FedEx Days at IGS Energy

Google is known for allowing their employees to devote a certain amount of time to work on projects that might not pertain to their day-to-day responsibilities. This practice gives Google team members an opportunity to flex their creative muscles while providing them with the freedom to work without limits. It has lead to the creation of several successful products (including Gmail). Following this same model, FedEx days (also referred to as ShipIt days) are typically a 24 or 48-hour period where employees are allowed to create and innovate with very little parameters or instructions.

Several months ago, it was decided that the IT department at IGS Energy would hold their own FedEx days. The idea was announced to our entire team at a department meeting. In the days and weeks leading up to the event, additional details were shared with the group. These details included a few rules.

IGS FedEx Days Rules…

  • We could work on anything we wanted as long as it’s not part of our regular job.
  • We could work in our system or work area, but not on items in our current backlog
  • The official clock started on a Thursday @ 2pm
  • We couldn’t start creating prior to 2pm but we could research
  • We had to show what we created or learned by Friday @ 4pm by creating a 2-minute video highlighting our work and outcome
  • Not everything will be a success, but often failure teaches us the most.

I wasn’t sure if I was going to participate at first. I had a lot of work to catch up on and could have used some time to focus on a few tasks. Fortunately, I was encouraged by a few co-workers to participate in the event. That left me with a  very important decision…what should I create?

About 10 months ago, I found myself in a situation where we needed all hands on deck to help solve a production issue. Since the issue occurred on a Sunday afternoon, it took me roughly 45-60 minutes to call everyone and explain the situation while discussing our next steps. I decided to spend my time calling instead of sending emails and text messages because texts/emails can be easily overlooked on a weekend. Afterward, I thought about ways that I could automate that process but I never really had time to devote to solving that particular problem. I decided this would be my challenge for FedEx days.

Before joining IGS, I wrote Python apps and lengthy PowerShell scripts but it had been about 2.5-3 years since I had even touched a piece of code. The idea of writing and deploying an app in 36 hours was really exciting. However, I wondered if I could actually get the work done in that short of a time-frame. I ended up partnering up with one of our Directors of Application Development (Matt). It had been about 10-15 years since Matt had written a line of code as well. We knew we had our work cut out for us but figured we would start by identifying our application’s requirements.

The requirements were really pretty straightforward…

  • The program should automatically call a list of people and play a brief message for them
  • The message should notify them there is a critical issue and that they would receive a follow-up communication with further details
  • The program should send out a text message & email with information about how to dial-in to a conference bridge
  • The program should be easy and quick to execute
  • The program should send out a Tweet when executed…because…why not?

Over the last few months, I had seen blogs about how people have creatively used Amazon Dash buttons to automate tasks. In fact, Amazon now sells AWS IoT Buttons that can be easily connected to AWS. This seemed like a fun way to kick off our process. Matt was responsible for connecting the button to AWS and ensuring that it could execute my python script.

A FedEx days project should celebrate failures. I would have been perfectly content if I gave this a shot and didn’t produce a working product. I was happy to just spend some time writing code and solving a problem with technology. Fortunately, thanks to some extremely helpful Python libraries and technical blog posts, we had a working script in just a few hours. After a few additional hours of tweaks, we even had the script executing from AWS after pressing our IoT button! We knew that there were potential improvements to make but we had solved our initial goal!

When it was all said and done, we had the following components in our solution…

  • AWS IoT Button – used to kick off our process
  • AWS Lambda – used to host and execute Python script
  • Python Script
    • Trello – used to make a phone call and send a text message
    • Tweepy – used to post a Tweet to my personal account
    • SendGrid  – used to send an email
  • Digital Ocean Web Server running Apache – used to host XML configuration file that was leveraged by Trello

We didn’t end up filming a video. This is mostly because Matt and I had to fit in a few meetings leading up to the final presentation. It also was a result of us making code changes up until 15 minutes before the projects were due. The lack of a video left us with a much more exciting yet nerve-wracking opportunity…a live demo.

We hadn’t tested the IoT button outside of Matt’s office and were a bit nervous about the recent code changes that we had made. We ended up configuring the script to call 16 people that we knew would be in the room during the presentations. When Matt pressed the button, I braced myself for the fact that the indicator light might turn red and the script wouldn’t execute. Sure enough, the light turned green and phones around the room started to ring. My Twitter account even sent out a test message (below). It was awesome.

 

There were a bunch of other great projects ranging from mobile applications to unique experiments involving spare laptop batteries. I was really proud of everyone that participated, particularly those that I work closely with on the Infrastructure team. Overall, I had a great time, learned a lot and I’m really looking forward to our next FedEx Days.

Why I believe in i.c.stars

After finishing grad school in 2015, I had a strong urge to volunteer. I wanted to make an impact. Unfortunately, I didn’t quite know how to devote my time. Should I go to a soup kitchen? Meals on wheels? I reached out to Jen Bowden (Director of Community Investment at IGS) and she gave me some wonderful advice. She told me to find a problem that I was passionate about fixing.

The more and more I thought about it, I was frustrated by the unnecessary barrier that was preventing talented individuals from entering the IT workforce. I was fortunate enough to have an opportunity to invest time and money into receiving a formal education at Ohio University. My formal education served as a great way to demonstrate my work ethic and desire to learn. It ultimately got my foot in the door of a great company and helped kick-start my career. In my mind, there had to be a way to help less fortunate individuals demonstrate those same capabilities while gaining some practical experience. After all, I learned more about business working at our family-owned shoe store in High School than I did receiving a Minor in Business Administration.

Rather than sit back and complain, I decided to try and fix the problem from the inside. I started teaching classes at Franklin University. As much as I loved helping the students, it wasn’t enough. I wanted to do more to remove the barrier preventing talented individuals from entering the IT workforce.

