Discussion on:

10 things I've learned from working in IT

Had plenty of hot fixes from Redmond do great and terrible things to their own OS, services and client software (I'm looking at you Office/Exchange/IIS)!

I would proffer the following -

2a - the fewer services you lay on any OS the more stable it is.

No matter what anti-virus one uses, it certainly is just a matter of time before their machine becomes infected (item #3). Without a proper backup (item #5), your data is quite possibly lost for good. Seems that most folks (and businesses) feel that the right approach is to gamble with their data. The "so far, so good" approach. With the recent news of many companies having been hacked and their data compromised such as Linkedin, and that gaming company, Blizzard, for example, I'd think people would sit up and take notice. Maybe.

... until my PC is infected? I've been waiting about 19 years now for this "inevitability" and it still hasn't occurred.

With this attitude, "for how long". Welcome to an unknown unknown.

Research suggests about 80% of Windows machines are infected.

What percentage of Linux machines would you say are infected? :-D

I run Kubuntu on my work laptop (my business reason is that I need Eclipse, which is happiest in Linux). I run ten different Linux devices at home.

All squeaky-clean, and not just because Linux is a better OS. Social engineering is still a risk, but I've received IT security training, and have passed the good advice on to my wife, who is careful and aware.

The install base for Linux is so small that it is not a prime target plus there probably aren't any reliable numbers since most linux users don't install anti-virus software. So, unless something breaks a linux user wouldn't know they are even infected.

Bill

And didn't he say in #7 "The Linux platform is still hindered by FUD"? I guess you must be one of those perpetratiors, or you're simply one of those reicked into believing that long trotted-out piece of FUD. Linux is secure because it's *designed* to be secure, while MSWindows is hackable because it's designed to be hackable.

I like Linux and use it quite a bit, and have done so since the earliest versions of Slackware and Red Hat. Since it's source code is public domain, it is actually les "secure" to a hacker than MS Windows "by design", however there are many very resourceful and well funded groups (mostly foriegn) who are constantly attacking the Windows platform--because that's where most of the most valuable and marketable data can be accessed .

The vast majority of recent exploits in both Windows and Linux have all been the result of insecurities in third-party applications. The difference between Windows and Linux is that the exploits quite often compromise Windows itself, allowing privilege escalation and potential major damage, whereas Linux more often limits damage to the current user's profile and privilege level.

Okay, maybe it is the OS...

What research are you refering to and what does Research suggests . . ." mean? I find it highly unlikely that at any given point in time 80% of Windows computers are infected.

Besides, this article is probably discussing businesses. I know of no business who has been free of malware. Some have very low occurrences, and most of those are innocuous, while others have quite high rates of infection. Those w/ little problems in this regard have the same things in common: Discipline (as in don't surf porn, or download illegally), no admin rights locally, and web content/malware filters in use.

You've been running the same PC for 19 years? I bet that thing is a nice machine.

I'm guessing you've been infected multiple times, you just never knew it.

There are 6 PCs in that timeframe, and none of them have been infected with anything. I have run scans at times to check, and they have been clean.

It's all about how you use the PC.

Duh, you have to plug it into the network.

How did you avoid the blaster worm?
I remember doing a reinstall of windows and my PC was infected the moment I plugged in the network to install updates.

Use an already-patched PC to download the updates for off-line installation.

5th and 10th point are soooo true...

That was a great read, and I agree with you whole-heartedly.

No matter how carefully you plan and how diligently you backup your system, the backup will NOT load!!!

But the time to learn that is when you test your backups BEFORE they are needed.

under VITA they did an audit of agencies. Unfortunately they asked the question "Are you performing backups routinely?" and left it at that. The obvious followup question should have been "Do you routinely restore/test your backups?"

I've seen plenty of "good" backups fail to restore. If you have a business, you should be doing a business continuity test annually. We just had a customer loose an Exchange VM and the restore wasn't pretty, I'm glad someone else worked on that one.

and system recovery scenarios. Been there and got the T-Shirt!

5, 9 and 10 are absolutely true!

I'm still waiting for my desktop to be hacked and/or infected. So far, so good, and it's running Windows!!! Please, stop digging at MS every time you post something unrelated - we all know, you hate MS and you hate Windows and you love Linux. That's OK, but your anti-MS stance needs to ease up a little.

