Pay for what you Use? Yes! And, then Use what you Pay for!

Too many Organizations leave too much money on the table. And then they talk about reducing cost.

ICT Cost reduction seems to be a Business driver for IT Projects. That may be valid for as long as the ICT Department is considered a Cost Center. The two major KPI’s are Total Cost of Ownership (TCO) and Return on Investment (ROI).

Both KPI’s can be looked at from the perspective of “cost”. I would rather look at it from the perspective of “Value”. A statement I make frequently: Any Organization can increase productivity by at least 30% without investing in software or hardware. You already have everything; you just do not use it the way it is supposed to or can be used.

That applies to IT Professionals (your IT Staff), responsible for both TCO and ROI, and it applies to your Users, mostly responsible for ROI. For IT Staff, what is missing, is Training and Certification on the Technologies in place. For Users there is a huge lack in PC Literacy. On the C-level, onboard a CTO, in the end, decisions are made here. Knowledge being the Key distinction here.

When engaging in the Knowledge space, IT will move from being a Cost Center to a Business enabler, a new perspective. It is called Digital Transformation.

So, we can have 2 conversations now, choose:

  1. Spend time scraping money out of all corners and get a marginal cost reduction as a result. Little impact on TCO and ROI.
  2. Start using what you pay for and squeeze all the Value out of your software and hardware investments. Exciting impact on TCO and ROI!

Something to consider for 2021 and beyond…….

 

Happy transforming….. !

Training or Learning, it is not the same

Kind of a re-iteration from a Blog Post I wrote in March 2019 (remember, pre-COVID19). You can read the Post here “Training means Train”

Now, we are in the middle of that pandemic and I am really, really getting so tired of all the Webinars, Exam preps, Learning videos and the lot of it. Let me quote myself:

Training is not the same as watching a “how-do-I-….” video on YouTube or attending a Webinar/Seminar. Training means practice, repetition, endurance, discipline, making mistakes, learning to understand why it is as it is. Training is an action; one needs to allocate time for it. Results will take a while. A new insight is not good enough if you do not practice the actions that come out of the new insight. The insight gives a moment of “aha”. After practicing it becomes obvious.

I never study or learn for an Exam, I only just practice, I train myself. The outcome is that I feel grounded in the matter. And in my line of business that matters! The two most important things here: allocate time and have the discipline. There are no shortcuts and no quick wins.

The point I want to make here, do not overwhelm yourself in attending too many webinars, videos, online learning programs, exam preps, etc. Set yourself some goals, dig in, TRAIN yourself and master the matter at hand.

One more quote: As a Microsoft Certified Trainer, I tell my students that the Labs are not about getting them done successfully. The Labs are about spending time on the technology, practicing. and learning to understand the why of the technology. The students train!

That is why I love the Role of being a Microsoft Certified Trainer!

 

Happy Training!

Remote Communication – Effective as Usual?

I sit behind my desk at home, I am working. But…. Where is my work?

I am a Consultant, I visit my Customers as frequently as possible, have face-to-face meetings on some topics, 2 or 3 meetings a day, sometimes continuing over lunch or dinner. I am a Trainer, nothing beats a full 5-day Training, locked up in a room with 10 persons: group-dynamics, frustrations on the Labs, the jokes, the unspoken things, the body language, the stories, a real white board. I am a Team Leader, my Team members reside in different countries, but boy, can we have some quality time whenever I am able to go there. I am a Public Speaker, standing on the soap box is the best place to be, Entertrain my audience. I attend the big conferences 3 or 4 times a year, meet with my peers, talk tech over junk food and beers. My wife is a high-school teacher, she sees some 180 kids a day in her Classroom, 5 days a week.

Now I sometimes have 5 or 6 back-to-back online meetings with my customers, sometimes with video, sometimes not. After 3 of those I have no clue what was discussed in the first one anymore. When was our last meeting again, the other day, like Blursday? I deliver my Trainings online, what are my participants doing? Are they paying any attention, are they working on their Labs? I try to schedule some informal meetings with my Team members, cancelled just as frequently, because we all have other priorities. I deliver Webinars now, talking to a microphone and looking into a webcam. What does my audience look like? I hope they nod every now and then, maybe they fell asleep. I recently attended the MS Build Conference online; it was 48 hours of content. I could not consume more than four 1-hour sessions a day. Not even with the junk food and beers included. My wife tries to deliver some classes online, seeing the kids in grid view, if they are willing enough to switch on their cameras. She got no support in using the tools, or how to deliver. Nobody is in control, but everybody tries their best.

And yet, we expect the same outcomes, the same results. The customer deals must be closed, the projects must finish. My participants must get the same value out of a virtual training to pass their Exams. My Team members are expected to be fully motivated and effective. My audiences are expected to walk away with the same insights. My motivation and ambition, I have to take care of that myself, not being able to “be” with my peers. The kids in my wife’s school get the same exams and are expected to make the same scores.

My point here is that we not only need to adjust the way we work, we must also adjust our expectations, the results, the outcomes. Our effectiveness and our “Return on Investment” are to be aligned with a new reality. We have to do without the power of real human interaction. We need new Key Performance Indicators, not based on the old ones (and then just a little lower) but based on the new reality. If we do not do so, we will all just be very unsuccessful, exhausted and frustrated.

 

 

 

WVD Notes from a NO-SBC fan

People who know me also know that I am no fan at all about Server Based Computing (SBC). Remote Desktop Services, Citrix, VMware, VDI, WVD, it is all the same complex and expensive misery to allow Organizations to keep on running their legacy Win32 Line of Business Applications.

This racket of mine is not new. Back in 2007 I joined a Dutch company called Qwise, and Qwise was one of the major players in The Netherlands on Citrix and App Packaging and deployment. I asked myself and my colleagues: Why do we do this? Why don’t we make all applications web-based? Who needs a Desktop, who needs an OS? Because Organizations run shitty Line of Business Applications.

Now we are 2020 and nothing has changed. SBC is still expensive and it is still very complex (also in the Cloud) because Organizations still run shitty applications…..

Okay, anyways, I have been doing some playing around with Windows Virtual Desktop as a Pilot in our production environment. It took me like a day or two to get it all up and running thanks to this article by Christiaan Brinkhoff . It is great that Microsoft will now manage the RDS Roles in the background. That surely takes away some headaches. And of course, provisioning on Azure is fast. Currently I do all of my daily job in a Virtual Desktop except for Teams Meetings. Pretty happy with the fluency and the performance. I oversized the VM’s a bit, I have to admit, but no fancy GPU stuff. I am waiting for the A/V Redirect to make Teams Meetings working.

There are quit some hoops to jump through setting this all up. I wonder how that is for less experienced people, there is much to deal with. My 70+ Microsoft Certs are well spent on this endeavor . Inova Solutions, the Company I work for, is a “Cloud Only” Company. I abolished all on-prem stuff, got rid of Active Directory, all happens from the Cloud and in the Cloud. The biggest “bummer” of WVD is that it relies on Active Directory. So, either put up some DC’s in Azure or deploy Azure Active Directory Domain Services. Back to Active Directory feels like “legacy” after doing only Azure AD and Intune for the last 6 years. Back to NTLM Authentication and GPO’s. I consider that a huge step back.

We also need to manage, one way or another, the end user device to enable these users to connect to their WVD environment including local printers, scanners and other devices, secure Corporate data, etc. WVD is not replacing those devices, WVD adds another Device per user, adding work to IT Staff to manage and maintain the complete environment.

In my previous Blog I wrote about connecting to (legacy) Line of Business applications for Remote Work. Not much to be found on “best practices” for WVD and those LOB Apps availability.

I can see valid use cases for WVD but maybe not so much for SMB unless they are served by a Managed Service Provider, the SMB’s in my customer base simply do not have the Knowledge for WVD. The Total Cost of Ownership for WVD, as it becomes so clear with the monthly bill from Microsoft for Azure consumption, may be considered high, I tend to look at the Value more than at the Cost. Valid Business cases can be written for deployment of WVD.

Anyways, I’ll keep on experimenting, trying and find valid scenarios for #WVD

The Big Underrated Issue in Working from Home

Although the initial anxiety on COVID-19 has dropped by now, lots of Organizations are aware that Remote Work is here to stay. And we see lots of applicable Technologies that can facilitate that. But mostly just up to the point where we come to “Line of Business Applications” (LOBs).

