need to make a thoughtful response? How much research effort is needed for a given email? These are the reasons why I don’t like email follow up time.

If you set an hour at the end of the day for follow up emails, and you have 10 emails that you need to follow up on, how much real thought and research can you put into those emails? Furthermore, how can you really track what emails require follow ups, and how can you prioritize. Set a task for anything that requires a meaningful follow up and estimate your time appropriately.

Use Video Messaging…With Video

Remember when I said get dressed for work? Well here’s another part of the why.

When we collaborate, we often rely on a person’s body language and facial expressions as visual cues during a discussion. This is just as important, if not more so, when working collaboratively over distances. Turn the camera on. Zoom Meetings has a really great Virtual Background feature if you’re afraid of your co-workers seeing any messiness in the house.

Diet Is Surprisingly Important

Take time to actually make your lunch. Shy away from junk foods. I have a time every day that I take a few minutes and actually make a sandwich, or sometimes even cook an actual meal. You don’t have to set an hour every day, but at least take 30 minutes to make something. This allows you time to not only eat something healthy, but also gives you a much deserved mental break during the day.

There are plenty of videos on YouTube (I’m a fan of Binging With Babish and Joshua Weissman) for some relatively simple and tasty recipes that you can do in 30 minutes. Stay away from garbage foods.

Get Out Of The House! But Not In A Group!

It looks like we could be engaging in social distancing and self-isolation for a while, but that doesn’t mean you have to stay inside with all of the doors and windows shut. If you have a back yard, go do some landscaping. If you have a balcony, get some fresh air. If your city isn’t under curfew or shelter-in-place orders, it’s okay to go for a walk. Just maintain an acceptable amount of distance from others when doing so.

Obviously, follow any restrictions that your city/state-province/country has set down. But if there’s no restriction to get outside and grab a bit of sunshine and fresh air, take advantage of it now.

Staying cooped up inside of your home for weeks on end is going to take a toll on you if you don’t break up the monotony.

Finally – Go To Bed at a Reasonable Time

This dovetails into my first point about waking up at the same time as you did when you were commuting. Go to bed with enough time to get a sufficient amount of rest.

Driving into work after a late night out can be difficult, but it’s doubly hard to work effectively from home without an appropriate amount of rest. You don’t have co-workers peering over the cubical wall at you in the office to keep you motivated to do work. You need to self motivate, and doing so when you’re at home can be hard enough when you’re not dragging your butt around the house.

One thing that I do is I have a nightly reminder on my phone that goes off 30 minutes before I should be in bed. This gives me sufficient time to turn down for the night to get a full night’s sleep.

In Closing

There are tons of other things that you can do as a company to make the transition to work from home a lot easier. It might be something I can perhaps share in the future. But in the meantime, I hope you find this advice to be valuable. If you have questions, feel free to comment below. And stay safe and healthy!

Generating Azure Storage Tokens On the Fly With PowerShell

As I talked about in last week’s blog post, it’s important to ensure that files that you store in blob are secure from public eyes. But how do you allow your automation to access them when needed? That’s where a Shared Access Signature (SAS) token comes into play.

A SAS token is essentially an authorized URI that grants the person or object using it rights to access the object that you are otherwise concealing from the world. You can specify the amount of time that the URI is valid for; the protocol that is allowed; and the specific permissions to the object (read, write, delete). Once the time has elapsed, the URI is no longer valid and the object is not accessible.

Let me show you how this works!

After we’ve logged into Azure and set the appropriate subscription context, We need to get the resource group and storage account that our blob object lives in:

PS BlogScripts:> $StorageAccount = Get-AzureRmStorageAccount -ResourceGroupName 'nrdcfgstore' -Name 'nrdcfgstoreacct'

Once you’ve got your storage account, we can then acquire the storage account key, like we did in our last blog.


$StorageKey = (Get-AzureRmStorageAccountKey -ResourceGroupName $StorageAccount.ResourceGroupName -Name $StorageAccount.StorageAccountName)[0]

And then once we have our key, we can get the storage context and access our container:


$StorContext = New-AzureStorageContext -StorageAccountName $StorageAccount.StorageAccountName -StorageAccountKey $StorageKey.Value$Containers = Get-AzureStorageContainer -Context $StorContext -Name 'json'

And now we can get our object inside of the container:

 $TargetObject = (Get-AzureStorageBlob -Container $Containers.Name -Context $StorContext).where({$PSItem.Name -eq 'AzureDSCDeploy.json'})

And finally, we can get our SAS Token URI. Note, that I’m using HTTPSOnly for the protocol, r (Read-Only) for the permission, setting an immediate start time, and then limiting the time allowed for one hour with the ExpiryTime parameter. This ensures that the object will only be accessible for an hour after the command is run via HTTPS.


$SASToken = New-AzureStorageBlobSASToken -Container $Containers.Name -Blob $TargetObject.Name -Context $StorContext -Protocol 'HttpsOnly' -Permission r -StartTime (Get-Date) -ExpiryTime (Get-Date).AddHours(1) -FullUri

So by comparison, if I tried to access the direct URL of the object, this is what I’ll get:

However, with my SAS Token URL, I can successfully read the file:

And we’re done!

“So where is this useful in automation?” you may ask. Well I’ll be showing you exactly how next week when we take the code that we’ve built for the last couple of weeks and use it to deploy an Azure template via Azure automation.

See you then!

Managing Azure Blob Containers and Content with PowerShell

I do a lot of work in Azure with writing and testing ARM templates.  Oftentimes I deal with a lot of parameters that need to access resources existing in Azure.  Things such as Azure Automation Credentials, KeyVault objects, etc.  To streamline my testing process, I’ll often create an Azure runbook to run the deployment template, pulling in the necessary objects as they’re needed.

Of course, this requires putting the template in a place that’s secure, and that Azure Automation can easily get to it.  This means uploading my templates to a location, and then creating a secure method of access.  This week, I’ll show you how to do the former process – with the latter coming next week.  Then later on, I’ll be walking you through how to create a runbook to access these resources and do your own test deployments!

First, let’s log in to our AzureRM instance in PowerShell and select our target subscription.  Once we’re done, we’re going to get our target resource group to play with and the storage account.:

$Subscription = 'LastWordInNerd'
Add-AzureRmAccount
$SubscrObject = Get-AzureRmSubscription -SubscriptionName $Subscription
Set-AzureRmContext -SubscriptionObject $SubscrObject

$ResourceGroupName = 'nrdcfgstore'
$StorageAccountName = 'nrdcfgstoreacct'

$StorAcct = Get-AzureRmStorageAccount -ResourceGroupName $ResourceGroupName -Name $StorageAccountName
 Now that we have our storage account object, we’re going to retrieve the storage account key for use with the classic Azure storage commands.
$StorKey = (Get-AzureRmStorageAccountKey -ResourceGroupName $ModuleStor.ResourceGroupName -Name $ModuleStor.StorageAccountName).where({$PSItem.KeyName -eq 'key1'})

I know it’s not the most intuitive thing to think of, but if you take a look, there are currently no AzureRM cmdlets for accessing blob stores.  What we can do, however, is use the storage key that we’ve retrieved and pass it in to the appropriate Azure commands to get the storage context.  Here’s how:

Let’s go ahead and log in to our Azure classic instance and select the same target subscription.    Once you’re logged in, you can use the New-AzureStorageContext cmdlet and pass the storage key we just retrieved from AzureRM.  This allows us to use the AzureRM storage account in the ASM context.

Add-AzureAccount

$AzureSubscription = ((Get-AzureSubscription).where({$PSItem.SubscriptionName -eq $SubscrObject.Name}))
Select-AzureSubscription -SubscriptionName $AzureSubscription.SubscriptionName -Current

$StorContext = New-AzureStorageContext -StorageAccountName $StorAcct.StorageAccountName -StorageAccountKey $StorKey.Value
Now that we have a usable storage context, let’s create our blob store by using the New-AzureStorageContainer cmdlet with the -Context parameter to get at our storage account:
$ContainerName = 'json'
Try{

$Container=Get-AzureStorageContainer-Name $ContainerName-Context $StorContext-ErrorAction Stop

}

Catch [System.Exception]{

Write-Output ("The requested container doesn't exist. Creating container "+$ContainerName)

$Container=New-AzureStorageContainer-Name $ContainerName-Context $StorContext -Permission Off

}

I decided to write this as a Try/Catch statement so that if the container doesn’t exist, it will go ahead and create one for me.  It works great for implementations where I might be working with a new customer and I forget to configure the storage account to where I need it.  Also, if you notice, I’ve set the Public Access to Private by setting the Permission parameter to Off.  Once again, a little counter-intuitive.

Now, if our script created the blob, we’ll be able to look at the storage account in the portal we’ll see that our container is available:

But we’ve also captured the object on creation, which you can see here:

So now that we have our container, all we have to do is select our target and upload the file:

$FilesToUpload = Get-ChildItem -Path .\ -Filter *.json
ForEach ($File in $FilesToUpload){

Set-AzureStorageBlobContent-Context $StorContext-Container $Container.Name-File $File.FullName-Force -Verbose

}

And we get the following return:

Now that we’ve uploaded our JSON template to a blob store, we can use it in automation.  But first, we’ll need to be able to generate Shared Access Signature (SAS) Tokens on the fly for our automation to securely access the file.  Which is what we’ll be talking about next week!

You can find the script for this discussion on my GitHub.

New Year’s Resolutions and Why They’re Horrible

I was chatting with my personal trainer a couple of days ago and noted how I was surprised that the gym was so empty the day after the biggest resolution making day of the year. He noted to me that a lot of people take this week off, but the next week was going to be overloaded. Fortunately, I’m booked in my time slot for a couple of months out, but it got me thinking about New Year’s resolutions and why they’re such a bad idea.

Everybody does it. At some point in your life you’re going to make some kind of resolution to quit smoking or lose weight or something that feels like a lofty goal. You might go to the gym, or pick up a pack of nicotine gum, do it for a few days. Most often, you have a bad day and pick up a pack of cigarettes, or come home super tired and decide you’ll skip the gym for a day, and then settle into your bad routines again.

I’m not chastising anyone for doing this because I’ve been there. I’ve done it. But if you’ll humour me for a few thousand words, I can share with you what I’ve done, and maybe it’ll help you stick to a program. Programming being the key word.

Routines Are Hard, Horrible, and Necessary

Humans are creatures of routine, not habit. Interrupt our routines and we might as well be wearing a blue screen of death on our foreheads. We can have a small panic attack if our routine has been interrupted. Habits are things that we do in our established routine. Habits can be exceptionally easy for usto pick up, but are also easy to change.

