Behind the Screens: My Experience at Diamond IT

Behind the Screens: My Experience at Diamond IT

No Comments

TL; DR: Navigating Challenges at Diamond IT: A Call for Change

Starting my Project Engineer (Sr. Professional Services Engineer) job at Diamond IT (Bakersfield, CA) was fraught with issues, from needing login credentials for my workstation to dealing with outdated and malfunctioning equipment. My optimism for a structured training phase quickly faded as I encountered disorganized sessions and a lack of support, which left me feeling isolated and undervalued. Despite identifying a significant client opportunity early on, my efforts were ignored, mirroring the company’s broader issues with communication and follow-through.

The promised cultural and operational transformation at Diamond IT never materialized, leaving me to navigate a workplace dominated by a small-world mindset, where mid-level leaders, entrenched in their ways, sold dreams but failed to deliver tangible results. My tenure ended abruptly without feedback or discussion, reflecting the company’s deeper problems with transparency and engagement. This blog post reflects on my time at Diamond IT, highlighting the need for genuine commitment to employee support, effective communication, and alignment between stated values and actions.

Simon Sinek: “A team is not a group of people who work together. A team is a group of people who trust each other.”

A Rocky Start

My introduction to Diamond IT was anything but smooth. Imagine the anticipation of starting a new role, only to be met with a critical oversight: Not only did my hiring manager make virtually zero contact in the weeks leading up to my start to talk about their plan, but my workstation arrived on the Saturday afternoon before my Monday start date without login credentials or any setup instructions. This wasn’t just an inconvenience but a red flag waving in the welcome breeze. Despite my proactive approach—sending urgent messages to alert my handlers (4x People) of the predicament—these responses for help echoed unanswered.

The situation escalated to the point where I had to resort to an emergency escalation in the early morning hours of my start. This experience relates to the ideas I discussed in “The Call-First Conundrum: Rethinking Tech Support Efficiency,” where I advocated for empowering users with self-help resources and proactive support. My experience highlighted the need for streamlined processes and quick assistance to ensure a smooth onboarding and productive work environment, especially if you offer onboarding as a service to your clients.

Less than a week later, my machine began freezing and crashing repeatedly. Realizing they had sent me a device running EOL (End-of-Life) Win 10, I had to spend most of a day wiping, reinstalling, and bringing myself back online with Win 11. From there, this used computer with evident physical damage to the upper-right-hand side of the screen just kept creating more problems with USB docks and other peripherals, often leaving me troubleshooting loud popping noises coming out of my speakers, hinting at potential motherboard failure without quite reaching that point.

Ironically, I had worked at the manufacturer for over a decade, making this experience the epitome of irony as it blocked my work and forced me to deal with secondhand equipment issues. These incidents were my first encounters with the company’s systemic communication and resource allocation issues, setting a tone of frustration and concern right from the start. Nobody seemed to pay attention to detail, and they needed to be more thoughtful regarding how my experience as a remote worker was unfolding.

W. Edwards Deming: “It is not enough to do your best; you must know what to do and then do your best.”

Quiet Before the Storm: The Whale Referral

Shortly after joining Diamond IT, I introduced an opportunity that could have significantly altered the company’s trajectory. This was a warm lead I had nurtured even before my tenure began. A large Private Equity firm overseeing a slew of lucrative companies had built trust with me and proposed expanding into their portfolio with another 130+-seat client engagement—a ‘Whale‘ in the truest sense.

My prior engagements had paved a solid path, including discussion of per-employee pricing with this potential client’s CEO and CFO, setting the stage for what should have been a fruitful collaboration under Diamond IT’s banner. This lead was handed over within my first week, a testament to my dedication and a potential early win for the company.

However, my anticipation for a swift and enthusiastic response from Diamond IT’s senior leadership faded as time passed. My emails and follow-ups seemed to vanish into a void, leaving the ‘Whale‘ referral adrift. The silence was perplexing, particularly given the magnitude of the opportunity at our doorstep—a lucrative opportunity that validated my capabilities and potential contribution to Diamond IT.

The situation grew increasingly ironic when, after months of unyielded attempts to get this referral off the ground, the marketing team approached me with a proposal for a new referral program. The irony was biting; there was an initiative to garner new business pitched to me while my significant, ready-to-convert referral languished unattended.

As I mentioned in my “Internal Battles” blog post, this experience echoed the reluctant hero syndrome I had encountered, but this time from a seemingly non-existent Sales team. That challenge was marked by minimal assistance and last-minute heroics, often overshadowing proactive collaboration.

The company’s failure to follow up on this lead also, in my opinion, demonstrates a disconnect between their stated client-centric approach and their actual actions, which I touched upon in “Beyond Assumptions: Sailing Toward Customer-Centricity.” As I mentioned in that blog post, true success lies in understanding and prioritizing customer needs rather than making assumptions or letting opportunities slip away.

My efforts to bring a game-changing client into the fold were not only overlooked but were bizarrely juxtaposed against a backdrop of inaction and missed opportunities. In my mind, a genuinely customer-obsessed company could never let this happen!

It was difficult having to delay a lucrative client for months while waiting for a response from Diamond IT. I’ve invested years into building relationships and securing referrals like this, so it’s frustrating to realize that I could have pursued it on my own and brought in significant revenues instead of embarrassing myself in a gut-wrenching waste of an opportunity.

Peter Senge: “Learning is not compulsory… neither is survival.”

Mirage of Mastery: The Training Paradox

The optimism I had for a structured and enlightening training phase quickly dissipated. What started as a seemingly robust plan on paper became a series of mismanaged encounters and missed opportunities. My first interaction with the company’s so-called ‘Wizard,’ the gatekeeper of many of Diamond IT’s critical systems, indicated the chaos to come.

Not only were they completely unaware of our multi-day, multi-topic, multi-hour 1:1 scheduled training, per their own onboarding process, but the response—’What do you need?‘—left me questioning the coherence of the training strategy. Even if, for some reason, the meeting wasn’t appropriately scheduled, my expectation was that as a critical knowledge resource within the company, they would be aware of a new employee’s presence and their own role in their own training process.

My one training meeting concluded without clarity on simple topics, like preferred communication methods or how to handle escalations; no matrix or guidance was provided on who to contact for specific issues. My attempts to connect with the Wizard through Teams were redirected to email, only to be told later—usually after a day—that email wasn’t their preferred contact method, suggesting I submit a ticket instead, and so on. This cycle of communication misdirection only emphasized the distance between us.

When we spoke, the reluctant tone and look in their eyes revealed uncertainty, fear, and discomfort, marking me as an outsider from the start. This initial interaction foreshadowed my subsequent experiences. Despite their apparent engagement with others in the company, their interactions with me felt like an attempt to erect barriers, albeit without explicitly stating so.

As the days unfolded, it became increasingly clear that a genuine interest in my development was missing. This lack of preparation and engagement wasn’t just an oversight; it reflected a more profound, systemic issue with Diamond IT’s approach to my development. This indifference could be rooted in several factors: perhaps some of my collaborators disagreed with my hiring, preferred another candidate, or harbored discomfort towards the new ‘transformational‘ hires changing the status quo.

Whatever the underlying reason, the burden of this problem was unceremoniously shifted onto me, embodying an apparent disregard for their responsibilities and a potential underlying disdain not just towards my handlers but towards me as part of this new wave of change.

The excitement I initially felt for their weekly Friday training sessions quickly waned. I was bombarded with messages urging me to disconnect from assisting clients with their urgent issues to join these sessions, challenging my judgment. This insistence, especially under the banner of being “client-obsessed,” struck me as odd.

Despite being swamped with projects, the expectation to notify and obtain approval from three Managers if I couldn’t attend seemed more suited to a school setting than a professional environment. It was as if they were accustomed to managing a team of insubordinates needing constant supervision rather than professionals.

Working with these ‘Teachers‘ became less about learning and more about asserting control. The facilitators, with a clear preference for rank-and-file discipline, often reduced my role to that of a token participant, occasionally tossing me trivial questions to create the illusion of my involvement. This approach, steeped in a desire to maintain a rigid hierarchy, made genuine collaboration or contribution impossible.

Evidently, my presence unsettled them, challenging their identity as the undisputed authorities within the room. Rather than harnessing the diversity of experiences I brought to the table, they sought to reinforce their dominance, converting what should have been an opportunity for collective growth into a display of ego-driven power plays. This dynamic stifled the potential for meaningful exchange and showed a profound misunderstanding of leadership and mentorship.

The situation was more than just a source of frustration; it directly impacted my productivity. I was ready and willing to learn and adapt. Yet, I found myself without the necessary support or resources—a surprising and disappointing reality, especially given the company’s public image and promises.

The whole experience made me think of natural diamonds—not for their sparkle but as a reminder that even the most esteemed entities can have flaws. It’s a poignant metaphor for the company: outwardly brilliant, yet upon closer inspection, seemingly lacking in the very facets that genuinely matter.

Albert Einstein: “The only thing that interferes with my learning is my education.”

Lost Signals: The Communication Gap

Effective communication and training are the lifeblood of any successful organization, yet both seemed to need more supply at Diamond IT.  My requests for guidance on critical issues impacting my projects were often met with silence or lots of “Yeah, I’ve seen that before, “after the fact that never prepared me for these well-known major client-impacting blockers and obstacles.

