More Content - Including Podcasts

Monday, November 29, 2010

HPSWU EMEA Update #1

Last night in Barcelona at the Vivit Worldwide chapter leaders dinner, Dr. Andreas Birk accepted the volunteer of the year award for his work in establishing and growing the TQA Special Interest Group.

Karen Semonsen, President of Vivit Worlwide, presented Dr. Birk with the award to a round of applause from his peers.

It was a fantastic evening of dining and fellowship at the 7 Portes restaurant. The Vivit Board of Directors hosted notable Vivit chapter and SIG leaders from across the EMEA region who braved the near whiteout conditions across North & West Europe to travel to the dinner the night prior to the EMEA HP Software Universe event, here in Barcelona.

Also honoured by special mention was Olli Laiho from Finland for his work on the TQA SIG. All the Vivit volunteers in EMEA and around the world are sincerely appreciated for their tireless efforts and personal sacrifices to share knowledge, build community, and promote advocacy in application and operations management software and best practices. If you are interested in connecting with HP Software users in your region/country/city, stop by the Vivit booth (B06) on the HPSWU Barcelona show floor (right beside the Demo Theatre) and ask one of our great team members for more information.

Prior to last nights festivities, the Vivit Board of Directors had spent two long work days sequestered in a board room to prioritise and assign the tactical workload that will make the Vivit strategic vision into reality. Future updates on the Vivit site will announce some of the results of this work, but it was the most productive board meeting I've personally attended, and the directors seemed to all leave surprisingly energised for a group suffering from jet lag.

If you're in Barcelona, and want to get an idea of some of the exciting things Vivit is planning for 2011, please make sure you stop by the booth, or look for any of the board members or chapter leaders wearing FC Barcelona jerseys under their suit jackets - and stop by the booth for you chance to win your own authentic FC Barcelona jersey. Boy, are we glad they won last night!

Monday, August 2, 2010

Building a Career in IT

I've been asked a few times "how do I get a job like yours?" which reminds me how fortunate I am to have had the professional experiences I've had which have gotten me to where I am today; but is also a reminder that there's lots more to do yet.

Build a Plan
The number one way I've gotten to where I have so far; and intend to continue on further, is by building a plan. I've always had 5 year strategic personal & professional plans, and 1 & 3 year tactical plans that roll over and are built on the over-all goal. Basically, I sit down and say to myself, "what do I want to have achieved in 5 years?" Something realistic, achievable, and measurable. The big goal for the next 5 years. Or goals, of course - why limit yourself to one? :-)
The big strategic goals can be as varied (professionally speaking) from starting your own business, to achieving a certain level of leadership, to becoming internationally renown in your field.

Make the Plan Do-Able
Next up, take that (those) goal(s) and break them down into smaller, achievable tactical pieces. Any major goal you set for your five year plan should be able to be broken into smaller pieces that build upon each other to get you to that goal. Undoubtedly, this will take some time, and take some thought. A key way I've been able to determine these achievable short-term goals is by finding a mentor who has achieved either that 5 year goal I've set for myself, or something similar. Build a relationship with that person, and allow them to coach you on what key pieces must be in place for over-all success.

Measure & Manage
So your five-year goal is set; you've also broken it into key milestones that must be successfully completed in order to reach that goal. Now you need to set yourself metrics so that you know if you're on track. Metrics such as: "I must have passed this specific certification exam by this specific date." While this is simply an example of a technical milestone, it shows that you have broken your goal into achievable peices, you've set a date for when you must have achieved that milestone, and helps keep you focused on a tangible reality, instead of a fluffy, feel-good goal with no substance. And hey, when you DO pass the exam, it's a reason to celebrate you being that much closer to your over-all goal. Equally important you need to have a management methodology for actions to take if you are veering off-course of those milestones. If you miss a date, what will you do? If you fail the exam, then what? Think this through, talk it over with your mentor, and make sure you know how to set yourself up for success.

Any of this is achievable, you just need to allow a reasonable amount of time, break it into do-able steps, set metrics to measure your progress (and determine how to correct if you're veering off-course), and keep focused. The timelines I've given are simply the ones I like to use; they don't have to be yours. But whatever you do keep the steps achievable, and seek out mentorship. That's a recipe for success.

