Slashdot Mirror
IT Departments Fear Growing Expertise of Users
flatfilsoc recommends a long article in CIO magazine on users who know too much and the IT leaders who fear them. Dubbing the universe of consumer technology the "shadow IT department," the article highlights the extent to which the boundary between users' workplace and home have broken down. It notes the increasing clash — familiar to anyone who works in a company with an IT department — between users' home-grown productivity boosters and IT's mandate to protect corporate data. The inherent tendency of the IT department to want to crack down and control technology that it doesn't supply should be resisted at all costs, according to CIO. The article outlines strategies for co-existence. It just might persuade some desperate CIO somewhere not to embark on a career-limiting path of decreeing against gmail and IM.
and there are always groups of individuals in every company that DO NOT fit the one-size-fits-all software/security model.
Some people/groups really need a sandbox to work in, without interference from good intentioned IT departments.
A virus spread wildly throughout my company recently because IT had thought to conveniently map some not so useful drives for everyone... guess how that virus spread?
IT needs to learn to provide and protect without being so intrusive as to hinder real work being done.
Sighhh
Support NYCountryLawyer RIAA vs People
Has always been the user who *thinks* he knows too much, and is out to prove it - usually causing problems, havoc, and destruction in so doing. You know, the kind of guy who gets pissed when you won't give them root/Administrator priveliges because he thinks he's a real big-shot. I've heard arguments as silly as "Well, I'm learning Linux on my own at home, so sooner or later, I'm going to know how to use it whether you give me root or not." Yeah, good for you.
It seems that every company I've worked for has had one. Maybe it's a small part of my personal castigation for the things I've done wrong. Who can say...
Oh, you're not stuck, you're just unable to let go of the onion rings.
I've met uncountable numbers of idiots when it comes to understanding technology. Guess what... many of them were peers in IT. In retrospect, it makes sense. I'd anticipated my move from college to a "real" job as a release from the world of idiots in the CS curricula. Finally, I'd get a chance to work shoulder to shoulder with people who knew.
Not so much.
I'd never considered where the rest of my university peers had to go -- into the same work force I entered -- duh.
In the non-IT universe I discovered many were also clueless around technology, as I'd expected. What I hadn't expected was there were many non-IT people who got it, who understood technology, and worked with it adeptly. Many "got it" more than my peers. Some of the most profound ideas and innovation I've seen in IT have come from nontraditional non-IT people.
I agree (without reading the entire article) with the summary and gist of the article -- IT does itself no favors ruling by fiat and instead should collaborate with users.
This doesn't dismiss bad things happening and messes created by users left behind for IT to clean up. People who mess up should help clean up, but my experience has been many IT people are equally inept and likely to make messes.
A degree and title in IT and CS means only that one has a degree in IT and CS, nothing more. It doesn't mean they're anointed and it doesn't mean they know more about technology than users.
I'm sick and tired of IT departments that try to control everything I do when I know perfectly well that WeatherBug and WinFixer are the right tools for the job. I am a smart and knowledgeable IT consumer, and I've been using these fine products at home for some time now. Why not at work too?
As a software developer outside of the IT department (I'm under direction of the Engineering group), I get this all the time. I get the run around, exclusion from important meetings, no say in things I have a large stake in, put at the bottom of the priority queue, and sometimes even people working to throw roadblocks in my way.
I've always been a fan of decentralized IT - a core group working to "keep the lights on" and seperate groups providing services embedded in the groups they're providing services to, responsible to the managers of the groups who use the tools. Meetings still happen with the needed staff, but someone is a few cubes down the hall or at least on the same floor to answer questions and get feedback.
The Doormat
If you're not outraged, then you're not paying attention.
I would be 7 kinds of mad if anyone was using gmail and IM in my office.
We work with NATO restricted data. *Everything* requires appropriate handling. E-mail is carefully fenced and the IM service is encrypted.
But even if you aren't a company with such a strong need for data protection... well actually there is no such thing. At the very least you have financial data and client information on your systems. Losing some of that stuff is considerably more harmful than restricting people to company provided communication tools.
Anyone placing data that hasn't been cleared for release (even by the very informal process of being sent out on purpose) onto services run by people with whom you have no contract and no reasonable expectation of integrity is, frankly, no better than the idiots who don't back up their data and are then surprised to find out that MTBF is not a guarantee. After all if your employees are using gmail et al you don't even know what data you *have* let alone what steps you need to take to protect it.
Beep beep.
Lock down usb ports.
Besides, no matter what they do, they can't stop me from creating a knoppix cluster from my coworkers pc's after they all leave for the day.
They can fire you.