Fast forward a few months and the aforementioned Director of Community Investment at IGS introduced me to Ryan Frederick. Ryan spoke to us about a program that had started in Chicago called i.c.stars. The program identifies, trains and jump-starts technology careers for low-income young adults who, although lacking access to education and employment, demonstrate extraordinary potential for success in the business world and for impact in their communities. Candidates that enroll in the i.c.stars immerse themselves in the program. They go through a 4 month training cycle and spend 60+ hours a week working on a real project for organizations.

The numbers from the original office in Chicago speak for themselves…

  • 300+ total alumni
  • 95% initial placement rate
  • $9,915 average annual earnings before the program
  • $57,240 average annual earnings 30 months after program completion

Honestly, even after seeing those statistics, I was skeptical. I didn’t think that i.c.stars could prepare individuals with little-to-no technical experience for a career as a Business Analyst, Project Manager, QA Analyst or Developer in 4 short months while also managing to deliver a working product. The team at IGS decided to serve as the first project sponsor for i.c.stars Columbus. We saw a partnership with i.c.stars as an opportunity to give back to our community and change lives for the better.

The i.c.stars group was split into several teams that worked to build IGS a dashboard to display information about our EDI transactions. I can definitively say after serving as the organization’s first project sponsor that I had no reason to be skeptical. I am still amazed by the growth that I witnessed during the initial 4 month program.

If you’re interested in learning more about i.c.stars, contact me and I will introduce you to some of their awesome team members. In fact, along with Josh Miller (Training Manager at i.c.stars), I’m establishing a Mentorship Committee at i.c.stars in an effort to help recruit candidates around Columbus to help mentor future classes. We’re looking for folks with experience in Software Development, Database Administration, Business Intelligence, Engineering, Project Management, Leadership, Information Security, IT Infrastructure, QA Testing or Technical Support. The time commitment to mentor could be as much or as little as someone is willing to contribute. If you’re interested in joining the committee and helping recruit mentors for the organization, please let me know. Also, click here if you’re able to spend some time serving as a mentor.

Protecting Yourself From WannaCry Ransomware

Over the last few weeks, I’ve had a few friends ask me for advice related to the recent WannaCry Ransomware attacks. For those of you not familiar with Ransomware, it is a type of a computer virus that restricts access to a system until a sum of money is paid to the attacker. WannaCry is a dangerous variant of Ransomware because it is designed to spread very quickly throughout corporate and private networks. At the height of the WannaCry Ransomware infection, it crippled organizations ranging from auto manufacturers to hospitals.

Unfortunately, this virus has affected consumers as well. People all over the world have lost access to their most prized digital assets including family photos and videos. My advice to the average consumer about Ransomware really boils down to three basic concepts. You need to take steps to make sure that you’re able to prevent, detect and respond to Ransomware. Fortunately, you can take the necessary steps without a ton of effort or financial investment.

Obviously, it would be ideal if you could just prevent Ransomware from infecting your computers. Preventing a computer virus starts with being vigilant. Most infections of WannaCry began with a simple phishing email. It’s very important that you exercise caution when opening emails from unknown senders. Also, be sure to look for the signs of a phishing attempt.

I’m sure at some point you’ve had to respond to an annoying message asking whether or not you want to install a software update. I’ll be the first to admit these tend to happen at the most inconvenient time. Most of the time you don’t even notice a difference after these updates are installed. However, these updates often contain important security fixes and should be installed on a regular basis. In fact, installing one of these updates for Microsoft Windows would have drastically reduced the likelihood that your computer would have been infected with the WannaCry Ransomware.

Another way of preventing a Ransomware attack is to leverage Antivirus. It’s important to note that installing Antivirus won’t guarantee that you’ll be protected from malware. However, it will likely protect you from a majority of potential Ransomware infections. Also, with effective and free Antivirus solutions from companies like Sophos, there’s no excuse not to have Antivirus installed on your PC/Mac.

Normally, you need to take special steps to ensure that you’re able to detect that your computer has a virus. The main difference with Ransomware is you’re almost always aware when it happens. This is because attackers typically display a large message on your computer screen indicating that your files have been locked along with instructions for payment. However, behavior-based Antivirus software can be effective in notifying you that it has detected a Ransomware infection before a majority of your files have been locked/encrypted.

It’s important to prepare yourself for the likelihood that all of your methods of detection and prevention will fail. Even if you have Antivirus installed and are extremely cautions when opening emails, you can still end up with a Ransomware infection. There are a few steps you can take to make sure that you’ll be able to recover from the attack. The most step is implementing automated cloud-based backups.

As I mentioned previously, even the best defenses can eventually fail. Despite the best efforts and intentions, you might discover that your most important files have been encrypted. This is why it’s important to have some form of automated cloud computer backups. By using a backup service like Carbonite, you will be able to recover your files from the backup provider without paying a ransom to the attacker that encrypted them. Also, cloud-based storage providers such as Dropbox provide easy mechanisms to recover your files in the event they become encrypted by Ransomware.

If you find out that one of your computers has been infected by Ransomware, do everything you can to avoid making the payment. Making the payment will likely just put a bigger target on your back and it will become that much more likely that you’ll be targeted again. If you find yourself in a situation where your files are encrypted without a backup, you can attempt to leverage a 3rd party tool to decrypt/unlock the data. However, there is no guarantee that a decryption tool will exist for the particular Ransomware variant that you have.

  • Just to summarize…
    • Exercise caution when opening emails from unknown senders
    • Make sure that you have automated cloud backups using a service such as Carbonite
    • Verify that an updated version of Antivirus is installed on your computers
    • Install security updates on a regular basis
    • Do everything you can to avoid making the Ransomware payment