Thursday, July 29, 2010

Day in the Life - July 29, 2010

Normal start for a Thursday; drive 30 minutes from my house to the Skytrain, ride the Skytrain for 30 minutes to Science World station, and then walk along the False Creek seawall (behind the Athlete's Village, under the Cambie St bridge, to Leg-in-Boot & the marina) and up the hill to my office at VGH to start the day.

During my walk I check my Blackberry for any urgent e-mails and notice I've continued to get messages once an hour from our pilot remote temperature sensor project indicating that a data closet has been at 34-35 C all night. Certainly not ideal, but shows that the pilot project is working excellently and that we have the objective information we need to bring to the facilities team to find a solution.

On the plus side, that's really the only email of significance so far today; that'll change but at least there's no emergencies this morning.

A review of my calendar and to-do list has me getting focused for the day ahead, and it's only just after 07:30.

Next thing to be working on is the Incident Management Working Group documentation; I need to review this in advance of the meeting I'll be attending with that working group on UBC campus later this morning. That also means I'll need to plan my time so I have the 30 minutes in advance to catch the shuttle from VGH to UBC. But for now, heads-down in to the documentation to make sure I'm ready. Although undoubtedly there'll be some other distractions before I walk to the shuttle...

Got to campus, attending the meeting, came out with progress and results; feeling good about that one. Shuttled back to my office and got heads-down into some paper-work that needed my attention. Got through that, and moved on to catching up with some of my team working nearby to find out what they are up-to today.

Back to the office, fielded some vendor phone calls, and got back to work reviewing documentation prepared by the team, provided feedback to senior management on other initiatives, and getting my team's incident & project management stats up-to-date.

Wrapped the day with a meeting with the Health Authorities to discuss some network gear status and developed a short action plan to deal with that, and then headed back to the skytrain for the trek home. Along the way home picked up more email on the blackberry and reviewed more network & process documentation.

And that's an average day - well, a little lighter on meetings than a truly average day, but pretty close!

In retrospect on the day, it's good to look at how I used my time, and determine how/where I can use it more wisely moving forward. I also have been reviewing my communications and trying to see where I can improve those. Always room for improvement, always lots to learn.

Thursday, June 17, 2010

HPSWU 2010 Part 1 - Behind the Scenes with Vivit

Thursday morning, my last day at the HP Software Universe, and after a quick breakfast with Jim Murphy from Pepperweed Consulting I'm covering the Vivit showcase floor booth until my team-mates finish their breakfast and start their shifts.

So I feel like I've been in D.C. forever at this point, as I flew in last Friday and have now been here almost a full week. While the conference only started in earnest on Tuesday, my arrival so much in advance was to attend the Vivit Board of Directors meetings all-day Saturday & Sunday.

What happens at these mysterious meetings is mostly a lot of getting organised for the year ahead, and making sure that the most important operational issues of managing an international users group are identified, prioritised, and assigned; and when we can, get action items with due dates!

One of the other big benefits is getting time with the HP executives and making progress on our relationship between the user community and the software giant.

Wednesday, April 14, 2010

To iPad or Not To iPad?

While technically the iPad isn't even available in my neck of the woods yet, that hasn't stopped enterprising Canucks who live near the border from ducking down across the line and bringing one home. Yesterday I got my first in-person glance at one during a meeting downtown, and was suitably impressed at the usability and form. But with the product soon to be more widely available, I have to consider whether I'll indulge in this product and give it the itManageCast "Seal of Approval" or pass it off as another techno-fad?

For the past while I've been coming closer and closer to jumping in and buying myself an e-book reader, but the problem I've had with the products breaks into one of two chief complaints:
a) too small
b) too limited in function

To me, the purpose of getting such a device is to lighten my briefcase, and have some side benefits of an administrative/remote access tool and ideally also include recreation/leisure capabilities.

Screen Size
Maybe it's just the age I'm getting to, but if I'm going to be spending any serious amount of time reading off an electronic platform, it needs to be bigger than a paperback. Especially since a lot of the material I plan to read is technical in nature, and will include diagrams, images, and colour. I want the ability to upload any PDF file or other document format I happen to get technical docs and white papers in, plus various e-book formats. This starts to really limit the field of currently available products. The 5-6" Sony readers are just too small for my uses. The format size on the Kindle DX would work (9.7" reading surface) and the current version supports PDFs natively.

The e-ink technology is amazing in various light conditions; I tried one of these last year at a trade show and was impressed by the ambient direct-light readability of the screen. But it's still only grey-scale, no colour.

Form Versus Function
Tablet PCs can do all of this, but they are WAY heavy; that footprint takes us out of the zone I'm comfortable holding & reading. What they do offer is the multiplicity of functions that I'm after.

So what am I looking for? I need a device that can be my reader and my notebook. If I'm going to move away from carrying paper I want to truly do that. I want a device that will replace my journal/notes and accommodate the copious notes I take in day, random and frequent updates to my calendar, various tech docs I want in my "hip pocket," Internet access, e-mail access, and the ability to create/read/edit simple documents on the go.

I don't think I'm alone in this, am I?

Additionally, if this same device can be used on occasion as a network console connection, all the better.

What's Left to Consider?

So I figure I'm looking at the iPad, but its got me a little jittery - it seems that it does nearly everything I want in the form-factor I want, but it's that "Apple lock-down" I'm not too certain about. Can I connect it to an external USB drive or an external monitor? How reliable and functional is the 802.11b/g/n connection? I've read reports that have noted issues. Not only that, but now the stories break that the 3G signal strength exceeds national standards in Israel. And how many other countries I wonder?

So what are the alternatives?
I recently came across a product about to be released by German manufacturers using a combo of Linux & Andriod for an O/S, and an Intel Atom processor. The product is dubbed the WePad, and it boasts a larger multi-touch display, although shorter battery life (6 hrs vs. the touted 10 of the iPad). WePad is worth looking at in my view, being a bit of an OpenSource bigot... WePad is due out in the market August 2010 in Europe, so I'll tell you what folks at Neophonie; send me a unit to work with for a week or so and I'll get my review out on what I think sounds like a viable alternative to the iPad.

Now I will commence holding my breath.

Monday, April 12, 2010

Security Perspective on Social Networking

Facebook, Twitter, LinkedIn... all words that can make the IT manager's skin crawl. The simple solution is to block the URLs at the firewall; once people are plugged in at the office, too bad, no social networking on work time. I think that's the way most IT manager's would prefer it. We're a bit of a draconian bunch, largely because this is the kind of stuff that just ends up making problems for us.

But is this the best approach? Other managers in the organisation may be concerned about morale, and want these sites available to their staff - well we certainly don't want to start creating exception rules in the firewalls or network compliance tools to manage which users get access and which don't. More business centric reasons exist as well; some business units may want to use these sites for market research, sales/marketing, recruiting, and other functions.

I've recently seen some interesting and creative use of combining the three main social media sites for marketing and recruitment processes. An organisation I was meeting with last week was telling me about how they use Facebook & Twitter accounts to monitor customer satisfaction with their products and services, and respond quickly to concerns from their customers or deal with urban myths about them that get propagated through these media. From a business perspective, that approach makes a lot of sense. This same organisation also uses individual LinkedIn accounts from their recruitment professionals as a mechanism to reach out to prospective new employees and contractors, and ties it all together with Facebook & Twitter promotion of new positions and recruitment drives.

So in this scenario, the IT team has to work with the other business units (sales, marketing, and HR) to make sure they can get timely access to the tools, ensure that they maintain corporate image and privacy, and verify the content of those sites - both what is "going out" and what is "coming in."

Where do you start?
Ensure first that the leaders of the organisation understand the challenges for the IT team, possible budget implications, and risks.

For certain, a review of existing organisational IT usuage policies. First off, so you have them in place? Secondly, have they been distributed (recently) and signed off? And lastly, does the language (hopefully not too "lawyered up" so that people understand what they are committing to) apply to this kind of scenario?

What questions should you ask?
Once you've established who's allowed to do what, it becomes a question next of enforcing the rules while allowing the business functionality that's been agreed to. Now we get into the business analysis side of the equation. Understand clearly what the business needs are so that your team can work with the rest of the business to deliver the solution that makes the most sense.

You'll need to look at technical considerations, some of which might be:
Will Twitter use be via the web interface, or 3rd party apps like TweetDeck?
Will you allow all Facebook apps, or try and block some (like games, etc.)?
Will this be allowed corporate wide, or group by group?

Who's already looking down this path?
There are developers such as Teneros and SocialWare who are developing middleware-like apps that monitor content for these sites, to ensure that the organisation knows what is going out or coming in. These tools have some limitations, so it's best to research the options closely, but it's good to know you HAVE options! SocialWare is particularly interesting to me and likely may be the subject of a future blog posting.