Why do we eat too much food, or things that are bad for us? Habit. When are you eating the food? That’s routine. Why do we have to have that coffee at exactly 9AM with a particular co-worker? Routine. Why do we need to have a cigarette at a certain time of day? Routine.

Are you seeing my point here?

How do we change this? Change the habit, but keep the routine. How? Well this is a longer answer.

Smoking

I used to smoke about three packs of cigarettes a day back in my aircraft mechanic days. Back then, of course, smoking laws were a little bit more lax, and so were our managers. As long as we weren’t having a smoke while we were leaning on a bottle of oxygen, or while refueling a plane, our supervisors didn’t really care. If we could work and smoke at the same time and not blow anything up, we were golden.

Times changed and I started working in the office, but I still had the habit. I’d sneak out between meetings for a quick smoke. Feed the beast, and get right back to work. I quit when I got married, a thing by necessity, but I still quietly yearned for a cigarette, having one occasionally during a night of drinking. When I separated, the first thing I did was head to the local store and pick up a pack of smokes. The habit restarted.

When I started dating again, this of course became problematic. The musky smell of burnt tobacco apparently has the same appeal to someone in their late 30’s as Axe Body Spray. I knew from my previous experience that I couldn’t just quit cold turkey. I needed an alternative. So I took up vaping.

There’s a lot of conflicting information out there about it, and I highly encourage you to read on what you can. I’m not here to push my opinion on what study is valid and what the news is saying. What we can all agree on is this – if you’re smoking, you are doing irreparable harm to your body. My take is essentially this: If you’re going to kill yourself slowly, you might as well at least smell better doing it.

If you decide that it’s time to put away the cigarettes, then vaping is a good way to go about doing it. Why? Because you’re replacing the habit while keeping the same routine. I went to a vape shop and consulted with a sales rep. Told them what my daily habits were and they recommended a nicotine strength. That was about four years ago.

Now? I still vape, but I don’t use nicotine in my liquids. It was a long road of whittling it down, but I was able to get to zero. I still vape out of habit and have my routine set accordingly, but at least I’ve managed to knock at least one (and probably a ton more) toxins out of my body and smell a lot more appealing to my partner.

Truth be told, I feel a lot better doing it too. I don’t cough up a lung full of greenish, brownish stuff first thing in the morning while I shower. I can take a brisk jog up a flight of stairs without wishing I was dead at the top. Overall, I would call that a win. I actually find myself vaping less now that I work almost exclusively from home too, but that’s a blog for another time.

Weight Loss

Listen, I know what it’s like to gain massive amounts of weight. Let me share with you a little graphic of my journey.

Drastic, eh? In high school I was about 165, and while I wore a lot of loose fitting clothing, I was pretty well built. At my worst, I had ballooned up to 280 lbs. And that picture of me on the far right is right about where I’m at now. Probably about 15lbs heavier actually than my current weight. I’m at about 197 right now, and I fully intend on getting to 165 with the final goal of settling on about 185.

I can make excuses all day long about why I got so heavy, but none of it matters. What does matter is that I was that size, and I hate it. Hate is actually a very powerful motivator in fact. So what did I do about it? I changed the habit, but kept my routine. I added some things, like tools to the mix to help track and fix what I was doing. But more importantly I fixed what I was putting in my body. So what did I do?

  • Before you diet, get an app.
    • I use an app called Lose It! (#NoSponsor #NotAnAd). At first, I just used it to track what I was eating and more importantly, how many calories I was taking in. There are a lot of apps that will have assigned calories for foods, including dishes you get at major restaurants. The app I use can actually read barcodes and let you set the serving size you consumed.
  • Get the 2500 calorie “recommendation” out of your mind.
    • Everyone is different. Every body is different. Even if you’re taking in 2500 calories a day, can still gain weight, or maintain an overweight state. If you’re in an office job, more than likely you aren’t moving around very much and therefore aren’t burning the calories. After you’ve tracked your diet in the app for a couple of weeks,
    • Talk to your doctor about what an appropriate amount of weight loss per week looks like. They might direct you to a dietitian. That’s fine, go with it. With your data in hand and a plan, you can appropriately set the amount of calories per week a healthy weight loss will be.
    • Example – I used to sit on my butt all day at a desk and not moving around. Furthermore, my caloric intake was closer to 3000 calories a day. My doctor and I were able to plot out my caloric intake needed to maintain a weight of 185 lbs. And then figure out what would be needed to lose a pound a week from that point. Have doubts on the process? Refer to picture above.
  • Don’t set a weekly loss goal – set an overall goal. Make it a year or two out.
    • You are going to lose a ton of weight fast – in the beginning. As you lose the fat, and your caloric intake starts to line up closer to what you should be getting at your target weight, you’ll taper off. That’s fine as long as you’re losing it. If you set too aggressive you won’t follow it.
  • If you have a spouse/family, get their support and participation.
    • This is going to be crucial. If you have family members that insist on keeping things like cookies, candy, or ice cream in the kitchen, it’s going to be that much harder on you.
  • Go to the fridge and throw everything out.
    • Seriously. Having food available to eat means you’re going to eat it. Consider going grocery shopping twice or three times a week. I realize this is an addition to the routine, but having a large mass of food at the beginning of the week means you’ll have more temptations to snack on when you do. Maintaining a lower amount of food in the fridge with fewer snacking options goes a long way to keeping your hands off.
    • I’m single, so this makes things exceptionally easy. I only have a few meals worth of food at a given time. I actually caught myself just last night getting up and rummaging through the cupboards looking for something to munch on. I was a little unhappy last night that I didn’t, but much happier this morning when I weighed in.
    • You can also replace certain foods with other lower calorie options. There are ice creams out there now where you can eat the entire pint and it’s only about 340 calories. I myself enjoy a nice Cherry Coke Zero on occasion. We can talk about aspartame later. If something sweet is in your routine, replace it with that.
  • Get a scale. Weigh in twice a week.
    • Weighing in daily is also going to frustrate you. Some days you might lose a pound, others you’ll gain a half a pound. Let the averages take over. Also, weigh in first thing in the morning before you take a shower or consume anything.

