Most of my customers are SMBs. I've walked away from a LOT of business over the years, primarily for the reason you mentioned.
I won't work for a company that refuses to take even the most basic steps to take care of themselves. They can find someone that charges half my rate and spends three or four times the amount of time cleaning viruses, reinstalling workstations and servers, and saying "sorry, can't restore that, it wasn't backed up". Does this make me a prima donna? Nope. It makes me someone that takes pride in the work I put my name on. ________________________________ From: Jeremy Anderson [jer...@mapiadmin.net] Sent: Wednesday, July 08, 2009 8:44 PM To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain I did SMB consulting for a while and it made me CRY. I have seen everything you guys have mentioned and more. Anti-Virus? We don’t need that, we have a firewall. And the company I worked for still chose to work with that SMB, because that SMB actually paid their bills. Basically, for that customer, and MANY others, we told them their options, but ended up designing a solution that fit the budget, never best practices. And I HATED it. So I left. I went into the corporate world. I started working for a large dot com that is on the Fortune 100 list. I said to my self “There is no way these guys don’t get it, this is going to be awesome.” Guess what? They don’t get it. Backups – what backups? At least now I am actually running NTbackups, before I got there AD was not even being backed up.. Exchange was backed up as a brick. I fixed that too. Never mind that all 15 storage groups are in use and each storage group is over 100 Gigs. I cant even begin to imagine what it would be like to restore it. Weeks of downtime. So I am leaving. I am going back to being a consultant. When I went into my second interview, the owner was talking to me about how he had to fire one of his largest accounts that week. Yes, the company fired the client. Why? Because he made a recommendation about the clients information security, backups, and the client refuses to take the advice. He doesn’t want the client to come back at him if something bad happens, and tries to blame his company. Nor does he want to be in an “I told you so” situation. I am optimistic about this new job. The moral of this story is that we can choose our clients that we do business with, but someone out there will always take the job. Personally, I hate doing things half assed and working with clients that always want to half ass it, or run with no policies, or no AV, or just a Linksys for a firewall makes me angry. I personally feel that any company with a semi-realistic budget can afford a solution that is “best practices”. It takes a good consultant to cater to that customer. The amount of money we billed that poor schlub for hand removing viruses and reloading machines could have been spent 5 times over on a solid AV solution. But my boss liked the billable hours and never made a graph to show that they spent $800 on virus removal last month when Symantec cost $400 (I made those numbers up, but you guys get the idea) . And sometimes the client just won’t listen. And that is when its time to let the client go. Offsite backup? Most of the companies I have worked for in the past go to the bank, get a safe deposit box and have them take the tapes to the bank with them. Fed-Ex is AlWAYS there, send the tapes somewhere FED-Ex, even if it’s the owners house. Is Fed-Exing the taps to the owners house the best idea ever – no. Does it meet the needs of off site DR- defiantly (and its relativity cheap). Again – risk vs reward. I hope I made some sense there and didn’t go to far off on a rant. And back on topic, somewhat, is it just me, or would anyone else just not want another domain controller existing, but turned off for 3 or 4 days. In my head I see clients trying to authenticate against it (its still in DNS) and the other DCs trying to replicate to it, its not there. To me that just kinda seems like a bad idea, but maybe I am off base here. Jeremy From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Wednesday, July 08, 2009 17:13 To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain I'm sure a business would appreciate a quick restore of services. There is no argument there. Would the business also appreciate it if your laptop was stolen and potentially sensitive information was in the hands of someone unscrupulous? We've had consultants literally held up at gun point and their laptops taken. It does happen. Cheers Ken ________________________________ From: Maglinger, Paul [pmaglin...@scvl.com] Sent: Wednesday, 8 July 2009 10:48 PM To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain IMHO... as long as you disclose what you are doing and why you are doing it, and if the both you and the customer are comfortable with it, then I don't see the problem. Businesses that do have DR in place are savvy enough where you won't get "blank stares" and will voice any objections at the disclosure. I think any business would appreciate a quick restore of services. ________________________________ From: Jake Gardner [mailto:jgard...