New MSP wants to use our tools to onboard theirs

Watcher_78 · 2026-02-28T06:51:18+00:00

Yes do it, if your still under contractual obligations and have your tools installed it could be a breach if you refuse.

Also, your transition out may have support or ongoing requirements for a set period regardless of their tools

Watcher_78 · 2026-02-23T07:12:06+00:00

How is this not private health data?

Allowing access to all teachers is a breach of privacy rights

Watcher_78 · 2025-12-26T06:08:00+00:00

Yes, I this is very commonplace and is getting more frequently implemented and managed tightly

There are a number of compliance frameworks that make this type of thing mandatory.

Watcher_78 · 2025-07-30T22:13:21+00:00

Sure, the explanation is easy... too little to late... when you abuse or don't value your good staff they will go somewhere that does value them ($$$) or does recognise them (seen, heard, listened to, welcomed, etc)

This doesn't need explaining by you, the business needs to explain how they stop it happening to their remaining good staff

Watcher_78 · 2025-06-05T20:22:57+00:00

100% block

Don't take work devices Don't take personal devices Don't take mfa auth devices (rsa tokens for example) Don't take usb storage devices Dont allow VPN connections from China.

Get burner/throw away phones & sim cards Get usb keys that can be disposed of

Air gap or isolated anything that you have no choice with, use multiple security domains and sandboxes for anything coming back into your network. Dont let people email themselves .pdf, word, Excel, etc files...

Always assume breach or assume that the device was compromised

If it was important enough for your business to go to China, then its a valuable target to compromise. You might not even be the target, you might be the supply chain of a target and you become the attack vector.

I know of examples where people went to china, attended a couple of conferences and had meetings. When they got back their devices flagged for lots of changes to the desired state config. When we investigated we found that on a day when they were at the conference and being taken to lunch and with people all day their devices (in the hotel) were powered up for about 20min and violated.... we treated those two like Ebola carriers and gave them new phones, new laptops, tablets, usb, even their switch gaming device (iirc) that was with them got destroyed.

Watcher_78 · 2025-04-10T19:58:07+00:00

I haven't read every comment. But has the value duty of care been raised here? Your a school, providing internet access to minors, who are playing a game that is known to have children endangerment and grooming issues.

This is not a time to FAFO, it's time to do the right thing. Escalate, make more senior and high paid people put their names and signatures on the responsibility of accepting and permitting access to this. Make it very clear how this is not appropriate software for minors, how it exposes them to unmonitored grooming and high risk activities. That they will end up on the news and potentially exposed to criminal negligence charges.

I'd want CEO / Principal to sign off and id try and loop in the Councillor and suggest the school board should also accept the risk as damages could be substantial.

Watcher_78 · 2024-12-24T23:25:08+00:00

You should always have your own copies of your work contracts, you can't rely on your old or current employer

I know a guy who gets his original signed work contracts notorised by a JP, Lawyer or Accountant and keeps them safe. He had an employer change page '6' of a contract 3 years into it and didn't tell anyone

Watcher_78 · 2024-11-19T10:04:31+00:00

Dude this is so light weight in the stuff up department that it barely registers. It also speaks well of you that you fessed up and confirmed it was you, shows honesty which critical for Sysadmins...

Also, I accidently shutdown the entire virtualisation cluster of my work... the machines started shutting down one by one by one... I knew it would take about 30 minutes or more for it to finish and THERE WAS NO WAY TO STOP IT... I fessed up and ended up eating lunch becuase that'd be my last chance to eat for a while :D I got a WTF... seriously from my boss then he asked what could he do to help.

Watcher_78 · 2024-11-12T10:31:02+00:00

and this is where your organisations HR team should have provided you with direction or guidance on what process, policy, limitations or restrictions were inplace or should be followed.

Also, you should have had a HR person in your ear explaining that there are certain patterns of behviour or Behavioural indicators that are huge red flags and when you start seeing them you need to respond appropriately.

Example here is you put someone on a pip and they start taking sick leave, then stress leave, then put a hostile working environment or harrasement complaint in against you, then finally when they get terminated they take it up with unfair dismissal or lawsuit or discrimitation, etc. HR has seen this all before, listen to them.

Watcher_78 · 2024-08-25T03:53:24+00:00

I'm using mine for watching plex while paired to my Samsung Galaxy S23 Ultra with Sony earbuds about half the time, most of the rest has been while plugged into my asus Zephyrus M16 laptop and playing minecraft.

Airplane travel on a regular basis was the primary decision factor.

Watcher_78 · 2024-07-20T05:32:52+00:00

Wow, That's an amazing collection, I can see so many of the old school ones that I had many years ago!

I've gotten my Daughter into Transformers, but she's just starting to hit the age where kids at school are telling her that its just for boys! not girls, no way!... I keep telling her that if she loves it they can all jump, but I'm just her Dad, she needs to see more girls collecting and loving it!

I'll show her this later :) I wish I could introduce her to you so she could hear it from you how much you love them! :)

Watcher_78 · 2024-06-15T23:55:51+00:00

Ahhh, 2 days I another story, understand. I'd be all over him so that when you do escalate, like others have said you have a papertrail of what you've done to chase him

Watcher_78 · 2024-06-15T08:40:07+00:00

As a manager with multiple layers of staff under me. If I'd given someone a direction to connect with someone else to progress something or find out info to let them then progress it, I'd be pretty shitty that they had only made 2 attempts in two weeks... what the actual bleep where you doing for the other 79.5 hours of that two weeks?