Going to the Gym

Everybody talks about going to the gym. Truth be told, I’m one of those people. Why doesn’t it work? It’s because it introduces a major impact to our daily routines. Taking an hour or two a day to go someplace new and do more work can create a lot of stress in our lives. Moreover, humans work better in daily routines, and who has time for that noise?

If you’re going to make the commitment, you need to put a carrot on it. I did with a personal trainer. Paying to have someone yell at you if you don’t show up for your scheduled workout might sound dumb, but it works – and a good personal trainer will do exactly that. They’re being paid not just to show you how the machines work and what routines you should be doing; but they are also there to encourage you, and help you establish your routine.

So how did I get started? Here goes.

  • Find the right time.
    • I am not a nice person at 4AM. So getting up that early to workout doesn’t work for me. Likewise, at the end of the day, I sometimes just want to be a vegetable. Since I’ve started working from home exclusively, I’ve scheduled a time in the middle of the day to head to my local gym and workout with a personal trainer. It provides a good break between tasks in my day, helps me clear my head, and prepares me for my afternoon work. If you have the flexibility to do this, I highly recommend it.
  • Pay the money for a personal trainer.
    • Yes, there’s a cost to that. But having someone to call you up and yell at you can be beneficial. If you can’t afford to have a trainer long term, at least get a short term package deal. They can at least get you started on the right path to do what you need to.
  • Go every day.
    • You don’t have to lift every day. As a matter of fact, a lot of trainers will tell you to do your training two or three times a week. On the off days, go to the gym and get on a bike or an elliptical or something to solidify the gym as a daily routine. If you’re skipping days, it’s way too easy to just stop going.

Again, these are things that worked for me. Your body is different. You have different needs. The important thing is that you recognize that habits can be changed far easier when you maintain your established routine. Experiment!

New Year’s resolutions aren’t important, and most oftentimes are made with quite a bit of cynicism. If you really want to change, you need to plan, and that’s probably best done without consuming mass quantities of alcohol first.

Trust, Expectations, and Working From Home

More and more these days, I’ve been seeing some interesting conversations on social media outlets such as LinkedIn regarding work from home policies. Oftentimes these conversations are in reaction to shared articles such as this one from Forbes, or this article from Inc.

I’m a very big proponent of the work from home model for a myriad of reasons, many of which are covered in the aforementioned articles, so feel free to read through them. But right now, I’m much more interested in talking about a particular reaction to these posts that I see quite frequently regarding trust. Most of the comments I’ve seen can be boiled down to this:

“How can I trust that my employee is doing their job if I can’t see them?”

Trust vs. Expectations

Trust is almost analogous to faith. I trust that my best friend won’t get a pile of speeding tickets or in an accident if they borrow my car. I trust that my partner won’t go blabbering about my private comments to our friends.

Why do I trust them in this? Because we’ve built a rapport over time and built a relationship that establishes this trust. I have no real evidence that they won’t do those bad things, but because I’ve known them for a period of time, I can have faith that they won’t do them.

It’s understandable, as creatures who rely on positive interpersonal relationships, that we want to trust the people that we work with or for. Trust is part of what makes a good team. And a trust that is broken between co-workers can have serious effects on providing a good product to customers – both internally and externally. But when we hire someone to a position, it isn’t because we trust that they’re a good worker – we hire them because we expect that they can do a particular job.

I expect a co-worker will perform the tasks that are assigned to them, regardless if they work above, below, or alongside me in the reporting structure. Likewise, I have tasks that I need to perform, and my co-workers expect that I will accomplish what is necessary to achieve the end goal.

So the question you should ask yourself is simply, “does the person in question meet the required demands within the deadline assigned?” If the answer is yes, then the question of whether or not you ‘trust’ an employee becomes moot. They do the job.

Another comment that I frequently see is, “I’m worried that my employee is going to spend the majority of their day playing Xbox or PlayStation and not actually working!” This one actually makes me giggle a little bit inside for a few reasons.

First, if you’re employee is meeting your expectations of delivering quality work in the time allotted, then why is this a question? Second, if it takes them two hours out of the day to accomplish the work, and they’re playing their preferred gaming console for the other six, then you are failing to leverage your assets effectively. The only difference is that if you are doing so with them in the office, they’ll replace video games with Facebook or something else they can do from their computer.

The Solution Is Easy and Manageable

Any good manager should understand, at least fundamentally, what their employee’s job is and what they need to do to get the job done. With this information in hand, you can not only set those expectations, you can measure the results.

Those expectations should include how much time the employee expects that the work will take to accomplish. If those tasks aren’t filling out their 40 hours, then you can assign additional tasks. If you don’t have any tasks to assign, there should be no problem in allowing the employee some idle time – in or out of the office – to allow them to blow off some steam. If something comes up and that employee has the idle time, then you have flexibility in your team to accomplish those unforeseen tasks and avoid overtime.

Pure, plain, and simple. You don’t trust an employee to do a job; you expect them to. If your employee isn’t meeting those expectations, then that’s a problem that can be solved by coaching, education, or dismissal. Where they work from isn’t important – it’s whether or not they get the job done that does.

Four Roadblocks To ‘Technical’ Challenges in Agile/DevOps

I do a lot of work in automation, and oftentimes we run into roadblocks to getting all of the tasks into an automation pipeline.  A lot of the time, when going over automation steps for a project, I’ll hear people say things like, “Well you can’t do that,” or, “That’s just not possible”, and unfortunately, a lot of people take those reactions as gospel and stop going down the path without asking the most important question: “Why?”

I could recount numerous stories where I ran into blockers that were absolutely able to be overcome, but because an organization has simply “always done it this way” they were not inclined to go any further down the road to make a change.  Usually, these blockers can be throw into one of four buckets – Technology, Process, Legal, or People.  Once you know what bucket it goes in, it becomes easier to decide what’s needed to approach the problem, make a recommendation, and get it resolved.

Technology

Technology problems are, in reality, oftentimes not the root problem.  When it is, it’s usually because the application doesn’t support the methods and goals that you’re trying to achieve.

Say for instance, you’re attempting to automate the process to create a virtual machine.  And the network team issues static IP addresses and logs what is being used in a spreadsheet.  Or, you’re attempting to automate the process for onboarding new employees, but the HR department is using an antiquated system for how they track new employees and who they work for and isn’t designed to be integrated with any other application.

These are technology problems which are relatively easy to fix.  You can use existing technologies like a database to track these things, or you can get dedicated modern applications that integrate with other platforms to be able to accomplish tasks.

Really, the biggest challenge to a technology problem is whether or not your organization is willing to make an investment towards the change.  This investment may be monetary, and if it is, that can be solved with buy-in from management and budgeting.  The other investment is putting in the effort to get the work done – in either case this stops becoming a technology problem and it becomes a people problem.  More on that later.

Process

Just about every company runs into this one.  I once worked with a company that had a 27 day SLA to deploy a single virtual machine.  27 days!  When my partner and I got a hold of the process flow, a lot of it was manual process and approvals of all of the different organizations involved.  When we laid out what could be automated, we were able to boil that process down with automated checks and balances that could get the same amount of work done within a few hours.

The problem, however, was that the documented processes and procedures that the company had been beholden to required that the manager of each organization manually sign off on the approval.  When those processes were challenged, none of the stakeholders were willing to champion an effort to drive the changes necessary.

Bart Schlatmann, former COO of ING Nederland I think put it best when he said, “Agility is about flexibility and the ability of an organization to rapidly adapt and steer itself in a new direction. It’s about minimizing handovers and bureaucracy, and empowering people.

You are as agile as your most rigid process.

Legal

Legal challenges don’t often come up, but when they do, they often can be solvable.  The most frequent I’ve seen is with open-source licensing.  Oftentimes, organizations will just issue a blanket “no” across the board for open-source software.  This is a mistake.

Yes.  Understand the licenses involved for using open-source.  Yes.  Ensure your company is reasonably covered when using it.  But if you are taking open-source entirely off the table for use, you’re hamstringing yourself and your initiatives.  No one moves to innovate and improve product faster than the open community.

For anything outside of that, the important thing to remember is to ask questions.  Understand the legal issues at hand.  Most importantly, understand what would be needed to stay within the legal lanes and still get the job done.

People

The most common, and the hardest to solve.  For the most part, people can be innovative, creative, and passionate about their work.  But they can also be territorial, stubborn, and unyielding to change.

Everyone should recognize this; not only of their peers, but of themselves as well.  Change is scary.  Habits are hard to break.  And when someone requests a change to something that you’ve worked so hard to build, it can be easy to say no.  Recognizing this in yourself is equally important as recognizing it in your peers.  Instead of a knee-jerk reaction, take a moment.  Think about the reasoning for the change and ask questions.  Understand the problem that the requester is trying to solve.

Perspective is valuable.  It’s based on our experiences, and thus everyone has a different take on things.  All perspectives are equally important.

People that are willing to embrace innovation and change are the ones who will enable an organization to move forward.  Those who fear change, and refuse to challenge their own ideals become anchors.  They will slow a company down, if not bring it to a grinding halt in terms of progress.

In this day and age of disruptors who surpass industry juggernauts in market share and value, it’s important to understand and evaluate the challenges you have to move your organization forward.  Keep your company flexible and adaptable to change.  Understand processes that are holding you back and adopt new ones to address the same risks but allow you to move forward.  Evaluate your people.  Coach them to ask questions of themselves as much as their peers, and reallocate those who are unwilling to adapt.

