|
|
In the last article in this series, I discussed the commonly used options for Backup options and stressed that off-site backup were critical for disaster recovery. However, I also pointed out that the size of your backups combined with how many past backups you need to retain can be cost prohibitive. In this article, I’ll provide a high level overview of compression, security, and encryption of backups in SQL Server. I’ll cover SQL Server 2000 through 2008, since I know that a very large percentage of us are still using SQL 2000.
What is available natively in SQL Server?
If you are working with SQL Server 2000, your options are limited. SQL 2000 offers neither database nor backup encryption natively. Why does this matter? SQL backups can be read by an ordinary text editor. It’s not as easy as reading a Tom Clancy novel or anything, but it’s not that hard either. While it is true that you can password protect your backups, this is of little value. To demonstrate, I created a practice company (M2Mdata33) with the M2M sample database. I backed up the database with the following script. Notice that I’ve applied the password ‘bleh’ to it.
BACKUP DATABASE M2Mdata33 TO DISK='c:\M2MPass.bak' WITH MEDIAPASSWORD = 'bleh' I opened the file in Notepad and found the following:
I can hear you saying, “Umm… David, you said it was human readable.” Actually all of the data in the file is readable. For example, when I try to search for any of the customer names in the educational database such as “Johnson Electric”, the following pops up:
Not exactly secure, huh? While it is true that if you attempt to restore the database without the password, you will receive an error; it’s not really secure. Unfortunately things didn’t improve much for SQL Server 2005. Database encryption was added, but it is applied on a column by column basis and from what I’ve been told, it’s a pain in the rear to administer. Backup encryption and compression were not addressed.
In SQL Server 2008, Transparent Data Encryption (TDE) was added which allows automatic encryption of your entire database. As the name would suggest, the encryption is transparent to both the users and the application, so in theory M2M would have no idea you encrypted its database. According to the demonstrations I’ve seen, the performance impact is negligible as well. I have not tested this and I only mention this option because I’ve received a couple of questions about it, but it doesn’t really pertain to M2M companies. TDE is an Enterprise Edition only feature, and I’ve never known a M2M customer to use SQL Enterprise as it’s prohibitively expensive. Backup compression is included in 2008 as well, but again only in the Enterprise Edition.
What about 3rd party products? What is the right way to handle backup compression and encryption?
There are two ways to compress and protect backups. There are several 3rd party options for SQL Server backups, and two of the most widely used are RedGate SQL Backup and Quest LiteSpeed. To be fair, I’ve not used either in production and have only experimented with these products on test machines. They both offer the following basic benefits:
- Increased Speed for backup and restore.
- Backup encryption is performed on the fly so the backups cannot be read without authorization.
- Backups are compressed around 90% according to the preliminary testing I performed on M2M Databases.
- Specific database structures such as tables can be restored rather than the entire database.
- Backup and restore process is simplified. More on this in a future article.
The only drawback is the cost of these products. Expect to pay anywhere from around $300 to $1500+ per SQL server for them.
What is the second way to handle backup compression and encryption?
What can you do if your boss won’t pony up and you need compressed and/or encrypted backups? Well, you could use 7 Zip, a free program. In testing, it compressed my backup file more than 90% and allows AES-256 Encryption and password protection. It compressed a 4gb database to 276MB, but took 20 minutes doing so. However, it is important to note that testing was performed on a retired PC with IDE drives. This product can be run from command line so it can be scheduled with the proper parameters and run every night after your backups complete. I’m setting up a system using this so long term backups can be stored on site rather than on off-site tape.
Other encryption options.
Most online backup companies support encryption, but this doesn’t protect the backup files that remain on your server on site. Also, some tape backup systems offer automatic encryption as well, but have the same drawback.
That’s great, but you still haven’t told me how to backup a database yet.
In the next article, we’ll discuss the Database Recovery Models for SQL Server and how to choose which is right for you.
What about you? Are you concerned with your backup security or the space required to store backups?