When I was lucky, the responses were only delayed, and other times, I’d never receive one, left on read in Teams, leaving me to navigate complex client issues with Diamond’s recommended solutions, all without proper guidance.

Each attempt to get help from the experts while doing my job introduced new obstacles—unanswered emails, ignored requests for clarification, and a pervasive sense of being an outsider trying to decipher why I always seemed to be chasing down the tribe members.

The irony of the situation was not lost on me: a company that prided itself on its tech prowess and client service failed to apply the same principles to its internal operations, at least from where I was sitting.

The “Groundwork for Greatness: The Knowledge Path” blog post highlighted the importance of comprehensive documentation and knowledge sharing. However, based on what I saw in the documentation system, these practices needed to be more present within the company.

The training process relied on a “learn by doing it wrong first approach (in client environments) that left me feeling unsupported, harassed by proxy, and shifted in opposing directions as I received conflicting advice. But, most of all, and to the temporary detriment of my mental state, I felt entirely ill-equipped to serve clients effectively, especially given my sky-high billing rate.

At the same time, the disasters borne out of previous neglect that I was uncovering in client environments on nearly every project were largely being flat-out ignored by everyone I tried to contact about them; aside from the occasional reply, there was little or no substantive follow-up. These were severe problems in some cases, like unstable Active Directory domain controllers, failed activations, and crashing servers.

As I discussed in “The Call-First Conundrum: Rethinking Tech Support Efficiency,” empowering employees with the right tools and resources is crucial for delivering exceptional customer service, but Diamond IT seemed to fall short in this regard when it came to supporting my success.

The lack of effective communication channels and lack of comprehensive training at Diamond IT mirror the struggles I highlighted in “Internal Battles: Unsung Heroes of Customer Support.” Just as I emphasized the importance of empowering support teams with the right tools and resources in that blog post, my experience underscores the need for robust training programs and open communication to ensure employees can deliver exceptional service.

George Bernard Shaw: “The single biggest problem in communication is the illusion that it has taken place.”

Visionary Clashes: The Cultural Rift

Amidst the challenges I faced, I’d always held onto what I believed would be a future turning point: The hiring manager’s entire “sell” of the company to me was based on the fact that they were championing a “radical transformation” within Diamond IT aimed at propelling the company to new heights based on their past successes in other roles.

However, as months passed, it became increasingly clear that the promised overhaul had yet to materialize meaningfully. Key performance indicators (KPIs), employee reviews, technology standards, process guides, quality initiatives, and even the most basic enhancements in quoting and delivery—hallmarks of successful MSP leadership—remained notably absent, and this leader had been “transforming” now for over ~9 months before I arrived!

My interactions with them left me questioning whether their previous successes resulted from their direct influence or simply the fortune of stepping into roles within thriving environments. This skepticism was further reinforced by my experience with my outside consultant Manager, who, despite claiming to “work with numerous MSPs” in nearly every conversation, never seemed to have any anecdotes or ideas on improving our processes.

The lack of engagement with our tangible progress and innovation during my interactions only compounded my doubts. This experience reminded me of the “Wizard of Oz” syndrome I had written about, where the illusion of competence often overshadows the reality of organizational dysfunction.

The company’s culture, touted as “Client Obsessed” and “We’re all in this together,” seemed to falter in practice when addressing my needs. Requests for help often went unanswered, and conversations would abruptly stop without reason, drowned out by the constant stream of memes and random humor in the company chat; meanwhile, I was drowning in work, desperately seeking assistance from a tribe that, from the very beginning, largely ignored my contributions and creations.

This disconnect between the stated values and the actual behavior mirrored the tribal mentalities I had discussed in “Crafting Culture: The Balance of Ego, Bias, Beliefs,” where the pursuit of likability and social acceptance can hinder genuine collaboration and client focus. The gap between a company’s espoused values and the reality of its work environment highlights the impact of leadership’s actions and the importance of aligning words with deeds.

Without a solid foundation of aligned values, authentic collaboration, and a genuine commitment to growth, the dissonance between words and actions becomes increasingly apparent, ultimately undermining the progress and success the company seeks to achieve.

Sure, there’s an undeniable thrill in attracting and recruiting A-players, convincing them to join a company with the promise of a transformative culture and environment. However, delivering on those promises is a formidable challenge for even the most skilled dream salesmen, especially when confronted with the conscious reality of day-to-day operations.

As I pointed out in my blog post, a culture prioritizing likability over competence and failing to foster genuine collaboration can hinder growth and success. In the case of Diamond IT, this tribal mentality has created an echo chamber of neurodivergent leaders and heroes who leave little wisdom behind, effectively severing the company’s capacity to grow and adapt.

For leadership, joining the tribe represents a form of surrender, a concession of “I can’t transform you, so I’ll become one of you,” acknowledging that immaturity is the actual barrier to growth. Still, as you can imagine, when they are a part of the problem, that dynamic goes right over their heads.

Peter Drucker: “Culture eats strategy for breakfast.”

Navigating the Maze of Indifference

My attempts to bridge operational gaps also met with indifference. I’d recently delivered concise summaries of the issues to my manager, asking them to please take action or at least acknowledge them. The response—or absence thereof—was revealing. They asked, ‘What do you want me to do with this?’ The question clearly highlighted a lack of initiative and an overtly casual approach to problem-solving.

Despite their busy schedules, their claimed expertise in working with MSPs seemed to translate into nothing more than a series of rushed calls with little substantive follow-through. While busy on the surface, this pattern of activity needed to have a meaningful impact on our challenges, revealing a disconnect between purported expertise and actual effectiveness.

This disconnect wasn’t just a barrier to my personal growth; it was emblematic of a broader cultural malaise. The absence of a solid foundation of documentation and standards, the reluctance to engage in meaningful mentorship, and the overarching resistance to change were not merely hurdles to overcome. They indicated a company in stasis, seemingly content to repeat past mistakes rather than learn from them and evolve.

As I navigated this friction of inefficiency and neglect, I couldn’t help but reflect on the opportunity cost—to myself, the team, and the clients we served. The ‘Wheel of Friction‘ and ‘The Cycle of Disconnect,’ as I came to refer to them openly, were not just a metaphor but my current reality that I wrote about to try and distill our problems into something easy to understand and not entirely negative.

Here’s what I sent over:

‘The Wheel of Friction’:

“Starting behind, we rush to clear our backlog, but without documentation or standards, progress is slow, increasing friction for newcomers. They face many unexpected issues, which, although known internally, are undocumented. This cycle of encountering known problems and deferring documentation puts us continually behind, creating a ‘Wheel of Friction’ that hampers acceleration and learning.”

‘The Cycle of Disconnect’:

“This cycle of repetitive problem-solving without capturing learned solutions ensures that newcomers and even seasoned team members encounter old issues as if they were new, slowing progress and perpetuating inefficiency. We blindly navigate our projects by failing to document solutions and operating without clear standards. This approach, akin to walking in the dark, prevents us from foreseeing and avoiding recurrent obstacles, ensuring we remain perpetually behind. Our attempts to move forward are hampered by our reluctance to illuminate the path by acknowledging and documenting our current reality, including the state of our systems and the details of our execution strategies. This cycle of undocumentation, vague guidance, and reliance on top-of-mind execution undermine our efficiency and capacity to learn, adapt, and ultimately, succeed.”

In documenting these challenges, my goal was not merely to vent or criticize for the sake of it. It was to hold up a mirror to the organization to underscore the need for a fundamental shift in culture, mindset, and operations.

Still, my insights didn’t land well with my handlers ‘small world‘ mindset, even though I’ve been navigating the corporate cosmos for years, collaborating with evolved beings. I’ve already journeyed to where they’re aspiring to reach and understand the mechanics of organizations that have achieved what they’re aiming for, and this, in my opinion, is far from the the path to success.

Observing them confidently botch things up, struggle to collaborate, and then give me the cold shoulder for highlighting what was glaringly evident turned my weekdays into a surreal, never-ending loop. It was like living in my own Monday through Friday version of the Twilight Zone, where pointing out the obvious made me the outsider.

This cycle of encountering known problems as if they were new, perpetuating inefficiency through a lack of documentation and standards, was a drag on progress, a barrier to learning, and, ultimately, in my mind, a disservice to the ethos of innovation and excellence that Diamond IT purported to uphold during my interviews. Seeing the team mishandle tasks and let down clients was like witnessing a slow-motion disaster from my desk.

As I saw it, the path forward required not just recognition of these issues but a commitment to action—a commitment that remained elusive during my time at Diamond IT.

John C. Maxwell: “Change is inevitable. Growth is optional.”

An Abrupt Farewell

One day, my journey with Diamond IT came to an unforeseen and unexplained end. My dismissal was as surprising as it was unceremonious, with no prior discussions, feedback, reviews, or indications of dissatisfaction from management. This abrupt conclusion left me reflecting on the missed opportunities for dialogue and improvement for myself and the company.

Despite my dedication—evidenced by my high project utilization rates (~70-80%+) only four weeks into my training, extensive overtime (40+ hours) in the early months, and consistent resolution of client issues (100%) along with closing half a dozen projects—many were half-done, and several were left aging in precarious states for over six months.

I also produced nearly 80 documents in IT Glue filled with valuable wisdom for ongoing projects, such as tons of useful PowerShell scripts for troubleshooting and over 17 essential fix articles for problems I’d encountered with the current tech stack. Nothing of this caliber existed anywhere in IT Glue when I was employed.