See, not so hard.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
Is the day hundreds of callcenters close down their Level 1 support. I always thought it funny to have columns and rows of people that do nothing but open the documentation the users have and read it to them over the phone. Since the phones are still ringing, I think this announcement is still quite a bit premature.
Reading your email and your slashdot posts IS our actual work.
Signed,
Your IT Department
P.S. You're fired.
What?
whether you like it or not.
In the US, Sarbanes-Oxley places some strict requirements on data retention for publicly-traded companies. Employees choosing to use IM and gmail, could cause those requirements to be circumvented.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
I've been a user that is locked into crazy setups. The traveling consultant at client sites who's PC is setup to be managed from the corporate network. At one point, I got tired of the insanity, took a ghost image of the machine they gave me, and installed linux on the machine (and then restored the ghost image in a vmware session).
But here's the thing, I don't ask for support from the IT department because I'm the odd guy. I know they can't support me. What annoys me (as the one who helps other IT departments manage lots of PC's) are the people that install various applications that cause our automated installs to fail. 90% of the machines are managed with little to no effort. It's the 10% that cause days of work while we try to figure out which of the 20 apps you installed is breaking our install tool.
And for all those against IM and email lockdown, I've been to trading companies where that's the law. They get in trouble when they don't have logs of what people said on IM, email, phone calls, etc because that's how they catch insider trading. Of course for every sensible rule, I've seen 10 that make no sense at all. As has been said before, the USB key should force companies to reevaluate their policies.
1. "My hard drive is howling like a panther passing a kidney stone. Every time I run chkdsk I lose a few more sectors. I've backed up all my work to the network drive. When you get a chance can you come and fix my computer?"
2. "My computer won't start. It's been making this squealy noise for about two weeks and then all of a sudden it just died. You have to come right now and fix it because all the annual budget files are on my desktop."
Which call would you rather get?
None of them can see the clouds; The polished wings don't care.
If the company has decided that they are going to lock the use of unsanctioned peripherals, then the question becomes not, 'why doesn't my USB drive work,' but 'why are you bringing a USB drive in?'
"I use a Mac because I'm just better than you are."
This is a general observation that can be made regarding 'regulatory' departments that are concerned with security and legal compliance. Generally the rules are written down by someone senior, who uses common sense to reach what seems, at the time, a reasonable compromise and a practical approach. Next, they are handed down to a team of juniors, who enforce without understanding, because that is what they have been told to do. Through habituation, the regulations become Holy Writ and nobody is allowed to touch them --- a situation the original author(s) would probably have regarded as silly and dangerous. Finally, everybody formally adheres to the rules while circumventing them by any means possible, making a total nonsense of the original purpose.
This is by no means limited to IT. It also applies to finance or health care, or for that matter the US Constitution. It seems to a general human phenomenon. But it just seems that IT departments are more prone than others to the extreme aberration that I would call IT fascism: The belief that the ideal organization is regimented, uniformed, homogeneous, goose-stepping, controlled, and obedient; and that any exceptions need to be eliminated. Maybe the use of binary code stimulates binary thinking.
Of course, for any commercial organization, this can be a real killer in the long run. I've seen creativity and innovation totally stifled by regulation, until most people were so marinated in the status quo that they became completely incapable of independent decision-making, and the creative minds got frustrated and left. It's pretty much the reason why, if I were to make a SWOT analysis of our firm, I would classify much of our IT department under 'threats'. It's not because these people are of ill will, but the idea of trying, stimulating, or even supporting something new has become alien to them.
They are taking care of the daily business, according to present regulation, and they just can't imagine that there might be more to the job than that. To be fair, most of them are so far from the "frontline" that they no longer hear the din of the battle for survival.
Just a few days ago I ran an entire meeting of 12 Powerpoint presentations from my USB drive because the network drive went down the very morning the VIP showed up to have his apple polished. I thought ahead, realized that our network goes down all the time is about as reliable as the Iraqi army, so I had the foresight to copy the files to my personal USB drive. No longer--now I'll just shrug my shoulders and the organization looks only as competent as we really are for a change. I'm actually ecstatic when they lock the computers down a bit more. Already my workplace has cut off webmail, much to the joy of all the workers who now can't be held responsible for not knowing about (and completing the tasking from) an email sent out at 10PM Friday. Lock everything down, please. Could you please take my printer? Who knows what sort of shenanigans I might get up to with that.
Give me a diskless workstation that only works during business hours, and make sure it's the only place from which I can access company data, and I'll buy you lunch for a week. Don't forget that company cellphones and blackberries and PDAs are also the spawn of Satan. Keep up the good work! We love you!