In my free time, I’ve been working on the permission problem I wrote about a few weeks ago. I’ve managed to get the permissions to output correctly and created a system to report from them in Integration and Reporting Services (more on that in a later article).
I’d like your input on it before it’s finished. In the past, when I’ve audited a company’s permissions, I took a look for the following security concerns.
- How many users have Root access? Do all of them need it?
- I encourage the decision maker to restrict how many people have deletion and change status permissions most modules. M2M’s auditing options are poor and life is easier when you know that only 2 people in the building can delete certain records.
- I encourage the decision maker to restrict permissions higher than view to people who do not need them. In other words, Sales People should not be able to add/edit/Delete Purchase Orders.
I’m not suggesting the permission reporting system would block you from doing anything you wanted, but it would raise a red flag that Bob in Sales can delete anything in Invoicing, Item Master, etc.
The problem has always been that M2M does not have user designations integrated into it. With the exception of Form Customizer Groups, nowhere in M2M does it say that Sally works in accounting. I’m exploring ways to fix that. For now though, I need to come up with a system of classifying employees that is neither too restrictive nor permissive. In other words, I don’t want to have 25 different employee groups, but I also don’t want to have 2 groups which divide up M2M in half either. I want a user role system that suits a majority of M2M companies.
To that end, I have created the following groups. Most of them will include two levels of permissions. The Base type would represent your worker bees while the Manager type has more permissions such as Change Status and Delete.
Here are my groups, along with a brief description of their access permissions.
-
Admin – Root Access (Business Owners would be Admins as well).
- Sales – Has add+ permissions to Sales, Quotes, and Prospects.
- Accounting – Add+ permissions to AP, AR, and Customer set up. The Manager would have access to GL.
- Purchasing – Add+ permissions to purchasing.
- Shipping/Receiving – Add+ permissions to those areas.
- Production – Includes Inventory, Serial Numbers.
- Operations – Includes everything but Admin and Accounting.
What do you folks think? Do you have a better idea of how these groups should be defined? Try not to think of just your particular employer, but rather as M2M companies as a whole.
This is the second of a series of articles, regarding disaster recovery for the small/medium sized businesses which are the typical customers of Made2Manage. All of these articles will be at a high level with links to more in depth articles where you can read about all the gory details.
What are we trying to protect against?
- Server Failure or Database Corruption. M2M will tell you that database corruption is not a problem when you upgrade to SQL Server from VFP, but that is not so. SQL Server databases CAN have problems with data corruption. More on that in a future article.
- Someone deletes something they shouldn’t have, accidentally or maliciously.
- Natural Disaster, e.g. Fire, tornado, Godzilla Attack.
Before considering a disaster recovery option, you must evaluate how important your data is to you. What is your data worth? The backup and recovery plan should reflect this as you don’t want to spend a fortune on backup systems for data that isn’t worth much. With that in mind, let’s consider the following options for backup and recovery.
Common Options
Option 1 – Backup to another server in your building.
Advantages:
- You can restore quickly.
- It’s very cheap.
- It’s relatively secure because someone would need access to the building in order to access your backups.
Disadvantages:
- There are numerous disadvantages, but the primary is that it doesn’t protect against any of the scenarios above. Sure, you’re fine if one server fails. What happens if both fail? This may seem unlikely but they could both fail due to an electrical disturbance and you would be absolutely, completely out of luck.
- Further, if someone is able to maliciously delete your primary data, it wouldn’t be hard for them to delete your backups on the other server. Smaller companies that use M2M are notoriously lacking in security. What happens if a system administrator becomes disgruntled and takes the server down as well as the backups? In my opinion, it is unwise to give complete control of the data to any one person. I think if you asked owners of the now defunct JournalSpace or the City Government of San Francisco, they’d agree with me.
- If something happens to the building, like a prehistoric fire breathing lizard stomps it, everything is inside.
So, if you want to be safe, it’s obvious that you need off site backups. There are a few ways that people do this. This brings us to….
Option 2 – Using tapes or some other media for backups and getting them off site.
Advantages
- This option can be relatively inexpensive.
- You can keep a copy of the data on another computer in the building (for speed) as well as an off-site back up (for security).
- Since the media is physical, it can be brought anywhere in a crisis to be set up relatively quickly. You don’t have to wait for a long internet download.
Disadvantages
- It’s more expensive if you pay for the media to be couriered to a secure location. An employee could technically take the data off site, but are you encrypting the backups? As we’ll learn in the next article, Standard SQL Server backups are not encrypted unless you’re using a 3rd party application. What happens if someone steals them from your home or car?
- Further, who wants that responsibility and are most people really going to remember to do it every single day? What about sick days or vacations?
- Backup media can be unreliable.
- Quality backup media is not exactly cheap either. Depending on how long you need to archive your data, you may need a prohibitive number of backup tapes.
Option 3 - Online Back Up
Advantages
- Some of these data centers are deep underground and exceedingly secure.
- After they are set up, they can be absolutely no fuss.
Disadvantages
- How long is it going to take to restore your data from the internet?
- What happens if the internet is unavailable? If there is a natural disaster, it could be weeks before you have access to the net again.
- The costs of this option can really add up. You are typically charged for all data transferred as well as the space used to house your backups. When figuring cost, remember that you are going to keep multiple copies of your databases, and depending on how far back you need to retain, this can get prohibitively expensive.
- Backups are not typically encrypted. Are you using SSL encryption when transferring your data over the internet?
If your databases are of decent size, I would recommend you invest in a tool like Quest LiteSpeed or RedGate’s SQL Backup. This is especially important considering the costs of online backup. They allow encryption and can compress your backups which will save you serious money in the long run.
As I said in the last article, even if you have a bullet proof backup strategy, it’s meaningless if your backups will not restore. If you are using tape backup, make sure to restore from tape, not from the backup file still held on your server. Do this with your online backup as well if you choose that method. You should definitely know how long it takes to download your 10 GB backup file from off-site.
I’ve deliberately omitted options such as SQL Server Clustering and Replication because they aren’t feasible for the vast majority of companies using M2M. As I mentioned above we’ll discuss backup encryption in the next article in the series.
What’s your opinion regarding the backup options? How does yours differ?
 I regularly receive questions about backup and recovery. A particularly troubling message I received recently prompted me to create the polls on database backup and recovery. I decided to create a short series of articles on disaster recovery for the small/medium sized businesses that typically use Made2Manage. This article is a true story of how I learned the importance disaster recovery the hard way.
Backups are Secondary
Let me preface the story with the following. When thinking about backups, what we are really concerned with is recovery. If you had an armed SWAT team that arrived at your office every day, gathered your back up media, and whisked it away deep inside some mountain somewhere, it wouldn’t matter if you couldn’t restore them. So, no matter which backup method you decide on, the first order of business would be doing regular test restores.
I restore my M2M databases to two different test servers every single night using T-SQL scripting and SQL Server Integration Services. The purpose is to have fresh data to work with on these test servers, and I’ll describe that project at a later date.
What Disaster
Years ago, not long after I inherited M2M, I had a terrible problem with M2M Support. This was back in the awful days of VFP (version 3.2 I think), and I regularly had data corruption problems. Being a neophyte, I called support and they walked me through repairing my problem in VFP. The M2M Support Technician instructed me to delete my (DBF) file so that I could recreate it. Even though I was still a beginner, I questioned her about that because that didn’t sound right. I thought the proper file to delete and recreate was the CDX file (index). I distinctly asked her two times if she truly wanted me to delete the DBF and she verified the instruction. So, I deleted the DBF and lost all of my shipping line items in that one instant.
I was then instructed to restore from backup. Backups were administered by an outside company who handled our hardware (not Consona). Since I was new to IT, backup and recovery were deemed too critical for me to administer. To make a long story short, their techs were making their weekly visits, switching out backup tapes, performing their test restores, and certifying that they worked. Except…. They weren’t.
The Realization
I immediately called the hardware consulting company and while a technician was on route, I opened the backup software console. When I scanned the entries, I realized that we hadn’t had a backup in weeks. There was an error with one of the tapes, and the backup software would not start a new backup job before the error was cleared. These fools were not even checking the logs, much less performing test restores. I have no idea how long it had been since they’d actually done the job for which they charged us. I then pulled the physical check sheets and they were filled out correctly of course indicating that all backups were tested.
The Aftermath
M2M informed me that they could no longer help me, and correctly so. While the original problem was their fault, all they guarantee is that they can get you back online provided you have a good backup.
The long walk to the boss’ office after you’ve made such an error is a terrible experience. Thoughts of, “I wonder how long it will take me to get a resume together,” were running through my mind. Amazingly he was very relaxed about the problem and didn’t seem overly concerned.
After the hardware technician arrived and surveyed the scene, he tried to weasel his way out of it, explaining to my boss that backup tapes were unreliable. I pinned him to the wall at that point, exposed the fact that he had not been doing his job, and in generally vented my frustration at him.
The Recovery
The hardware technician restored the 3 week old database (which in VFP is nothing more than a bunch of files in the operating system) to a different place on the drive and left. M2M was down and we were in crisis, but I went into my office and shut the door. I sat in the silence, breathed deeply, and thought about the problem. I contracted with a VFP programmer to re-build the shipping item (SHITEM) table as completely as possible using data from the shipping master (SHMAST), and other tables in the database.
This cost my employer a small fortune, which I insisted be passed on to the hardware consulting company. We lost a day’s productivity, but were otherwise unscathed. I didn’t hold what happened against the M2M Technician, and we’ve had dinner a few times since then at national M2M Conferences.
How Can I Avoid the Long Walk?
Stay tuned to this series of articles, and I’ll help you avoid the mistakes I made.
I’ve been speaking with a fellow M2M Admin and helping him get up to speed. I was shocked when he admitted to me that he had no backups. He explained that they were using Raid 5, and therefore didn’t need any. If you’re in this situation, don’t feel bad. Most of us work for small companies and as a general rule they tend to be lax about backups.
Since it’s Friday, I thought we could have a poll with a few questions about backups. Please answer honestly, as this is anonymous.
 Loading ... Loading ... Loading ... Loading ... Loading ...
In a previous post a user made the following comment:
talking on the topic of permission how I can generate a report per screen that will show only the user that have at least one permission and not showing all users wit no permission at all!!
I’ve always been annoyed by the report aspect of M2M user permissions. The report is just awful. One of the primary tasks I’m asked to handle at larger clients is to audit their permissions, make recommendations regarding them, and the report is woefully inadequate for this task. In fact, at my current employer, even after removing deleted companies from my Util database using the method I wrote about, the report still requires over 30 minutes for detailed user permissions on the database. This ties up my M2M client during that time, taxes the server, and generally irritates me. In the past, I have exported it to CSV, then imported it into Access, and wrote Crystal Reports on it. A CSV has to be used or you risk exporting too many rows for Excel to handle.
Anyway, in answer to his question I tried adding an advanced filter to the report, filtering out all the people who had no permissions to the particular screen. It would be nice to be able to do so because as it is now, if I run the report for an individual screen I still get 16 pages of user names, 90% of which have no permissions to that screen anyway. The process is tedious and involves lots of time with a highlighter.
The filter should look like this:
Don’t bother using that however, it doesn’t work. In fact, no additional filters work on that report. I have always wanted to have easy access to permissions, but the user names are encrypted in some tables. Furthermore, if you look in that table it is obvious that detailed user permissions aren’t kept there anyway. Take a second to look at your user permissions table. Please read my standard disclaimer before using any code from this site.
Open FoxPro and type the following:
SET EXCLUSIVE OFF
OPEN DATABASE X:\m2mdata\util\util.dbc
USE utacc
BROWSE FOR fccompid = "01"
Remember to replace X with your database drive letter, and substitute the company number you wish to view for fccompid. This will show you the assigned user permissions in M2M for that company, but these are different from the detailed permissions required for every screen/report/etc.
For example, if a new company is created only one user who has rights to the system and by default has root access. Only one record should show up in the table instead of a record for every individual screen or report for which they had access. However, when a new company is created, the creator is restricted to View rights to the Form Customizer (FCUST) screen. I have no idea why M2M restricts that screen, instead of several screens which are more important/dangerous, but it does.
Therefore, M2M has a very complicated algorithm to calculate a user’s detailed permissions based upon what is in that table. In this case, it determines that I should have all rights, minus the FCUST screen. Below are the results when I remove rights (all but View) to the Sales Module from myself.
Now, I’ll grant myself Add, Edit, and Delete rights to the Sales Order Screen (SO).
From those records M2M determines that I should have full rights to everything, minus the FCUST rights, minus any rights to the Sales Module, except add rights for the SO screen. I think you’ll realize just how complex this algorithm must be.
Now look what happens when I simply add a new user. Remember that all new users have root access by default, which is a terrible security flaw in my opinion. However, something very unusual occurs:
It explicitly removes rights from VBA Editing. I thought perhaps that setting resulted from a new employee not having "VB Developer" checked on the User Management Screen, but it doesn't. I have no idea why this happens either. However, when you add a new Administrator who will work with VBA, you must manually give them permissions to the screen.
Since we're experimenting, let's see what happens when I revoke all of Test's permissions.
M2M replaced all of the records for Test and replaced them with one which revokes all permissions. Finally, watch what happens when I grant all permissions back to test.
Notice how Test simply has all permissions and none of the records included previously like VBPROJ and FCUST are referenced? I spoke with M2M Support about my findings and they admitted that they had no idea why M2M behaves this way.
Well, Mr. Wizard, what's the point?
The point is that M2M is inconsistent in it's permissions table. The point also is that M2M's algorithm still knows how to contruct permissions for each user for every object in M2M from what little is recorded in the UTACC table. If you want to audit permissions in M2M, you essentially have three options.
First, you can continue to use the terrible User Report (RPUSER), wait forever each time it runs, and go through many irrelevant pages trying to look for the records which matter.
Second, you can attempt to export the user permissions using the RPUSER, import them into Access or something similar, and write reports based on them. This process gives you better access to your data, but is still time consuming.
Three, you can stay tuned because I'm working on a solution to this problem using SQL Server Integration Services and will share it with everyone when it's done.
P.S. Are you folks growing tired yet of my "P" alliteration theme in regards to permission problems?
What are Web Support Spotlight Days?
Anyone who administers Made2Manage is aware of Web Support Spotlight Days. These days always occur on Fridays and Made2Manage Support stops accepting incoming support calls, only accepting requests through its website. This idea is sold to customers as a means of showcasing M2M’s excellent web support options, and that support technicians are reviewing the cases submitted in the same timely manner. Until this past week, I chose not to comment about them. However, this past week Friday, when I called in to register another change request, I was greeted with the following:
Now I suppose I should rest easy because the ever vigilant “Expert Team” has been notified, but I’m almost positive they follow those as closely as M2M Admins follow Red Box Errors. In fact, when I previously spoke to one of the web expert team about a problem which prevented users from searching their support cases for specific key words, he said that they had no idea that there was a problem. That problem has plagued the system for nearly a decade. That’s a lot of “Expert Team” notifications to go unheeded.
Anyway, I called support and after hitting 0 more times than I could count, I got someone in support and they dispatched someone to fix the website.
What do they do on Web Support Spotlight Days?
The official answer is that they use these days for ongoing training and company meetings. However, I have a sneaking suspicion that the majority of these days are spent blowing off steam and enjoying peace and quiet. The volume of calls they must receive on regular support days has to be enormous. I’m sure they catch up on ongoing support issues and cleaning up paperwork as well.
So What?
Well, I guess the first point is that every customer I’ve ever spoken with dislikes this practice. My experience has shown that my WSSD cases are not resolved as quickly as phone cases and often wait until the next business day (typically Monday). This is frustrating for several reasons.
