Slashdot Mirror

← Back to Stories (view on slashdot.org)

Consumer Technologies Driving IT

Posted by kdawson on from the not-invented-here dept.

fiannaFailMan writes to point out The Economist's reporting on the way consumer-driven software products are increasingly making their presence felt in the corporate world. Some CIOs are embracing the influx while others continue to resist it. From the article: "In the past, innovation was driven by the military or corporate markets. But now the consumer market, with its vast economies of scale and appetite for novelty, leads the way. Compared with the staid corporate-software industry, using these services is like 'receiving technology from an advanced civilization,' says [one university CIO]... [M]ost IT bosses, especially at large organizations, tend to be skeptical of consumer technologies and often ban them outright. Employees, in return, tend to ignore their IT departments. Many young people... use services such as Skype to send instant messages or make free calls while in the office. FaceTime, a Californian firm that specializes in making such consumer applications safe for companies, found in a recent survey that more than half of employees in their 20s and 30s admitted to installing such software over the objections of IT staff."

21 of 116 comments (clear)

  1. for a reason by brenddie · · Score: 2, Insightful

    Maybe that skepticism is there for a reason. Technology developed by the military, universities etc.. is usually focus on security, stability etc... Thats something thats not always true for consumer technology where short development cycles and high profitability drives the technology.

    --
    The best test environment is production. - Me
    chrome://browser/content/browser.xul
  2. what do you expect? by macadamia_harold · · Score: 4, Insightful

    The Economist's reporting on the way consumer-driven software products are increasingly making their presence felt in the corporate world. Some CIOs are embracing the influx while others continue to resist it.

    When you lock down the machines, of course people are going to be driven to web services like the apps that companies like google offer (mail / office / etc ) .

    --
    Push Button, Receive Bacon
    1. Re:what do you expect? by Timesprout · · Score: 3, Insightful

      You should try working for a large financial corp. They lock your machine down _and_ block access to web mail and other sites. Its their way of the highway as part of security/confidentiality/behaviour control .

      --
      Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
      What truth?
      There is no dupe
    2. Re:what do you expect? by Corporate+Troll · · Score: 3, Interesting

      I've worked for many financial corps (writing webbanking applications), and most of them don't have Internet access *at all*! Try doing your web-based job without the www. (Okay, they had "internet stations" for research, but it was a hassle.) Especially as a consultant, you can be lucky if you can send email to the outside. Usually, it's internal-mail only.

      The banks where I have worked that have Internet access, usually have heavy filtering. I still have the find a bank that blocks my own domain and thus my own webmail service, but yeah, for n00bs it's probably hard to survive without hotmail, gmail and yahoo.

      Still, I don't understand banks. I was allowed to take my *personal* laptop inside and I worked late when every employee was gone. It was a no-brainer to put a cross-cable between my bank-desktop and my laptop. (Did that once for burning a CD - for the employees of the bank.... Nothing illegal, just "bending the rules"). Sure, the switches were MAC-bound, but if I can get all the info on my desktop and them copy it over to my laptop all security is gone at once.

      For those suggesting USB sticks/harddrives: these machines were all NT4, for a reason.... *grin*

    3. Re:what do you expect? by SirKron · · Score: 2, Informative

      Have you read the federal guidelines that IT must follow for the financial industry? I have worked as a email contractor at a mutual fund company that had traders and a research department. We had to track every email and IM for seven years and had to produce them whenever requested to be in compliance. All it takes is one tech-savvy and crafty employee to put the entire company at risk.

      Just because you can, does not mean you should. Most companies will give you whatever access you need, if you need it. Making access because you want it is juvenile and will get your fired.

  3. Stalinistic IT practices... by Shoeler · · Score: 3, Interesting

    What is really accomplished by the draconian means IT organizations are going through these days? Viral outbreaks are way down, mainly due to better edge practices - ie frequent AV definition updates, forced scanning of all inbound e-mail for viruses, better firewall configurations, near real-time forced patchings, etc. With those left out, the vectors for infection drop dramatically and end up being removable media (USB drives), portable media (CD/DVD), etc. Again with proper real-time on-access antivirus scanning on both file servers and PCs, where do viruses come from?

    And if the reason for locking users out of their PC configuration is configuration management and not protection, then why not just let them at it... have a standard PC configuration, a standard image, and partition their drive. All user files are on the 2nd partition, and all system on the first. If they dork it up instead of spending hours troubleshooting, just image the primary partition and move on.

    That way you reduce the overhead of your IT group and allow users the freedoms we expect. I'm not talking utopian - I'm just talking simple things like being able to install a firefox major version update without calling the helplessdesk, or installing any other app I need to do my job (not wanted things like IM clients - real job needs). Instead I have to call the helpless desk wait a damn week while I play phone tag and then sit there for an hour as some monkey figures out how to double click "setup.exe".

    It all seems so unnecessary to me. Get a clue and a plan and have a modicum of control - not the communist variety of control.

    1. Re:Stalinistic IT practices... by gad_zuki! · · Score: 5, Insightful

      A few points:

      1. Your symantec doesnt catch everything, even if its in its definitions files. It may run before the av can scan it. It may come encrypted. It may be part of a larger spyware payload. "Edge" is buzzwords for "buy our scanning proxy." Its not 100% protection.

      2. Your system is locked down not because the "helpdesk monkey" enjoys visiting self-entitled misanthropes like yourself but to keep unauthorized software off your machine. Your manager doesnt want you playing games all day, IT doesnt want to image your computer every week because of all the spyware you download, and the helpdesk doesnt need more of your whiney complaints. Not to mention legal/finance dont want to get stuck with a bill/lawsuit for the software you pirate and put on a machine that isnt yours.

      3. The partition idea has already been done. Its called network drives. You still are responsible for the PC.

      At the end of the day, when you screw up a perfectly good machine because youre so much smarter than your IT deparment and its monkeys, you end up calling them, expecting them to fix it, and blaming them. Now multiply yourself x250 people and think about why you have to wait so long for service or why some of these policies exist.

      >Get a clue and a plan and have a modicum of control - not the communist variety of control.

      Lastly, this isn't soviet russia. Dont like the work environment? Quit.

    2. Re:Stalinistic IT practices... by Corporate+Troll · · Score: 2, Informative

      All user files are on the 2nd partition, and all system on the first.

      No, all user files on a *network server* because hard disk crashes happen and servers are backed up. It is trivial to map "My Documents" to a network share.

    3. Re:Stalinistic IT practices... by Shoeler · · Score: 2, Insightful

      1. Your symantec doesnt catch everything, even if its in its definitions files. It may run before the av can scan it. It may come encrypted. It may be part of a larger spyware payload. "Edge" is buzzwords for "buy our scanning proxy." Its not 100% protection.

      Nothing catches everythhing. Only clueless CIOs and non-technical middle IT managers think that happens. Security is a state of mind - not a reality. There will always be someone smarter with more time or more resources that can beat your "best practices".

      2. Your system is locked down not because the "helpdesk monkey" enjoys visiting self-entitled misanthropes like yourself but to keep unauthorized software off your machine. Your manager doesnt want you playing games all day, IT doesnt want to image your computer every week because of all the spyware you download, and the helpdesk doesnt need more of your whiney complaints. Not to mention legal/finance dont want to get stuck with a bill/lawsuit for the software you pirate and put on a machine that isnt yours.

      So you can't place - as I said before -a modicum of controls on users and still allow basic functionality? You can't set SMS to go look for installed programs and remove anything not in the list? (you can - I've done it)

      At the end of the day, when you screw up a perfectly good machine because youre so much smarter than your IT deparment and its monkeys, you end up calling them, expecting them to fix it, and blaming them. Now multiply yourself x250 people and think about why you have to wait so long for service or why some of these policies exist.

      Been there - done that, burned the damn t-shirt. Started an ISP back in '94 as a one person shop for a year. Did IT support in various mechanisms since then. I don't know much, but I have done support, and I'd challenge you to find a more difficult support role then the guy on the phone in the pre-windows 95 easy dialup days supporting Windows 3.11 and Trumpet winsock, getting blamed for every problem they have after they installed your floppy disk and doing it over the phone.

      Lastly, this isn't soviet russia. Dont like the work environment? Quit.

      Brilliant. Don't try to change anything. Don't try to make it better - just throw in the ol towel if you don't like it. And we wonder why we're chastized by non-IT folks for jumping jobs.
    4. Re:Stalinistic IT practices... by Tim+C · · Score: 4, Interesting

      If you're worried about near computer-illiterates fubaring their machines, why not simply have a "one strike and you're out" sort of policy? Everyone gets a liberal security policy to start with - maybe even full local admin access. The first time you screw your machine up, it gets reimaged and locked down on the grounds that you can't be trusted not to screw it up again.

      That lets those of us who know what we're doing and have never needed to call the support desk for anything other than hardware failure get on with our jobs with the minimum of inconvenience, while protecting those that clearly need to be hand-held.

      --
      It's official. Most of you are morons.
    5. Re:Stalinistic IT practices... by archen · · Score: 2, Interesting

      My problem with that approach is that when people are administrator, you have absolutely no way of telling where the problems are coming from. Some people do God knows what with the machines, others innocently just fubar it and have no clue why. And yes, user ignorance is considered a valid excuse where I work.

      When I migrated the company to windows 98 my policy was you're responsible for the computer. That just totally didn't fly. Then with windows 2000 we actually had passwords and supposedly had accountability. But someone else may have been on the computer, or maybe they had the user's password, or often no one logged off so ANYONE could install stuff on the computer. Users always had ways of fucking up their machine but passing the buck in a way that I couldn't hold them accountable.

      So today I have a lockdown policy on computers. I advocated they use firefox, so I don't restrict their web browsing. They can't install programs on their computers, however I will install just about any program (aside from IM) on their machines. If you have the GUTS to ask me to install something like a crossword puzzle generator, then I'll do that - and I have done that BTW.

    6. Re:Stalinistic IT practices... by asuffield · · Score: 2, Interesting
      Nothing catches everythhing. Only clueless CIOs and non-technical middle IT managers think that happens. Security is a state of mind - not a reality. There will always be someone smarter with more time or more resources that can beat your "best practices".


      The 'Sisyphus' method catches everything you're likely to care about:

      Every desktop should be created via disk image, as a clean install with all the applications that the employees are supposed to be using.

      Every night, when everybody's gone home, the image is reinstalled automatically. Wake-on-lan network cards take care of boxes which are switched off. On the rare occasions that a system fails to reinstall, a helpdesk goon is sent over the following morning to swap the box for one of the hot spares (no investigation on site, so the users experience no disruption).

      It's that simple. Anything the user does to the desktop is gone the next day. Sure, they could in theory install their pet toys every day... but after they've done it a couple dozen times, they're going to get bored and quit bothering. At the same time, you've eliminated a large range of issues that previously would waste support time (such as bitrot on Windows boxes), and created a system for you to deploy new versions of applications across the entire company easily (just update the image and they'll all get it the next day).
  4. Hey you kids. Get off my yawn by neimon · · Score: 4, Insightful

    1979: Hiding that Apple ][ with VisiCalc that the MIS staff has forbidden because users can't be trusted to produce accurate reports without someone with a Masters doing the coding. 1984: Sneaking PCs into an all-mainframe shop by having the customer buy them as parts, on seperate POs. 1985: Networking those PCs peer-to-peer over 1MB coax so they could share a "big" 40 MB hard drive and a "fast" 6PPM laser printer. That was the last generation of revolution. Now comes the software revolution, where disposable widgets take the place of $450 office "productivity" packages. It's a glorious dawn, and I'm laughing at all you young turks thinking you're going to control it. Embrace and control it, lads. Never forbid anything unless you have something better.

    1. Re:Hey you kids. Get off my yawn by Luscious868 · · Score: 2, Insightful

      The problem is that for every one employee who will actually install and use new software to increase their productivity there are six idiots who will screw up their PC's with viruses and spyware and three employees who will install software so they can waste time. The solution? Let the smartest, brightest and most productive employees do what they want (within reason). Pay attention and if what they are doing makes sense for others, embrace it and implement it where appropriate.

  5. Re:This is new? by porkchop_d_clown · · Score: 3, Interesting

    Heh. I was reading comp.sys.amiga.* on company time back in '88. Within weeks of Mosaic coming out, everyone in the office was trying it. My first exposure to online gaming was Doom over the company LAN - and the 4 of us in the company group ate so much of our internal bandwidth playing Doom that IT thought the routers were failing (the very first release of Doom was a real network hog). Then there was Pointcast. etcetera and so on...

    --
    Clear, Dark Skies
  6. Personal != corporate liability by pla · · Score: 2, Interesting

    Some CIOs are embracing the influx while others continue to resist it.

    As a member of a rather small "corporate" IT department, I can appreciate the difference between using certain programs at home vs at work. The number one rule people need to understand, don't expose the company to legal liability, ever. The number two rule, don't do anything that will risk bringing the network down (or critical servers, though most people don't appreciate the difference).

    The order of those may change depending on the nature of the company, but those pretty much account for 99% of the "stupid" IT rules that people don't like following. Sure, you run BitTorrent at home and have never had a problem. Perhaps you even use it legally (riiiiight... But hey, I'll admit it could happen). Move that into a corporate environment, however, and your "just a tenth of my bandwidth, and low chance of getting caught pirating music", times 50 users, turns into "why does our network suck so much" and "I have the RIAA's lawyers on line 2...".


    Additionally, most people absolutely suck at protecting their home PCs, and in my experience, they take even fewer precautions at work. Now, we run all the standard protections, such as AV, AS, mail and web filtering, and so on. But no amount of automated protection can ever suffice to stop determined insiders from managing to crash (or worse, compromise) their own workstations. Sure, you can fire the malicious ones after-the-fact (and the threat of that at least encourages some cooperation), but that doesn't undo the damage.