Check through your personal network (errr, via LinkedIn?) to see who else is in your shoes and dealing with this kind of challenge today. I was surprised to learn recently how many organisations haven't even started to deal with this from an IT perspective yet. I know we're busy, but...

As always, your feedback and input on this article is greatly appreciated; reply with your thoughts and I'll post them for continued conversation.

Wednesday, March 31, 2010

Patch Released to Remediate More Day Zero Exploits for Internet Explorer

A critical cumulative security update for MS Internet Explorer was released yesterday (March 30) as noted in security bulletin MS10-018. This patch deals with 10 (count 'em, TEN) additional vulnerabilities within the browser, 9 previously undisclosed and one that was made public. The one known vulnerability is specifically for IE 6 & 7, although the patch in general is advised for IE 5.01 through 8, and while MS rates this security patch as "moderate" for IE 8 on servers, why would you take a chance these days?

What are the Risks?
The known vulnerability for older versions of IE, referred to by the Common Vulnerabilities and Exposures group as CV-2010-0806, was first described in an older Microsoft Security Advisory and is a vulnerability that could allow remote code execution; as for the impact of the rest of the undisclosed vulnerabilities, Microsoft states the following:

"The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

Recommended Actions
Microsoft rates this patch from important to critical, depending on your desktop version of the browser. If you are leveraging automatic updating, this patch will get pushed to your end-users' desktop systems; if you manage your updates, be aware of this one and take the actions you judge as appropriate for your organisation to ensure servers & desktops using Internet Explorer are protected.

What Next?
This security flaw in the code for the browser seems to be oriented again around risks developing from phishing type attacks. IT managers & IT security professionals have to take this account in understanding the risk level and possible next steps. Applying the patch seems to be a given, looking at changing the default browser used in your organisation - well I'd be surprised if you weren't already considering that but there are usually many ramifications associated with that, including end-user training and most commonly used sites & applications.

Let's face it, for most of us there's just no getting away from IE completely.
This also brings forward the considerations around the social engineering side of the issue and how much of that we can control by managing where our users can go to on the Internet, and caching/pre-qualifying sites before users first access them.

In the meantime we contain what we can by educating our users, protecting the network as best we can without crippling the users, and staying as well informed as we are able. Hang on folks, this is going to continue to be a bumpy ride; hopefully I and other like-minded professionals can keep you educated on what is happening beneath the hype.

Friday, March 26, 2010

Five Top IT Security Trends for 2010

#1 Antiviral Products Move Away from Local Signatures
With the rate that variants of viri, trojans, and other attacks are coming out (approx 50,000 per day) signature based AV tools just can't keep up without bogging down the systems on your corporate network. So what are the AV companies doing to deal with this?

The leading AV companies are making a shift to where only a small subset of signatures are downloaded to your PC/network. The bulk of the testing happens "in the cloud" where the AV companies use cloud-based technologies to identify threats and note sites/exploits that need to be blocked and send that info to your AV clients.

The philosophy behind this is that there are basically two types of attacks; social engineering (downloads, phishing, etc) & computer attacks (exploit involved - identifies & exploits a vulnerability pre-existing in your computer).The theory is that they only need to worry about protecting against the vulnerabilities, if they are effectively dynamically blacklisting the social engineering risks via their cloud-based work.

#2 Increased Use of Application Whitelisting
The concept of whitelisting is that you block everything except a concise list of sites, addresses, or ports you wish to allow access to. This technology is being led by companies like Bit9 who have been working in this area for some time. Not a good technology for home users or large organisations to use for desktops because of the nightmare in keeping the list up-to-date, but this is a great tool for appliance-like technologies - ATMs, or any other purpose-driven technology. It is also worthy of consideration for use on servers.

#3 Enhancements in Firewall Rule Optimisation
More and more IT Managers are finding that they are struggling to keep pace with the rate of change they must apply to their firewall rules. This process also leads to omissions and redundancies in the firewall rules and ACLs. Firewall vendors and third parties have been releasing tools like Skybox's Firewall Compliance Auditor that bridge simply optimising your rules for increased efficiency and now start ensuring that they meet compliance rules .

#4 Increased Social Engineering via Social Media
Social Media sites like Facebook, LinkedIn, and others are continuing to become rampant hunting grounds for cyber-crooks, whether they are associated with organized crime or just script kiddies.

Creative cyber villains will continue finding new ways to exploit people that they'd consider high-value targets - this doesn't necessarily mean wealthy people; but instead it means a combination of the "low hanging fruit" - the people who seem to put a lot of information about themselves and their employers out on the Internet - and people who can be identified as working in organizations that are targeted for attack.

#5 Continual Evolution in Regulatory Compliance
Certainly not last but it rounds off this list as an important topic in computer security for 2010. Regulatory compliance continues to be a pressing topic for the leaders of our various organisations and therefore also for IT managers. As an IT manager, there are some key things that compliance should mean to us:
  • audits & audit trails in place & working
  • documentation showing current state of network & security (i.e.: configuration management)
  • change management processes in place & operating
  • clear understanding (& documentation) outlining key business risks how those risks are managed

For more in-depth analysis of these topics please contact itManageCast for a copy of the whitepaper titled "Top IT Security Trends for 2010."

Impact of Operation Aurora on IT Managers

The IT community is still talking about APT attacks, the fall-out of Operation Aurora, and organised malicious attacks and exploits. There's a lot of information and opinions out there, but the root question to most IT managers (and more-so to the executive/shareholders they ultimately answer to) is "what does this mean to my organisation?

How do you quickly assess the impact to your organisation? What is your level of risk?

The starting point is to have a non-commercial, objective understanding of what all this discussion is about. To understand the scope and impact outside out of the fear factor associated with trying to sell you something.

What Was Operation Aurora?
Operation Aurora was a specific organised type of APT (advanced persistent threat) attack that targeted intellectual property held by Google, and was also reported to have targeted up to 34 other organisations. The true target was suspected to be the email accounts of Chinese political dissidents on the GMail servers, and while aspects of the attack were reported as successful, the true scope of what information was actually captured has not been completely divulged to my knowledge.

The exploited code was a ground zero HTML object memory vulnerability in Internet Explorer (Microsoft Security Advisory 979352), which allowed a trojan to be installed on the compromised computer; the trojan would then contact command & control servers (located in Illinois, Texas, and Taiwan) over an SSL connection. The compromised system receives commands from the c&c servers, and also uploads data that it has collected. That data primarily consists of other machines within the protected network in which it resides which are also susceptible to the exploit and any private intellectual property. In particular, it appears that a target of this aspect of the exploit was the content of source code repositories. The vulnerability exploited is known as Hydraq and has been identified by most major AV & computer security organisations including Symantec.

What is the Risk Now?
Since the exploit is now known, you as an IT manager have all the tools at hand for the remediation the exploit on your computers. If your users do not make use of Microsoft Internet Explorer you've done some serious mitigation right there. Once the patch from MS is applied you've removed the risk for this particular trojan. If you have not had this patch applied in your environment, you still are at risk. Further, any infected systems must get cleaned. If you have systems currently infected, it may be very difficult to catch the infection purely by firewall means as the systems are communicating out to the c&c servers using a well known port. However, most of your end user systems shouldn't be making SSL calls out of the firewall, so that should be a good clue there.

Tuesday, March 23, 2010

Securing the Network Perimeter with Open Source & Common Sense

A few years ago, I was consulting at a large high-tech multinational on a network management project, when I learned about how they were protecting their network using almost entirely open-source tools and common-sense methods. I had seen (and applied) this same process in a smaller scale previously at significantly smaller customer sites where we didn't have the pockets to buy all the latest and greatest tool sets from the leading network security and management vendors, but never seen the solution truly scale.

Needless to say, I was impressed. It stuck in my mind, and as recent events have brought me back into researching network security trends, methods, and tools; the first thoughts I have been exploring are best practices for maximising security while minimising cost & resource impact.

Tuesday, March 16, 2010

Olympic Calibre Team-Building

A key part to a successful Olympics is having the various teams that need to work together functioning smoothly, and supportive of each other. During my stint with the 2010 Olympics I observed a variety of different team-building approaches, and also brought my own style to the table.
There can be times in the events world - like any other high-paced occupation - where the stress levels get very near or hit the breaking point for people, so the team-building, trust, and communications all being in place BEFORE that time is a crucial element of success.
Team-building should be viewed as a way to build that trust relationship within teams and between teams, as well as learn to understand different communications styles, personalities, motivators, and stressors for each person in that team. Teambuilding should not just be about the fun & game-playing (although that is what will draw people in and keep their interest) but everyone should walk away having learned something. Learned something about themselves & each other in one or more of those categories I described.

Throughout my Olympic experience I was involved in, led, and observed several different styles of team building. It varied from formal workforce (read HR) lead exercises for the management teams to impromptu celebrations and subtly motivational sessions by small groups/teams before and during the Olympics themselves.

One of the leaders who reported to me who I observed being really good at this aspect was my Telecom Manager. I learned a great deal from observing how he interacted with his team of very diverse skills & personalities, and kept everyone functioning to what appeared from a manager's point of view as a well-oiled machine of motivated and focused people. He used a variety of techniques but the number one thing I noticed was how he would always make things seem like they were grass-roots sessions, and the team always wanted to be involved. It never came across as formal or mandatory, yet was always well organised and everyone who participated had fun and knowingly or not, walked away having learned more about each other and how to work successfully together.

Depending on your level of leadership within an organisation, this can be a challenging task to come up with and lead these sessions, and one of the keys to making this easier I have learned is to be open & receptive (and have the team learn that you ARE that way) to ideas for activities to do together. Then take those ideas and find the ways to wrap the subtle learnings around them without making it a formal knowledge transfer situation. The first couple will always be a little tough; especially with a new team, or a team that is having challenges already. But if your motives are transparent & sincere, people will eventually buy in. Few people like to miss out on fun stuff at work.

Also, think about your connections & resources available through your work & personal networks, and how you can leverage those to bring the team together for fun activities. A small example of this from my Olympic experience was having arranged for our Technical Rehearsal Helpdesk Team & officials to get together in an impromptu manner when we had completed the last day's work during our TR2 sessions in December, and get snowmobile rides for a group picture in front of the newly placed Olympic Rings on Cypress Mountain. This was arranged by asking favours from my friends in the Sport Operations team, and made a huge impact on the team. Not everyone can use such a specific example, obviously, but it's the idea behind it that counts. It's the fact that you reward the team for working their butts of for you, but share that experience with others outside of the immediate team to show that you trust & value them, and don't feel that you need to keep them sheltered away from the rest of the organisation.

So build your team Olympic style - think big, be open to and solicit creative suggestions from your team, interact beyond the immediate teams to share the corporate culture, and take risks to have some fun & build trust. That's the key to an open communication.

Monday, March 15, 2010

Post-Olympic Updates

So you may have noticed that the many posts I had during the Olympics regarding progress, technology, and other assorted items all disappeared. The organisation I was working for asked me not to blog in such a level of detail about products used for VANOC operations, and out of respect for my current employer at the time, I removed all the blog entries.

That all said, I won't mention the specific product or manufacturer, but will resume posting about my experiences as Venue Technology Manager for the ever-challenging Freestyle Ski & Snowboard venue of Cypress Mountain.

While the Olympic Games are concluded (and Cypress got a special mention from John Furlong as the most challenging venue of the 2010 Winter Games) the Paralympic Winter Games are currently underway, but this go-round there is no adaptive Snowboard events, so we've shutdown the Olympic venue services at Cypress and the Logistics & Overlay teams are cleaning up after everyone else. The Telecom team (Bell contractors & subcontractors) who reported to me pre/during/post Games are also on-site removing cabling & telecom services from temporary & permanent spaces on request of the Cypress ownership & management.

And this puts me back to the job-hunt, reflecting on the incredible experiences I shared with the VANOC teams I worked with & led to make this project so successful, and looking forward to my next interesting challenges. After thoughtfully declining an offer to go to London to participate as a Technology Manager in the 2012 Summer games there, I'm looking at my options locally in Vancouver and environs and figuring out where to press my skills & personality into service next.

But in the meantime, how did everything pull together at Cypress to end up being one of the most successful medalling venues for Canadians in history?

Top of the list would be teamwork; teamwork between myself, my fellow A/VTMs at Cypress, my fantastic Telecom manager & his relentless team, and my dedicated and energetic results teams. Second would be the sense of enthusiasm from everyone which helped us get through some very long days (read: days/nights), and lastly would be a sense of humour... those three things were essential to get through days when you start to question "what are we doing here" as the rain poured down in rivers and the snow disappeared around us.