As my father said:  From some, you learn what to do; from others, what not to do.

Oh oh – it seems someone is having trouble managing a project, and it’s a big one.

The Social Security Administration (SSA) is presently getting by in a 30-year old outdated facility, known as the National Computer Center (NCC) in Woodlawn, MD.  Some of its support infrastructure, such as the UPS, is so old that there are no longer replacement parts available for maintenance.

Nearly $500 million in stimulus funding has been dedicated to building a new data center.  As often happens, the project is a year behind schedule and the lag appears that it will get worse.  Meanwhile, the old facility is filled with problems.  This is no mundane “data center” – it is a facility that delivers annual payments of $700 billion to 56+ million Americans.

Fortunately, the General Services Administration (GSA) has found a location for the new home of a new state-of-the-art data center.  It’s rather interesting to note that a significant part of the delay in prepping this new site is a concern over cost of electric power:  government auditors “expressed concern” that not enough consideration was given to this cost. 

I’m a little confused:  Power is power (a kilowatt hour is empirical, no?), a data center is a data center (a proper project knows the size, scope, and power demands… no?  Um, well, I guess, “no”), and the project is supposed to manage according to schedule and reality – right?  That’s what a project does – that its whole purpose.  Otherwise we wouldn’t waste our time shuffling all these schedules, resources and people.

I’m kinda guessing that the new site might be a bit removed from ready-access to efficient, affordable, power:  Maybe they need relay stations, or boosters, or who knows what – but this would seem to be a failure of proper survey for where they are – what they really need, and where they’re going and thus resultant trouble in the middle:  Getting there.

Kelly Croft, Deputy Commissioner for Systems at the SSA, provided some telling Congressional testimony this past February 11^th.  She cited the “dire need” for the new data center:  “Without a long-term replacement, the NCC will deteriorate to the point that a major failure to the building systems could jeopardize our ability to handle our increasing workloads without interruption.”  Further:  “Despite all of our best efforts to preserve the NCC for as long as necessary, there is always the potential that a critical facility infrastructure system could suddenly fail.”

Risks and incidents are further illuminated by Croft’s recent testimony:

-        There is No True Dedicated Power:  “Employee office spaces in other areas of the building share the same power lines and HVAC system as the data center. This design problem means that a potentially isolated issue in an area outside the data center, such as a minor receptacle overload at someone’s workstation, could temporarily shut down some power to the data center and HVAC system.”

-        There is an Aging Custom UPS System:  “The UPS is not an off-the-shelf product; it was designed specifically for the building. While we have extended our service contract with the UPS maintenance vendor over the years, the vendor recently advised us that it could not guarantee repairs in the near future. The necessary parts are simply no longer available. If the UPS failed, we would have to bypass the system and deliver unconditioned power to the data center equipment, which could quite potentially damage the equipment. Replacing the UPS would require significant downtime at the NCC.

-        Critical Cabling Problems: “Tangled cables can block the under-floor airflow that cools our servers, and we cannot work on the cables safely without shutting down the affected systems. Similarly, troubleshooting problems is difficult when we cannot isolate cable pairs easily to determine whether problems exist in the cables or in the IT equipment. There is also an elevated risk of data corruption, because electro-magnetic interference from the electrical wires that are located too close to the telecommunication wires can distort data transmission.”

-        Leaking Water in the Data Center:  “Last year, our facilities staff noticed water on the floor of one of the large battery rooms in the NCC. They quickly traced the source to a leaking water pipe in the room. Any water in close proximity to high-voltage batteries presents a serious hazard to the building and its personnel. In order to fix the leak, plumbers needed to expose the pipe and cut off the water supply. Unfortunately, without redundant systems, cutting off the water supply to the pipe also required cutting off the water supply to the large air handling equipment that is responsible for cooling our computing space. Since the air handling equipment had to be turned off, we had to actually shut down a portion of our national computing operations while making the repairs.”

Here in the Weave, I hope it’s obvious that there had to have been a failure in an ongoing survey of Where We Are (where they were) for the SSA.  Always understand where you are, thus knowing where you need to go, and thus knowing how to get there – sanctioned and known projects, with assigned budget, resources, responsibilities, and sized expectations – all done on time, in time.

Knowing where you are – the status of systems, their longevity, their safety and security, their update, their schedule for replacement – is a critical factor in any organization’s surety.  You must lead change, not mount it in a burst when critical infrastructure is failing:  finding that water is not only near critical power sources, but leaking to boot; upon discovery that cables are tangled and unlabeled – what happened to “wire management” here?  And so on…

On this day:  On February 27^th,1967 Pink Floyd released their 1st single “Arnold Layne”

 I’ve stumbled on something rather disturbing regarding Starbucks’ business practices.  First, let me say that Starbucks is not a client of mine:  Therefore, I’m free to speak without fear of divulging any client confidentialities – I would never speak about clients here anyway, without express permission, and an identified reason. 

Also, my recent observations and engagements with Starbucks are from a purely business point-of-view on my part.  There is nothing personal here, and I harbor no animosity against Starbucks – in spite of some rather interesting customer engagements I experienced.  I merely observed an ongoing bad business practice, and expressed some polite concern.

Let me now set the stage (all names have been changed, save mine):

As readers (hopefully) know, I’m a big proponent of security in business and data environments.  It would be difficult for any of us business and IT pros not to be – hardly a news bulletin. 

Security not only includes computer systems and associated content (central and dispersed), but physical security aspects as well.  In fact, the protection of business and all associated assets includes manifestly physical protections:  Locked rooms, sign-in and sign-out logs, locked safes and cabinets, careful handling of money, appropriate accounting of money, and so on. 

In protecting a business, we also must recognize that customers and staff are also assets, and best business practices are central to protecting those people.  Physical business security promotes safety and ongoing surety. 

Any security should also harbor a basic, rather simple, concept:  We shouldn’t tempt thieves.  We don’t want to make ourselves a target.  Therefore we don’t “front” certain light, transportable, easily carried and hidden assets.  Like money.

Well… most of us don’t.

A few weeks ago, this writer was laboring mightily on behalf of this blog when I noticed something peculiar:  There was a large stack of money on a counter.  A pile of bills.  Unattended.  It was at least 6 inches high.  Further, it was on the counter next to the food and drink display case, and this counter itself is used to prepare food and drink.

I’m no prude, but my first thought was:  Money is dirty.  It is generally kept well-clear of surfaces where food is handled.  Starbucks uses plates, of course, but still…  I approached the counter and spoke to the nearest barista (Starbuck’s preferred term for their customer service folks, for the uninitiated).  Very politely I said, “Hey Helen, there’s a big stack of money here…”.  I was about to continue that it made me uncomfortable, but Helen snapped, “Dave, I’ve been extremely busy.”  I understand being busy, so I merely continued, “Well, it makes me uncomfortable to see it here unattended…”.  I was informed that this is where the money was always counted.  (This, despite a desk and computer in the back, where I would presume the accounting information would eventually be entered…).

I very politely asked to speak to the manager, “Jackie.”  I was told that she was in the Bahamas. I returned to my work.  But presently, with the money remaining on the counter for over an hour (and still there upon my departure), I decided to make contact with Starbucks corporate headquarters.  Under the Customer Service tab on the website, I was heartened to see that they’re “here to listen” and that they want me to enjoy my trip to Starbucks every time I visit the store.  They provided a physical address:  Starbucks Customer Relations, P.O. Box 3717, Seatle, WA  98124-3717.

I wrote a very nice letter.  I will post the letter tomorrow, and then pick up this series with Part II, and Part III, where I’ll detail Starbucks subsequent interactions with me, and what they told me about the handling of money vis-à-vis business security.  There are also a number of other violations of standards as indicated in The Weave, and general common sense business-dictates.  I’ll detail those too – there are some great lessons…

You won’t want to miss the discussion of their business posture.

Until tomorrow…