This was all before I hit my 90 days with the company! I’m a rockstar, by definition, and I don’t even require all these backup singers and stage performers. I do my job well and take quality and client impact seriously.

Months ~1-3: For the first three months, my sole point of contact was limited to weekly 30-minute calls with a consultant who, despite having been an executive of some sort for almost 15 years, seemed as removed from the action as one could be. This pivotal detail, curiously omitted during the interview process, became a thorn in my side. In my attempts to connect and cut through the act, I reminded them of my history with over 30 managers, hinting at a desire for genuine, substantial interaction rather than the superficial exchanges we were stuck in.

At one point, after getting nowhere with them, I made my stance clear: “Let’s drop the act; I see through it.“. Yet, my straightforwardness seemed to make no impact, met with uniform indifference that only reinforced their distant managerial style.  I found it disconcerting to be managed by someone who couldn’t harness their past leadership experiences. It was as if their ability to lead effectively depended on others’ competence rather than their own initiative. This shift—to being overseen by someone whose guidance was as insubstantial as a stand-in rather than the seasoned professional I expected—was both ironic and exasperating.

Month 3, Week 4: Senior Manager: “You’re doing a GREAT job!! `You ramped up quickly; it’s unbelievable, and there were no client complaints. Things are going really well. I realize I have been neglecting the projects team, and I will set more 1:1 calls with you and start helping the team.”

Month 4, Week 1: Senior Manager: “You seem a bit frustrated, and I just want to be sure you’re still on the team. I know there are problems, and things are a mess right now, and I’m sorry.”

(To which I agreed, I was committed to a better “future,” and we both acknowledged the current reality compared to where we wanted to be… They realized this and showed weakness in their tone, conveying that I’m a key part of the rescue effort to make this plan work.)

Month 4, Week 2: “This shouldn’t be a surprise. You know there have been problems, and yeah, it’s not a good fit, so let’s cut to the chase we’re letting you go.” 

(I asked the HR consultant if they knew that nobody in the company had ever said a word about a problem before this call. They remarked that they “needed to look at how they offboard people.” Meanwhile, I was a full 30 days past my 90-day review, written contractually into my employment agreement?) 

The abrupt nature of my departure from Diamond IT connects to the themes of transparency and trust I explored in “Finding Good Vendors: Lessons from Dental Chairs.” Just as I stressed the importance of choosing vendors who prioritize client well-being and maintain open communication, my experience highlights the value of fostering a culture of transparency and dialogue within an organization.

The lack of formal feedback and opportunities to voice concerns at Diamond IT undermined the trust and collaboration necessary for me to be in a thriving workplace.

Brene Brown: “Clear is kind. Unclear is unkind.”

Future Lessons: Wisdom Gained

Though fraught with challenges, my time at Diamond IT offered valuable lessons on the importance of communication, leadership, and organizational culture. In reflecting on these experiences, I propose the following recommendations for ANY company or individual, drawing from the insights shared in my previous blog posts:

  1. Live Your Culture: Align actions with stated values, fostering a genuine commitment to client success and employee support. Encourage open communication and collaboration, ensuring no one is left behind in pursuing excellence.
  2. Embrace Standards and Documentation: Establish clear standards and invest in comprehensive documentation practices to ensure consistency, efficiency, and scalability. Break the ad-hoc, top-of-mind decision-making cycle and empower employees with the knowledge they need to succeed.
  3. Empower Employees with Training and Resources: Provide robust training programs and equip employees with the necessary tools and resources to deliver exceptional service. Move beyond the “learn by doing it wrong” approach and cultivate a continuous learning and improvement culture.
  4. Foster Authentic Collaboration: Encourage genuine collaboration and break down silos like ‘Tribes’ that hinder progress. Create an environment where everyone’s contributions are valued and teamwork is the foundation for success.
  5. Embrace Expertise and Continuous Improvement: Welcome the insights and expertise of experienced professionals, using their knowledge to drive innovation and growth. Continuously seek opportunities to learn, adapt, and evolve as an organization. Don’t be intimidated by competent people and feel they’re threatening your standing in the company simply because they know similar things.
  6. Transition From Oversight to Empowerment: Shift from a “babysitter” approach to one that values autonomy and personal accountability. Encourage your current people manglers to guide rather than micromanage, fostering an environment where employees are trusted to take initiative and make decisions. This empowers individuals to manage their responsibilities effectively, promoting a culture of self-sufficiency rather than dependency.

My narrative shares personal experiences and urges Diamond IT to reflect and grow. By addressing highlighted concerns, the company can achieve its true potential, fostering an environment rich in transparency, respect, and shared success.

It’s important to acknowledge the many amiable and diligent individuals within the company who were committed to quality and client satisfaction yet hindered by their inability to effect change, especially in the Service Department. Despite the challenges, there were many enjoyable moments and remarkable team events, like our memorable Christmas party in Bakersfield!

I wholeheartedly support Diamond IT’s family leadership, including the CEO.  They were very kind and helpful outside of the technical work. Their integrity and openness to new perspectives for the company’s benefit mirror my own approach to business growth.

However, with their newly chosen leaders, achieving their collective objectives should have taken much less than a year to show real progress. Simply introducing these ‘Big Ideas‘ and selling that dream to the team, then failing to materialize it, is nothing new; just another illusionist leader using smoke and mirrors to buy more time to figure it out.

Aside from selling expensive tickets (salaries) for their unskilled entertainment, their actions have yet to demonstrate that they can replicate the success of their previous roles in actively steering any growing business toward its objectives, especially when faced with the challenge of transforming a less-than-functional environment.

Effective leadership means setting clear goals, building a genuine team beyond tightening tribal bonds, and achieving tangible progress. My concern, possibly echoed by others, regards the company’s direction under current advisement—valuable for lessons on what to avoid, yet missing prompt, definitive achievements.

As I move forward, sharing these lessons with the wider professional community aims to spark discussions on the importance of open communication, empowerment, and continual improvement. Through such dialogue, we can all work towards more resilient and fulfilling work environments.

Peace and Cheers!

-Matthew

Henry Ford: “The only real mistake is the one from which we learn nothing.”

.

.

.

.

.

Disclaimer:  All of my blog posts seek to promote transparency, collaboration, and excellence within organizations. They are not meant to defame or cause harm but rather to inspire positive change and reflection across the industry. This blog and all others on this site reflect my personal views and experiences, specifically at Diamond IT, emphasizing my perspective. It’s important to acknowledge the absence of formal feedback or channels for open dialogue during my time there, prompting me to share these insights publicly.

This post intends to document and reflect constructively on both positive and negative experiences. Open and respectful dialogue is encouraged, and I exercise my freedom of expression within the bounds of this platform.

Please note that any attempts to infringe upon these rights will be addressed appropriately, including recourse to numerous pre-existing policies applied to protect my freedom to express myself. As a long-time card carrying member of the ACLU, nothing is more important to me than continuing to write transparently and honestly without any distractions.

I invite insights from Diamond IT and any other person or company, aiming for a transparent and balanced dialogue. Our discussions must remain professional and dedicated to positive evolution.

For example, a company might say, “We’ve addressed leadership issues, resulting in significant improvements. Our new onboarding program, clear escalation procedures, and openness to challenging existing assumptions depart from past practices. We’ve moved beyond the influence of dominant personalities that once steered our culture towards tribalism and closed-mindedness. Our commitment is now towards a more inclusive, forward-thinking environment.

Groundwork for Greatness: The Knowledge Path

Groundwork for Greatness: The Knowledge Path

No Comments

Business success isn’t just about what you know; it’s about how you grow from what you learn. That growth typically hinges on: Training, Documentation, and Wisdom. Like the steadfast roots of a mighty oak tree, these elements provide stability and sustenance to organizations, fostering resilient and expansive growth.

Yet, this growth demands more than mere accumulation of knowledge; it necessitates the continuous interplay of learning and reflective thinking. Our journey of acquiring wisdom is one of lifelong learning, paired with critically evaluating what we’ve learned.

“He who learns but does not think is lost! He who thinks but does not learn is in great danger.” – Confucius.

This delicate balance prevents us from being ‘lost‘ in the sea of information or ‘in great danger‘ from the confines of our unchallenged assumptions.

Training equips us with new skills, and documentation provides the map, but wisdom—the thoughtful application and questioning of what we learn—propels us forward.

This ensures our roots dig deep and our branches reach high.

Lessons in Training: From Chaos to Cohesion

Amidst the chaos of a monumental deal with one of the world’s largest banks, a new challenge emerged: onboarding and training over one hundred Security Engineers from scratch. Many of these recruits were outsiders, unfamiliar faces in our tightly-knit team. As one of the chosen few tasked with their onboarding, I soon found myself facing unexpected hurdles.

The trouble began with a buzzword: “Process One.” It was hailed as the solution to all our training woes, yet its elusive nature left us scratching our heads. Turns out, it was just an idea – a fleeting concept conjured by a colleague who had no intention of bringing it to life.

Undeterred, I took matters into my own hands. Drawing from my years of experience in the trenches, I crafted a guide – a bible of sorts – to navigate the intricate world of troubleshooting a global network with thousands of Firewalls. It was a labor of love, filled with practical advice, troubleshooting commands, and dialogues for handling sticky situations.

“Genius is one percent inspiration and ninety-nine percent perspiration.” – Thomas Edison.

When the architect of “Process One” finally took notice, their only critique was about some spelling errors—a desperate swipe, a sort of grammatical OCD. It was as if they missed the forest for the trees, fixating on minor details while the essence of our endeavor lay in plain sight. Little did they know that this guide would become the backbone of our training program for years to come.

Fast forward, and the legacy of that guide lived on through the next five years. Engineers I’d met long after moving on to other teams shared stories of using it to navigate their lengthy and challenging calls. It’s a testament to the power of practical knowledge and shared experience in the face of uncertainty.

Ultimately, the training maze may have been treacherous, but with ingenuity and perseverance, we emerged more potent than ever. As the journey continues, I’m reminded that sometimes the best solutions come from within – forged in the fires of firsthand experience and borne out of necessity.

 

Unwritten Rules: Rediscovering the Lost Art of Documentation

Documentation, an often overlooked cornerstone, evokes a mix of emotions. There’s a common myth that crafting clear, helpful documents is a skill reserved for the few with mastery over the written word. But here’s the thing: documentation isn’t about crafting literary masterpieces; it’s about capturing and sharing knowledge in a way that’s accessible to all.

Picture this: you’re given a brief 20% overview, and then, much like being nudged over a cliff into the wilderness, you’re expected to unravel the remaining 80% by yourself in a sort of Bear Grylls survival experiment.

This leaves you stumbling in the dark wilderness, grappling with incomplete knowledge and ill-preparedness.

I’ve aptly named this scenario the ‘20/80 Training‘ because it encapsulates the challenge of navigating through a significant portion of learning or problem-solving with minimal guidance, forcing individuals to rely heavily on their own resources and ingenuity to overcome obstacles.

“Knowledge has to be improved, challenged and increased constantly, or it vanishes.” – Peter Drucker.

This flips the famous Pareto Principle on its head. Usually celebrated for spotlighting efficiency, it paints a different picture in the documentation. Here, a small slice of effort demands a significant reliance on a few key people. This isn’t just inefficient; it leads to stagnation.

Why? Because when vital knowledge is locked away with just a select few, it doesn’t help an organization grow—it holds it back. Documentation is a collective asset, constantly improved and enriched by everyone’s contributions.

 

Navigating the Depths: Unveiling the Path to Wisdom

My time at a leading cybersecurity firm laid bare a stark reality: our public documentation was like a map without legends. Our journey to help the customers from within was not merely about documenting processes; it was a quest for wisdom.

Vital information on our products, ‘Why‘ and ‘How,’ was conspicuously absent, leaving us in a perpetual state of seeking assistance. This wasn’t just an internal hurdle; it directly impacted customer satisfaction, transforming our role from mentors and teachers to seekers of wisdom (i.e., begging for help) in the vastness of overtly casual Slack channels.

The irony was palpable when the individuals tasked with collecting this wisdom and publishing it seemed more inclined to build walls than bridges. This detachment bred a cycle of confusion and dependency, undermining the essence of what the wisdom available to us should have been—a beacon guiding its supporters through the complexities of the product.

“Learning never exhausts the mind.” -Leonardo da Vinci.

The answers should be straightforward when faced with a seemingly simple question about the inner workings of a feature. Yet, I’ve fielded thousands of inquiries about basic functionalities, each revealing a significant gap in our understanding. It’s a glaring omission often apparent to customers yet elusive to support teams and even the maintainers themselves, as they may be unable to look back at any functional requirements.

Engaging with customers, understanding their issues firsthand, or even just demystifying the platform for internal teams was a road that took time and effort. This less-traveled path should have been addressed amidst the rush of daily tasks and deadlines.

This revelation isn’t just a wake-up call; it’s a compelling appeal for a fundamental shift toward a more comprehensive understanding of our products and their underlying mechanisms. A change towards transparent documentation and ‘wisdom-derived‘ resources becomes imperative, where the inner workings are mapped out, offering insights beyond the superficial to the structural nuances of the system.

Towards Boundless Horizons: Forging the Path to Greatness

As we draw the curtains on our exploration of training, documentation, and wisdom, one truth shines brightly: the journey to greatness demands a relentless pursuit of knowledge.

“In seeking wisdom, the first step is silence, the second listening, the third remembering, the fourth practicing, the fifth—teaching others.” -Solomon Ibn Gabirol.

From the tumult of onboarding Firewall Engineers to the intricacies of crafting meticulous documentation, our voyage has been marked by triumphs and trials.

Yet, amidst the chaos, we’ve unearthed invaluable insights. We’ve gleaned that true wisdom transcends mere information, finding its essence in thoughtful application and dissemination.

We’ve come to understand that documentation serves not just as a record but as a guiding light through the labyrinth of challenges. And we’ve embraced the notion that when approached with clarity and purpose, training empowers us to scale new heights of proficiency and excellence.

So, as we set off on this journey together, equipped with the tools of training, documentation, and wisdom, let us work toward a future illuminated by greatness. May our pursuit of knowledge light the way forward.

Evolving Together: Fostering a Culture of Shared Wisdom

Evolving Together: Fostering a Culture of Shared Wisdom

Our journey into the hidden struggles of customer support and the nuanced dynamics of workplace culture has brought us to a pivotal point: the challenge of sharing knowledge within our teams and organization. This is akin to unveiling the workings behind the “Wizard of Oz” — it’s not just about the individual behind the curtain but the collective effort sustaining the magic of Oz. We’re moving the spotlight from solo victories to the synergy of shared wisdom that lifts the entire team.

 

“Knowledge shared is knowledge squared.”

 

This principle is more than just a clever quip; it’s the cornerstone of fostering an environment where each person’s knowledge and experiences are valued, leading to a workplace where ideas flow freely and teamwork is second nature.

As we turn the page, we’ll tackle the tricky bits of sharing what we know. It might look simple, but it’s full of hurdles. We’ll explain why sharing knowledge is tough and how getting past these barriers can lead us to a place where we win together, not alone.

The Illusion of Infallibility

It’s easy to fall into the trap of seeing certain colleagues as the end-all-be-all for specific knowledge or skills within our workplace. Picture a person whose skill set appears to place them on a pedestal, almost untouchable. This sense of unquestioned authority isn’t merely about the esteem they hold; it often acts as a barrier, inadvertently keeping others at a distance. These patterns can interfere with the easy flow of ideas and learning, turning a team effort into a lone mission.

Acknowledging the importance of shared insights is critical in a successful workplace. We all gain when knowledge is seen as a shared asset, not personal property. Moving past the belief that asking questions shows weakness, we unlock personal and team development chances.

In our knowledge garden, success isn’t just one flower’s scent. It’s a mix of many, grown from the simple question, ‘What if I don’t know?’ That’s what truly freshens up our innovative ideas.

 

The notion of an ‘untouchable expert‘ can create unseen barriers, not just isolating those with specialized knowledge but also deterring the rest from seeking guidance or proposing new ideas. This reluctance often stems not from a lack of capability but from the intimidating aura that the ‘illusion of infallibility‘ projects.

Tackling these obstacles begins with recognizing that we all learn as we go. By being open and admitting we don’t know everything, we encourage sharing, teamwork, and input from everyone. Actual progress and new ideas come from this kind of collaboration. The best teams are made up of individuals who all feel free to contribute their thoughts and questions.

Ultimately, the goal is cultivating a workspace where the ‘illusion of infallibility‘ is replaced with a collective curiosity and mutual growth culture. It’s about creating an environment where ‘I don’t know‘ is the beginning of a conversation, not the end. In this space, we’re more than just colleagues; we’re fellow explorers diving into the depths of our collective knowledge.

Power Dynamics and Knowledge Hoarding

Within the quiet halls of our daily grind, a subtle game is played — one where knowledge is guarded like a treasure, not shared like a common resource. It’s treated more like a bargaining chip, a means to maintain or gain an edge in the invisible hierarchies that exist within our organizations. This approach doesn’t just cap what we can achieve together; it strikes the heart of being a team.

Phil Jackson once said, “The strength of the team is each individual member. The strength of each member is the team.” This wisdom rings especially true here. When knowledge is hoarded, it’s not just the team’s potential that’s stifled; each person’s chance to grow, contribute, and shine is dimmed. The very fabric of our teamwork and collective growth is undermined.

Breaking free from this cycle requires a shift in perspective — from seeing knowledge as a personal asset to viewing it as a communal one. It’s about recognizing that our true power lies not in what we hold onto but in what we give away. When we share our knowledge freely, we empower everyone, lifting the entire team and enhancing our collective capabilities.

In this light, knowledge hoarding isn’t just a personal choice; it’s a cultural challenge we must address together. By fostering an environment where sharing is valued over hoarding, we can begin to dismantle the power dynamics that keep us from reaching our full potential as a team.

The Cult of Personality and Its Impact

In every organization, there are individuals whose presence is larger than life. They’re the ones who shape much of our workplace’s rhythm and tone through charisma or sheer force of personality. While their influence can be a beacon of motivation, it can also inadvertently cast a shadow so wide that it stifles the emergence of new ideas and muffles other voices. This isn’t about the intentions behind their actions but the unintended consequences that follow.

Tom Peters succinctly stated, Great leaders don’t create followers; they create more leaders. This perspective is crucial when considering the impact of strong personalities in our work environment. The accurate measure of leadership lies not in the breadth of one’s shadow but in the ability to illuminate paths for others to inspire a diversity of voices and ideas to flourish.

