Posts by Erik4872

Another transformation movement...

Translation: We just sent 10 shipping containers full of $100 bills to McKinsey and the advice from their legions of 25-year-old recent MBA grads was to be agile like Amazon.

I have no doubt that HP(E) has lots of dead wood left to prune, but I have been seeing this advice replicated over and over again at more traditional companies. Inevitably it boils down to offshoring everything that can be offshored, followed by cutting every single corner possible when it comes to the few people left onshore, then outsourcing everything that isn't a "core competency." I'm sure that even with all the mergers, demergers and splits that have occurred, there have been a lot of people let go and there are more to go. But cutting your way to growth, especially the usual way MBAs do it (starting at the top of the engineering pay spreadsheet) doesn't work long-term.

People forget that HP and the like are hardware companies producing tangible products that customers physically take delivery of. Even if the guts devolve into software-defined whatever, a hardware company isn't going to move as fast as a software-only company. I work for a very traditional company in a traditional industry, and every "old school" company is scared to death of being left behind in the race to the top of the Second Dotcom Bubble. You can't turn a traditional manufacturer into a trendy SV startup run by 100 people crammed around cafeteria tables. But that isn't stopping them from trying. This year, the trend is to badly implement something the consultants sold the company as "DevOps" similar to the way "Agile" was badly implemented a couple years prior.

I'm not surprised

I'm sure many here will say that the widow is just trying to collect some lawsuit money from Uber before dotcom bubble 2.0 pops, but bad employers really can work people to the bone. I've never really had the desire to work for a tech startup, but people I know who have describe an...interesting...experience. Stories I've heard usually revolve around one or more of:

- Founders/CEOs with major ego or anger management problems who are absolutely miserable to work for

- Very young executives with little or no experience running a large business, leading to all sorts of HR nightmares

- Very young workers with little or no experience working, so they don't know they're being taken advantage of

- Chummy fratboy culture that excludes anyone who isn't down with the rest of the bros

- Constant death marches inspired by any one of the above items

People forget that there are a lot of people who take pride in their work and can't just say no when given unreasonable requests. That, or they feel that they're missing out on the startup lottery if they don't pull their weight and stay employed until IPO day by any means necessary. I'd have no trouble buying the idea that a pressure cooker environment like Uber plus a few external stressors would cause someone to snap and just want out.

Add to that the fact that the guy moved from Atlanta to San Francisco. I live in New York and we constantly have people going down to Atlanta or North Carolina because they don't care where they live as long as they don't have to pay taxes. The cost of living difference between ATL and NYC is stark; ATL and SFO is orders of magnitude worse. $170K a year barely treads water in San Francisco or Silicon Valley. Imagine the stress of having to support a spouse/family in an environment like that.

Best summary of the current state so far

Stock photos indeed, including large centered bold tagline...it's like someone manufactured a DevOps Startup Kit and every single 3 person team has a web presence that makes them look like a massive fully supported product.

The problem is that there's nothing wrong with the concept of DevOps. Developers and IT need to work together -- we in IT can't just be the Department of No. The main problem with it is that the Second Dotcom Bubble has been inflating for the last few years, coinciding with the DevOps shift. Useful information barely gets heard over the screams of "agile single pane of glass!" Everything's an automation framework, a cloud-based analytics platform, etc. because that's what's driving the phone and app ecosystem. Startups need big data in the cloud to monetize the info generated from their fart app. :-)

Just like the First Dotcom Bubble brought us much improved Internet access and services out of its ashes, I think that reasonable levels of cloud computing adoption and DevOps without the hype and snake-oil tool salesmen will be what we get from this one.

An unholy match

I fully expect the next headline to be "SAP in talks to buy CapGemini" -- it would make sense. Every big ERP vendor needs a consulting company.

I guess the idea is that software companies are moving away from selling software and onto selling monthly revenue extraction streams. Every former OS and product vendor is doing it -- their goal is to lock you into a cloud-based management tool that they sell access to rather than sell you software to implement. It's unholy, but Oracle buying a management consultancy makes sense. IBM is trying to turn their entire company into an Accenture clone. When you wrap your product in so much complexity that you need to sell services to implement it, that's a golden combination. Oracle could easily sell a set of ERP licenses "plus, we'll throw in half the population of India for _free_ to help you run it!"