Most of my Customers have a pretty traditional setup of their IT Infrastructure in a on premises data center. Active Directory, member Servers running (legacy) client/server applications in sometimes a 2-tier infrastructure. The Local Area Network (LAN) sits in the Corporate Building and all Desktops have connectivity to the local data center. Some of these Customers started with moving some workloads to the Cloud, mainly email that goes to Office 365. Adoption and moving more workloads or starting to use new things in the Office 365 platform is going very slow.

And now we need to work remote. Outside of the Corporate LAN. That poses several challenges. For the sake of the topic I refrain from looking at processes relying on physical paper although a lot of my Customers still do so. Of course, that makes the challenge of working remotely even more complex.

The Devices

In most Office buildings people have a Desktop, I think in most cases, even in this COVID-19 situation, people are not allowed to take that one home. And even if they are allowed, it will not be connected to the Corporate LAN, so work as usual is not an option. Also, things like Group Policies (including Security settings) will not be applied to those Desktops. Corporate laptops suffer the same unless they are decently prepared for remote work. Lots of people will work on their personal device from home, or even their family device, Organizations have to realize that those devices are totally out of control. Then, users will use anything trying to accomplish their tasks using any application they can find. That list is endless by now and 99% of it fits in the category of “Shadow IT”, corporate data can and will flow anywhere.

Business Applications

Organizations can use a lot of different applications throughout their companies, per department or division. Some of them will just be a standalone application, a lot of them will tie back into a backend in the datacenter. Are these Line of Business Applications accessible for Remote Workers? Can they be made accessible, in a secure and user-friendly way? Some protocols to connect to these backends are not that suitable to traverse Wide Area Network (WAN) connections, resulting in a bad user experience or very limited functionality. Some Organizations already have some of their Applications accessible from outside the Corporate LAN; email is probably the most common one.

In general, a Client device must be fully managed and sit as close to the Data Centre as possible, preferably over Corporate LAN Connections. Add to that, a decent Data Protection configuration. That is the ideal situation. Or is it?

There are numerous options to make LOB Applications accessible for use outside of the Corporate LAN, and they all have their pros and cons.

  • VPN into the Corporate LAN; applications may seem very unresponsive/low performance, a simple thing like browsing a File Server is hard over a VPN connection. Can the VPN-appliance on the Corporate LAN side and the Internet connection handle the load? Are the remote devices secure? Can the “client” side of the LOB Application be installed on the Remote Device?
  • DirectAccess. Only available for Windows 10 Enterprise domain member PC’s. Transparent end-user experience (Always on), very secure (IPSec), Certificate based authentication, fully managed PC through GPO. Can the Corporate LAN side appliance and the Internet connection handle the load?
  • Web-based applications. These are relatively easy to expose and authenticate to. The http(s) protocol is designed for WAN Connections.
  • Re-architect application to Web-bases applications.
  • Remote Desktop Services. The actual (virtual) Desktop runs within the Corporate LAN. Modern RDP Protocols (or the proprietary Citrix and VMware ones) are designed for WAN Connections. RDS or VDI Services are expensive, they require large amounts of resources: CPU, RAM, Storage, Networking. It also requires Infrastructure specialists and Application packaging specialists. Managing and maintaining a SBC environment requires a lot of IT Staff resources.
  • Move LOB Applications to the Cloud. Make them available and accessible from anywhere. For “legacy” applications there is still the issue about the distance between the client and the server though.
  • Move LOB Applications to the Cloud AND build SBC in the Cloud like Windows Virtual Desktop (WVD). WVD is not cheap (resource intensive) and almost just as hard to manage and maintain as an on-premises SBC Solution.
  • All the above scenarios leave the end user device as is, unmanaged and not secure (except for Direct Access). With Microsoft 365 (Office 365, EMS, Intune) we can manage any device (Windows, MacOS, iOS, Android), implement things like Multi Factor Authentication, Conditional Access, Information Protection, Threat Protection, and lots of telemetry to analyze that all. The Office 365 portion allows for Communication and Collaboration (Email, Teams, SharePoint). Implementing Microsoft 365 will make all of the above scenarios easier and more secure.

What we can see happening right now is a myriad of all these options, which is fine as long as there is a Strategy or Vision stating where it leads to. If a Strategy is lacking all we are left with is a pile of unmanageable “spaghetti”. In the meantime, all scenarios could be valid under some specific circumstances. There is not one right way of doing it.

My “prefect picture” would look like “All Applications deployed in the Cloud, preferably as SaaS or PaaS Solution. All Devices managed through M365”.