This cult of personality can inadvertently erect walls around open dialogue and mentorship, two pillars vital for a thriving and inclusive culture. Innovation and collaboration genuinely take root in the spaces where everyone feels empowered to speak, contribute, and lead.

Addressing this doesn’t mean dimming anyone’s light but rather ensuring that our workplace is a constellation of stars, each with the opportunity to shine and guide. We can transform these long shadows into a collective brightness that lights up every corner of our organization by fostering an environment that values diverse leadership and encourages individuals to step into their potential.

Communication Barriers and Organizational Culture

Getting through our daily work can feel like walking through a maze where transparent and open talks are hard to come by. This struggle with communication isn’t just about individual issues; it points to a bigger problem in our workplace culture. Too often, we end up working in silos, cut off from each other, which holds back the chance for open conversations and shared ideas.

Jim Rohn’s insight, Effective communication is 20% what you know and 80% how you feel about what you know, casts a light on our predicament. It’s not merely the transfer of information at stake but the underlying relationships and trust that give weight to our words. When visible and invisible barriers hinder our interactions, the essence of what we share is lost, diluted in the shadows of misinterpretation and missed connections.

These communication barriers within our culture lower morale and hinder our ability to innovate, work together, and grow as a team. The silos we unintentionally build around what we know don’t just hold back information; they limit what we can achieve together.

Breaking through these barriers and fostering a culture filled with open forums, engaging discussions, and collective learning is more than just a goal—it’s essential. By creating a space where everyone’s input is respected and considered, we can shift our organizational culture from being divided by obstacles to being united by connections, linking ideas, individuals, and opportunities in a lively network of cooperation.

Strategies for Overcoming Knowledge Silos

The journey to break down the walls around knowledge silos begins with sowing the seeds of a more collaborative mindset. It’s about transforming our workspace into a fertile ground where ideas aren’t just sprouting but thriving, reaching for the sun without the chokehold of rigid structures and turf wars. This transformation demands more than just a change in policy or procedure; it calls for a cultural shift towards openness, where the exchange of knowledge is as natural as conversation.

Helen Keller’s words, Alone we can do so little; together we can do so much,” echo the essence of this shift. The power of collective effort can move mountains, but it starts with reaching out and sharing a thought, a finding, or a solution. In these moments of exchange, the real magic happens, where the sum becomes more significant than its parts.

Implementing this change requires actionable strategies that go beyond mere intention. It could start with regular knowledge-sharing sessions, where team members showcase their work, not for accolades but for feedback and learning. Or it might involve creating ‘knowledge maps‘ that help navigate the expertise within the organization, making it easier for everyone to find the guidance or insight they need.

Crucially, this process involves valuing contributions not by their volume but by their impact. It means recognizing the quiet insights as much as the loud victories and understanding that every piece of shared knowledge enriches our collective wisdom.

By nurturing this garden of shared knowledge, we not only dismantle the silos that limit us but also cultivate a culture where learning and collaboration are the roots of our success. In this garden, every idea has the space to grow, and every voice has the power to inspire.

Personal Responsibility and Self-Reflection

The journey to turn our workplace into a center of teamwork and shared knowledge begins with each of us, not in meetings or planning sessions. It’s about looking inward, holding up a mirror to examine our actions and mindset, and understanding how we contribute to either cooperation or division. This self-reflection is critical to real change, linking our shared goals with personal responsibility.

Mahatma Gandhi’s wise words, “Be the change you wish to see in the world,” hold true here. The dynamics and hurdles we face at work allow us to make a difference, beginning with the small things we do daily. Sharing knowledge, welcoming different viewpoints, or just listening to a teammate can create a ripple effect, building a culture where working together is standard practice.

Taking personal responsibility on this path means owning up to how we might contribute to the problem of knowledge silos, intentionally or not, and actively working to break them down. It’s about shifting from just going through the motions to getting involved, understanding that our combined smarts are only as strong as our readiness to exchange ideas, listen, and evolve together.

This journey of introspection and accountability doesn’t just improve how we work together; it also helps us grow personally. It pushes us to expand our boundaries and accept that it’s okay not to have all the answers. This makes us better team members and more well-rounded, empathetic individuals.

As we all undertake this journey of reflection, the goal of creating a workplace where ideas flow freely, and teamwork thrives becomes more reachable. It’s a process that changes our office environment and each of us, bringing us closer in a shared pursuit of knowledge and joint success.

Conclusion

Our shared journey, exploring the hidden challenges and complex dynamics of our workplace, has brought us to an essential realization: our real advancement stems from the knowledge we share together. This represents a significant shift from working in isolated pockets of expertise to embracing a more cohesive and collaborative approach, where every interaction offers growth and contribution opportunities.

Henry Ford captured this idea brilliantly with his words, “Coming together is a beginning, staying together is progress, and working together is success.” This quote highlights our way forward, stressing that the success we achieve together profoundly depends on how effectively we join our forces, share our knowledge, and align our goals.

Standing at the brink of this significant cultural shift in our work environment, let’s commit to being the catalysts, not just spectators. Picture creating a culture where collaboration and openness are so ingrained that keeping knowledge to oneself feels archaic. In doing so, we enhance our day-to-day interactions and set the groundwork for a future where innovation, growth, and success are the cornerstones of our organizational identity.

United, we can transform our work environment from the ground up. With open minds and spirited dedication, let’s begin shaping a legacy characterized by mutual understanding and shared achievements.

Mimicking Malice: Exploring Malicious Traffic Distributors

Mimicking Malice: Exploring Malicious Traffic Distributors

No Comments

My dive into the depths of this blog began unexpectedly during a routine online exploration, where I detected an implant on a website I was visiting had redirected me into a series of malicious pages

This scenario is common in our field, and other detailed analyses have been ongoing on groups like ‘Parrot TDS‘ and ‘Vextrio.’ as they continue shifting the tactics and techniques around these ‘Malicious Traffic Distribution‘ campaigns.

These blog explorations often lead to discoveries that resonate with those of other researchers, given the vast data points they have to analyze, with resources I don’t have, like teams of keen analysts, to help crunch it over weeks or months. When I come across comparable research, I make it a point to integrate these into my articles by linking or referencing them, thus providing a comprehensive and informed view of the threat.

Moving forward, my hands-on experimentation with an actively exploited website in this campaign and the unique evidence I’ve gathered offers a current and fresh perspective of the ‘front-end‘ experience that a victim follows surfing into these Malicious Traffic Distribution Systems.

I’m here to share practical tactics, techniques, and procedures (TTPs) derived from real-world experience interacting with the threat. These TTPs could help you or others identify and neutralize these environmental threats. Unfortunately, some aspects still need to be looked at because of time constraints, leaving room for you, the reader or fellow researcher, to contribute and dig deeper.

My story began when I accessed a company, Sunridge Systems‘ website (Vendor Remediated), from my personal home machine, following a Google search for product information and training resources. Initially, this experience was a routine follow-up to topics discussed earlier in the day, now on my own time, after I signed off of work, It became a firsthand encounter with a cyber threat that I went on to investigate for the next few hours:

While following a Google link, I arrived at a product page that unexpectedly opened another window. I instinctively closed it upon noticing a suspicious ‘.live’ top-level domain. My phone’s BitDefender app immediately alerted me to a phishing threat at the gateway of my office network. It had blocked a URL, linkbluehang[.]live, and the connection was promptly reset.

It caught my attention. I was visiting a website that supplied law enforcement organizations and, at the same time, had no other browsers open because I’d just started up the computer. It came from the website I was visiting, but the same scripts did not trigger upon further visits. Thus, I began to dig deeper into what was behind this attack against my machine.

First stop, I checked my DNSFilter logs to find out what was happening on my gateway at the time, absent any equivalent logs coming out of the ‘Netgear Armor‘ to line up what happened around the time I loaded this site:

My visit to the vendor website is apparent, along with the usual noise from analytics and trackers, and two other things stand out in the outputs:

l.js-assets[.]cloud CloudFlare GET https://l.js-assets[.]cloud/min.t.1706310000.js?v=65b43bc8
js.abc-cdn[.]online 162.0.228.112 https://js.abc-cdn[.]online/?dT1odHRwcyUzQSUyRiUyRnN1bnJp….. (Base64 Encoded: 185 Characters)

Immediately, I dug up a few more of these domains that would be interesting to research:

cdn.jsdevlvr[.]info, cdn.wt-api[.]top, spf.js-min[.]site

These CDN sites redirect you with a simple piece of code to the next hop based on looking in Fiddler:

At a glance, the landing sites *.live seemed like the ephemeral layer that typically gets rotated like a crop as vendors mow down the domains with red flags. Lots of them were to be hovering around this subnet 185.155.184.0/22 as per the VirusTotal passive DNS records for the current lookups:

Some have ‘Mimecast‘ in them, likely for a particular campaign they’re running against its users.

When you first land on these pages, source code on PasteBin, a waiting message tells you to hang on, more like 5 seconds, while it figures out how best to screw you over.

‘Loading…
Please bear with us. This will be brief.’

Massive obfuscated script embedded into the page and available in its entirety using the paste link above:

Next, we hit a CAPTCHA at http://re-capta-version-3-55[.]top/ms/robot4/?c=372a2392-4dbb-4fed-bd2f-1f9f846a34ef&a=l143904 page is titled ‘Click “Allow,” which I happily do:

(Pastebin)

My machine reports out to another .live address, ‘midmovenews[.]live,‘ with information about me shown here on PasteBin that includes some ISP info and IP address data:

GET /jmjrkxqn/article2611.doc?utm_campaign=INccHxHRWrew3TQsLBbfNnbGFYUZobMqxXT9Zrw5FhI1&t=main9ljs2&f=1&sid=t1~gomaa1uwypbu3nendhdxw1z4&fp=vi%2FwUTGEF2e5RznRBwr78Q%3D%3D

GET /web/?sid=t1~gomaa3uwypbu3nendhdxw1z5

A familiar scareware landing site emerges, ‘us.secureonlinecontrol[.]com‘, asking permission to send notifications through Chrome. Up in the browser is a tab that popped for ‘thebest-prize[.]life‘:

(It was one of many probable payloads, including malware, that I didn’t go out of my way to collect. It’s mainly dependent on your network (residential/commercial), language, location, etc.)

My machine also hit a long URL from a site https://pshmetrk[.]com/ that I should mention. The URL was in this format 20240126?k=[1198 characters]&n=19&d=1d86391c-57c0-4a1d-868e-d767d69765a3&v=17&sv=17&dn=re-captha-version-3-55.top&dmi=1418265&s=h06&btn=1 containing the next hop for me on a .top domain.

See also: pshmtrack[.]com, pshmtrks[.]com, pshmtrackerk[.]com, pshmtrk[.]com, pushnotificationsprototype[.]com and evttrkapi[.]top via being hosted at 136.243.216.244.)

A final connection was made to rdrdrdr[.]com with this URL: POST /click.php?event4=1&event8=1&uclick=xr4kft16

Other connections to suspicious domains: tracker-2[.com], nxtpsh[.]com, universal-total[.]com, uidsync[.]net, and that was all for my initial session with this page. I still hadn’t figured out the exact code on the site that was doing it, so I had to circle to that once I analyzed all of the pages.

Backdoor:

So, what was the backdoor? Well, it was tough to detect since it seemed to attack an IP only once, and there were a ton of plug-ins on this site. After syncing the files locally and checking Fiddler caps, I was able to finally locate the malicious script and pull out some kind of variable that was not unique to the obfuscation and consistent:

(PasteBin)

Two strings in the script were unique and made it easy to find across other files, both ‘bC5qcy1hc3‘ and ‘NldHMuY2xv‘; in this case, I searched other files synced from the site looking for more code:

Get-ChildItem -Recurse -Filter *.html | Select-String -Pattern 'bC5qcy1hc3' -SimpleMatch | Select-Object Path, LineNumber, Line

Many plug-ins had been backdoored by calling on the functions from these Javascripts converted to (.html) pages. Which one was the entry point needs to be clarified, but there were 5+ script entries on a single page in many cases. I pulled the site down using HTTrack to examine it locally.

From here, I borrowed a useful tactic from Randy Mceoin using a public source code search engine. Based on this database, 3,165 websites have been observed to have this code running on them by that tool. There were a total of 18,770 internal pages with the code, meaning there’s an average of about 6 backdoored scripts per site and multiple entries per page, likely from drive-by injections. (‘N‘ =’447,409,294‘) [PublicWWW DB]

Feel free to let me know if you have any insights or things to add, and I’ll try to get them in the blog. If you like security research and protecting others from bad actors, follow on LinkedIn.

(If you’d like a list of all the TTPs, Fiddler, and PasteBin links from this article, reach out to me, and I’ll provide it to you in a password-protected file)

Related Links:

Cybercrime Central: VexTrio Operates Massive Criminal Affiliate Program

https://unit42.paloaltonetworks.com/parrot-tds-javascript-evolution-analysis/

https://infosec.exchange/@rmceoin/111688556423448763

https://www.bleepingcomputer.com/news/security/vextrio-tds-inside-a-massive-70-000-domain-cybercrime-operation/

https://www.bleepingcomputer.com/news/security/malicious-web-redirect-scripts-stealth-up-to-hide-on-hacked-sites/

Internal Battles: Unsung Heroes of Customer Support

Internal Battles: Unsung Heroes of Customer Support

In customer support, the true challenge often lies within: a constant battle for necessary internal help. These struggles have deepened my understanding of effective support throughout my career and driven me to develop better systems. They’ve empowered me to support colleagues who face similar internal obstacles and to be a voice holding others accountable for providing the necessary assistance. This journey has been about more than just overcoming hurdles; it’s been about improving the entire support structure for everyone who relies on it.

The most profound battles in customer support are often internal, hidden from customers, a constant struggle between needing and getting help.

External vs. Internal Support

Many companies have a clear divide between how external and internal support functions. On the outside, there’s a facade of efficiency – customer issues are addressed swiftly and professionally. But internally, the picture is often different. The promptness and smoothness seen by customers starkly contrast to the internal struggles for support.

I’ve seen this firsthand. While we strive to provide top-notch customer service, getting the same level of response internally can be a challenge. Requests for help or information within the team can go unanswered, creating bottlenecks and frustration. This inconsistency isn’t just an internal problem; it eventually impacts the teams ability to serve our customers effectively.

The stark contrast between a company’s external efficiency in customer service and internal struggles highlights a fundamental flaw in support structures.

This gap between external promises and internal realities is more than just a workflow issue; it’s a critical flaw in how support structures operate. When internal support is lacking, it’s not just the employees who suffer – the customer service quality takes a hit.

A Culture of Evasion

This culture of evasion is a common undercurrent in many workplaces. It’s a pattern where avoidance and minimal effort become the default response to requests for help, especially when the issue falls outside someone’s direct responsibilities.

In this environment, I’ve seen how even straightforward requests for assistance get met with delays or are outright ignored. It’s a mindset where the path of least resistance takes precedence, often at the cost of effective problem-solving. This reluctance impacts not just the support team but it extends to customer experiences as well, leading to avoidable delays and dissatisfaction.

A pervasive culture of evasion in organizations creates a disconnect between the support needed and the support given, hindering effective problem resolution and team collaboration.

I’ve experienced how this attitude can turn minor issues into major hurdles. Without timely and cooperative internal support, frontline workers are often left to fend for themselves, exacerbating the situation and adding unnecessary stress. This evasion disrupts workflow and stifles the potential for collaborative problem-solving and learning.

The Reluctant Hero Syndrome

Take, for instance, a scenario I’ve encountered repeatedly: I’m handling a complex client issue and need urgent help. I turn to someone who’s supposed to be the expert, the ‘go-to‘ person. But instead of proactive support, I get the bare minimum. They hand out information sparingly; often, it’s too little or too late. Their reluctance left me scrambling to catch up and frequently put me in embarrassing situations with clients. I found myself constantly under stress, trying to buy time and scrounge for answers that should have been readily available.

In a critical incident involving an attack against a major bank, with over 125 callers on the line, I experienced this syndrome firsthand. My role as the frontline in Security Operations meant I often had to deal with a group of well-funded Engineers who sometimes seemed idle and uninterested in supporting us.

The ‘Reluctant Hero Syndrome’ in support roles leads to a cycle of minimal assistance followed by last-minute heroics, impacting team dynamics and client relations.

I urgently needed specific firewall data to assess the attack’s scope on this occasion. When I contacted this team via internal chat, expecting immediate assistance because of the situation’s severity, I was flatly told that the data couldn’t be gathered. Their reluctance wasn’t just unhelpful; it was detrimental.

The situation escalated when, after much pleading and prolonged silences, an engineer from the internal team finally joined the call. Surprisingly, and to the frustration of the call organizer, they effortlessly retrieved the needed data.

This incident was emblematic of a more significant issue: a divide between teams. In the frontline, we were often left to navigate challenges with minimal support, relying on a team that only stepped in when the situation reached a boiling point.

Learning from Adversity

These frustrating experiences were, in fact, invaluable lessons in disguise. Reliance on my skills became necessary due to the lack of dependable internal support. Handling issues independently was not a choice but a survival skill, pushing me to expand my technical knowledge and problem-solving abilities.

Each challenge was a lesson in self-reliance and adaptability. Facing repeated obstacles forced me to dive deeper into systems, understanding how to fix issues and why they occurred in the first place. This deeper understanding was crucial in training my colleagues on the frontline and reducing dependence on these other reluctant teams.

I also learned to communicate effectively under pressure. Being the primary contact for hundreds of critical issues taught me to balance clarity with calmness, even when solutions were not immediately apparent. This skill in managing expectations became invaluable, especially in high-pressure situations.

Adversity in support roles teaches valuable lessons in self-reliance, effective communication, and creative problem-solving, shaping more resilient professionals.

Resourcefulness became another key takeaway. With limited internal support, I often had to find alternative solutions, leading to innovative and sometimes unconventional problem-solving approaches. This enhanced my technical skills and my ability to think creatively under pressure.

Through these experiences, I also developed a greater sense of empathy. Understanding that everyone faces their own challenges, I learned to approach internal teamwork with more patience and supportiveness, fostering a better collaborative environment despite initial reluctance.

Towards a Solution: A Vision for Better Support Dynamics

The journey through these internal battles has highlighted the problems and illuminated the path toward meaningful solutions. These solutions aren’t just about applying band-aids to existing issues; they’re about reimagining how support functions within organizations.