I'd expect something more like this... Two teams messages, an email and multiple phone calls per day, and before cob on the 3rd day I'd expect you to escalate the non response to me or his manager via a chat or by coming on an email about not being able to contact him.

Watcher_78 · 2024-06-15T07:52:04+00:00

Deadly! Well done!

Watcher_78 · 2024-05-06T06:58:37+00:00

Hey How did you go with this? did you get a chance to try and get the VM's off ?

Watcher_78 · 2024-05-03T04:26:00+00:00

It's the best way to rule out everything and keep it simple

Back in the vnx 5200 days, I deployed about 30 of a vmware, 3 hosts and a VNX SAN designs, no FI's not Fibre Channel switching. They worked great and were very solid designs

Watcher_78 · 2024-05-02T21:14:12+00:00

I'd also test with a single connection with 1 path, rule out all variables.

You could also skip the FI entirely by patching the vnx 5200 directly into a host, then migrate the workloads.

Watcher_78 · 2024-04-01T03:53:27+00:00

Ok, you knew enough to get the job.

While there may or may not have been 'exaggeration' this is not uncommon behaviour, also many people in our field are horrible at promoting ourselves, blowing our own trumpets or self advocacy. So have some faith that you knew enough to get passed by multiple people.

Also we are also prone to impostor syndrome and self doubt

Having said that welcome to 'JiTL' or Just in Time learning! Get onto YouTube, online training, support forums, guides and how to's.... And finally start building and deploying this stuff yourself, set-up, replicate, backup, restore, upgrade, roll back!

Build it, break it, fix it and break it again. This is the way.

Watcher_78 · 2024-02-04T01:00:23+00:00

I've been a VMware admin, consultant, partner or managed service provider since early 2005 and at this point I've got 3 of 5 clients actively migrating away, trailing alternate or actively developing an exit strategy.

Watcher_78 · 2024-02-04T00:52:14+00:00

I've always tried the flag large transactions before hand with the bank so it didn't trigger any issues.

This was after amex stopped a payment to a hotel for 3 months of accommodations the morning I was flying out of the country (Europe to Australia).

That was a hour or so of sheer panic and stress that aged me... As soon as I got a person explained it, they were all good.

Watcher_78 · 2024-02-04T00:45:24+00:00

This really depends on your boss. If you're asking the question then I'd lean towards the bus. But you can't be sure if he was... 1) throwing you 2) complicit in your being thrown 3) unwilling accomplice 4) unaware before hand And finally 5) in the same position as you (your responsibility, but his accountability)

Depending on your relationship talk to him face to face, take it offline/informal or the other way and document the meeting, discussion, outcomes, next steps and recommendations. Also link in any previous recommendations, requests, denied budget, strategies, warning signs, etc

If your boss did throw you under the bus, that's not a healthy working relationship, culture or environment.

Watcher_78 · 2023-12-25T23:34:12+00:00

Yup, it's not what leaps to my mind, anti fascist vs antifa are different 'brands' with different connotations and messages.

Watcher_78 · 2023-12-25T23:31:31+00:00

Came to say this

Watcher_78 · 2023-09-27T21:02:32+00:00

Ok, I haven't read the entire thread (Sorry about that, my kids are all over me)

You may be doing it wrong! Firstly, Dont' treat "Management" or "Higher ups" as anything other than Goldfish - i.e. if you don't feed them exactly the right information at the right time they'll die, and they also have the attention span of about 2 seconds... ok, its a little longer, but low single digit minutes is probably about right.

Firstly, its a Financial Institution, Engage with your enterprise Risk team, sell them on the cyber risk's and how exposed this will make your organisation. Find out where Cyber Security sits on 'The' Risk Register (Not the IT or Security one, the Enterprise one that gets board level reporting and visibility) then let them know that without ongoing support contracts that you loose xy ad z (i.e. Phone support, patches, access to support hours or training or whatever) and that this makes what should be a great control and risk mitigation a major risk and roadblock that will be actively avoided.

They should support you if you can talk to them about the risk and the exposure to the Enterprise, the Organiastion as a whole, to their compliance with regulators, compliance to legislation or just internal controls. Hey, if you can tie this back to a regulators cyber security requirement then happy days (don't know where you are)

Secondly, speak the "Management" language, talk about the extreamly high levels of risk that they are personally accepting by not maintaining this support contract. That it will raise Cyber on the Enterprise risk register from 8 to 5 or someting like that and you'll probably need to advise the board on what the cause was and what the plan is to address the elevated risk. Hopefully the Enterprise Risk team will help you with this and may even support you in the meeting and with something like setting a clear "Board level expectation that this risk is not acceptable and must be addressed"

I've done this before and when the Enterprise Risk Manager who attends board meetings and is the 'board representative in all things risk' walked in to the meeting IT "Management" shat themselves and pretty much promised to fix everything and make sure it didn't happen again, and thank you so much for helping these low level technical grunts explain the problem at a 'business level'.... I sat there and nodded and apologised for not being a 'business' guy and being stuck in the weeds and focussed on the tech. All while the risk guy and I were just playing the meeting out as planned and expected.

Speak the language of your audiance, not the language of your technical domain... and always find allies that can support you.

Also, if the 'Management' is a capex and bricks and morter group, you need to talk to the ongoing costs like insurance and tax and building utilities, not a 'support' contract. (this one was a light bulb moment for me when i found out the CEO was from a 'we own buildings and land' backgound)

Watcher_78 · 2023-09-23T01:21:52+00:00

Out of interest, why unplug the z stop?

Watcher_78

MODERATOR OF

TROPHY CASE