Finally, ask questions.  Don’t take ‘no’, or ‘we can’t do that’ as the final word.  Challenge the response with a question.  Understand the reasoning behind the response.  ‘No’ isn’t a solution.  It’s a roadblock.  Anything is solvable.  But you need to understand the why before you can get to how.

Three Things That Make a Good Technical Candidate

I have this conversation a lot with managers and colleagues in the industry.  It usually starts with, “what do you look for in a candidate when you’re doing an interview?”

Oftentimes, I’ll hear people talk about how their company only hires people with college degrees, or that they look for the number of certifications that the candidate has.  Usually when I hear these two things, the first thing I do is sigh.  While I will never beget someone for taking the time, effort, and financial expense to acquire a college or university degree, it also doesn’t necessarily give them the technical know-how to perform the kind of work we do.  Nor do certifications necessarily reflect technical knowledge.  Most certification exams that I’ve seen don’t actually test your practical knowledge of how something works, but rather your ability to memorize a book.

When I was going for my aircraft mechanic certifications, I was tested on three areas – General, Airframe, and PowerPlant.  Each area required three exams; an oral (spoken), practical, and written test.  Nine exams altogether.  The first thing we learned in mechanics’ school was that when we received these certifications, the only thing that we were really certified to do was learn how to do our job.  Until I gained enough experience performing tasks with someone inspecting my work each step of the way, there was no way I was certified to return an aircraft to service.

The same really goes in our industry.  I am sure as hell not going to turn some person fresh out of school loose on my production environment and simply trust them to do work.  So what really matters is their experience in the field, not the schooling.  But what really makes an exceptional candidate can be boiled down to three things – Critical Thinking Skills, Initiative, and Enthusiasm.

Critical Thinking Skills

When I’m interviewing a candidate for a position, I’m not barraging them with questions to troubleshoot some obscure issue.  That’s just uncomfortable for both you and the candidate.  What I do is give them a scenario and ask them to think the process through to the logical conclusion.

What’s the difference you may ask?

Troubleshooting scenarios usually consist of a lot of back and forth with the interviewer saying, “Okay, that didn’t work.  What next?” and then the candidate following up with next step questions.  It’s annoying and uncomfortable.  Often, this line of questioning devolves into a power struggle between the interviewer and candidate.  Stop it.

Instead, give them a problem scenario and ask them what they would do to investigate it.  Question them on why they chose the particular path they did.  Find out the reasoning behind it.  I want someone that can think about the task logically and follow the thread to it’s conclusion.  Ultimately, we are all going to run into issues that are going to be beyond our experience, and following a checklist isn’t going to help.  I need someone that will work methodically and logically and outside of the box.

Initiative

This is where the troubleshooting scenario also tends to fall short.  Oftentimes it follows a scripted, linear scenario.  This only proves that the person I’m interviewing is going to follow a scripted, linear process.  On top of being boring, it doesn’t help in those real-world scenarios that aren’t documented.

Don’t ask, about some obscure error code with the expectation that they’re going to blurt out what it means.  Ask them about situations that will show how they will go about finding the information.  A very basic question that usually weeds out a lot of candidates for me is, “If you’re looking through a co-workers code and you see a PowerShell command that you’re not familiar with, how would you find out what it does and how it works?”

I actually had a guy tell me that he would just run the code.  Awesome.  I want you looking at stuff in my production environment.

On the other side of the coin, I was once given a scenario question where I received an error in SCCM, and they asked me what log file I would look in to investigate.

Dude, really?  Do you even know how many log files are in an SCCM server depending on the role?

When I told him that I’d look up the error online first to nail down which log to look at, he wasn’t impressed with my answer, and I wasn’t really impressed with his response.

Enthusiasm (Willingness to Learn and Share)

Finally, enthusiasm.  You don’t want someone who’s going to come and and just do a job.  Our industry is changing every day and it affects every aspect of what we do.  There are going to be new technologies and challenges.  Our way of approaching problems is changing as we implement new things.  You want someone who’s always looking to the next thing, learns something new, and shares it with their team.

Ultimately, if they aren’t willing to learn something new and share it with others, they are going to slowly become a liability that holds the organization back from growing.  If they can’t go beyond a script to troubleshoot a problem, I can’t rely on that candidate to handle an issue that isn’t documented.  And finally, if the candidate can’t think logically, I can’t trust them to make the right decisions based on the available data to get the job done.

What’s In An Azure Subscription ID?

“Can I be hacked if someone has my Azure Subscription ID?”

“Is my Azure Subscription ID the key to the kingdom?”

I’ve had this conversation a number of times with colleagues and clients alike.  What is this ID that Azure assigns to your account, and can it be leveraged to gain access to your subscription?  Not really.  So let’s take a look at what an Azure Subscription ID is, how it works, and how it should be handled.

An Azure Subscription ID is a GUID – a globally unique identifier – that identifies your subscription and the underlying services.  When someone hears this, they immediately think of it in the same regard as a user account, but it’s really not.  What it is, is directions to a container of the services that you want to access, if you have the permissions to do so.  In order to access a particular subscription ID, you need to do the following:

  • Be authenticated to Azure (through the portal, CLI, or PowerShell).
  • Have your Microsoft Azure or Active Directory ID assigned the permissions to view the subscription ID.

Let’s test this.

Here’s a subscription ID for you to play with:

$UnknownID = 'f2007bbf-f802-4a47-9336-cf7c6b89b378'

Looks pretty unassuming.  So I’m going to see if I can look at the properties of this subscriptionID without authenticating to Azure.

