Category: blog

The Double Bind

Understanding Contradictory Messages

CBC provides three core IT services. Project Consulting, Managed Services, and Break-Fix repair. Regardless of which hat we wear, client interactions inevitably place us in what’s known as a ‘double bind’ situation.

A practical example to illustrate. Assume a client engages for a ‘simple’ break-fix replacement of a laptop hard drive. End users assume this is easily and quickly done. Remove cover, remove old drive, insert new drive, replace cover. 4 steps, what could possibly be ‘hard’ about this?

Glad you asked! Let’s review a few of the ‘easy’ upfront questions we need to answer prior to initiating a repair.

  • Is there data on the old drive requiring recovery or transfer to the new drive?
  • Is there a current backup of the old drive we can use to restore to the new drive?
  • Is there a like-for-like part available or do look at aftermarket replacement?
  • Are there 3rd party applications, (Adobe, Microsoft, etc.), to be reinstalled?
  • Are the 3rd party application license keys available?
  • Is the operating system, (Windows), properly licensed for reinstallation?
  • Is the repair cost-effective compared to a unit replacement?

Armed with answers to the above questions, we determine a course of action. This is when the double bind presents itself. End user expectations are now that we have the answers, the repair proceeds both quickly AND carefully. However we know that if we proceed too quickly and something goes wrong, we weren’t careful enough. If we proceed carefully and something goes wrong, we weren’t quick enough.

As experienced professionals, we are aware of the double bind contradiction and proceed utilizing the experience and best practices acquired over 30+ years. This includes setting appropriate end user expectations. If a potential client does not or is not willing to accept our work methodology, it’s probably not a good fit and both sides should move on.

Double binds are inevitable. The experienced IT professional plans accordingly.

The Magic Wand

What Is Our Value To You?

Let’s flip the script regarding what our repair services ‘should’ cost. It’s an easy exercise and requires you to answer one, simple question.

I have a magic wand in my backpack. If waving the wand fixes your problem and prevents it from happening again, how much are you willing to pay us to wave the wand?

Bye-Bye Birdie

Why We Deactivated Our Twitter Account

CBC deactivated it’s company Twitter account today. We didn’t have a gazillion followers or post a million tweets, nor did ‘likes’ and ‘dislikes’ move the needle in terms of our strategy and tactics.

We provide leading edge, scaleable, technical solutions solving complex problems for national and multinational organizations; safe, secure, enterprise class managed services to businesses without full-time IT staff; and affordable, quality, break-fix computer service, support, and repair to home office and residential customers.

Twitter, helps us achieve none of those objectives. The platform neither fulfills nor contributes to CBC’s mission. I want to say it was an agonizing process to get here…it wasn’t.

Readers are encouraged to join our Mastodon instance. You’ll find a curated list of posts from past, current and future industry legends, (Dave Winer, Molly White, Howard Rheingold, Cory Doctorow, to name a few). If thoughtful, insightful and provocative commentary on topical items are of interest, please join us.

There is minimal site moderation and we don’t track, advertise, promote or influence.

We Were Hacked!

Verizon’s Data Breach Investigations Report

Each year Verizon releases a report summarizing IT security breaches and across multiple industries. The Data Breach Investigation Report, is well written, easily readable, and free to download.

Below are several highlights and our additional guidance.

“74% of all breaches include the human element” – In other words, user actions are fully or partly responsible for 3 out of 4 security breaches. The attack surface of a multinational organization is considerably different from a home user, but both are fair game for bad guys. Review your particular threat model and implement baseline security controls appropriate for your environment.

“Three primary ways attackers access organizations are stolen credentials, phishing, and exploitation of vulnerabilities” – Use two-factor authentication wherever possible. Don’t respond to emails from people you don’t know. Never provide your username and password via phone, email or text message; even if you know the company. (Microsoft will NEVER send an email or phone call requesting your sign-in credentials.) Apply all security updates and patches to your computer, phone, and tablet on a monthly basis.

“The top vector for attackers to obtain credentials, implement a phishing attack, or exploit vulnerabilities is via web applications.” – Basically, the web browser is the primary way for an attacker to gain access to your system. We’re not here to tell you what browser to use. Whatever browser you use, install these two extensions, Privacy Badger and uBlock Origin. Also be sure to clear your browser cache frequently.

“The median click rate for email phishing campaigns is 5.8%” – A random email sent to 100 email addresses, will be opened by 6 people ! If you don’t know the person, delete the email. If the message is truly important, the sender will find a way to reach you.

“Devices and media are still more likely to be lost by internal actors than stolen by external ones.”– 80% of mobile devices are lost, not stolen.

“We’re too small, no one wants our data.” – If I’m a bad guy, do I spend my time trying to hack large companies with armies of super smart IT folks deploying robust security techniques and procedures? My time is better spent on small and midsize organizations with minimal IT staff and who usually don’t understand the value of their data. To paraphrase Jeff Foxworthy, “You know you’re a risk if the security plan consists of enabling Comcast’s firewall, copying QuickBooks company files to a USB drive, and taping passwords to the bottom of the keyboard .”

Voicemails

Almost Verbatim Responses When We Return Phone Calls
  • You didn’t pickup the phone right away
  • Who cares if you were servicing other clients
  • We snowbirds come down 4 months a year…drop everything when we call
  • We found someone ‘cheaper’ — and it took you 10 minutes to respond
  • We found someone ‘cheaper’ — none of us know what the problem is — but he said it would cost $40 — no matter what
  • You helped us 5 years ago…why didn’t you call us back right away
  • I have a tech coming tomorrow — if it doesn’t work out, we’ll call you
  • I saw a sign at the traffic island to call an 800 number for a free repair
  • I’ll send you a screenshot — just tell me what I need to do for the fix
  • Why do i need to replace my perfectly usable 15 year old Windows 7 computer
  • My inkjet printer is 7 years old and cost me $100 — why are you trying to screw me by saying it’s not worth the repair
  • Yes, I want you to drive from North Port to Siesta Key during I-75 rush hour to replace my $20 keyboard –but I’m not paying travel time
  • Why can’t you just replace the Verizon FIOS cable, they will never know