We need more security! Except now when it impacts me! Tech Support |
- We need more security! Except now when it impacts me!
- “That’s not a computer..”
- Requirements are just a suggestion
- I’ve reset your password 3 times and you still can’t login?
- Next time, please read the full email
- Is it plugged in? To where?
- You offered to help but I don't want help that way
- VPN Mishaps
- A tale from the before times
| We need more security! Except now when it impacts me! Posted: 15 Jun 2022 07:01 AM PDT I'm sure a lot of my brothers and sisters in tech support know the pain of cyber insurance. You push all year to get a security initiative through and it's nothing but brick walls - then when cyber insurance requires it....you gotta do it NOW. We just finished implementing some LONG overdue security controls (Two factor auth, DMARC, ect, ect) because the CFO REALLY wants us to to have these insurance policies. So I thought he was all in with security. Reality doesn't quite match up. CFO: "I'm trying to reset my password on the loan site xyzloan.com and the reset email isn't coming through. Can you see if it's blocked?" Me: "I'm looking in the logs and I can see an email with the subject "password reset for xyzloans.com" that arrived at the email server and was rejected. It didn't pass DMARC and the sender's domain records say to reject those messages. So it was rejected" CFO: "What's a DMARC? I really need this email!" Me: "It's an email security system that prevents spoofing emails." CFO: "Just turn off DMARC! This email is important" Me: "It's not my DMARC to turn off. The configuration is controlled by xyzloans.com and THEY are the ones who control what to do with emails. THEY have said to reject emails that don't pass DMARC and this email doesn't pass, so we rejected it. It's a misconfiguration on their side but they need to fix it." CFO: "Do we have DMARC? on our email?" Me: "Yes, DMARC is set up. The failure action is to reject any emails that don't pass." CFO: "So you're saying I could send an email to someone and it just gets rejected?" Me: "If our DMARC records were set up improperly, yes. I'd have to go in and correct them. You won't see that unless something changes with our infrastructure - which is rare." CFO: "That's no good! I can't risk having my important emails rejected! We've got to turn off DMARC on all our domains immediately." Me: <facepalm> yeah...I'll get right on that /s ....Needless to say DMARC will stay turned on for our domains..... [link] [comments] |
| Posted: 15 Jun 2022 08:19 AM PDT My first IT role was as a help desk technician for a large agricultural company. It involved driving around to a lot of different sites to troubleshoot antiquated desktops and printers. It also involved helping a lot of farmer-types who can barely even operate a computer. I once received a ticket from an office secretary, we'll call her Nancy, saying the following: "My boss, Joe, said yesterday his computer won't turn on. He's not in the office today (he's semi-retired and only comes in once a week). Can you please come and look at his computer? I have a key to let you into his office." I drive to the site. Nancy lets me into Joe's office. I find a desk with a monitor and a mouse sitting on it. The mouse is plugged into the monitor via USB. The monitor has only one other cable connected - a power cable plugged into the surge protector below the desk. I look around the room to make sure I'm not missing anything, but that's it. That's his whole setup. I go back to Nancy's desk and ask, "Do you know if Joe takes his computer home with him?" She gives me a confused look and says, "No, that's his computer in there. Does he have the wrong one?" It's at this moment that I realize I will have to break the news to this nice woman that the surge protector isn't a computer. I go into full bedside-manner mode (a skill I really had to work on for this role). "Oh, I only see a surge protector in there.. is it possible Joe mistook that for his computer? It would seem his computer is missing from the room, which explains why the monitor isn't getting a signal" She looks shocked. "You mean that's not a computer? But that's what his setup has looked like for months.. no wonder he's been complaining about it this whole time!" After this incident, Joe continued to insist that the surge protector was his computer and that it had worked for him before. It wasn't until we had him come into the office and we provided a thorough explanation of what a typical computer setup should look like that he conceded and allowed his secretary to purchase him a new one. We never figured out what happened to his old computer. [link] [comments] |
| Requirements are just a suggestion Posted: 14 Jun 2022 08:25 PM PDT Here is a battle I have almost daily. I get a call, Caller: The system is not working Caller: Well I am not sure let me try again Caller: The system acts like [specific behaviour I am aware of] Caller: But my supervisor says she always uses Browser Y Caller: But my supervisor says she has been doing this for 15 years and it's always been Browser Y Caller: Oh yes we have been having issues for weeks and weeks. Caller: Oh no, I can't do that, you need to make the system work with Browser Y Caller: OK fine then, here speak to my supervisor Stupidvisor: Sir, you MUST make the program work with our setup, it is simply too much work to change everything we do just for your program. Stupidvisor: Fine, I will contact our local IT department and have them call you. 1 hour later the IT person calls, I let them know to set the correct default browser. They get all frustrated because they had to go do it because Stupidvisor would not let us do a 30 second simple procedure. [link] [comments] |
| I’ve reset your password 3 times and you still can’t login? Posted: 14 Jun 2022 09:39 PM PDT Had a ticket come in from a new but very high up person at my company. We are still working mainly remote with only essential people in the office and everyone remote connects to their machine from their own machine at home. I spent a good chunk of time on Monday setting up every account this person would need and installing every program. Then they finally started Tuesday morning and within 30 minutes I had 5 support tickets and 3 emails from the head of a team asking me why this person can't connect to their workstation. 3 of the tickets are from the guy trying to log in and 2 are from that same team lead asking for priority for someone to get his machine going. So I try to connect with my machine using the creds I set up and that were sent to him. No problem I connected. I tell him over our company chat that his login creds worked and to please try again. 30 seconds later he says they aren't working. So I reset them and send him a brand new but confirmed to be working set of creds and seconds later he says. They still don't work. I try a few more things before resetting them again and getting into a video call with the guy so I can watch him attempt to login. He's upset and angry and says we should really make sure it's all working before someone joins. Then I watch him type in the password while he has caps lock on…. I tell him to try again and he's on in a second. Que the 10 seconds of silence before he leaves the call after muttering thanks. 7 emails with my boss CC'd, 5 help desk tickets and an hour of my time later I got this guy online. then he tells the guy spamming us with emails it was a mistake on IT's part so we get another email saying we need to quality check that new employees workstations will be fully operational before they start work. Tldr: guy who makes 3x more than me can't login because he had capslock on. [link] [comments] |
| Next time, please read the full email Posted: 15 Jun 2022 10:31 AM PDT Ticket from an end user: My login for this app isn't working Ticket text: I'm trying to login to our app. The username is right, but my password stopped working. Can you help reset it? As it happens, the IT department doesn't have access to the credentials to the app she was using, so I forwarded the ticket to the HR department, which sets the credentials. They replied within five minutes with this: I have reset your password for this app. Please be sure to copy and paste it in as it will not work if it is typed. Thanks. Password here. I copied and pasted the entirety of their reply email into our ticket system and closed the ticket. Three hours later, the ticket was reopened by the lady who submitted it, saying the password still wasn't working. I thought that was odd, as HR rarely made mistakes when changing passwords, so I got her on the phone, opened the email our ticket system showed her, copied the password, and pasted it into her app. It immediately asked her to pick a new password, signaling that it worked. Here's how that conversation went: Me: So... By chance, did you read the top portion of the email? The part before the password itself, that is. Her: No, we get so much that when password emails come in, I just look at the password and try typing it in. Me: Would you mind reading the top portion of the email for me? Her: Loud sigh Her, fifteen seconds later, after reading it: An even louder sigh Me: So... Her: I'm sorry, I'm just an idiot. Me: You aren't the only one who got caught by this, trust me. You want to pick a new password real quick to see if it'll let you in? She proceeded to type mismatched passwords three times before finally getting it correct and successfully logging in. I don't know why HR uses passwords that you have to copy and paste. I think they generate the passwords somewhere that uses weird unicode letters that don't work properly when you type them, so the only option is to copy and paste them. I know this from experience, because when I told her that other people had been caught by this, I happened to be one of them. Another person a few years ago had the same issue and I was on the line with him for about fifteen minutes, typing it in over and over until we finally just tried copying/pasting. When that worked, I finally read the email myself and realized what was going on. [link] [comments] |
| Posted: 15 Jun 2022 10:06 AM PDT Hello IT help desk with this Arcaninesfirepower, how can I help you? Lady calls in stating that her mouse isn't working and she just replaced the battery. Okay, is the battery plugged in correctly. yes flat end on the spring. okay, is the mouse plugged in? yes. to where? this white box (a USB hub) okay, that plugged in? yes. To where? the black box (the computer) okay. 30 minutes of troubleshooting later I tell her I think something happened to the USB dongle and she needs to replace the mouse and keyboard. "but my keyboard is wired" HOLD UP! a wired keyboard plugged into the USB hub, that is plugged into the black box and still isn't working..... que me face palming as I realize that the black isn't the computer she is talking about, but a power strip. So you should have two plugs. one to the power and one to the PC. where is the one to PC plugged into? It isn't plugged in. well....that's the issue. Let's plug that in. Device manager now shows four new devices being read. 30 minutes....all because I didn't ask "what black box" [link] [comments] |
| You offered to help but I don't want help that way Posted: 15 Jun 2022 11:46 AM PDT Hello all, I haven't had any stories for sometime, mainly since switching roles I'm now dealing with more competent users. But occasionally someone slips through the cracks and leaves me baffled. The cast for todays story;
On the day this story had taken place I had just cleared out my ticket backlog and was bored. I decide to run to the bathroom and come back, when I do I check my queue. In my queue I found the unicorn of tickets. A ticket that is not only filled out with all the proper information, but all the troubleshooting had been done and documented. Now when I say all the troubleshooting, I mean ALL THE TROUBLESHOOTING. I was looking over the ticket just to see what else I could even do, and after 5 or so minutes I realize I can't do anything remotely more to this. So I reach out to the user via chat. Before I get into that I do want to go into the issue a bit, the user is having issues connecting an external SSD to his MacBook. It works fine on his Windows machine, but the Mac will only acknowledge the drive is plugged in and nothing more. It worked with no issues the day before, but the issue popped up the day he called in to create the ticket. He has reformatted the drive to a format that should've worked and surprise surprise it didn't work. Okay, back to the story.
But if the drive is not working as intended on a device then, dear readers, it is not working as intended. I'm sure most of you can agree on that fact.
Some time goes by.
I explain to the user at this point that he can use the request description to specify what he needs, but I cannot guarantee anything as it is a different team that handles that. I try to bring up him sending the drive in for troubleshooting, but he ignores the messages. Some more time goes by.
I really want to know why he seemed to be so against sending that drive in, especially since it is the easiest and most direct way to resolve his issue. TL;DR -- I get what appears to be one of the easiest tickets ever, user seems to do everything he can to sidestep the easiest and most cost and time effective solution. [link] [comments] |
| Posted: 14 Jun 2022 07:32 PM PDT So, yesterday an user contacts me (via WhatsApp, I'm not in America, this is the main messaging app in the country) because they want to connect to the VPN and they don't have their password. We send their password to their manager through HR when we create the user, seems like nobody told them their password. So I reset the password, and they are able to connect. Today, they call me again telling me "I can't connect" They send the error sign that's a generic "check password or connection, vpn cannot connect" sign, and a mobile phone picture of their screen with the password showing. I squint. It's correct. ... Me: Are you connected to the wifi? (As in, I thought they might have gotten accidentally disconnected or be having internet issues and they haven't noticed) User: No, should I connect? Me, with a third hand that grew for the sole purpose of facepalming more: Yes, you need to be connected to the internet so the VPN can connect. [link] [comments] |
| Posted: 14 Jun 2022 10:10 AM PDT This was back in the mid 90s when the tech support Old Gods still roamed the earth. I was 23, and got a job in the config lab of a big system integrator doing PC setups. Well we started hearing about this internet thing, and companies started putting drivers on websites that we needed. But the Old God who ran out IT, didn't see a need to run ethernet back to the lab. I watched him one day write his own driver for an I/O card in assembler with a logic probe. He was like that. Anyways my cohorts and I wanted to be networking and server guys. But there was a big debate about ethernet vs token ring, and so my company was trying to decide a winner. So he kept telling us to wait. Well one day we found an old token ring MAU. We installed token ring cards in client PCs all the time. So we built a computer that had both an ethernet card and a token ring mau. We ran IP as a bridge to our lab, and then bridged it to ipx on the Lan. To help us out, we went to a computer that had internet and just copied the settings. (It was a different time) But low and behold it worked. Kind of. We had internet in the lab for a couple of days. But unbeknownst to us the OLd God was having 14 hour days trying to find out why his Internet gateway kept going offline. After a week he found his way to our little band of upstarts. By that time we had built a whole little hive of our own network using pilfered static network configurations from various locations on the network. He caught us as one of the guys was trying to ghost the netware server. Our reward for this was that the company paid a network engineer to give us all networking training because if they didn't, we would just experiment. He made us build our own config network and do our pirate stuff on that. That guy taught us security because we kept messing with his computer in class to drop rude pictures on his desktop. I am now one of the New Gods of tech support. And I am convinced that 95% of all security of fighting out how to stop the crap we used to pull. Everyone once in a while, I get an intern who asks me how I learned my role. I tell them, "long ago, there were Titians…" [link] [comments] |
| You are subscribed to email updates from Tales From Tech Support. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment