Getting rid of your best people
by James Costello
A friend of mine recently had a very Dilbertesque experience at work. The company my friend works for has been acquired twice in the last three years and all of the dust seemed to be settling. Sort of…
Locally there were four offices under the corporate umbrella, each a legacy of the acquisitions that had occurred over the last several years. The parent company decided to consolidate three of the offices and scale down the most remote office by moving some of the staff from that office to the new centralized office. This was reasonable, and most of the staff saw this as a good business move. Most of those who did not see it as a good move were from the remote office and would have to drive farther to get to work.
Planning for the move had gone on for a couple of months and was finalized about two weeks before the actual move date. The new seating chart was printed, offices were assigned, and additional requests were made. Here is where we take a turn for the weird:
Treating your people like they are worthless: Elimination of a position announced through the new seating chart.
One of my friend’s coworkers found out by looking at the seating chart that he was not going to have a job in two weeks. Rather than approach this individual before the release of the seating chart, the office manager chose to let things work themselves out a la “Office Space”. Fortunately, the Milton in this case chose not to resolve the issue with fire but by talking with HR, but this left a bad taste in a lot of people’s mouths.
Generate a menial or pointless task.
Actually, this one is a little worse than pointless, it is counterproductive. Time tracking is a part of a lot of people’s workdays. I did it every day when I worked as a consultant, so that we could bill customers for my activities. This is not a diatribe against time tracking; however, my friend was asked not just to start tracking time, but to go back to the beginning of the year and track all of the time since January 1. The company wanted real data for that entire time. Do you remember how you spent your day in fifteen minute increments 6 months ago? 6 weeks ago? 6 days ago? As a group, the team that was asked to do this questioned the logic behind generating data that would contain a lot of errors and inaccuracy that would then be the basis of the next three years of projections. They were told, effectively, not to worry about it and that the data analysis team would take care of it. To me, dear reader, that is like saying, “Create firewall logs for the last 9 months that we can then use as the basis for the upgrade of the existing firewall and Internet connection, even though you only put in the logging system this week.” Yes, you will have a smaller set of data to work off of but it will be more accurate, and your people will feel better about their work.
So what can you do to avoid putting yourself or your coworkers in such a situation – aside from not working where my friend works? Treat your coworkers with respect and dignity. If you know of something that is going to have a direct impact on their lives, they need to be made aware of the upcoming change in as timely a manner as possible. If you are implementing a new system that employees are going to be using, get their feedback and review what they have to say. Don’t make decisions in a vaccum. If it impacts people, get their input. Running a business depends on the people that work there; if they don’t feel valued, then the business won’t be valued.
Policies don’t have to be painful
by James Costello
Several years ago, one of my clients asked me to write a security policy for them (since I was the “Security Guy” at the consulting company they employed). I spent a couple of hours looking at various templates and examples on the Internet. What I found were a lot of carbon copies of the same few templates with “insert corporate name here”. Regardless, I created a security document for them; my client was happy to have something and I was able to help them out, but I was not really satisfied with what I had written and wanted to do better.
Recently, I’ve been working with a team to rewrite the security policies for my current employer; policies that look exactly like the one I put together for my client years ago. The review of the current documents made something clear to me: No one likes to write these documents, so they use templates as a quick way to get the job done. Unfortunately, the template-based policies can be difficult to read through for people who need to work on them, and will most likely be unread by the employees who will be most affected by them.
So what can we do, dear reader?
I am going to start by defining policy this way: A policy is a set of rules that supports an overall vision. This policy is developed using a set of standards, which are incorporated into procedures to implement the policy. For example, if the concept is that the company’s wireless network should be secure, the policy would state that technologies will be used to secure wireless communications on corporate sites. The standard would be that the general public would not be able to connect directly to the corporate network via wireless networking. The procedure would be to use WPA2 configured on the access points. If a new technology comes out that proves to be more secure than WPA2, the policy does not need to be rewritten; just the procedure. There can also be multiple procedures for the same policy, e.g. the procedure to implement WPA2 on Windows is different from the procedure to implement it on Linux.
It’s simple: The vision is the overall goal. The policy supports the vision, the standards measure how the policy relates to the vision, and the procedures support the policy. Procedures should not typically be included in a policy document because they can be more dynamic and will change more often than the policy will. In my current organization, policies have to be approved by the Executive Management team, and it can take as long as a month for one sentence to be approved. Instead, procedures should be established at the team level and reviewed by direct management, so that changes to the procedure can be implemented quickly while still supporting the existing policy.
One of the best references I have found for this policy style are the PCI-DSS documents. Vision, policy, and standard are established, and the procedures are left up to the individual companies. The documents are easy to read and reference, and can be a great starting point for companies to examine how their own security policies are written. Not everything in the PCI-DSS documents will be applicable to every organization and I do not necessarily agree with everything in them, but they are quite useful for readability and review by non-IT security staff.
The simple steps to follow to build your own company’s security policy:
- Establish the vision.
- Write the policy to support the vision.
- Develop standards to measure the policy, and finally
- Create the procedures to implement the policy
The Security Vending Machine
by James Costello
I would bet that you have someone in your life who “survives” out of the vending machine at the office. You know them:
-
Their desk is surrounded by potato chip bags, candy wrappers and soda cans.
-
They are the first one to get the new item out of the machine.
-
They consistently return to the same choices, but especially love new packaging even if the insides are still the same.
-
They base decisions on what is in the machine.
-
They purchase items because they have money in their pockets.
Do you know of companies that treat their security purchases like a trip to the vending machine?
-
They buy items with the prettiest packaging (or possibly the prettiest sales person). Don’t laugh; I’ve seen it happen.
-
They purchase items just based on the fact that it is either new or a new version. And we all know that “new” means it’s good, right?
-
They purchase items just because it’s in the machine or their sales representative presented it to them.
-
They buy the same product that they bought last year because they are not comfortable with change.
-
They buy because they have leftover budget for this year, but are not sure if it is something they really need.
So how do we, dear reader, avoid/prevent others from making purchases from the security vending machine?
-
Determine your corporate goals and work toward them. Okay, so that’s a bit clichéd, but I see this everyday as a project manager. When there is not a clear idea of what is wanted out of a project, it will drag on and possibly never get implemented to anyone’s satisfaction.
-
Identify your needs and purchase accordingly. What traffic are we trying to monitor? If you are more concerned with blocking inbound access than monitoring, then an IDS solution may not be the best use of funds. What data are we trying to protect? If all of your proprietary data is kept on one or two servers, hardening those servers will make the most impact. What services are we offering to our clients? If you are not offering any services locally, inbound traffic should be denied
-
Don’t let your budget burn a hole in your corporate pocket. Are you with an organization that determines next year’s budget based on how much you spent this year? (I know this would not fly at my house; why does this work in business?) Work with your financial group to create the budget. This sort of spending is foolish, especially in the current financial situation.
-
Don’t spend all of your budget at once. Plan for spending over the course of the entire year. I am reminded of my friends who are teachers for school districts in my area. They get paid once per month and have to budget for the entire time. My friends like to tell stories of first-year teachers who see this great big paycheck (well, for a teacher) and go out and spend it without realizing it will be another 30 days before they will get paid again. What is humorous for me is that they all admit to doing the same thing.
-
Just because something is shiny and new does not mean I have to have it.
When I was a senior in college 15 years ago, I needed a car to drive back and forth from college campus and the school district where I was going to be student teaching. I needed a car and it was going to be my first major purchase. I had $3500 to make the purchase and I could look anywhere I wanted. I could have taken my time to get the most car for my money, but I wanted to get it done and I knew I could spend all of the money I had on this car. (I failed to plan, I did not determine my needs, and I allowed the amount of money I had determine when I would buy) A day after I withdrew the money from my savings account, I drove off the car lot of a friend of the family with a car with no trunk space, a short back seat, and not enough horsepower. This car would barely do 60 mph (not so good for a college student who needed to drive 40 miles each day and was still on college time), I could not haul anything in it (this made moving out of the dorms when school was done, next to impossible), and finally it developed a habit of not starting when it rained (this was lived with for about a year as I had to make money to get it fixed, since I had spent all of my money on the car). I look back on that now and wonder how I survived, making those decisions.
I bought from the vending machine. Are you or your company doing the same?
Case of the Found USB Thumb Drive
by James Costello
It was a dark and stormy…
All right, it was a sunny morning in April when the first event to inspire this article occurred. I was walking back to my car after dropping off my daughter at school. As I walked around to the driver side I noticed a battered USB thumb drive sitting on the ground behind one of my tires
My first thought was “Oh, great. I dropped mine and it got run over.” I quickly realized that dropping it and running over it was nearly impossible and that it was not even one of the brands that I use. So I had four options:
1. Leave it were it was
2. Take it back into the school and leave it in the front office
3. Take it with me and try to determine the owner so that I could return it to them.
4. Throw it away.
The first option didn’t sit well with me; the next person to come along might do something malicious with it. The second option only works when the office is open (which it wasn’t, as my daughter was attending day camp during spring break). That left me with options 3 and 4. I decided to combine 3 and 4 into option 5:
5. Take the drive with me and throw it away later.
Fast forward in time three weeks…
I am once again in the parking lot of my daughter’s school staring at a smashed USB thumb drive of the same brand as the prior unit. Repeat thought process above. I was a bit suspicious and a bit curious. Two similar drives in the same parking lot. Was someone just very unlucky and lost two drives? Were there possibly two such unlucky individuals? Was someone trying to use the USB keys as a means to penetrate the school district system?
I decided that I would take a look at the new drive when I got home that evening, but I was going to take precautions. Plugging it into my computer could expose me to viruses, malware, and pictures of an inappropriate nature. What could I do to protect myself and my computers while looking at this drive?
1. Boot of BackTrack CD and mount the drive and look at it there
Advantage – lives in memory, low chance of infecting my hard drive
Drawback – this might not be a recommendation for others
2. Launch a VM on my computer and connect to the drive
Advantage – no need to reboot my hardware, I already have the VMs in place
Drawback – there could be malware that breaks through that VM software and infects my host system.
3. Boot a separate system that I do not mind rebuilding
Advantage – system can be rebuilt if there is malware on the drive
Drawback – not everyone has spare systems lying around to do this.
I chose to use an older Toshiba laptop to look at the drive because it runs Linux (lower chance of infection) and it has a USB 1.0 connector on it (older, slower, and not likely to run U3). Fortunately (or unfortunately) this drive was too damaged to operate, so it followed its predecessor into the electronic recycling bin.
Then I got to thinking. What if that drive was mine? Do I keep any data on a USB drive that, if I lost, could be used to steal my identity or perform credit card fraud? Would I want someone else going through it to find out if it was mine?
So what can you do to protect yourself losing your thumb drive and your data?
Keep physical control of your thumb drive, by keeping it on a key chain, on a lanyard around your neck, or at home. Protect the data on the drive, via encryption (there is a mobile version of TrueCrypt that works on USB drives). Alternately, don’t put anything on your drive you wouldn’t share with your neighbor, such as tax data, your social security number, your date of birth, or your mother’s maiden name. Don’t share your drive with anyone else, and don’t carry your data with you. You can leave it at home and email any information you need to yourself using your company’s mail system (not from your home account, but through webmail) if that is allowed by your company. Make sure you find out what your employer’s policy is for USB drives before you bring them in.
This “case “ was fairly interesting for me, and I hope you found it interesting, dear reader. The next time you come across a thumb drive laying around, think of this story and my thoughts. Now go out there and be safe.
How to be a poor contributor
by James Costello
There are lots of ways to be a good contributor to a project, but there are also a lot of ways to be a poor contributor. I’ve been involved with a few of these of late, and am guilty of some and frustrated by others.
My examples:
1. Don’t respond to someone until they have sent the third e-mail on the same topic.
2. Tell someone you will “get to it”.
3. Be consistently late for everything – deadlines, meetings, work.
4. Attempt to control situations through your lateness to give yourself more prominence.
5. Accept more responsibility than you are really willing to accept.
You, dear reader, may also frequently interact with people like this in your business day and as a result experience frustration, delays, and lowered monetary returns (especially business owners and mangers). So what can we do when we encounter these poor contributors or, worse yet, realize that we are being poor contributors? How do we deal with the defense that they were unaware that what they were doing was causing problems for other people?
First, we need to resist the urge to take this person (or ourselves) out back and provide some attitude adjustment to get them back on track. Second, we need to adjust our approach for dealing with them (or again, ourselves).
Here are five suggestions for improving your interactions with the “poor contributor”:
1. Provide more information/seek more information about the situation.
There are few people who want to appear to be the bad guy (professional wrestlers and Alan Rickman aside), but if they’re shown that they are negatively impacting those around them, they then have the opportunity to change their behavior. This is not an intervention or a confrontation; it’s more of a passing-along of an observation. “John, I am not sure you are aware, but the way that you are handling this is causing other people to fall behind in their work.”
If you recognize that you are the poor contributor, acknowledge what has been going on and ask for ways to improve the situation. “Dave, I know my handling of the situation has not been the best, is there anything I can do to get the project back on schedule?”
2. Create a plan of action going forward.
Deadlines might not have been a sufficient motivator for the poor contributor. It might be necessary to create a series of consequences for continued behavior. It will be necessary to follow through on these.
If you are the contributor who is getting the opportunity to improve, more direct communication is going to be needed with the people around you. You will need to provide updates, you will need to have project plans, you will need to have follow through.
3. Focus on the organization, not the individual
Are they/you a good fit for the organization for the role they are in right now?
Can they see the larger picture beyond themselves?
Can they see the needs of the organization in relation to themselves?
Staying may be more difficult for all parties in the long run, but it may also be the most profitable for the company
4. Take action.
The plan in part 2 and the organizational focus in part 3 need to be implemented. This is course-changing; it means helping someone move from one way of thinking and acting in a situation, to a new way.
If you are the contributor with the opportunity, this is where your changes get made.
5. Follow through
Help the other contributor to complete more (don’t do it for them).
If you are the contributor, this is the time you get to make up for prior actions. You are no longer saying you will complete something, you are completing it. This is also a great time to figure out what tasks you never want to do again and what tasks you don’t want to do again, but probably will because you are gainfully employed and wish to stay that way.
As I said at the beginning, I’ve been dealing with a few contributors in need of improvement recently and have learned lessons about dealing with others and how I can improve myself. The biggest of these lessons is that being a poor contributor is not a career killer; staying one is.
12 Steps of IT Security Anonymous
by James Costello
The scene opens on a small room in a coffee house in any town. A group of geeks sit in circle drinking lattes, cappuccinos and double shot skinny caramel macciatos.
One man stands and says “My name is James and I am addicted to IT security.”
(Group responds): Hi, James.
All right, I am not really addicted to IT security, but the 12 steps that those working through their own issues rely upon, can teach us a few things about our own work.
12 Steps of IT Security Anonymous
- We admitted that we are powerless over security – that our lives had become unmanageable.
- We came to believe that a device or application could return us to sanity.
- We made a decision to turn our will and our lives over to the care of the device or application.
- We made a searching and fearless inventory of our networks, servers, and computers.
- We admitted to our boss, to ourselves, and to another human being the exact nature of our security problems.
- We are entirely ready to have all these system defects removed, some requiring root access.
- We humbly asked the administrators to remove our system shortcomings.
- We made a list of all persons we had wrongly allowed access and became willing to amend access lists.
- We made direct amends to access lists whenever possible except when to do so would wrongly deny access to shoes with appropriate permissions.
- We continued to take network, server and workstation inventory and when we found problems corrected them.
- We sought through prayer, hopefulness, and a bit of luck to avoid any serious security incidents.
- Having made a mental awakening as the result of the steps, we tried to carry this message to other security professionals and to practice these principles in all our network and system operations.
Maybe I am stretching a bit with this, dear reader, but we can learn a lot.
- Admitting that there is an issue makes resolving it faster and more straightforward.
- Directly pursuing a resolution to an issue will also reduce its length and severity.
- We are not alone in our work; seeking assistance and advice will speed resolution and provide opportunities to learn from our peers
- No one device or application will resolve all of our security problems, but we need to have an integration plan to utilize the strengths of each device or application and mitigate the weakness of each as well.
- We must be ready to work at it continuously because there will always be new challenges coming forth.
So dear reader, are you ready to admit you have problems and get to work on resolution?
6 words on Security: A Challenge
by James Costello
Ernest Hemingway wrote a story in six words when he was challenged to do so:
“For sale: baby shoes, never worn.”
Six powerful words that tell a much deeper story than a simple number count would imply.
Over the past few months National Public Radio has run a series of stories about Smith Magazines Not Quite What I Was Planning: Six-Word Memoirs By Famous and Obscure Writers and Six Word Memoirs on Love and Heartbreak. The first piece ran in January and is available at this link: http://www.npr.org/templates/story/story.php?storyId=18768430. The second ran just before Valentines Day and is available here: http://www.npr.org/templates/story/story.php?storyId=100510986. What was also interesting was that NPR also issued a challenge to their audience to write their own six word stories which is available here: http://www.npr.org/blogs/bryantpark/2008/01/whats_your_sixword_memoir.html.
These two stories and the challenge offered by Smith inspired me to create a few six word stories about security:
Windows Antivirus should always be running.
Don’t forget to update your computer.
Likes to click every e-mail link!
Dan, don’t break the Internet, again.
Once infected, don’t trust your computer.
Computer infected, don’t trust husband’s surfing.
Damn it, Dan, quit breaking DNS.
So, dear reader, now that I have written a few, I’d like to challenge you. Write your own six word stories for security.
Requirements:
Six words exactly
Tells a story about security.
Original works.
Suggestions:
Make the stories personal
Let it flow
Please either post them here or send them to sixwords@genesyswave.com. I am going to compile the ones that I receive as a presentation and possibly go the same way as Smith Magazine and create a book out of them. I will attribute all works to their original author’s, if you want to be anonymous please let me know.
So, get out there and get to writing – really short stories.
I am a reed in the wind
By James Costello
Animals can smell fear and sense panic. It also seems to be imbedded in our sub-primal responses, as evidenced by mob rioting or crowds of people once panic begins to spread. These same responses can be seen everyday in working life. For example, recently I worked with two coworkers to resolve a client issue. The two completely different reactions to the same situation were interesting: one was growing very frustrated – red face and all — with the process and quickly judged it to be a time-wasting “repetitive reinstall.” The other seized this as an opportunity to learn more about the program. As the clock ticked closer to the deadline, the predictable happened: office tension syndrome. — a huge explosion, tempers flaring, unkind, unproductive words exchanged. Able to step back, I realized this episode did little for the client, created a lot of stress and cost us time. We lost the time and could not get it back.
Sadly, sub-primal urges that kept us alive a few thousand years ago offer little help in our cubicled, technologically driven worlds. In fact these same responses are contributing to loss of productive, dissatisfaction in our work, low moral among teams, and poor health. There will always be deadlines, what we need is a more efficient and effective response to slaying our modern day wooly mammoths. Instead of resorting to panic and anger, dear reader, consider the following quotes as they relate to our reactions.
“It is said that despite its many glaring (and occasionally fatal) inaccuracies, the Hitchhiker’s Guide to the Galaxy itself has outsold the Encyclopedia Galactica <http://en.wikipedia.org/wiki/Encyclopedia_Galactica> because it is slightly cheaper, and because it has the words “Don’t Panic” in large, friendly letters on the cover”
This situation brought to mind one of my favorite lines from Douglas Adams’ The Hitchhiker’s Guide to the Universe -I had one coworker panicking and one who was practicing “Don’t Panic.” Not panicking is one of the cornerstones of surviving any day in a modern, fast paced office.
“I will bend like a reed in the wind.”
The second quote comes from the battle between Paul and Feyd-Rautha. Paul chose that the fight would be fair and only physical in nature. As the battle progresses, Feyd-Rautha attempts to use a poison blade hidden within his clothing to defeat Paul. Paul recognizes that he can defeat Feyd-Rautha if he is able to use Feyd-Rautha’s body to his own favor. Going back to my coworkers, it would have been easy for the one who was not panicking to give in and start over reacting like his work mate. Instead he chose to take in what the other person was saying, recognize that it was not personal and allow the “storm” generated by the others frustration to pass over him.
The second tenet to survival in the modern fast paced office is to not overreact but bend. (And, no I am not talking about bending your co worker so he fits in his locker…perhaps that will make it into the next article.)
So now dear reader is an opportunity to use the two tenets of survival in modern life and have a more productive, less stressful time at work (and at home). Consider the following three ways to follow the two tenets:
1. Break down tasks into smaller workable junks.
It’s amazing how overwhelming a big project can seem. For example, painting your entire house is going to seem overwhelming until you break it down into sections and determine how long it will take to do each individual section. You are still doing the same amount of work, it’s just broken up into manageable sections. My wife and I recently implemented a 30 minute per night chore time for our house. This allows us to get all of the chores that were getting left for the weekend done before the weekend, so that we can either work on another project or go do something fun. Another way of looking at a break down would be to take a task you don’t like doing and work on it for 30 minutes and then move on to something else for a while and revisit the first task again later.
2. Delegate the work you hate or don’t have time to do.
I am pretty good at fixing things around the house, but I have some really high sections on my house that have wood rot (its Kansas City, it happens). It is better for me hire someone else to come out to fix those issues than to try to do them myself. While I paint the inside of my house, I now rely on someone else to make sure the outside gets fixed.
3. Ask for assistance.
I have been very guilty of this over my career in large part due to being a consultant for so long. I was brought into resolve the problems and was told by a couple of different managers to not ask the customer for more information or for assistance in the completion of tasks. My job was much easier when I started asking questions about the environment rather than attempting to uncover all of the information on my own. So how do you get started asking for help? I usually attempt to find the person who is most knowledgeable about the environment and ask their help. Typically this person is also in high demand because of this knowledge, so sometimes it will be a better personal and political move to go to someone who works regularly with your first choice.
It is possible to deal with those overwhelming tasks, those wooly mammoths in the closet. The reactions that helped humans to survive over the ages aren’t necessarily the best solutions for modern offices. I’ll leave you with two quotes: “Who’s evolved, Lawrence? Who’s evolved?” from Night at the Museum and also remember: DON’T PANIC
How do great ideas get started?
By James Costello
Have you ever noticed a great idea on TV or in a magazine and wondered, “why didn’t I think of that!?!”
Where do these great ideas, innovations and inventions come from? How do great ideas get started? Who are these mavericks of genius?
Ralph Waldo Emerson quipped “build a better mousetrap and the world will beat a path to you door.” Strangely enough, we are still using essentially the same mousetrap Emerson used. Part of what has kept the mousetrap unchanged all this time is that it is simple to manufacture, easy to use and relatively inexpensive to acquire. To quote a common colloquialism, “if it ain’t broken, don’t fix it.” Yet, somewhere out there, someone with a vision will build “a better mousetrap.” When it is unveiled, we will marvel at how we survived without it.
Let yet another good idea or novel approach pass you by. More than tired clichés, it is time for bold action. Here are some proven ways to generate ideas from a few brilliant minds:
Albert Einstein
Albert Einstein said, “You cannot solve the problems of today with the same level of thinking that created them.” He also said “The definition of insanity is doing the same thing over and over again and expecting different results.” The concepts are the same. A person has to move outside their comfort zone to create new ideas or reach new solutions to old problems.
Thomas Watson
The next quote is a particular favorite: “If you want to increase your success rate, double your failure rate.” Thomas Watson, founder of IBM. It is about momentum. In order to succeed you have to take action and some of that action is going to be unsuccessful. Failure is a great learning tool. Failure becomes insanity, as we learned above, if you never break old patterns.
Lisa Costello
“Every new invention or idea comes out of desire, necessity and a great attitude.” Lisa Costello (I’m smart enough to have married someone with great insight) Desire, necessity and attitude come together to sustain momentum. You might have a great idea but without a vision and a desire to see it realized you will never get your idea off the ground. Without a great attitude, you tend to give to much credence to naysayers and you may quit right before your big breakthrough!
Three Steps to Make a difference
To make the change, move beyond your comfort zone and old patterns, continue to fail, and develop a vision and attitude that will sustain you. Let’s move into some techniques to stimulate ideas. This is not for the casual day dreamer but truly for those who wish to embrace their inner “maverick genius.”
1. Change your location – if you spend all of your day sitting in an office, or you do all your thinking sitting on your couch, get a change of scenery
a. Stand up and walk around for a few minutes
b. If you sit on your couch all night, go sit at the kitchen table for a while.
c. Take a napkin meeting – go have lunch with someone and jot notes about what you are thinking about on a napkin.
Hey, it worked for Bob Metcalf when he came up with the idea that would become Ethernet back in 1973. Although I do suspect his being in Hawaii at the time may also have had something to do with it, but again a change of scenery.
2. Talk with other people you haven’t talked to about this before. Even the dullard in the next cubicle may have a flash of brilliance now and again! The point is to think outside your immediate circle of family and friends…because quite frankly these people have been humoring you all along! Talk to the postman, video store guy or your cousin Louie who just got out of rehab.
3. Brain dump. This is an exercise that works well in collaborative efforts but also when you are by yourself.
a. Grab you favorite recording medium – pen and paper, laptop, cassette tape
b. Put out as many ideas as you have as quickly as you can
c. Don’t censor yourself – the more you dump out, the better than chance you will give yourself the answer. This about the ideas, not the feasibility.
d. Keep a positive attitude.
Now go out, get talking and get thinking. How do you create and capture great ideas?
Engage with Michael
-
Journey Into the Breach