    As an aside, I consider myself something of a "dark-grey hat". I will gladly teach my users how to do things so they stay juuuuuuust barely on the right side of the law. But even that doesn't always help... It lets people know that when I do give them rules, I most likely have a damned good reason for it; but you'll always have people who just don't "get" it, and don't understand why installing every toolbar, cursor enhancement, and systray bug they can find makes those fascist IT guys so annoyed.


    As another aside, I've worked the other side of the fence as well, an engineer working as not part of the IT department. As for how to deal with that situation - Well, let's just say I thank Zeus that I don't have someone like myself as a one of my users. ;-)

    1. Re:Personal != corporate liability by gillbates · · Score: 2, Interesting

      I'm one of those users you'd probably be on the fence about.

      Granted, I don't install every toolbar and stupid web-widget available. That said, I routinely need to run software which IT doesn't have the time to approve and install. Fortunately, I'm usually able to install it myself, and know enough about the machine not to screw it up.

      However, users like me aren't your problem. In fact, I'd go farther and say that users like the ones you describe aren't the real problem, either.

      Your problem is with the Windows OS model:

      1. It encourages people to install even questionable programs by making it nearly effortless to do so.
      2. It actively hides things such as network and disk space utilization from the user.
      3. The Windows Explorer model hides important details from the user by default. The consequence is that users don't need to know, and seldom understand, how their computer works. Thus, they remain unqualified to take an active part in the security of their machines and the network.
      4. It provides multiple vectors for security compromises - Secure the OS, and the email client becomes a virus vector. Secure the email client, and the mandatory web browser becomes a vector. Unlike the UNIX model, in Windows, any installed program can compromise the security of the entire machine, and sometimes the entire network.
      5. Windows security is default allow, explicit deny - while MS has improved this in the recent past, their most recent gaffes in IE 7 and the exploit code in Word demonstrate that, as a company, they are still clueless about security.
      --
      The society for a thought-free internet welcomes you.
  7. The magic behind consumer applications ... by Ihlosi · · Score: 4, Interesting

    ... is being able to squeeze the cust^H^H^H^Hconsumer for the maximum amount of money while getting away with being able to provide a minimum of (or no) quality, service and support (or alternatively, charge ridiculous amounts for each of those three). This is possible because the individual "consumer" has very little leverage against the "producer" ('Not gonna buy your stuff anymore!'), compared to what a corporation could muster ('Not gonna buy several megabucks worth of your stuff anymore!').

  8. Predictable... by udderly · · Score: 3, Funny

    FaceTime, a Californian firm that specializes in making such consumer applications safe for companies, found in a recent survey that more than half of employees in their 20s and 30s admitted to installing such software over the objections of IT staff.

    In another recent survey, eye drop manufacturer Visine, has released a survey indicating that most marijuana users suffer from bloodshot eyes.

  9. It's not a PC, it's a WORKstation... by spywhere · · Score: 3, Informative

    I worked as a desktop support tech in several environments, with policies ranging from draconian to nonexistent.

    In the locked-down world, our firm charged for repairs to "non-standard" machines: anything with user-installed software, even if it wasn't the cause of the problem. We were forbidden to use the terms PC or computer, instead calling every desktop and laptop a "workstation." People who downloaded stuff from the Internet often found themselves explaining the $300 repair charge to their boss, and were subject to termination at the company's discretion. (As desktop techs, we were very powerful... one guy I worked with actually received "personal services" in exchange for not reporting a young woman in the call center).

    In the open environments, stupidity flourished. People would install Kazaa (with its load of spyware) and put their shared folders on the servers. Executives would download GoToMyPC and use their names as the password. During downtime, I would use PSList to remotely check computers for spyware, and remotely delete anything I didn't like. A few people complained about losing their Webshots and other crap, but the CIO was an old friend of mine and fully backed my efforts.
    One day, I claimed in a weekly meeting that spyware and adware were consuming 50% to 70% of our Internet bandwidth. The head of the network group immediately heaped scorn upon that statement... until the CIO asked him to check into the claim. He had to stand up the following week and say that I was wrong: the figure was closer to 90%.

  10. It's not the IT staff... by Beefslaya · · Score: 2, Interesting

    I would like to point out a recent meeting within our company...

    Some of the managers of certain departments would like to install an instant messenger client for more responsive communications within the company between buildings. It was explained that a user could have more then one conversation (like a telephone) at a time and also save cost.

    The upper management insisted that we do not install this program because it would "subtract" from productivity.

    Even after explaining to them that I could enforce the system to only accept internal accounts, and the conversations are all logged, they still denied the project.

    Our company is full of younger users that are simply more comfortable shooting a text to someone then picking up that nasty influenza infected phone to call someone.

    They'll come around sometime.