I personally have a strong anti-terrorism stance. Terrorism has proven itself over and over to be evil.

Hey! Small world, Microsoft!

The Boston Tea Party and the most of the US Revolutionary War were continuous acts of terrorism and treason (at least according to King George).

So was Indian independence. The strategy that worked came from this guy.... um... .Ghandi, I think his name was.

So much for absolutes.

It's not bias, it's fact. I've been an IT pro for >15 years and I haven't seen an Internet-connected PC yet that has gone 5 years without getting infected by something. Microsoft's security has improved drastically from Windows 95, but the sheer volume of the market and the speed at which those with nefarious designs can find vulnerabilities (and the slowness with which most companies react) means that there are always going to be threats you are not prepared for. Instead of being a reactionary fan-boy, accept this reality and plan accordingly.

And by-the-way, neither Linux nor Apple are invulnerable either. In the case of Linux, they just have typically have a higher percentage of security-conscious/trained users and administrators.

Linux users tend to be more technical, but Linux really doesn't have an install base so infection numbers are eschewed in my opinion. As for apple, it seems the more popular Mac's are becoming the more vulnerabilities are being found in Mac's which is leading to more infections. Apple also has been slow to respond to some fairly critical bugs which as a windows guy I find kind of funny.

Bill

"Linux users tend to be more technical, but Linux really doesn't have an install base so infection numbers are eschewed in my opinion."

It doesn't have much of an installation base on desktops / laptops / client systems. It's on at least as many back-end servers as Windows, and likely more. Servers also make tastier targets than clients.

Microsoft is the reason that sysadmins no longer have a "Wizard" status in the IT world anymore. They have created more paper sysadmins in the last 15 years that I can slap with an appropriate length of CAT5e cable.

"Oh, you're an MCSE? How cute. Now do something useful. Make mine a Venti White Chocolate Mocha."

I have multiple MCSE's, CCNA/CCDA, and other letters after my name. Pooh-pooh as you like, I run a Public Safety network with 15 or so varied and complex systems, and I've worked on major upgrades for the US Navy and large organizations. These are all top dollar positions, and they ALL specified certifications, especially MS, in their job postings - as do most of the better job opportunities out there today. Earning "paper" can be an empty achievement; it can also teach a person how to dig in, focus, troubleshoot, and research. By the way, a lot of that "edification" stuck - and I've solved some obscure and esoteric problems using what and how I learned. The article is right - keep learning, if you want to stay fluent, flexible, and marketable. I'm prepping to test out, yet again.... only hitch is, I think my brain is almost full...!

11. Companies rarely if ever spend enough time and money to properly QA their product. That is why more often than not their is a 'patch' shortly after release. They depend on the users to 'test' the software and report back the bugs - free labor.

12. Support agents rarely get trained properly or in time to support a product. The companies rely on you, the user, to work with them to provide 'on the job' training as they resolve your issues. That is why often times an agent acts 'stupid' about a product.

13. Companies don't really want to provide support. The regard it as an expense on their balance sheet. That is why they set up 'user forums'. Its call the 'Big Boy' warranty - "your a big boy now; fix it yourself."

14. Often times companies come out with a new version, mostly bug fixes, with a few interface changes, or a couple of 'new' features that should have been included in the first place. Why? To get the customers to pay for the bug fixes.

15. Many companies don't really care if their product works or not just as long as you buy it and they don't get bad publicity or reputation for releasing garbage. If this was not the case why the disclaimers in the license agreements that the product is sold as is; you use it at your own risk; and they are not responsible if any bad happens because you use the product.

16. Some companies rush product out the door when it is not ready for release just to get it out before a competitor does or to improve cash flow.

17. Many companies do not insist that their programmers document their code. So when the programmer leaves the company the staff that is left finds it very difficult if not impossible to fix actual bugs within the code. Instead the write a series of patches to 'fix' the bugs after they occur to make the results look right, since they can't actually fix the problem in the 'core' of the program. One of the reasons programmers do this is to try to make themselves irreplaceable. It doesn't work. Another reason is that companies do not give their programmers enough time to do it. Documentation takes time and time is money.

18. No program is perfect. All programs have bugs.

19. Tier 1 support agents many times work from scripts. They listen to what you say, type key words into a database, and read back to you the results. If you think they have no idea what you are talking about you are correct.

20. They reason for long waits for tech support, other than it costs the company money to hire an adequate number of people, is that if you reach an agent to discuss and fix a problem, most if not all the profit from your purchase is lost. They want you to get tired of waiting and hang up.

I started doing programming and tech support in 1974 and I personally have experienced all of the above as an employee of many major companies.

re: item 17... I've found that most of the time it's due to the reason you stated last... That companies do not give programmers enough time to document properly. Rarely do programmers do this to look 'irreplaceable'. This is especially true when you have a team working on one project.

I have been in IT for 7 years and have yet to see a gray hair on my head.

Of course, that might be due to the fact that I dye it red regularly.

Or it may be my sense of humor that keeps me young.

It is not MS hatred, it is a fact. Windows is not designed for security, period. Look at UAC - the system just cannot figure out who or what pressed a button. Try to turn on the Windows 7 firewall. I mean turn it on in real and not marketing terms, rejecting outgoing connections, and see for yourself if Windows can be both secure a usable.

Win32 cannot be secure even in theory and Microsoft finally accepted that. WinRT can be as secure as Linux, theoretically. Being secure means that when compromised the damage is limited.

Windows is a very secure environment. The big difference is that under Unix/Linux you setup user accounts and restrictions and then leave root-account alone. Windows gives you a machine with root-account and everyone behinds the system is administrator because majority doesnt serve out user-accounts and restrictions.

is that Microsoft insists on embedding a web browser so deeply within the GUI that it can't even be uninstalled.

It can't? That's news to me.

But only if you have upgraded it from the default version included with your version of Windows. If, for example, you uninstall IE8 from Win XP, you will be faced with IE7 when you reboot.

Once you reach the version of IE included with your version of Windows, you will find you cannot uninstall it, you can only disable it.

No. 2,3 and 6 are not true.
I've been a solution architect and enterprise architect for various companies for over 14 years.
2 - I have seen a number of unstable MS only Windows systems, and a very large number of highly stable Windows machines with all kinds of 3rd party software. I have also seen a lot of unstable Linux machines (albeit usually running Oracle).
3 - I doubt even 5% of our Windows fleets have ever been compromised. We have rigorous testing, vulnerability scanning and security processes in place and would certainly detect just about any threat that hit us in short order.
6. We are already running 'desktops on the cloud' today on a variety of platforms, from tablets to smartphones to laptops

With all due respect to symowallo (& I didn't read the whole comment), it would take a person far more risk averse than anyone I know to regularly use Windows, and have never had any virus etc! As far as I know my regular virus scanning has always found them, but, I get them! (I also use Linux a lot, and have never had a compromise on those machines, that I know of.)

This is a great tem listing. I have to add one thing about security issues though. I have been involved in the IT industry for a long time, I even remember punch cards (the food old days). Over the years I have become tougher on the security issue in relation to performance. Seriously, I am the biggest fan of Webroot's Secure Anywhere Complete. It's fast, efficient, self updating, and no BS. My real security issue is this view. In the Netherlands where I live, datacenters have sprung up like weeds. They are overpriced, and the only winner is the stake holders who own them. Because the employees work like slave drones, sometimes they wake up and get curious about the data they are dealing with. I have seen so many successful penetrations from outside sources that it is just a joke. Linux is great, Windows is my preference. Security wise, Staff that are hot shot staff should learn to shut up. When they are working, on a VPN, and the corporate headquarters is monitoring their activities, nothing is secure. I watched tickets generated for drives to be replaced. The drives are not wiped or destroyed, but scrapped into a backpack . In some cases, I have personally seen IT people showing off their findings in a coffee shop or local bar to their buddies for a laugh. Business rated or XXX-rated, companies need to protect their assets by limiting who has access to their info. Watching a server being back doored and then being told that Open Source OS's are secure at the same time is a shame. All datacenters are hack able, and thanks to their staff using social media, there are more ways in than anyone would a\ever realize. Corporate systems need to be isolated from reachable networks. Just remember that if a movie or software can be leaked out before the actual release date, so can your clients and corporate data. When one person gets a hold of such data, their whole facility is responsible and that includes the upper management who should all be black balled from the industry forever. their next job should be at a burger stand saying "Would you like to Super Size that?".

Biggest problem I've had with RAID was, when the drives finally crashed, we couldn't buy a compatible SCSI RAID controller and all the data was lost anyway - so much for 'standards'.

As to 'understanding stuff' I'm not sure that's so true any more. A lot of 'bleeding edge' developments today are simply modern implementations of fairly old paradigms. Not much changes really except performance, price and capacity. Let's face it, the cloud is just a mainframe for the 21st century. Web browsers are the contemporary equivalent of an IBM 3270 'intelligent' terminal with, obviously, a lot more bells and whistles.

Sure, the mechanisms change; languages and protocols pop up every week but, fundamentally, these are just interpretations of pretty much the same thing. Certainly from a design & development perspective.

I think it's arguable that IT shares a lot in common (politically and commercially) with the fashion industry. Styles seem to be cyclic; allegedly 'new' systems are just rehashes of earlier designs and the market is driven by idiot pundits who bury good ideas while promoting second rate systems according to their personal opinions and biases.

from a failure. If you need that level of failover, buy a system that sports redundant RAID controllers. None of the systems I've seen allow you to swap out a RAID controller after failure and get anything back.

> ...A new RAID controller isn't going to help you recover from a failure...

I think that was the point he was making. RAID is nowhere near the level of "standard" that it pretends to be. Yes, it is a standard in the sense that it defines a methodology, but when IBM and others promote as a way to protect your data and keep you running, that's pretty much a lie.

on a Compaq ML350 server a few years ago. I replaced the RAID controller and it came right back up with no additional actions. It ran slower for a couple of days while it inspected all the 1s and 0s, but it wasn't catastrophic.

from my own experience I have had no problems with this either, via HP Proliant servers. Certainly, one must replace with an identical controller to expect recovery.

I have seen all of these in my experiences as well.

Working as part of the IT industry for 30-odd years I would add that it's almost unique in that huge amounts of learning and knowledge goes down the tubes every few years and you are constantly having to re-learn and re-skill in order to keep pace with the constantly changing environment. Drop out for a couple of years and you will fall rapidly behind. What other industry changes so fast, I've tossed out more manuals and software over the years that would fill several rooms.

" I've tossed out more manuals and software over the years that would fill several rooms." If you work in IT, why are you tossing out manuals? I mean I access most all of my needed info on-line. ;^)

Heck, most software, and even hardware sold for the last 5+ years doesn't even come with a manual, just a link to a website, or if your really lucky, the "manual" is embedded in the software or comes on CD.

If jtech has been in the field nearly 30 years, he's probably tossing manuals for products that were in use before the Internet was a glimmer in Al Gore's eye.

This came up twice last week...despite the fact it can get you out of a jam, most do not create, or even maintain the Emergency Recovery Disk, or ERD

In Europe at least, I can tell things are different.

1. Not true. Decent companies do exist.
2. Not true. Plain nonsense.
3. Not true. We have been in business since 1993 and no machine has been brougt down because of malware.
4. True. But what's the point? Most IT-people don't need to know about RAID. Problem is that some of those that don't know feel tempted to install RAIDs anyway. Call in experts.
5. Not true. For private people perhaps, but not businesses.
6. Not true. Or rather: Who knows?
7. Not true. The true problem of Linux is that it is a total mess for anyone else than those who has been raised with Linux.
8. True. But that is by definition and not specific for IT. The trendsetters are exactly that because the rest are not. If no one would take the lead, nothing would move.
9. Not true. If you and the management are able to plan and control, no more mess or stress exist than in any other area.
10. Not true. You can very well be a fine specialist in some stable area without knowing about any new trend.

Conclusion: No bumpy ride here, sorry, just some coloured chit-chat you can forget.

/gustav

"Not true. The true problem of Linux is that it is a total mess for anyone else than those who has been raised with Linux."

Jack, that's just eerie. Point 7 proven in one sentence. And just think, Linux is much stronger in Europe than it is in the US!

Am in general agreement with Jack's list, plus at least one other. Sadly to say, after 42 (yikes!) years in the technology/computing sector, as I have, many have also found out that a great many clients, OEM's and suppliers are confounding and bare-faced liars and frauds. That said, the remaining group is actually a blessing for the majority part, even though there's usually never a dull moment, indeed.

"1: Companies always promise more than they can deliver"
That goes for your company as well. Tell them it will take six months to deliver a new piece of software and two months later they are pissed because it isn't done. I have had this happen more than once.

"2: If you add third-party software to a Windows machine, all bets are off"
I have to disagree with this one, Microsoft updates have hosed many stable machines, and cause innumerable problems over the years. Similarly, I have seen third party apps actually run without mucking up stability. Bottom line if it is stability you are after, Microsoft doesn't offer the best solutions.

"3: Its not a matter of if but when your desktop or server will be compromised"
While I tend to agree with the premise, and that is certainly the correct attitude in more than 20 years of supporting dozens of servers and hundreds of desktops I have had exactly 2 workstations infected (both from CD) and they caused minimal harm, a simple reboot was enough. Granted I run super tight security and it makes my job harder, and some of my clients don't care for it, but security is job #1.

"4: Most people dont really understand RAID"
I certainly agree most people don't understand RAID. RAID is NOT a backup strategy, and it does have varying levels of redundancy. Another important part of RAID is transfer rates. More spindles, more cache... mean faster access to data, which is an important function of RAID.

"5: Backups are always forgotten??? until theyre needed"
This is very true, you need to check if your backups complete daily, do a partial restore at least monthly and make sure the entire backup is recoverable at least quarterly. You also need to do more than keep your backup medium next to your server. If you don't, you don't have a backup solution.

"6: The cloud will never replace the desktop"
True, for the majority of IT, but there are sectors where this is not true. Lawyers, Salesman and certain others need the flexibility of the Cloud, but it should be a tool in the box not a strategy (which seems to be what a lot of companies are pushing these days).

"7: The Linux platform is still hindered by FUD"
This is very true, Microsoft does a lot to perpetuate and even add to that FUD. However, on the server side Linux has made significant inroads. The desktops does still have issues in a lot of markets, mostly due to proprietary software that will not run on the linux platform.

"8: Theres a huge disconnect between pundits and the real world"
Very true, most businesses can't afford to upgrade every two or even every three years. If your not in IT, you find it hard to justify spending money even after 6 years, one of my current clients can not believe I am asking them to spend money when they have tripled in size, their data storage needs have increased more than ten fold and they want all the new 'toys'. I guess that is what happens when you pull too many rabbits out of the hat.

"9: IT will give you gray hair"
Well I have certainly added gray hair over the last 20+ years, but I suspect it has little to do with IT and more to do with age. However, I.T. IS very stressful and has taken it's toll on me in many other ways, but I am an always on call 24/7/365 guy. If you are a programmer or just an 8x5 kind of guy IT does not have to be stressful (at least not more so than any other job).

"10: The second you think you understand something, you dont"
While it is true IT is ever changing, if you put forth the effort you can at least keep pace with it, and with a lot of effort and a little luck you can even ride the wave for a long time, though it is certainly not an easy thing to do.

IT is a double edged sword. Innovation and resistance to change. There is much to learn and gain from both. Given your list I'd say your experience is rather limited and practically an outsider point of view. Just my opinion after 34 years of IT and counting. Take the top Item on your list that you think changing would be of benefit, define it , make it yours, show the rest of us how to make IT better. With every issue you raise provide a solution otherwise its just politics and chit chat.

2: My Windows nearly doesn't have M$ software besides Windows itself and security essentials. Development tools, office, defragmenter, download manager, text editors, etc. all are from 3rd party world. Mostly open source, at least freewares. And I nearly never have BSOD or any other stability issues, compared to the one at my office having lots and very depending on M$ softwares (3 BSOD in 1 month, easily hangs, great record). M$ softwares tend to be bloatware eating lots of RAM and CPU cycles, bonus: starts sssssllllooowwwly. Sorry, my experience told me 180 degrees different things than yours.

3: Virus? Sounds like an old friend I've never met again since I totally moved to Kubuntu

If you really want the most stable Windows platform you can get, install only software from Microsoft.

How disgustingly true. Only it's not quite true enough.

If you want the most stable Windows platform, you need to install the latest versions of Windows software. Office 2003 had the last usable interface, but you'll really have to upgrade to the latest version of Office for the most stability on Windows 7. And there goes your productivity, as you now own the ribbon, which proves that Microsoft UI design is performed by drunken monkeys.

"Most of those who rail against Linux do so out of either ignorance or fear. "

Read the responses from the Windows trolls that infest SJVN's ZDNet columns for proof.

In 30 or so in IT I have learned only one thing, the following two:

1. If you wish to have peace of mind, fix people not computers
2. If you want to make money, fix computers and leave people alone

decide! the rest is whining.

I cannot remember how many times things have gone wrong and though matter what the problem was it is always the fault of the IT department! I have developed the attitude of apologizing for the laptop not being ready (even though shipping did not place the order in time) and just letting it go. Yes, it was IT's fault, now lets get on with whatever.

Your job is well done when nobody notices your work. And nobody congratulates you for that too.

I object to both 2 & 3.

Concerning 2, I first have to say in the interest of full disclosure that I produce third party software myself, so maybe I'm taking it a little personal. However, even if I wasn't in the software business, I would not agree that one should only install Microsoft products. In fact, I find many of Microsoft products to be much more buggy than good, solid third party products. The generalization here is just much too sweeping. All it takes is one bad software product with memory leaks to cripple your system. So then you go and make a broad generalization that all software other than Microsoft will ruin your system? That's crazy. I think you say that only because you know that Microsoft made the operating system, so you assume that their developers know enough of what is going on to make the best product to work on that operating system. If you did not know that Microsoft made Windows, you would never make such a statement.

Concerning 3, I have run systems for over a decade on Windows and have never had to clean any malware off of them. Yes, I even still have a Windows 98 computer with no malware. I often have to clean other people's computers, but not mine. One computer I ran for many years without any kind of Anti-virus software at all, other than the router that protected my network. No malware ever. Now I have seen enough on other computers that I do run anti-virus software here, but to make the sweeping generalization that every Windows computer will get compromised at some point is ludicrous.

One thing that I have learned over the years in IT is that for every person in IT who knows what he is doing, there are at least 20 who talk a good game but have little clue of the technology they work on.

And they have managements ear. I had one "web designer" give me a "design" in MS Word. And that was the CEO's go to person.

1) All hardware will eventually fail. And all software will eventually work!

2) People think RAID = encryption. It doesn't! Losing 1 drive from a RAID set will still expose you and your company to a data breach. You may not be able to read a who file from 1 drive but every block is still intact.

3) Similar to Microsoft and 3rd party software, many hardware vendors will ask you to remove any non-OEM hardware before they'll work on your problem. Sometimes I think they do this to stall for more time while they research a problem and it keeps their response time SLA low!

I've had many an occasion where MS-Office is the culprit causing the issues on a desktop...so you will have to add Microsoft itself as a third party. The OS and the applications at Microsoft are created and maintained separately from each other which leads to the saying "the left hand doesn't know what the right is doing".

When trying to resolve a problem, how many times have you asked a user "did you click on/download anything?" Only to hear the usual "No I didn't touch anything."
Then spend time troubleshooting something only to find out the problem was caused by the user downloading/installing/changing something. Only after some additional and sly interrogation do I find out from the user "well I just installed this..." or "actually I clicked on..." or "..the box said do you want to.....and I clicked...". User's don't always want to admit they did something so I've found I've had to change my "interrogation" tactics. Perhaps working in IT is a good prep for a career in interrogation.

Just kidding. Great list. I can definitely vouch for number 9.

Nice article reminding me of how did I get here... I have the T-Shirts and gray hair to show my 20+ years in the industry. Thick skinned is an understatement.. Kevlar is more like it and now with the industry taking a bold stand in hiring practices you will need it... Thanks for relating accurately what IT is about after a long, arduous career. Looking back, I should have stayed on the farm.

I have been in the business since it was a baby (1983). If I had wrote this piece, I probably would have not changed a word. Jack, good piece, you are dead on....

The company that hired you, who offered you three weeks vacation, personal days, training and development opportunities? The one where "Work-Life Balance" is their number one priority?

BTW: if a company advertises its Work-Life Balance, internally or externally, it is because there is no work-life balance in evidence within the company. Why advertise a solution to a problem you don't have?

Does the company look the same after working 80 hour weeks with half days on weekends, emergency phone calls during family events and where training means the intern that was hired last week will write up the training priorities and budget, which will never get approved?

When exactly did it become compulsory to bring a company laptop on vacation? That's not a vacation, that's working remotely.

IT purchasing decisions will not be made on technical merits, they will be based on the personal relationships between the person with budget and the sales person. Suitability to task, ROI, TCO are post-purchase justifications. They are not germane to the purchasing decision.

You may not be able to read your own backup tapes, but unless you take steps to properly dispose them, the person who buys them used WILL be able read them.

When asked why my job in IT Management is stressfull, I reply; "Because technology rarely works the way the salesman said it would".

I've been an IT pro for 26 years now. I have survived some of the most heated advances in technologies and in company thinking. The lessons you list above are spot on to the things I've encountered. Additionally I feel others might also benefit from knowing these other tidbits:

11.) Regardless of a companies IT mantra, they are governed by their accounting departments. Every company wants to utilize technology to its fullest potential, and many plan on doing so with some even doing it in writing. However it only takes 6 months to a year of inactivity, set backs or what have you, and an accounting department will rip that mantra to shreds.

12.) VIP's love their toys, and often enjoy seeing their IT departments scramble to accommodate them even at the expense of a secure networking environment. Learn to say no and when it is appropriate to do so. I think that statement speaks for itself.

13.) More often than not, a CEO (who usually answers to a CFO) has little to no understanding of how a network works, let alone what it takes to make it happen correctly. Again, this statement speaks for itself.

14.) Companies would rather hire younger, fresh-out-of-college kids than experienced IT professionals because they believe the 'younger generation' has some sort of 'IT understanding' that older people do not. This may take a bit of explaining, however it comes from personal experience. I have been out of the IT field now for 2 1/2 years, but not by choice. I have been constantly trying to get work, and constantly told I am 'over qualified' or 'one of our most excellent candidates', only to be told they filled the position with someone else. Upon further inquiry (under the pretense of wanting to improve my interviewing skills, etc) I have learned that in EVERY case, a younger more inexperienced person has been hired. Excuses have ranged from 'That candidate was fresh out of college, and we didn't have to guess at what they've been doing' to 'We're afraid this position won't be fulfilling enough for you, given your range of experience'. However the common link has, in every case, been a younger candidate. I can only attribute this to a stigma or perception that the younger candidates appear more 'geeky' than I (coupled with a fear that I may either take their position or want too much money). Staying in touch with the industry does little to further your goal.

15.) Some things never change, even in IT. For those that have 'been around a while', you may understand that better than most. Some ideals, methodologies and practices remain the same. A good troubleshooter in the IT industry doesn't need to know every in and out of the equipment they manage as long as they remember the basics. Good problem resolution comes from good practices. Process of elimination works regardless of your set up. Finding the common link, or the central point of failure is a learned skill that you can't find in an owners manual. Trust your instincts and remember to step back out of the problem in order to be as effective as possible. These types of things will always be a valuable asset for any company.

1. There is no such thing as a stable operation.
2. Things will always change

You need to find a way to politely give users what they NEED instead of what they WANT without cuasing political problems

Accept the fact that you will make decisions without all the information you need. Go as far as you can the use your "professional Instincts" to decide. Also, Product consultations for the IT part of ERP packages is measured in Weeks and not days of consulants time - get as much free as you can before you buy. For the actual ERP users its measured in Months of consulting time.

Not working currently but about 18 years in the IT field have taught me exactly the same items listed in this article. I rarely comment to articles but great job on this one.

One other, highly important thing I've learned from working in IT is I *DON'T* want my daughter working in IT.

I actually read the whole thing, Good job.

(BTW--I really don't see a bias here--not sure what that's all about.)

I, too, have been in the IT industry for 20 years, and the best piece of advice I got early on from a supervisor was "never assume the end-user did exactly what they told you they did." A good basic example would be about rebooting an OS. When you ask the end user, "did you reboot your computer?" They may say "yes", not realizing what rebooting a system really is. Some people think 'rebooting' just means closing their program/application and re-launching it. I have grown accustomed to simply checking the system's Task Manager and seeing the CPU Time to determine if the system has been rebooted recently.

.
I don't understand what's wrong with adding third-party software to a Windows platform. I use numerous non-Microsoft applications on multiple Windows machines. Some of these are open source, or shareware apps written by someone in a basement somewhere. Some of them are complex, high-end audio tools produced by larger companies. I wouldn't say none of these ever misbehave, but typically they're as stable as Microsoft applications (for what that's worth).
.