PS C:\WINDOWS\system32> $UnknownID = 'f2007bbf-f802-4a47-9336-cf7c6b89b378'

PS C:\WINDOWS\system32> Get-AzureRmSubscription -SubscriptionId $UnknownID
Get-AzureRmSubscription : Run Login-AzureRmAccount to login.
At line:1 char:1
+ Get-AzureRmSubscription -SubscriptionId $UnknownID
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Get-AzureRmSubscription], PSInvalidOperationException
    + FullyQualifiedErrorId : InvalidOperation,Microsoft.Azure.Commands.Profile.GetAzureRMSubscriptionCommand
 

PS C:\WINDOWS\system32>

Well…that gave me bupkus.  So let’s authenticate and try again.

PS C:\WINDOWS\system32> Get-AzureRmSubscription -SubscriptionId $UnknownID
Get-AzureRmSubscription : Subscription f2007bbf-f802-4a47-9336-cf7c6b89b378 was not found in tenant . Please verify 
that the subscription exists in this tenant.
At line:1 char:1
+ Get-AzureRmSubscription -SubscriptionId $UnknownID
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : CloseError: (:) [Get-AzureRmSubscription], PSArgumentException
    + FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.GetAzureRMSubscriptionCommand
 

PS C:\WINDOWS\system32>

So I log into Azure, and try again to resolve the SubscriptionID to the tenants that I have access to, and it returns an error stating that there is no such subscription in my tenant.  So by means of leveraging both unauthenticated and authenticated means, I cannot see any information pertinent to this SubscriptionID.

So, let’s try using our preferred internet search provider.  Which, if you’ve tried this, you’ll actually get search hits because this is my subscriptionID – one that I use for just about all of my Azure examples.  However, you’ll find that the only thing that comes up are links to my articles.  There is nothing from an Azure standpoint that is publicly available when searching for this ID.  Even publicly available blob URIs.

Shameless plug: Read my articles. I put a lot of love into those.

So what have we figured out so far?

  • No information in Azure that is tied to your SubscriptionID is made publicly available by search.
  • No information in Azure that is tied to any SubscriptionID is made available unauthenticated.
  • No information in Azure that is tied to a SubscriptionID is made available to you if you are authenticated with an account that does not have permissions to view that SubscriptionID.

So what do we need?  User creds.  If you have access to a user credential that has admin rights to a subscription (or multiple subscriptions), you don’t even need the SubscriptionID.

PS C:\WINDOWS\system32> Get-AzureRmSubscription


Name     : ProdSub
Id       : 1a8c783b-3317-4535-8f12-5066eec9094c
TenantId : 1f9d2d05-2bef-4f58-8f74-697e76e704db
State    : Enabled

Name     : LastWordInNerd
Id       : f2007bbf-f802-4a47-9336-cf7c6b89b378
TenantId : 96b32bac-743d-49bb-adff-7552b2d86956
State    : Enabled
<span data-mce-type="bookmark" style="display: inline-block; width: 0px; overflow: hidden; line-height: 0;" class="mce_SELRES_start"></span>

Notice that after I authenticated to Azure, I was able to use the Get-AzureRmSubscription command to get the entire list of subscriptions that I have access to.  I have the metaphorical keys to the castle, or multiple castles, if I have the admin credentials.  After I have those credentials, I use the subscriptionID (of which I now have) to put myself into the context of the Azure Subscription.  I’m telling Azure, “I want to work in THIS subscription,” and it takes me there.

What you really need to protect are your credentials.  This can easily be handled with multi-factor authentication.  Use it.  At the very least, privileged accounts should have this enabled by default.  According to a 2017 Verizon Data Breach Investigations Report, 81% of hacking-related breaches leveraged either stolen and/or weak passwords.

If you haven’t enabled multi-factor authentication in your environment yet, and you’ve already gone to (or are planning on going to) the cloud, a subscription ID is the least of your concerns.

NASA, SpaceX, and Showmanship

Tuesday marked the maiden voyage of SpaceX’s Falcon Heavy.  Their heavy lift rocket system to compete with the United Launch Alliance’s Delta IV Heavy and Vulcan, Blue Origin’s New Glenn, and NASA’s upcoming Orion replacement – the Space Launch System.  The launch went off with tons of fanfare as millions of viewers hopped online to catch the live stream as Elon Musk’s company fired 27 engines across three boosters to launch his little red Tesla Roadster on an orbit that will cross the orbit of Mars.

Elon Musk just shot a car into space out towards Mars.  With a mannequin in the driver’s seat wearing a production model of SpaceX’s space suit, and the radio blaring David Bowie’s Space Oddity on repeat in the vacuum of space.  Oh, and two words displayed on the radio: “Don’t Panic!”

That’s an attention grabber, and NASA could learn a lot from what SpaceX does to keep the attention of the public.  I’m not saying that NASA needs to partner with a car company and start filling the solar system with an automotive museum.  But aside from the occasional two minute blip on the news, what do we really hear about them?

NASA does some amazing things, and they’ve managed to swipe a few headlines here and there.  NASA has been delivering some gorgeous photos of Jupiter a la Juno.  But it hasn’t really seemed to resonate with the public like a SpaceX launch.

Just about every single flight of the Falcon series of rockets draws a massive audience to their online webcasts.  Whether they’re deploying a Korean Communications Satellite or a Top Secret government satellite that may or may not have failed in flight, SpaceX gets hundreds of thousands (if not millions) of views on every launch.  Their lowest viewed video of the last year appears to be the EchoStar XXIII Technical Webcast at 111,000 views, while NASA has only had 21 of their 300 videos in the last year exceed that number.

So what is NASA’s problem?  Well…it really boils down to showmanship.  If you can put on a show – make a spectacle of your accomplishment – you can capture an audience.  But to do that, you need a critical component that NASA sorely lacks; people.

Elon Musk has become almost a household name alongside that of Bill Gates and Steve Jobs.  He’s in the forefront of every major piece of news that comes out about SpaceX and Tesla.  He gets peoples’ attention with crazy stunts like shooting his car into space, or taking pre-orders for personal flame throwers, and people are loving it!  There is even a weekly YouTube show dedicated to all things Elon Musk.

Seriously. This.

Astronauts Scott Kelly and Chris Hadfield did amazing work for NASA from this perspective.  Their regular interactions on social media while they were on the International Space Station kept the attention of the masses by interacting with people on Earth.  Hadfield’s Space Oddity video alone has grabbed over 38 million views on YouTube.  And Kelly’s comedic skit on the ISS with an ape suit grabbed quite a few headlines.  But stunts like these don’t seem to happen very often with NASA, and I think it really hurts them in the public eye.

NASA has always struggled with keeping the attention of the public when things become ‘routine’.  It’s well documented that the live broadcasts from Apollo 13 (prior to the emergency) weren’t being aired because spaceflight had become boring to the public.  The same thing happened with the Space Shuttle.  Granted, their publicity stunt in 1986 ended in tragedy, but had they figured out how to keep the attention of the public in the first place, I wonder if Challenger would have actually been flown that day.  NASA had been under intense pressure to get a highly publicized flight off the ground after a number of delays.  If they already had a level of attention and interest from the public that they were seeking with this flight, you have to wonder if they might have leaned more towards safety and prudence.

SpaceX’s showmanship isn’t limited to Elon Musk alone.  Watch their webcasts.  They have an opening montage with cool music.  Announcers (plural) keeping you informed of what’s going on with the rocket, and how it works (in layman’s terms).  At launch, you can hear the crowd at SpaceX’s mission control cheering at every stage of flight.  Hey, the employee cheering may or may not be staged, but it keeps you engaged and on the edge of your seat!

With NASA, you got a wide shot of the rocket and absolute silence with the exception of the occasional communications callout.  And maybe a monotone voice explaining the dry details of what was going on or what would happen next.

NASA needs to get people engaged consistently.  They need to establish familiar personalities that interact with the public on a regular basis.  I would go so far as to say that Destin Sandlin of Smarter Every Day would be perfect for the job.  He’s personable, understands the underlying science to a lot of things related to spaceflight (because he works in the industry), and knows how to keep people engaged.  If you stuck him in orbit on station for a year, you would have an audience.  Keep him at mission control after that, or maybe vlogging about some of the cool experiments and projects that NASA is working on, and you’d have engagement well beyond that.

SpaceX is making huge strides in innovating the aerospace industry and they’re taking the public along for the ride – quite literally.  NASA needs to figure out what it wants to do.  They’re going to have to eventually choose to either leave the innovation and spaceflight to organizations like SpaceX or Blue Origin and become a regulating agency; or they’re going to have to really start working on their audience problem and find some people to bring some personality to their mission.  If they don’t, I fear that Congress will eventually make the decision by budget.

If you didn’t catch the maiden voyage of SpaceX’s Falcon Heavy rocket, you missed out on quite a show.  Fortunately, you can catch the recording here:

Conceptualizing Objects In PowerShell

So during a break at the Metro Detroit PowerShell User Group‘s (#MetDetPSUG – thanks to @JMathews87 for thinking that one up!) second session of PowerShell Basics, I was having a discussion with my buddy Sean (@harperse) to help some of our members conceptualize how objects work and behave in the pipeline.

This, arguably, is one of the toughest concepts to teach someone who’s been working with ‘prayer-based parsing’ command line environments.  I myself had a hard time finding the switch in my mind to stop looking at just what was being handed to me on the screen, and realizing how an object and it’s properties change as it flows from one cmdlet to another.  But once that switch was flipped, PowerShell stopped being a basic scripting tool to me, and became something far more powerful.

So we came up with an analogy, and presented it to the class.  Once I was done presenting it, I could see the light bulbs going off in the room.  So I present it to you:

Pretend you're grabbing an apple from a bushel.  We'll call that Get-Apple.  
The apple we have is a tangible object.  This object, type: Apple, has properties.

-Color
-Texture
-Taste
-Shape

Just to name a few.  Now, the Apple object also has Methods:

-Eat
-Peel
-Slice
-Throw (That was Sean's idea.  I think he was implying something. :) )

So we take the Apple object and we run it through a press (Get-Apple | Press-Apple).  
The output object we get is Juice.  Now this new object may have some of the same 
property types as the original object, but the may have different values.  It may 
also have some new properties and methods as well.  For instance, you could use the 
method Drink with the object Juice, where you couldn't drink an Apple object.

So what do you think?  An appropriate analogy?  I’d love to hear some thoughts on this.