  1. Empowering with Interactive Guides and Tools: The first step is empowering support staff with interactive guides and tools that are intuitive and informative. This isn’t just about having a manual to refer to; it’s about having a dynamic, interactive system that guides through complex processes and offers real-time solutions. It’s about turning the knowledge trapped in the minds of a few into accessible wisdom for many.
  2. Building Comprehensive Documentation from Requirements: The difference between a good support experience and a great one often lies in the details. Comprehensive, contextual documentation beyond standard customer-facing guides can be a game-changer. This documentation should explain how and why things work that way, providing deeper insights into products and processes.
  3. Utilizing Rich Dashboards for Context: Access to context around troubleshooting is crucial. Resources that provide a wealth of information at a glance can transform how support staff interact with the problem at hand and the tools available to solve it. This is about moving away from the endless searches and inquiries and towards a more streamlined, informed approach.
  4. Creating a Culture of Knowledge Sharing and Collaboration: The ultimate goal is to foster a culture where knowledge sharing and collaboration are the norms, not the exceptions. This means breaking down the silos that often exist within organizations and encouraging a more open, cooperative environment. When information flows freely, support becomes more than just a function; it becomes a well-oiled machine, driving the entire organization forward.

Addressing internal support challenges requires a holistic approach, including empowering tools, comprehensive documentation, and fostering a culture of knowledge sharing and collaboration.

These solutions, born from the trenches of real-world experience, form the cornerstone of my vision. They are theoretical ideas and practical, actionable strategies that can revolutionize support teams’ operations. This vision is about creating an ecosystem where support staff are not just workers but empowered, informed, and integral parts of the customer service experience.

Conclusion

Balancing internal and external support is essential. We cannot let our internal challenges overshadow our commitment to customers. Being honest, transparent, and proactive about improving our internal support is key. It’s crucial to create a work environment where the support team receives as much support as they are expected to provide to others.

Balancing internal and external support is crucial for organizational success; it involves creating a supportive environment for the support team and enhancing overall service quality.

It’s not just about fixing immediate problems; it’s about building a culture where support flows freely in all directions. When internal teams are well-supported, they’re better equipped to serve customers effectively. This approach doesn’t just benefit the support staff or the customers; it strengthens the entire organization.

The Call-First Conundrum: Rethinking Tech Support Efficiency

The Call-First Conundrum: Rethinking Tech Support Efficiency

 


It’s a familiar scene for many of us dealing with tech support: you hit a snag with a service, you put in the effort to explain it all in a support ticket, and then you wait, expecting that someone will take it from there. Instead, you get asked to set up a phone call. Aligning schedules for this call can stretch the whole process by days or weeks.

When you finally get on the line, you often repeat the information you’ve already given. If your ticket gets stuck with someone out of the office, it just sits there, leaving you wondering if there’s a better way to handle things. Couldn’t the next available person take a look instead of waiting?

I get that the personal touch of a phone call can be nice, but when you’re after quick solutions, it can feel like a step backward. So, what’s the balance here? How do we keep the human element but ensure it doesn’t slow us down?

A-Side: Engineering the Support Experience

In the trenches of product support, the reality is that most issues don’t need a back-and-forth marathon; a couple of emails will do the trick. That’s held true for about 85% of the tickets in my queue, at least. My approach? I don’t just skim the problem; I dive into it. I take every word and attachment and piece together the puzzle with knowledge sources; if possible, I replicate the issue myself. A bit of diligence goes a long way to ensure any responses are pointed and purposeful when I reach out.

Most tech support issues are a puzzle that can be solved with careful analysis and targeted communication, often bypassing the need for lengthy calls.

But here’s the twist in the narrative: my role with a well-known cybersecurity company frequently pushed me to take calls for what many would consider straightforward tasks, like setting up a virtual machine or deploying our software across networks. These sessions were eye-opening, revealing a surprising truth: many clients, even those at the helm of large corporations, grapple with the fundamentals of their own tech infrastructure.

Such gaps necessitated a guided, step-by-step approach from us, transforming what should be simple fixes into extended screen-sharing tutorials. And it’s not just a handful of cases—this is a widespread scenario. Walking the giants of the industry through basic procedures is sobering; it serves as a reminder that the obstacles often attributed to smaller entities are just as entrenched in the upper echelons of business.

This pattern isn’t merely about providing support; it’s a glimpse into the symbiotic relationship between customer and technician, demonstrating an essential truth: the complexity of issues doesn’t correlate with the size of a company. Whether they’re navigating small ventures or steering large enterprises, the need for clear, accessible support remains a constant.

B-Side: Navigating the Maze of Vendor Support as an IT Provider

The cycle is almost comical in its predictability: you submit a support ticket on behalf of your client, and like clockwork, you receive a prompt acknowledgment—a tick in the box for the vendor’s SLA compliance—and then, the waiting game ensues. My encounters with vendors like Okta, Microsoft, Salesforce, and others tend to follow a script: ignore the written detailsopt for voicemails that pile up, and orchestrate a ballet of schedule coordination, even when scheduling tools like Calendly are at our fingertips.

Then there’s the single-engineer bottleneck. Case in point: my recent run-in with an Okta engineer on the brink of vacation, leaving our urgent matters hanging until his return—no handover, no delegation. Their out-of-office message might as well read, “Your IT crisis will have to wait.” The irony is that we don’t have a dedicated engineer at Okta; we’d gladly work with anyone willing to take the reins. This disconnect between our need for swift resolution and their individual capacity constraints is stark.

In vendor support, efficiency is often sacrificed on the altar of process, where delays follow swift acknowledgments, and the promise of help becomes a waiting game.

And what about the support process itself? There’s an overreliance on ‘live‘ troubleshooting over calls, a strategy that seems designed more for the convenience of the support team than for efficiency or efficacy. It’s as if they’re navigating the product alongside the customer for the first time, employing a “Human Information Gatherer” role where clarifying questions, data capture tools, and decision trees could expedite the process.

In this bizarre world of support, a ticket can become a victim of the support structure itself, floating aimlessly through a system that prioritizes calls over closure, causing days of delays—days where no actual support work gets done. The result? A mounting backlog, frustration on all fronts, and a glaring question: when will these vendors realize that the measure of good support isn’t how quickly they respond but how effectively they resolve?

The Premier Support Curtain

There’s an open secret in the tech support world: what’s often sold as ‘Premium‘ might be standard service in a shinier package. You might pay top dollar for the promise of a rapid response from companies like Okta, only to be redirected to the same third-party support teams that have notoriously been linked to security mishaps. So, what are you really buying? A quicker greeting, perhaps, but not necessarily the swift resolution you were hoping for.

Beneath the veneer of ‘Premier Support’ lies a stark reality: a quicker acknowledgment from support teams doesn’t guarantee a faster resolution to your technical woes.

When you’re shelling out for premier support, you expect—and deserve—a dedicated team of specialists, not the same crew with a stopwatch. The real measure of premium isn’t just how fast they pick up the phone; it’s about how effectively they can get you back on track without the run-around. Ensure your support investment is an upgrade, not just a faster ticket to the same old process.

Looking Ahead: The Future of Support Fusion

The road ahead is paved with Actual and Artificial Intelligence, seamlessly integrated with empowering Automation. As these elements evolve, we focus on crafting a future where technology augments human capabilities rather than replaces them. It’s about equipping clients and teams with synergistic tools, ensuring our strategies are driven by success and centered on the user experience.

The road ahead is paved with Actual and Artificial Intelligence, seamlessly integrated with empowering Automation.

Consider the transformative impact of automation in the onboarding and offboarding processes: by automatically creating accounts and setting up computers, we not only streamline these critical first steps but also liberate human resources to focus on a more personal welcome—shifting away from the repetitive digital labor of enrolling new employees into the network.

Finding the right balance between automated tools and human support is key. We’re not looking to replace people with AI – we’re integrating it to enhance teamwork.

Envision a support system where:

  1. Device data is automatically collected when errors occur, streamlining integration with our support and technology management platforms.
  2. Users self-resolve frequent issues without an admin’s intervention, using a platform that grants them on-demand access to trusted software and maintenance tools.
  3. A step-by-step interactive guide aids users in diagnosing and learning from common problems, with automation simulating the assistance of a live technician.

It’s not about AI dominating the support role; it’s about identifying trends, such as a rise in similar user issues or recurring unsolved problems. The right tool doesn’t just wait for detailed tickets –it helps create them by asking the right questions and calming users down so we can get to the heart of the issue faster.

Streamlining Support: A Practical Vision

The ultimate goal in the evolving tech support landscape is to harmonize AI sophistication with the human element to streamline the support experience. The aim is not merely to respond but to resolve efficiently and empathetically. As we chart the course forward, the emphasis must be on enhancing the synergy between technology and technicians, ensuring premium support transcends mere promptness to deliver swift, effective solutions.

The future of support lies not just in quicker responses but in smarter resolutions and a steadfast commitment to excellence that truly embodies the ‘premium’ in premier support packages.

Let’s embrace the tools and tactics that preempt problems, expedite fixes, and, above all, treat every interaction not just as a ticket to be closed but as an opportunity to excel in service. The future of support is not just about quicker responses but smarter resolutions and a commitment to excellence that genuinely reflects the ‘premium’ in premier support packages.

Beyond Assumptions: Sailing Toward Customer-Centricity

Beyond Assumptions: Sailing Toward Customer-Centricity

In a world where assumptions can often steer us off course, mastering the art of navigating customer-centric strategies with clarity and insight becomes essential.

Have you ever encountered a situation where a consultant, designer, or developer confidently asserted, ‘Looks good to me,’ while making decisions about your project? It’s a phrase that rings with a mix of assurance and concern. After all, their expertise is meant to bridge the gap between your vision and reality.

This blog sets sail into the uncharted waters of using intuition and guesswork to shape customer-centric strategies. From crafting websites that dazzle the eyes but miss the mark to creating software that falls flat, the ‘Feels right in my opinion‘ mentality can lead to costly missteps.

What happens when their confidence embarks on a journey guided by assumptions about what you and your customers truly need for a triumphant voyage?

Visualize two people in a boat, each rowing in opposite directions. Similarly, consulting endeavors can drift aimlessly without a unified and customer-focused approach, like ships at sea without a guiding rudder burning precious fuel and yielding wasted or counterproductive results.

Join us as we embark on an odyssey to uncover stories and lessons that expose the inherent risks when your collaborators fail to grasp the intricacies of the target market and the needs of its customers.

Navigating the Web of Assumptions

When crafting a website, the age-old adage ‘looks can be deceiving‘ takes on a whole new significance. The trap is easy to fall into—prioritizing a design that appeals visually to the agency or designer creating it rather than focusing on what truly matters: how your customers respond.

Imagine this scenario: You’ve invested time, effort, and resources into a stunning website, complete with eye-catching visuals and intricate animations. The agency congratulates itself on a masterpiece. However, an alarming trend emerges once launched—visitors arrive, take a quick look, and vanish within seconds. Your carefully curated design becomes a revolving door for digital passersby.

It’s not just about meeting specifications; it’s about steering growth opportunities for your business through strategic and customer-focused design.

The disconnect stems from the gap between design that ‘looks good‘ and innovation that drives action. The latter demands an intimate understanding of your customers—what resonates, what motivates engagement. It calls for a user-centric approach that probes beyond aesthetics to delve into the psychology of user interaction.

This disparity in results often arises from differing perspectives. While the agency might prioritize checking items off a design specification, your ultimate goal as a business owner is to collaborate with professionals known for repeatedly and successfully creating websites that captivate and convert.

A website may charm the agency’s eyes, but if it fails to resonate with your target audience, it’s like dressing up a mannequin in haute couture and expecting it to make sales.

Software Development: Beyond Guesswork

Similar challenges extend beyond website design and delve deep into software development.

If immersed in this business, you’ve undoubtedly encountered individuals and agencies who assert they understand precisely what customers want, even without direct interactions or sales involvement. Their well-intentioned feedback emerges from the realm of the unknown, unanchored from the bedrock of concrete research or genuine engagement.

Ironically, their unwavering confidence in assumptions often leads to fruitless outcomes.

These scenarios have become all too familiar within the realm of product innovation. Assumptions, however well-intentioned, can be like sailing a vessel adrift without proper navigation. Even the most well-crafted code might miss the mark without a firm grasp on customer demands.

Like adept mariners navigating uncharted waters, business owners shoulder a responsibility that stretches well beyond the horizon of product envisioning. It’s about orchestrating a symphony that connects the waves of customer desires with the currents of your collaborators’ expertise.

A Modern Approach: Validation and Engagement

In the past, we cast away with the assumption that customers would flock to our product if we built it. However, just as ships can veer off course in turbulent waters, assumptions could lead us astray—a scenario akin to the ‘Field of Dreams’ concept. Building it doesn’t guarantee players on the field nor ensure you’ll navigate the open sea successfully.

Like Tom Hanks in ‘Cast Away,’ marooned on a market island without competitors or customers, his attempts to draw attention prove futile, lost in a dialogue with imagination due to misguided direction.

Enter the modern approach focusing on validation and customer engagement before building. Prototypes are shared, feedback is actively sought, and commitment is solidified with letters of intent for emerging ideas. This approach resembles a ‘rowing together‘ strategy, ensuring customers desire what you create and will genuinely benefit from the experience.

Sailing through the waters of exploration, it’s acknowledged that the initial version may represent a partial masterpiece. The rhythm of progress features iterative enhancement, propelled by attentive listening, constant learning, and adaptive fine-tuning anchored in practical observations.

Within this maritime narrative, the true navigators of success are those who steer not by assumptions but by the wisdom of the ocean itself. Just as a seasoned sailor corrects their course in response to changing winds, this approach realigns your journey in the market’s currents, ensuring you don’t drift off course like a marooned castaway.

Setting Sail on the Sea of Understanding: Navigating the Future

As we navigate the realm of assumptions and their impact on customer-centric strategies, a clear theme emerges: success hinges on understanding, engagement, and evolution.

Within this context, ‘Looks good to me‘ emphasizes the need to bridge the vision-reality gap with more than a confident nod. It requires a commitment to delve into the intricacies of diverse markets, sometimes even exploring your clients’ clientele.

Empowered by newfound insights, we sail on a voyage into an era where steering toward success entails crafting experiences that genuinely harmonize with customers’ desires, evoking their delight.

Success is determined by the impact of our offerings, not assumptions.

Through steadfast learning, fine-tuning, and advancement, we emerge as the protagonists in a narrative sculpted by the market’s collective wisdom.

In this saga, the very soul of customer-centric success sails far beyond mere assumptions. ⛵

The Enigmatic World of Kevin Mitnick: Stories of Hacking and Redemption

Kevin Mitnick aka Condor

The Enigmatic World of Kevin Mitnick: Stories of Hacking and Redemption

 

Once upon a time, in the mid-90s, I was drawn into a world of hackers and cybersecurity experts, seeking knowledge and inspiration. Among the names that echoed through our circles was that of Kevin Mitnick, a legendary figure revered for his audacious exploits and unmatched hacking prowess.

Kevin’s stories were the stuff of legends, like how he managed to hack into the source code of cellphone towers, a feat that left us all in awe. But what truly amazed me was his daring act of monitoring the FBI’s phones, pinging in and out undetected like a modern-day phantom. His reputation soared, but it also led to dire consequences.

For a long time, Kevin was imprisoned and treated as a domestic terrorist, a dark chapter in his journey that many of us remember vividly. However, Kevin’s resilience was undeniable, and he emerged from his struggles, soaring to new heights with his consulting business, Mitnick Security, and collaboration with KnowBe4. His transformation from a hacker on the wrong side of the law to a cybersecurity expert was awe-inspiring.

Our paths intertwined oddly shortly after his release when an organization Kevin had targeted repeatedly was hacked once again. When he hacked them, he traveled incognito in a van; this mobile hacking lab was a marvel of ingenuity, weaponized to break into internet service providers using cell phones—a feat unheard of back then. Someone had breached their systems and was being monitored, likely unaware of the innate paranoia and fortifications from past encounters with Kevin in his prime. If only these attackers knew the dedication and skill required to fend off such attacks, they would have seen the victim as more than just another target.

As fate would have it, suspicion turned toward me during the investigation into the latest breach. I was questioned about my involvement and that of others in my circle, who may or may not have been responsible for the intrusion. Strangely, I did not know the real intruders, yet somehow they had linked me to the caper with hacker-planted evidence. The situation was perplexing and surprising, especially to my parents.

Although my chance to ask Kevin about this incident never came, I can imagine the stories he might have shared about the chase and life on the run. In the vastness of the internet, it’s a small world indeed, especially when you’re constantly scanning for hidden doorways.

I am writing this blog with mixed emotions today as Kevin has passed away. Kevin Mitnick, you were a hacker and a symbol of transformation and redemption. You’ve made significant contributions to cybersecurity, leaving a lasting impact. As we bid you farewell, may your legacy continue to inspire future generations to strive for greatness in the world of security.

Rest in peace, Kevin Mitnick, a digital martyr and rehabilitated hacker who has left an indelible mark on the world.

Phish Gallery & Blog Update

Phish Gallery & Blog Update

Update

Why has the blog been so dry? Well, it’s complicated. There are always people who don’t want to see you expressing yourself in a public way. These invisible haters will try to make connections between your personal activities, i.e., Blogging and work-related things, in any way they desperately can. I win those battles; it’s just tiring to explain to the suits how free speech works. Support the ACLU and EFF. 

Visit my Twitter Feed to see screenshots of various threats that come my way from readers, and my own mailboxes being flooded with threats. Many of them turn into future news articles in the days or weeks to come, so you get a head start. Otherwise, I tend to post the news I’ve been personally reading throughout the day. Maybe you’ll find something interesting. Thanks for reading. I’ll be back as soon as I finish realigning my career goals and getting myself in a good place to write again.

Phishing Gallery

It’s been a CRAZY year for breaches, ransomware, and other cyber terrorism. Truly a daily occurrence all over the world. A collection of phishing screenshots I’ve collected this year from various honeypots and other sources. We’ve worked with many organizations over the years to take down infrastructure related to these attacks. The trend I’ve seen across security products is that they block effectively, but it takes days. Secondly, the sites and email sources tend to go largely unreported.  If you want to make a difference: Protect future victims by sending the abuse emails. It may take hours, but it’ll take days or even weeks as everyone shields themselves without bringing the sites down. Many providers I reach out to will respond quickly to eliminate the artifacts.

Useful Links:

www.joesandbox.com

www.any.run

www.sentinelone.com

www.dnsfilter.io 

Websites:

(Click the right > key to move through the screenshots. I need to fix the jumping around with different sizes)

Emails + Attachments: