Recently in an office meeting, I came across a situation, where I felt that many members within the group where restraining from expressing themselves. This kind of situation is not uncommon for me. Some members reserve their comments thinking that the team may not appreciate or counter to it. But more often then not, they express themselves privately or publicly or when the decision does not appear to yield desired result. I always feel that we need to overcome this kind of communication barriers to helps us make right decisions. This kind of situation (inferred) is also referred as Abilene paradox.
From Wikipedia:---
The Abilene paradox is a paradox in which a group of people collectively decide on a course of action that is counter to the preferences of any of the individuals in the group. The Abilene paradox was introduced by management expert Jerry B. Harvey in his article The Abilene Paradox and other Meditations on Management.
On a hot afternoon visiting in Coleman, Texas, the family is comfortably playing dominoes on a porch, until the father-in-law suggests that they take a trip to Abilene [53 miles north] for dinner. The wife says, "Sounds like a great idea." The husband, despite having reservations because the drive is long and hot, thinks that his preferences must be out-of-step with the group and says, "Sounds good to me. I just hope your mother wants to go." The mother-in-law then says, "Of course I want to go. I haven't been to Abilene in a long time."
The drive is hot, dusty, and long. When they arrive at the cafeteria, the food is as bad as the drive. They arrive back home four hours later, exhausted.
One of them dishonestly says, "It was a great trip, wasn't it?" The mother-in-law says that, actually, she would rather have stayed home, but went along since the other three were so enthusiastic. The husband says, "I wasn't delighted to be doing what we were doing. I only went to satisfy the rest of you." The wife says, "I just went along to keep you happy. I would have had to be crazy to want to go out in the heat like that." The father-in-law then says that he only suggested it because he thought the others might be bored.
The group sits back, perplexed that they together decided to take a trip which none of them wanted. They each would have preferred to sit comfortably, but did not admit to it when they still had time to enjoy the afternoon.
A technique mentioned in the study and/or training of management, as well as practical guidance by consultants, is that group members, when the time comes for a group to make decisions, should ask each other, "Are we going to Abilene?" to determine whether their decision is legitimately desired by the group's members or merely a result of this kind of groupthink.
Tuesday, October 20, 2009
Thursday, October 15, 2009
Thursday, October 8, 2009
Server Hardening Checklist
• If machine is a new install, protect it from hostile network traffic, until the operating system is installed and hardened.
• Consider using the Security Configuration Wizard to assist in hardening the host.
•Install the latest service packs and hotfixes
• Enable automatic notification of patch availability.
• Configure Audit policy as described.
• Set minimum password length.
• Enable Password Complexity.
• Configure event Log Settings.
• Disable anonymous SID/Name translation.
• Do not allow Anonymous Enumeration of SAM accounts
• Do not allow Anonymous Enumeration of SAM accounts and shares.
• Disable the guest account.
• Digitally Encrypt of Sign Secure Channel Data (Always).
• Digitally Encrypt Secure Channel Data (When Possible).
• Digitally Sign Secure Channel Data (When Possible).
• Disable the sending of unencrypted password to connect to Third-Party SMB Servers.
• Do not allow everyone permissions to apply to anonymous users.
• Do not allow any named pipes to be accessed anonymously.
• Restrict anonymous access to Named Pipes and Shares.
• Ensure that no shares can be accessed anonymously.
• Choose "Classic" as the sharing and security model for local accounts.
• Disable or uninstall unused services.
• Disable or delete unused users.
• Configure User Rights to be as secure as possible.
• Ensure all volumes are using the NTFS file system.
• Use the Internet Connection Firewall or other methods to limit connections to the server.
• Configure file system permissions.
• Configure registry permissions.
• Set the system date/time and configure it to synchronize against campus time servers.
• Install and enable anti-virus software.
• Install and enable anti-spyware software.
• Configure anti-virus software to update daily.
• Configure anti-spyware software to update daily.
• Configure a screen-saver to lock the console's screen automatically if the host is left unattended.
• If the machine is not physically secured against unauthorized tampering, set a BIOS/firmware password to prevent alterations in system startup settings.
• Configure the device boot order to prevent unauthorized booting from alternate media.
• Systems will provide secure storage for Category-I data as required by confidentiality, integrity, and availability needs. Security can be provided by means such as, but not limited to, encryption, access controls, file system audits, physically securing the storage media, or any combination thereof as deemed appropriate.
• Install software to check the integrity of critical operating system files.
• If RDP is utilized, set RDP connection encryption level to high.
• Consider using the Security Configuration Wizard to assist in hardening the host.
•Install the latest service packs and hotfixes
• Enable automatic notification of patch availability.
• Configure Audit policy as described.
• Set minimum password length.
• Enable Password Complexity.
• Configure event Log Settings.
• Disable anonymous SID/Name translation.
• Do not allow Anonymous Enumeration of SAM accounts
• Do not allow Anonymous Enumeration of SAM accounts and shares.
• Disable the guest account.
• Digitally Encrypt of Sign Secure Channel Data (Always).
• Digitally Encrypt Secure Channel Data (When Possible).
• Digitally Sign Secure Channel Data (When Possible).
• Disable the sending of unencrypted password to connect to Third-Party SMB Servers.
