🌊 How I found Structure through Minimalism and Information Technology

My trifecta as an experienced IT Consultant's Stability, Structure and Communication. Stability in my mind refers to one's ability to self-regulate. This might refer to both emotional and physical. If we use computer components as analogy, this concept would be the PSU (Power Supply Unit). It's what defines battery life that aids a computer's ability to run as an active state. If we think about it for a minute, it makes sense to prioritise stability because it's the safety net that allows recovery. Even for something as mundane as monitors plugged-in to a computer are encouraged to have fault tolerance in my line of work where we have 2-3 other cabling outside of HDMI so that if it turns faulty, the display just goes through the other wires.

It's a guarantee that life will always throw the biggest haymakers and sometimes even low blows unfortunately. Apparently, it's suppose to be a bit unfair as the age gets a tad serious.

In theory, if we can recover well, our ability to get back up on our feet to run efficiently will stack over time and should prove rewarding. That topic alone's massive and arguably more challenging than troubleshooting a generic IT ticket sent your way but that isn't where I'd like to begin. My focus right now's the part about Structure. I found structure in my life through Minimalism and Information Technology. 

During time of writing, I'm actually in the middle of decluttering. I'm sitting right now by the kitchen table surrounded by everything I'd like to flush and to be honest, it's not the most flattering look. With all that context provided, now should be a decent time to pivot for a more instructional format.

Structure

In IT Security, there's this idea called Gap Analysis. This is when we look into our current security posture and then write up the ideal scenario for our infrastructure. The practice of describing these 2 postures thoroughly would give us an opportunity to figure out the gap and see how we can close that down and reach the goal with our current reality as reference. We want to know where we are currently and where we want to be to allow Gap Analysis.

With that in mind, I applied that same idea in my approach for Minimalism. I started with my wardrobe since that's where most of my clutter lived. To begin, I jumped right into stripping it all down into my ideal scenery. 

Grabbing out all the items now separated the variables that need filtering and by leaving the state of the wardrobe, I've given myself the draft that I'd like to keep building on. Now you might find a trend in my choices here and if you noticed it from the image, well done! But it shouldn't be too difficult to notice that I've left a lot of aquatic teals and blues. 

I am a strong believer of Colour Psychology so I left everything that I personally call "Oceanic". Any colour that reminded of the ocean, I'd love to see it and would love to wear it even more. It all ties back to Stability that I'd expand later but for now, I just wanted to give you the visual and hopefully communicate that there is reasoning involved even for the "assets" I chose to leave behind. 

As for the ugly clutter, mate? Let's face it, you can't make an omelette without breaking eggs. This one was overwhelming to be honest but I chose to approach it with Risk Assessment magic. In the technology industry, this refers to the idea of assessing our systems through 6 steps that I'll share with you soon along with how I related it abstractly with Minimalism.

It's to do with ensuring that our systems are as safe as we can possibly reach. So think of an IT version of when you look into your home's locks: where do you leave your keys?, how do you carry them around?, have you got a duplicate? do you keep in track of who else's got the key? who can you trust with it? and so on. Hopefully that analogy wasn't too jazzy for ya but hey I'm doing my best.

Time for the tackle. Here's how it all fell into place:

1. Identify Assets Potentially at Risk

In Minimalism, I'm assuming this probably means everything that I don't need. This should be easy enough, right? Not entirely. I underestimated how often I get attached to objects. So many of them's got a story behind it so I had to adapt. I grabbed a sticky note and wrote 'Cut your losses' and mildly slammed it on the wall because it just took too long and I still have a whole mountain in front of me.

After dealing with that tilt, I've taken a breathe and decided to play speed chess. In shorter time controls, some Grand Masters advise that we use it to improve our instincts. That way, we get more games in and just analyse it after. So that's what I've done.

As quickly as possible, I've sorted them into 3 categories: Keep, Throw and Conflict. I just played it pure instinct and placed each item into whatever I felt like a fit. 

It was very easy to identify which one's belonged' to 'Keep' because it's already the idea of items that I find useful. A good example is my collection of playing cards because I used solitaire as screen break that also taught me how to have a head for resource management. 

Throw are stuff that I need to dispose and I should probably not be sharing rubbish on here but one's imagination shouldn't be underestimated. The only stuff that I found challenging here's the fancy boxes of technology that I kept because I thought it might be useful if I were to do a re-sell which leads us to the Conflict category.

Conflict is the category I've made-up for things that I can argue for Throw and Keep. These are items that might have sentimental value but not any practical use, stylish clothing that looks pleasant but not quite my personality anymore, or maybe things that I keep around 'just in case'. I can't afford to use too much energy and brain power reasoning for each item at this stage so I'd just dump them all in that space for now. The goal at this phase's structure over strategy to make sense of all the variables for me to scope so that I can then apply logistics with good purpose. My reasoning wouldn't be perfect but this maximises my chances to make the right call or at the very least mitigate the likelihood of horrible blunders if I'm aware of the pieces that I've got on the board. 

Expanding on this, I tend to carry this idea into the digital world for file management as well. In InfoSec systems development we generally follow the CIA Triad model (Confidentiality, Integrity and Availability) that I'll dive into more detail later in a more relevant idea in Minimalism. Ensuring that a system is well-structured makes it easier to achieve maintenance which of course leads to better habits in both life and the IT world. It is necessary that we set ourselves up to succeed. 

2. Conduct a Threat Assessment for each Asset

Now that we've organised the cards in hand, it's time to play. This step in the Minimalism world's going through the Conflict pile to make a decision on which one's a "Threat". Keep's already placed in storage and Throw's obviously in the rubbish bin by now so it's just a no brainer. 

In the tech world, if there's a budget for pentesting, that's the sort of thing that we explore to identify the type of Threats that aren't visible right away. For abstract comparison, I need to make it clear for myself what the goal should be for direction when 'assessing each asset'. 

Straight-up, my goal's to determine which of these maximise how I'd like to come across, what items aids my stability, and which of these assists my ideal day-to-day. Realistically, it will be very easy to get overloaded and drown in logic branches hence why they're on the conflict pile in the first place. But a solid Playbook would provide a platform that I can return to for clarity as I plod along the 'Conflict' boxes. 

3. Analyse Business Impact 

Let's say we've now defined the Threats, right? While we hope for the best, let's prepare for the worse. What do we do when we get hit by these Threats? What if a service gets faulty or compromised? In the IT world, these things in general are called Incidents. These are events that need urgent action to ensure recovery as soon as possible. Some examples could be Network Outages, AV Failure, Subscription Expirations, a Senior Management person's email getting hacked, Company-wide unexpected loss of access and etc. You can't swim without getting wet so we have to know how to respond to these things when it happens and one of the ways that would help us define a scale of an incident's through these 2 main ideas: Recovery Time Objective (RTO) and Recovery Point Objective (RPO). 

RTO is when we attempt to define how long recovery takes after an incident hit while RPO refers to agreed time bracket for acceptable data loss. We bother with these descriptions because we'd like to know the impact to have a target. 

Parkinson's Law states that the work expands so as to fill the time available for its completion. So psychologically, if you give yourself a week that can only take 2 minutes, the brain will have the tendency to add complications to it. But if you give yourself a target that's closer to an honest estimate, you're likely to achieve it in that time frame. 

In Minimalism terms, it's important to define these things so that they get done. In the tech world, if we didn't have these in place, services hit will just be floating around unaccessible or compromised while we just aggressively harm trust from the users. Believe me, I've seen the easiest IT tickets float around for months just because there was a consensus that it can be done quickly so it just kept getting pushed back until it gets forgotten. 

It's our responsibility to try build trust for others but ultimately for ourselves. The good news' that it's something we can slowly work on that gets stronger in the heart overtime. With constant practice through these little wins of reaching one small achievable target at a time, it all eventually translates into truthful confidence. Be convincing to yourself, Mate.

9:40pm, 13th February

Hey, so this is me swimming! 

Outside of tooting my own horn about having an active hobby for a tech nerd, I think this photo should be a good bookmark for whenever I feel like updating my progress in the real world. So where am I right now? Welp, I got stuck for a few days because I thought sorting out the rubbish from the Conflict pile first was going to be easy. I was just as conflicted as I felt when I dumped them all in that stack. The name of the game is adapt, so I made some changes about 'Throw'. 

From here, I decided to break it down a little more, be distinct and decide my candidate solutions on what 'Throw' could really mean. Maybe it doesn't have to be all rubbish? I could give them away! 

I have siblings, contact with a non-profit organisation that promotes STEM, an autism club, IT mates, mates outside of IT (believe it or not) and exploring outside my peripheral too like orphanage donations. For the items that I still have some attachment to, I'd much rather still see it used by a loved one if possible. I'll start with sorting them out per sibling! I have 2 that I know of 😉 Alrighty, I'll leave this here for now and get to it. Brb! 

10:19am, 15th February

I pivoted into adding a new format in my writing. It turns out to be a decent idea to add 'diary entries' as I go through my progress since it helps me organise my thinking with a cup of casual motivation. I like to think that this is healthy dependency aye. I didn't think of this idea in the beginning but we can't cry over spilt milk. 

Anyways, so I started with items that looks good for my brother. Due to the sheer amount of stuff, that aim alone can't be done in one go. Coincidentally, it's my old man's birthday soon so I can deliver them and hit 2 birds with 1 stone. 

6:32pm, 18th February

Yikes. You know what I've forgotten? A before photo of my first boxes of decluttering that I've handed over to my little brother. I really tried to save it but unfortunately, the little wandering mudblood doesn't know how to pick-up his phone during school days. Well, Lessons Learnt. The blip between the entries were also caused by experimenting with tech news. Who knew that the landscape of current technology during time of writing was so dismal? I'll stick to my Minimalism-InfoTech nerd out aye. After my usual Swim at the pools, I think I'm keen on tackling digital declutterring! 

10:17pm, 18th February

Jokes. There's still a little bit more clutter in the physical world that needs urgent attention coming from visiting the literal fam. After that, I should probably get the gift page sorted that I'll explain more on the next step. 

4. Determine the likelihood of a given threat doing damage

There's 2 common ways to go about this: Quantitative Risk Assessment and Qualitative Risk Assessment. Qualitative Risk Assessment's something I'd consider a fancy term for intuition. Experience, exposure and expertise all contribute for a meaningful assessment. 

Quantitative Risk Assessments on the other hand are more based on solid data. So think of what your company might lose in a year in detail like the ALE (Annual Lost Expectancy). How about the ARO (Annual Rate Occurrence) that defines how often do these damages occur?

I've applied this in Minimalism by doing a Qualitative Risk Assessment here as well. First let's define what damage means in this philosophy. I've defined it as any items that just sits around as either clutter, stress or dishonesty. Ideally, I'd like to keep my assets low so that I can have good overview of it all, right? That means the Threats in this context would be the sources of overflow. 

19th February, 7:12am

Learning from the cringe of not documenting "the before", I've made sure to at least take a snapshot this time of the box I've set up for the second round. This is where the disposals will sit from the Conflict pile. Again, the plan's to keep it there until the brain settles with a pick and ready to let go.

5. Prioritise risks by weighing the likelihood vs Potential Impact of each threat

We have to prioritise the one's that are high risk. This is logical because it's not possible to give every risk equal attention. Again, the goal is mitigation and not perfect eradication as far as risk management. 

23rd February, 10:27am 

Another one bites the dust! I didn't realise how many USB-C cables I have. Technology is extra difficult for me to dispose or give-away because even the presence of it tends to make me feel a  bit mindful. For instance, I have Raspberry Pi 4 that I didn't get to play with much but fancy the idea of being able to see the visual of the board when I'm thinking. I've placed it in my pile that's more for aesthetics later. For now, it's important that I focus on the goal of simplifying my assets. During time of writing, I've done it for my 'Hygiene Items' and more of my 'Conflict' pile. By the way, check this out! I've finally managed to snap a fragment of the clutter before the outcome. Satisfying

In InfoTech, one of the things that I've found challenging in year one of my professional journey was the management between tasks that required me to be analytical and sequential while being able to respond to incidents with quick wit. In the academic world, some people have the advantage of being able to hide from everyone until you reach a goalpost. But just like the IT world, life is dynamic.

It's absolutely understandable that there's times where it feels like drowning and you need recovery time for yourself but it's also necessary to be grounded enough to accept that there's always be things that occur in times that are uncomfortable. In fact, when we do a Social Engineering PenTest to an organisation, we have to consider when they might be most vulnerable. That way, we can truly have a visual of the users' tendencies, right? 

There's also an element of mentally embracing that problems that require quick responses will have you meeting a fall after another, so you just have to get up quickly to adapt and change your angle depending on what's needed. No risk, no reward aye

It's been a busy Ticket Management game at work for me lately. It's more than the usual but I'm fortunately well-acclimated to the load management game now so it's more satisfying to resolve per request at this phase of my IT career. 

💬 g'day stalky, this post gets updated as I go so just a heads up that the flow might be a bit weird aye. In layman's terms, I'm currently in the middle of the wonderful world called drafting. If you're a New Zealander, you're probably used to rural roadworks anyways so have a cup of concrete for now.

🪦 Here lies written text that hurts my eyes. Till we meet again with aroha

6. Create a Mitigation Risk Strategy

Incident Response Process

1. Preparation

2. Identification 

3. Containment 

4. Eradication

5. Recovery 

6. Lessons Learnt