So tell me something, how much sense does it make to pay anywhere from between $150 and $250 an hour for a consultant to come in and then tie their hands to the ankles by telling them they can’t actually do any of the work.
That’s the situation I find myself in. The customer, a fairly large company that provides consulting servers, managed hosting, etc, brings me in to help them figure out some SRDF migration issues.
They give me a cube, a phone, and a connection out to the internet so I can get email.Â
What I don’t get however is access to ControlCenter, any of the hosts, or any of the Storage arrays.
Today I spent 8 hours on the customer site and because I spent most of my time waiting for everyone else to gather information for me, got about 45 minutes of real work done in that time.
As Forrest Gump says, “stupid is as stupid does.”
2 comments
I recently did some work on a military site in the UK and the whole time I worked there, about 4 months, my official security clearence never came through. So I was not allowed to even touch a Unix server. However, because the following SAN tools were not understood by the security guys they did not fall under their remit and I was allowed unrestricted access to them –
Brocade CLI and Webtools
HP XP Remote Web Console and XP CLI
Im certain that more damage could be caused from these tools than from me logging on to the Unix servers. But hey, I wasnt about to run to the securoty guys and tell them that, as that would have meant I couldn’t do any work at all.
Funny thing was, much of the SAN kit still had default passwords for root access. Hmmmmmmm makes you wonder.
BTW we did change the default passwords 😉
Point being, I was there for 4 months and still couldnt do my job properly, and I wasnt cheap either.
Author
You know – I was in an airport once a while back, shortly after the “No Gels and Liquids” ban went into effect, and I overheard a pilot talking to a flight attendant, griping about having had to give up his Toothpaste.
His comment struck me as very ironic – he said: “You know, I could flip a plane over and fly it into a mountain, but I can’t be trusted to brush my teeth during the flight.”
Kind of the same situation. The person who runs the storage has control of the world. Take the storage down, you could bring down hospitals, business, anyone really.
If they won’t give me root access to the host to verify the scripts I’m running, that’s actually *MORE* risk, not less. Because when I’m running a configuration script against the symm to de-present devices, the Symm doesn’t care if the device is in use, it’s going to mark it not-ready, unmap it from the front-end port, and if I’m dissolving the metavolume it will destroy the data.
The funny part is most of the people I work with won’t know what the script is doing, I could hand them a script to run to restore the box to a factory state and they wouldn’t know the difference.
But – I’m a professional and my job is to protect data, not to destroy it. I even make my customers sign a data-destruction letter any time I’m dissolving used (pre-owned?) devices, because I want them to understand exactly what it is I’m doing and what the risks are.