• Do not allow everyone permissions to apply to anonymous users.
• Do not allow any named pipes to be accessed anonymously.
• Restrict anonymous access to Named Pipes and Shares.
• Ensure that no shares can be accessed anonymously.
• Choose "Classic" as the sharing and security model for local accounts.
• Disable or uninstall unused services.
• Disable or delete unused users.
• Configure User Rights to be as secure as possible.
• Ensure all volumes are using the NTFS file system.
• Use the Internet Connection Firewall or other methods to limit connections to the server.
• Configure file system permissions.
• Configure registry permissions.
• Set the system date/time and configure it to synchronize against campus time servers.
• Install and enable anti-virus software.
• Install and enable anti-spyware software.
• Configure anti-virus software to update daily.
• Configure anti-spyware software to update daily.
• Configure a screen-saver to lock the console's screen automatically if the host is left unattended.
• If the machine is not physically secured against unauthorized tampering, set a BIOS/firmware password to prevent alterations in system startup settings.
• Configure the device boot order to prevent unauthorized booting from alternate media.
• Systems will provide secure storage for Category-I data as required by confidentiality, integrity, and availability needs. Security can be provided by means such as, but not limited to, encryption, access controls, file system audits, physically securing the storage media, or any combination thereof as deemed appropriate.
• Install software to check the integrity of critical operating system files.
• If RDP is utilized, set RDP connection encryption level to high.
Tuesday, October 6, 2009
google wave
Google Wave is an online tool for real-time communication and collaboration. A wave can be both a conversationand a document where people can discuss and work together using richly formatted text, photos, videos, maps, and more.
A wave is equal parts conversation and document. People can communicate and work together with richly formatted text, photos, videos, maps, and more. Any participant can reply anywhere in the message, edit the content and add participants at any point in the process. Then playback lets anyone rewind the wave to see who said what and when. A wave is live. With live transmission as you type, participants on a wave can have faster conversations, see edits and interact with extensions in real-time.
To experience visit wave.google.com
A wave is equal parts conversation and document. People can communicate and work together with richly formatted text, photos, videos, maps, and more. Any participant can reply anywhere in the message, edit the content and add participants at any point in the process. Then playback lets anyone rewind the wave to see who said what and when. A wave is live. With live transmission as you type, participants on a wave can have faster conversations, see edits and interact with extensions in real-time.
To experience visit wave.google.com
Monday, October 5, 2009
LEADERSHIP THOUGHTS
"Sometimes to be faster, we have to be slower." 3 Time World Champion racecar driver Jackie Stewart
"Be yourself. Everyone else is taken." Oscar Wilde
"No man will make a great leader who wants to do it all himself or to get all the credit for doing it." Andrew Carnegie
"Be yourself. Everyone else is taken." Oscar Wilde
"No man will make a great leader who wants to do it all himself or to get all the credit for doing it." Andrew Carnegie
Thursday, October 1, 2009
Ahimsa vs Himsa
Excerpt from a recent chat
Varsha: What is the difference between Ahimsa and Himsa
Me: Ahimsa is non violence, whereas Himsa is violence. Violence can be verbal, physical, emotional, non verbal (body language) etc whereby u cause hurt to the other person.
Varsha: I know it, anything else
Me: Ahimsa is the rational way to solve the problem. Himsa is forcing the other person to accept.
Varsha: go on
Me: Ahimsa is empathising with the situation whereas Himsa is reacting to the situation.
Me: Ahimsa is in-human whereas Himsa is human
Varsha: You keep writing I will be back in a minute
Me: Ahimsa is thought process whereas Himsa is unthinking
Me: Not listening is also himsa
Me: Ahimsa is a learned way of responding to the problem where as Himsa is an ignorant response
Me: Ahimsa is two way process whereas Himsa in most cases is one way
Me: Ahimsa is an attack on the problem to resolve it whereas Himsa is generally a defensive approach and an attack on the person
Me: Ahimsa is trying to weed out the problem whereas Himsa is trying to wade off the problem.
Varsha: try to find out something simple setences which can be understood. Use simple language
Sent at 11:50 AM on Thursday
Varsha: What is the difference between Ahimsa and Himsa
Me: Ahimsa is non violence, whereas Himsa is violence. Violence can be verbal, physical, emotional, non verbal (body language) etc whereby u cause hurt to the other person.
Varsha: I know it, anything else
Me: Ahimsa is the rational way to solve the problem. Himsa is forcing the other person to accept.
Varsha: go on
Me: Ahimsa is empathising with the situation whereas Himsa is reacting to the situation.
Me: Ahimsa is in-human whereas Himsa is human
Varsha: You keep writing I will be back in a minute
Me: Ahimsa is thought process whereas Himsa is unthinking
Me: Not listening is also himsa
Me: Ahimsa is a learned way of responding to the problem where as Himsa is an ignorant response
Me: Ahimsa is two way process whereas Himsa in most cases is one way
Me: Ahimsa is an attack on the problem to resolve it whereas Himsa is generally a defensive approach and an attack on the person
Me: Ahimsa is trying to weed out the problem whereas Himsa is trying to wade off the problem.
Varsha: try to find out something simple setences which can be understood. Use simple language
Sent at 11:50 AM on Thursday