IPv6 needs a catalyst

It's interesting to see a large non-networking company going IPv6 only on the client side. The problem with v6 is that v4 is still just fine in most circumstances. NAT is a hack, yes, but it's everywhere and allows for an extended life for IPv4. Internal hosts generally don't need end-to-end Internet addressability, especially these days.

Obviously this can't be done easily, but I wish someone would come up with an "IPv7" that has more backward compatibility. IPv4's address space is small enough for humans to understand, and it's easy to communicate a 4-octet IP address verbally to someone.

Interestingly enough, IaaS cloud services are IPv4...and I think the major reason for that is because they don't want to alienate people who've worked in IPv4 networks for decades. They could have easily used this as the opportunity to get rid of IPv4, but it's easier.

Selling the mining equipment in the dotcom Gold Rush

During the first dotcom bubble, companies like Sun, Cisco and the telcos were raking in vast sums of money. Back then, every single one of the dotcoms had to cater for either their own or colocated data center space, and a large amount of equipment. The second dotcom bubble has the cloud, which actually lets crazy startups hang around for a lot longer -- the VC money doesn't have to pay for a huge owned infrastructure when AWS or Google or Microsoft offers capacity.via a credit card.

Companies like Atlassian are now the new vendors of Gold Rush mining implements. The hot new thing is apps, and specifically DevOps-friendly apps. For consumer-focused phone apps this model makes perfect sense -- just picture a bunch of hipsters with fedoras, neckbeards, man-buns and PBR in the fridge, sitting around a cafeteria table in an expensive San Francisco office space banging out JavaScript. This environment needs tools like the ones Atlassian markets because the change is so frequent, staff is incredibly thin and the companies "need" to attract hip social media types with tools that work the way they want. On the corporate side, stuff like JIRA lets a company write a check to push the Agile/DevOps button and have their developers talking about stories, features and burndown rates. Actually, it requires a complete culture shift to work properly, but companies still like it because Agile lets them do away with a lot of the expensive planning, break the app into pieces and send it all over the world chasing lower cost labor. (I've worked at places that have gone Agile without the culture change and it's a mess.)

I actually think the end is coming pretty soon for the second bubble. Like the first one, we got a whole bunch of neat stuff out of it, but people are eventually going to get tired of the same old stuff and move on from social media and apps. I'm guessing IoT is going to be the next bubble to inflate, but we'll see. Either way, Atlassian is in good shape - IoT stuff needs to be programmed too.

This happens elsewhere too

Whenever you bolt on an Internet/web connection to an existing environment, someone will eventually figure out that any semi-secret information in the system is no longer secret. This kind of thing isn't new - my electric company allows anyone to add access to my account by knowing the account number, ZIP code and name, all of which can be read directly off a bill thrown in the trash. At 90% of large companies, plugging a machine into the LAN immediately means that machine is "trusted" by most access lists and other barriers. Almost no companies treat their LAN as hostile even in the era of phones, tablets and BYOD.

A lot of these systems were designed back in the days when only trusted individuals were capable of accessing them. Way back in the day, travel agents were entrusted with paper ticket stock that would allow them to print tickets to any destination, and when ticketing. check-in and boarding were separate things there was a pretty good chance you could show up with a fake ticket at the airport and get on a plane. The record locator is the unique identifier in the database, and the only machines that used to have access to it were terminals at the airport, reservation and travel agent terminals and the GDS itself. None of this was designed in an era where it was even imagined that someone sitting at home could brute-force the record locators and pull everyone's flight data off websites. The airlines along with the banks were some of the first companies to be "networked" in the traditional sense, and this predates the Internet (consumer web, that is) by a long time.

The question becomes how to solve it. I work in this space (not for a GDS, but very close to the processes.) All of this travel technology at its core is decades old and has huge amounts of dependencies on the core never changing. The cool stuff we see (airline websites, airline mobile apps, kiosks, etc.) is just the top crust talking through layers and layers of abstraction down to a reservation host, mainly in the old-school terminal session based method. Changing any one of those layers is very difficult because it breaks everything riding on top of it. It would have to be something at the web layer, like a CAPTCHA, but it would have to be done in an IATA standard way to make all the airlines adhere to it. The problem is you have to have something universal that acts like a record locator, but isn't available in plain sight or able to be brute-forced. And, it has to be easy -- I can't imagine people wanting to use their passport numbers or other personal identifying information beyond their name, nor do I expect the airlines will jump over an IATA initiative to issue digital certificates to all travelers for use on websites or maintain a central registry of usernames and passwords.

Apology or not, results are the same

I'm actually not as much of a doomsayer as most people about Windows 10, but the reality is that for whatever reason, Microsoft is done with any versions of Windows before 10 and Server 2016. They will not have another XP or Office 2003 moment, period. I know why they're doing it (to gain ad revenue and extract monthly subscription fees for Win10 Enterprise users), I'm not a fan of it, but you're just not going to get anything beyond half-hearted support for previous Windows versions. I'm pretty convinced that they're also done with on-premises software and are waiting to lock everyone into Azure, but that's the next phase.

Taking this as the assumed end state, I'm actually glad they were able to get as many customers upgraded as possible. Millions of consumer PCs are completely unmanaged. They go unpatched, and Windows 7 is no longer being looked at with the same scrutiny when it comes to the less-than-thorough job they do patching it. Leaving these systems out to dry means they'll eventually be a botnet member, get ransomware, get a virus, etc. I don't like the way it was done, but at least they telegraphed that the end was near for Windows 7. I think they should have waited until the official end of life date to allow the free upgrade, but the shareholders would have eaten them alive if they were fully or partially supporting 3 complete release cycles of Windows. For better or worse, Windows 10 is the new client OS for everyone as Microsoft sees it.

All big non-profits have this problem

Working for a not-for-profit entity does not necessarily mean you're getting paid in soup kitchen meals and eternal salvation. When a charity or other organization gets big, most of them do end up operating like for-profit businesses as far as compensation. Big charities "need" big name executives to run things, and yes there is a lot of quid pro quo favor-granting. There are often controversies with the Red Cross, Salvation Army and such that spend too much per donated dollar on operating expenses, and I fully expect Wikipedia is in the same boat.

That said, I do give money to them every year. I find Wikipedia one of the more useful Internet resources out there, simply because my brain likes to snack on knowledge. If I'm looking for a decent overview of a non-controversial subject, it's a great resource. It's also a time sink -- I wound up spending a few hours last month looking up some engineering term I heard, then getting sucked into the world of Great Lakes shipping before looking at the clock and saying "oh well, I didn't need to sleep tonight anyway."

I think it's better to let them have a little excess cash than turn the whole thing over to, say, Thomson Reuters or one of the scientific publishers, who will rent-seek subscription fees out of everyone.

It's not "hacking" it's "social engineering"

The one thing that I hope this teaches people is that using public email services for anything important is a really dumb idea. So many of these hacking stories actually turn out to be phishing attacks or social engineering, targeting a technically ignorant yet very powerful individual. I've seen this happen in corporate environments. Executives just ask their assistants to handle everything, and as we've seen here, the assistant just forwards the request to IT.

Any corporate exec or politician who is still using hotmail, AOL or Gmail to conduct business is probably still of the mindset that they can't securely get their email from anywhere. iPhone and Android both support secure connections to corporate email accounts -- so 2FA means that you'd have to steal the user's phone to do your hacking. Hopefully both sides of the aisle will take this as a lesson and do some serious hiring on their IT teams to fix this.

Could be the end of boxed software from them?

Given how hard Microsoft is pushing Azure-first stuff, this might be one last olive branch to their "legacy" customers. Server 2016 is a traditional Windows release, but everything is slowly being sent over to microservices and PaaS-land. My experience so far with Azure is that Microsoft is doing everything they can to get companies to migrate their applications, not just to Azure IaaS, but to rewrite them to use PaaS components. There's a lot of positives for this, but one issue is the fact that you're now paying forever to use the service rather than paying once for a packaged license.

The big things that are going to keep customers on "classic" Windows are things like domain-joined SQL Server, remote app publishing (Citrix/RDS) and Active Directory (not Azure AD.) There's just too much built up around these items and no easy cloudy way to completely replace them. Everything else (ASP.NET applications, file/print sharing, etc.) can easily be handled by an App Service or cloud file storage. Assuming enterprises aren't going to outsource their identity management to Facebook or Google, their choices are going to be Azure AD or Classic AD for quite some time, and Azure AD doesn't do policy-based user/machine management to the same level Classic AD does.

In a way, this makes sense. Microsoft gets a constant revenue stream for cranking out updates, and customers who don't want Azure and don't want to move their applications get a slower pace of change. It's dizzying how much changes in Azure over a month...whole new services roll out almost weekly and the existing ones get upgraded capabilities.

What to do with $5B?

The funny thing is that "old HP" just got done unmerging its businesses and writing down a couple of failed acquisitions (Autonomy) and ventures (Helion public cloud.) I say the best way to use that money would be to save it and use it to shore up their core product lines rather than going out and buying yet another flash memory array startup.

There are still more than a few customers (us included) that need solid, reliable on-premises medium size servers. HPE still fills this role nicely for us. If they can continue this rather than chasing money in the public cloud that eventually won't go to them, medium organizations like ours will keep paying. Public cloud providers are just going to go to Foxconn with the Open Compute spec in hand and ask for 5 million white box servers, and that makes sense in the cloud environment, since you don't actually care deeply whether the hardware is healthy. HPE's new core market is medium sized and large businesses who can't outsource to the public cloud. Small businesses are lost, because the public cloud will eventually win out. Large businesses will probably roll out their own private clouds on vendor hardware because they don't want to spend money maintaining things -- they'll just use it through the warranty period and repeat.

It's just like what's happening in the PC industry. Solid, high-margin, well built PCs and laptops/convertibles are doing fine. Companies still need them. What people don't need is the sub-$300 zero-margin, poor quality home computers that the low end of the market puts out. The consolidation in the PC market is a result of the product teams, marketing teams, etc. of the low end being removed. Lenovo is doing fine with its workstations and ThinkPads. HP actually has a few decent laptops out these days. And Dell, with the shackles of the stock market removed, is also improving. You just don't see this stuff showing up at Best Buy the same way it used to.

Tower of Abstraction Syndrome

What I see a lot, coming at this from the systems integration side, is developers relying so heavily on these towers of dependent libraries that it's very difficult to tell what the actual code they write is doing under the hood. Or, they take on a huge dependency for one tiny library function to avoid writing anything new.

No one should unnecessarily rewrite known-good code, but taking a dependency means taking the responsibility of ensuring that it is secure, and continues to do what you want it to do over time.

Time to restore the employer/employee balance

Interesting to see this in a UK context -- most private employers in the US dumped final average salary pensions ages ago when they got the tax loophole known as the 401(k) and could wash their hands of any responsibility.

I would definitely be behind a more balanced relationship between employers and employees:

- On the employee side, a higher degree of loyalty would be necessary. More dedication to the job, less job hopping every 6 months...basically making employers want to keep and invest in you. Of course, that's only possible with...

- ...On the employer side, a higher degree of fair dealing with the employees. Have a career path people can actually achieve. Don't lay people off the second the stock price drops, and don't just dump everyone involved when you can a project...reuse them! Pay fairly, provide great benefits and invest in training. At least contribute meaningfully to an employee's retirement account if not managing a pension plan.

A good example of this would be pre-90's-meltdown IBM. I hear stories of employees who worked their entire careers there, and retired with a solid pension and lifetime medical benefits. They had a no-layoff policy for ages. Now, they're doing everything possible to reverse all this, just like every big employer.

I think this will eventually backfire on big employers. Economists use the term "efficiency wage" to mean "pay more than the absolute minimum you can to potentially see an increase in productivity." Squeezing workers will, in the long run, lead to lower productivity and less quality work produced. If an employee feels their employer is dealing with them fairly, they'll do a good job. If they feel the employer is out to get them at every turn, they'll respond in kind.

Fiddlers and tweakers indeed...

Hungry Jack's CIO is correct - most developers or IT folks who are even slightly hands on wouldn't accept a vendor management role unless forced. That, and IT project management is usually where burnt-out techies who don't want to keep going on the learning treadmill go. I know and work with lots of IT PMs -- they make lots of money but who would want that job? As a PM you're a glorified secretary who has to get 500 people they don't control to do their jobs or lose theirs. As a vendor manager you're a service ticket passthrough and "free lunch collector." The second thing is nice (and if your vendor is Oracle you'll get showered in free stuff) but I'm a big fan of actually doing work and solving problems.

I think right now, the SaaS vendors are cleaning up by selling the dream of firing (or neutering) the IT department to companies who don't really see IT as useful and want to be rid of it. I think in some cases it can be done simply, but the second you want anything custom, prepare to pay. That's definitely how Oracle operates - they'll sell you their HR or ERP suite but it only works out-of-box for a tiny fraction of organizations. I know someone working for a large state university using PeopleSoft, and they pay through the nose to get Oracle or their "preferred consultants" to customize the system for changes in state law, union contracts and rules, etc. What I wish CIOs would be taught in their MBA classes is that the level of complexity doesn't change - it just gets pushed to different areas and that's the point of SaaS, but it doesn't disappear and if your vendor has a bad day, so do you!

(By the way, does Burger King know about these guys? I'm reminded of the "McDowell's" restaurant from "Coming to America." If I'm ever in Australia I'll have to try them out and see how they compare -- if their Oracle SaaS stuff is working. Those burgers on their website look an awful lot like the Whopper!)

>> "Anything not connected with cloud is at risk," our source claimed. <<

Sounds like they're pulling a page from IBM's playbook, and basically any services vendor these days. I've heard from IBMers that people are being dumped unless they can show how they contribute to "cloud, social, mobile or cognitive" stuff...so all those people keeping that "luddite" infrastructure running are done for.

I know the public cloud is coming, but I do feel the insistence that it's going to replace all on-site hardware is overblown. I think like everything in life there will be a healthy mix of everything once the Second Dotcom Bubble pops. The only reason it hasn't already is _because_ of the public cloud...companies with silly business plans can stay in business much longer when they don't have to build out networks and data centers themselves.

The industry has to grow up

I'm over the hill at 41 now, and work like crazy to differentiate myself from the stereotypical older IT worker. Unfortunately, companies lump everyone in together and assume that everyone is crusty, set in their ways and won't learn anything new. I'm in systems engineering, and our field is going nuts right now with software-defined everything, public clouds, etc...and I'm going along with it, learning everything I can and seeing where the dust will settle after the second dotcom/social media bubble bursts. There are plenty of older folks saying "oh, this Docker stuff will never take off" and "the company will never move to a public cloud." Let's just say I'm not betting on either of those coming true -- I'm hedging.

There are some enlightened places out there that value experience, but Silicon Valley employers are generally not in this group. Microsoft skews older, which is good, but it's still very hard convincing a 28 year old team lead (or worse, a 28 year old MBA with no experience appointed to a manager spot) that you're worth taking a chance on. The reason I think this lawsuit is a good thing is that, for better or worse, Google and GE seem to have the most slavishly copied HR policies in the world. Every company has an open plan office because of Google. Many companies experiment with stack ranking because of GE. If these companies have to change their behavior towards older workers even slightly, the rest of the HR managers will note the change and immediately implement it verbatim.

This is one thing to hate about mergers

I've been through this once and know many people who've been caught out when 2 big companies merge and they don't need 2 people doing the same job. It's especially bad when you're given the choice to move or be laid off, and can't for whatever reason. Nobody wants to be unemployed in the US these days...especially in high cost of living markets. Almost always, the acquirer will wipe out the acquiree's workforce...and EMC isn't exactly a small company. When you consider that EMC is in Massachusetts and Dell is in Texas, there's probably no chance anyone will survive long term from the EMC side.

Hopefully these people will find work soon...one problem with companies getting too big is there are fewer corporate jobs to go around.

The defaults keep the edge cases working

Microsoft desperately wants people off AD and onto Azure AD as their primary authentication source, but Azure AD's not quite ready for all the tasks AD does today and will be in place for quite a while. Having defaults that seem like they're from a different era does actually make sense. If you're a total newbie building out a new AD for a customer (which admittedly doesn't happen much these days, but we do it pretty frequently) you're going to want to hold down replication traffic until the admin confirms it doesn't need to be held down. Since a lot of replication traffic is RPC based and extremely chatty, it's possible to fill up a small network link if you don't set things up right.

We're used to LAN speeds on our broadband connections here in the first world, but outside the US, Europe and Southeast Asia, it's not uncommon to have leased lines at very low speeds and very high latency. Same thing with satellite links, cruise ships, etc. It's entirely possible if you have a localized environment and all your locations have Metro Ethernet links back to HQ, that you don't really care about replication intervals and clients can log on to any domain controller. But, this can be a problem in big directory environments with lots of policies, logon scripts that take forever to run, etc.

I haven't been an AD newbie for years, but I can imagine someone looking at some of the stuff from Windows 2000 era and saying "WTF?" Things like SMTP-based replication and the old super-complex multi-forest multi-domain model only make sense if you have a real need for them these days. But the funny thing is that Microsoft hasn't really rewritten the Distributed Systems Guide from the Win2K Resource Kit in its entirety, so people may be going back to that as a primary reference.

Microsoft = IBM

Microsoft is becoming the new IBM. IBM only stays in a business if they can make obscene margins or have a guaranteed locked-in revenue stream. Therefore it doesn't make sense to sell one-off consumer hardware unless you can lock the user into paying for it over an over again in terms of subscriptions.

Examples:

- Windows, Office -- obscene margins because they can sell the same product billions of times for no incremental cost, and now they're charging for subscriptions (Office 365, Windows 10 Enterprise.)

- Azure - obscene margins because all they have to do is build data centers and the control plane once, and locked in revenue by charging monthly for Azure resource usage.

- Server software -- guaranteed lock-in and revenue stream (software assurance, etc.) plus everyone is being funneled slowly into Azure -- I think the long term goal is to make it uncomfortable enough to run on-premises Windows Server that most companies will just move to Azure.

There's a reason why IBM doesn't sell PCs, printers, storage, or x86 servers anymore -- they can't make massive profits on them even if they do feed into larger deals.

Eternal struggle in EUC...

I've been doing this for a while in companies with a fair share of both types of EUC customer - totally managed and totally unmanaged. Just a couple years ago, VDI and BYOD was going to completely wipe out managed PCs, and everyone was going to access their core LOB applications on their phones. What always happens with these oscillations between full control and no control is that the dust settles and we wind up somewhere back in the middle.

A call center agent running one application in a highly regulated, locked down environment does not have the same requirements as an aircraft powerplant engineer or a creative type making marketing fluff. I think it's silly to throw out what works every few years just because Gartner or whoever says that everyone is headed that direction. It's the eternal struggle...IT pundits tend to reject the tried and tested in favor of the new and shiny. Everyone's so worried about being left behind that they immediately try to shoehorn their existing workloads into these "new ways of working." Progress isn't bad, and we always get neat pieces of tech out of these hype cycles, but we should add what we get to what's there already and only dump what's there when what's new is massively better in every way.

It's the way of the world

In the US, the kickbacks and bribes are much lower scale than the rest of the world, but the IT world is full of little stories like this here and there. A reseller pays the purchasing manager $20K to get on the preferred vendor list. A CIO gets pumped full of booze, golf and strip club visits until he signs the exclusive deal with Oracle/SAP/Microsoft. The CEO overrides the bidding on a contract to give his brother's company a sweetheart deal. The only reason this guy got caught was because there was at least some public scrutiny. If Detroit wasn't in such bad financial shape, I'll bet this would have never come to light.

I'm not saying it's right, but it does happen. Often the scale is so small in the context of a larger deal that companies just factor it into the cost of winning the business.

It's an Azure push

Most older companies (i.e. those who have been around for more than 10 years or so) have varying degrees of dependence on Windows Server.

- One of the biggest is AD - in pretty much every mixed IT environment I've been in, all the identity management has been in AD even if most of the servers have been Linux.

- Windows desktop apps delivered over Citrix are next -- both need Windows Server obviously

- The next is all the .NET web code that's been created since 1999 and continues to be created.

Microsoft is preparing for the end of these requirements by making it harder to resist Azure.

- When you buy a Windows Server VM in Azure, the license is included in the price, no cumbersome software assurance, or anything else needed.

- They're pushing Azure AD, federated identity and cloud management services like Intune -hard- because they know one of the other last reasons to have on-premises hardware is management tools.

- All the cool new stuff is being locked up behind these agreements to ensure they still get revenue Azure-style, monthly, for everything you deploy on site. Windows 10 Enterprise is the only way to get a fully manageable (from an IT perspective) client OS anymore now that Home and Pro are the "free" versions.

So I don't think Windows Server is going away any time soon, but how and where you run it is probably going to change. Look at how quickly CIOs heard the OpEx siren song and switched to Office 365. When they're presented with the bill for licensing, they'll move all their Windows workloads offsite.

This is actually good news

The entire Azure space is very confusing right now. Microsoft is trying with all their might to get people onto Azure AD -- just click here and you have Office 365! -- and Azure RemoteApp was to be one of the key ways to do it. The only problem is that you needed a proprietary client (last time I checked,) an Azure AD account, and the apps you publish had to run on the latest version of Windows, essentially unmodified.

The problem is that 99% of users who require RemoteApp/Citrix have at least 1 or 2 "senior" applications that don't perform well without a million tweaks, app compat shims, etc. Azure RemoteApp didn't give control over the individual VMs, so it was basically a way to serve up Office. In addition, the real hardcore Citrix users (healthcare and banking) tend to have really crazy application requirements, making traditional XenApp and traditional AD the solution, even if you deploy it in Azure.

Established companies vs. hipster startups?

Having worked in a non-security position for large companies, but having lots of IT security friends, the difference is the type of employee termed "security professional." In established companies, these people are the ones responsible for "real" security like PII, PCI, etc. for companies with millions of customers. They're the ones who get fired when the company has to give out free credit monitoring for a year in exchange for not improving their security. In hipster startups, they're the ones maintaining whatever crazy federated identity management solution their cloud providers have chosen. Either that, or their startup is producing the latest security "single pane of glass" mashup that they're trying to sell to big companies' IT security professionals. Either way, the pay is lower for startup employees -- in many cases they're playing the IPO lottery.

Interesting

I wonder how this will affect code quality. Most software written by the usual suspects (Accenture, Infosys, etc.) whether for private companies or for government, isn't exactly stuff that holds up well to public scrutiny. My experience in doing systems integration work has been that they do the absolute bare minimum to get their code to run and not crash under the laughably inadequate QA standard tests. (I think that's what they mean when they say "the needful." :-) )

As for open source, I've always wondered about that not being a developer. How is it possible to _not_ use an open source library, routine or anything else these days, especially doing stuff like web development? I'm sure there's lots of open source stuff buried in closed code. Web front ends these days are practically snapping strangely-named open source framework Legos together in a configuration that does what you want.

Classic Reg

Whoever came up with the strapline for the article deserves kudos - I LOL'd. You even got the sentence fragments down pat.

That said, this is further proof that political campaigns don't exactly employ the highest-caliber IT security geniuses on the planet. The Hillary e-mail server thing was just an "executive privilege" thing we see all the time in big-company IT, but what about all these email leaks from the DNC and others? I understand that exposing things to the Internet means they're likely to be exploited at some point, but I thought secure email was pretty much a solved problem these days. Unless of course, you use "12345" as your password...

This happens in the US all the time too

Any time an outsourcer comes in, even if they keep the existing staff it's almost certain that they will be replaced with cheaper staff as soon as they can. I've seen it a few times at companies -- Tata or Infosys comes in, takes the existing staff and slowly transitions the work offshore. It sucks, but they have to do it if they ever hope to make decent margin on the deal. Otherwise, there'd be no reason to engage in the business -- you'd just be a pass-through IT department with similar costs.

What makes it worse is that often, the outsourcer will start making the workers' jobs miserable in an attempt to accelerate the process. Paying for plastic forks seems to fall in that category, as does strict enforcement of work rules, capricious changing of duties, etc. Anything they can do to get people to quit voluntarily is just a bonus for them, as they won't have to pay any severance or extra unemployment compensation.