- The process of entering cases into the website takes the customer longer. I have to select through several non-intuitive menus before I actually enter the details of my problem. With telephone support, I simply hit speed dial #666 (actual number we use, I swear), my customer number, and a few key presses and I’m done. I will have to wait on hold while listening to the dulcet tones of “Come Fly With Me” by Frank Sinatra or “The Final Countdown” by Europe, but I can work through that. Conversely the amount of work performed by support is decreased for cases submitted via web.
- If the customer is being asked to do perform more of support’s work, they deserve a faster response time. This incentive may cause more customers to use the web method more often and actually reduce M2M’s work load.
- I’m sure that many of the M2M Support Techs would prefer I submit web cases so they can research (ask someone else) about my problem, without having me waiting on the phone as well. However, I won’t do so if there isn’t incentive for me, the customer.
- My support is not discounted on WSSD. While I appreciate the fact that M2M Support needs ongoing training, I would suggest that it is incumbent upon Consona to find a way to do so without shutting down the phones. Perhaps they should split into two groups to attend classes or they could watch recorded classes individually.
What do you think? Do you have issues with Web Support Spotlight Days?
This article is obviously a follow up to Permission Problems post I published previously. The other day I was using the User Permissions Report (RPUSER), I noticed something amiss. I had recently deleted a couple of educational and testing companies which many people used. However, like many other areas of M2M, the records are not properly deleted and cleaned up.
This becomes a problem when you run the User Permissions Report because it lists every single company, every user associated with it, and the exhaustive list of screens with their permissions. It includes every user and company even after deleting them from within M2M. This slows down the report and clutters the results.
Below is the code one could use in Visual FoxPro to clean this up. Please read my Standard Disclaimer before trying any code from this site. I’m going to stress this several times because of an issue that came up as a result of the orphaned records post. Stay tuned for details.
Set excl on – You must have exclusive access to perform this.
OPEN DATABASE X:\m2mdata\util\util.dbc – Replace X with the network drive letter assigned to M2M.
Use utacc
Copy to utaccOLD
Brow for fccompid = ‘XX’ – where XX is the number of the M2M Company for which you intend to remove users and rights. Make sure you do NOT do so on your live M2M Company. This will show the records that will be deleted.
Delete for fccompid = ‘XX’ – Remember, don’t use this on your live data.
Pack – This will make the deletion permanent.
Close all
Quit.
Please remember to test this on a test server, and if you feel uncomfortable contact M2M Support or a qualified consultant such as myself for help.
Any questions?
 I’ve mentioned in the past how difficult M2M’s flavor of VBA is to use. One problem that I haven’t touched on is the problem of VBA file corruption.
M2M VBA File Corruption? What exactly are you talking about?
When I talk about the VBA file, I am referring to the M2VEvents.prj file. This is the file which holds all of your VBA code including forms and modules. Every time you edit that file, it grows in size. There is no way that I know of to shrink it. If all of the modules are deleted, the file still doesn’t decrease in size.
Why should I care about how large the file is?
The problem is that over time these files can become corrupt and cause all sorts of weird behavior. This problem is very difficult to find because often the VBA customizations will not stop working all-together, but the code may work intermittently. The results are unpredictable.
Several years ago my current employer contracted with M2M to customize M2M using VBA and FastForms. I came on board in the middle of it. After M2M delivered the code file, I could not get it to work. Some modules would not work, and some would work, but not completely. When I opened the M2VEvents.prj file and reviewed the code, I knew that it should work. After nearly 40 hours of investigation, I realized that the file M2M had provided was corrupt. The consultant had to re-create a new file and the new copy worked. I’m sure they used the same method I am going to share with you.
Please read my standard disclaimer before you begin and perform these operations on a back up copy of your M2VEvents.prj file. Before beginning the process, note the size of the file.
What are the Steps?
-
Open the VBPROJ screen to load the empty project. Easiest way is to hit ALT-F8.
- The currently used VBA Project File should be listed. Click edit and the VBA editor will open. Click the thumbnail below to see full size.
- Right click on each of your forms and modules and select Remove. You will be asked if you want to export them first, do so.
- After every form and module is removed you will find that your M2VEvents.prj file still has not shrunk. I have no idea why not. This is why you need to start with an “empty” one.
- Before proceeding, in the VBA window check your references. They’re found under Tools, References. Jot them down or take a screen shot. Click the thumbnail below to see full size.
- Download the attached “empty” M2VEvents.prj file.
- Go to your VBPROJ screen to load the empty project. The easiest way is to hit ALT-F8. Click on the Close button.
- Choose a screen which will have customizations associated with it. In this example, I did so with the SO screen. Right click on the mnemonic and choose Components.
- Select an event such as INIT and you’ll notice that the corresponding module has been created for you.
- Before importing any of the VB files, check your references in the new file. Once again, they’re found under Tools, References. Make sure that any that are included in your production system, are also included in the new prj file we are building.
- You may encounter a situation where your production prj file has a reference that is NOT found in the list of references for your blank file. If so, notice which file is referenced below and browse to it manually.
- Now import the frm and bas modules. However, you will have to remove the sample module created as your import will NOT replace it.
- Test your customizations just to be sure everything works.
I perform these shrinks every six months or so to avoid VBA file corruption. Note the difference in size of the file. My production file shrunk from 560KB to 131KB, roughly a 75% reduction.
So, how much did your file shrink?
“I got an ant farm; them fellas didn’t grow shit.” – Mitch Hedberg
A few months ago I became aware that a company I deal with still uses dot matrix printers. For those of you who have never seen one, that’s because most companies phased these relics out of existence fifteen years ago.
The dot matrix printer worked so why replace it? Well, it’s more expensive to operate for one since their printers still need the special pin feed paper and they’re buying it in three ply colors.
Anyway, they called me in a panic because their printer died. After a great deal of effort, I convinced them not to fix or replace it with another dinosaur, and get a good laser printer instead.
Red and Black Antennas Waving…
On a recent visit to that site I witnessed the accounts payable people actually using the special three ply dot matrix paper with the laser printer. Once again, for those who have never used one, let me explain why this is a problem. Each box of paper is actually one long contiguous piece of paper with perforations between the individual sheets. So, each piece is torn from that long strip. The paper is also bordered on both sides by perforated strips with holes running down each side. The ancient printers used a pin feed mechanism with round pinned cogs on both sides, and those pins entered the holes of the paper. The Cogs spin and move the paper into the machine. The users were going through all of this hassle for every single print and feeding each piece of colored paper into the laser printer, and manually printing each invoice three times so they’d have separate color copies of the invoice. Each invoice required several minutes to print this way.
They all do it the Same… They all do it the Same Way..
This kind of behavior reminds me of college jobs I had. Between college jobs, I took a temporary position with Amway, which is a multi-level marketing company founded near my hometown in West Michigan. Their production facilities are there and I worked on their factory floor. The supervisors moved the temps to new jobs every two hours. Each station was more boring that the last. I’d spend two solid hours placing empty packaging tubes on a conveyor belt, etc. However, the most boring job was to sit on a stool and watch high pressure spray deodorant bottles run at high speed into a water bath and look for bubbles. The trouble was that you would only see one every fifteen minutes or so. I had terrible trouble staying alert and quickly realized that mind numbing, repetitive tasks were not for me.
Anyway, back to the accounting folks. This kind of behavior is mind-blowing to me as much as Excel Hell. Users can be almost robotic in their actions. They don’t think about their actions nor question them. They simply have to print invoices, this is the invoice paper, use it to create invoices. When I asked them why they weren’t using regular laser printer paper to print invoices their answer essentially was, “Nobody told us to.” In fact, the purchasing department kept ordering this dot matrix paper.
I met with the manager and explained that they should use regular paper. They should eschew the multiple colors and I would create separate copies of the invoice for them. They would save time and the paper would be much cheaper.
However, when he asked his people about the change they unanimously rejected it. They didn’t feel that there was anything wrong with the current process and were comfortable with it. Un-freakin-believable.
Do you notice similar attitudes and behavior in your work?
|
|
Popular Articles