@ttcdas.com] Sent: Wednesday, July 08, 2009 7:19 AM To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain Budget? Most SOHO's don't have $1 set aside for an IT budget. Just a couple years ago, I had a handful of customers that were still using NT4! I got them quotes for server upgrades and very very simple tape backup or backup-2-ext disk and most of them said no new purchases just fix it. I had one customer that owed my $1200 and I would keep going to his office asking for a check, he finally gave me $600 on a Thursday and on Monday the office was under new management and said my contract/payment had nothing to do with them. At least I got half, grrr. Thanks, Jake Gardner TTC Network Administrator Ext. 246 ________________________________ From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Wednesday, July 08, 2009 2:24 AM To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain Hi, Unless you have proper procedures for safegaurding this stuff, and legals in place, I would do this all on the customer's premises (or wherever they instruct you to work) on their equipment. They must have a budget for this (otherwise how are they paying you?), and it becomes a cost of part of the project. If someone breaks into their offices and steals a server, that's not your problem then. Now, I have a bunch of commercially sensitive stuff on my laptop (as do most/all of our other consultants). But we have our risk management in place (e.g. Bitlocker-ed laptops, Exchange sync policy enforcement for phones, IRM/RMS, policy documents we have to sign etc), and we have the contractual stuff in place to indemnify us against customer lawsuits (and no doubt the necessary insurance cover as well). Cheers Ken ________________________________ From: Erik Goldoff [egold...@gmail.com] Sent: Wednesday, 8 July 2009 3:54 PM To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain "What happens when you tell the customer you’ve made a backup of their whatever and their office burns down a couple days later? " You're waaaay off base here ... there are too many theoreticals ... what happens, if during the upgrade, something goes wrong and the active directory metabase becomes corrupt... they have no internal backups, I don't make a copy, and now they cannot login to their network resources ... I can still be sued for free, and the probability of that scenario happening is much higher than a bus running over my laptop. And if their office burns down, they're gonna need more than the DC image I have, not to mention that I explicitly state the purpose of the backup copy I make, 'to recover if the upgrade process goes wrong' ... period ... I understand your perspective on the situation, but sorry, it just won't fly in the real world dealing with SOHO and Small business sites. Your data center fires is a neat story, but for Soho and Small business, their 'data center' is usually a commandeered closet or corner with a collection of servers ... note that this issue revolves around upgrading from Windows 2000 ??? Not a technilogically current installation, no spare server or desktop hardware, nor OS license to spare. I'm curious as to how you would handle the business continuity planning for a problem with the upgrade ... Erik Goldoff IT Consultant Systems, Networks, & Security ________________________________ From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Wednesday, July 08, 2009 1:34 AM To: NT System Admin Issues Subject: RE: Win2003 DC on Win2000 domain Yes pretty much. Here’s another way I’d think of this. What’s your liability insurance got to say about this bonus service? What happens when you tell the customer you’ve made a backup of their whatever and their office burns down a couple days later? Sure you can just restore that bonus backup except your laptop got runover by a bus in between the backup and the fire. A colleague had some wise words for me the first time I did a gig at a legal services customer – “Just remember, they can sue you for free.” Many customers I deal with, offsite backups consist of tapes going in these heavy duty metal boxes with locks on them. The boxes are barcoded or numbered or something and a guy comes to pick them up, signs for them, and the offsite people basically guarantee their safety until you sign for them when they come back. The delivery guy also drops off any locked tape boxes whose retention policies dictate their return as they’ve expired. In the unlikely event of some major crisis, the offsite people are on the nut to get your box of tapes somewhere in some prearranged guaranteed time window. Some customers are also sending stuff live (e.g. replicas on standby hardware) into a 3rd party datacenter designed for this sort of fallback plan (e.g. Sungard). They also have contracts where if their computer room burns down or something the vendor is on the nut to provide K servers of approximate configuration Z in location Y within X hours of notification of the requirement. These vendors have the kind of capacity and capability to deal with something like 9/11 or Katrina if the customer has the action plan to respond. Or perhaps something more simple like the two datacenter fires this past weekend – Seattle and Toronto both had high rise carrier hotel fires. One of them, I forget which, the electrical busing between floors was completely hosed (literally) from what I heard. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian ***Teletronics Technology Corporation*** This e-mail is confidential and may also be privileged.? If you are not the addressee or authorized by the addressee to receive this e-mail, you may not disclose, copy, distribute, or use this e-mail. If you have received this e-mail in error, please notify the sender immediately by reply e-mail or by telephone at 267-352-2020 and destroy this message and any copies.? Thank you. ******************************************************************* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~