Slashdot Mirror

← Back to Stories (view on slashdot.org)

IT Departments Fear Growing Expertise of Users

Posted by kdawson on from the illusion-of-control dept.

flatfilsoc recommends a long article in CIO magazine on users who know too much and the IT leaders who fear them. Dubbing the universe of consumer technology the "shadow IT department," the article highlights the extent to which the boundary between users' workplace and home have broken down. It notes the increasing clash — familiar to anyone who works in a company with an IT department — between users' home-grown productivity boosters and IT's mandate to protect corporate data. The inherent tendency of the IT department to want to crack down and control technology that it doesn't supply should be resisted at all costs, according to CIO. The article outlines strategies for co-existence. It just might persuade some desperate CIO somewhere not to embark on a career-limiting path of decreeing against gmail and IM.

14 of 499 comments (clear)

  1. Yeah, what he said.... by zappepcs · · Score: 5, Insightful

    and there are always groups of individuals in every company that DO NOT fit the one-size-fits-all software/security model.

    Some people/groups really need a sandbox to work in, without interference from good intentioned IT departments.

    A virus spread wildly throughout my company recently because IT had thought to conveniently map some not so useful drives for everyone... guess how that virus spread?

    IT needs to learn to provide and protect without being so intrusive as to hinder real work being done.

    Sighhh

    --
    Support NYCountryLawyer RIAA vs People
    1. Re:Yeah, what he said.... by bigtomrodney · · Score: 5, Insightful

      That is certainly true to a large degree, but let's not overshadow the need for tighter security. Ultimately users need to bear in mind that their PC is for working, and really should only provide for their working environment. It's best to put aside the 'it's my computer' attitude and push the 'it's a company tool' attitude. Speaking as someone who has worked for years in IT, I would be more of the opinion that most staff in the IT department fear user knowledge because their own knowledge is lacking. From experience of a few different departments it's usually only one or two who have the knowledge to begin with and another five or six who are all talk. That's more what causes the friction between users and IT staff. No one minds a straight no if it is qualified, but I don't think anyone will tolerate a grunt of 'no' from someone who's not even sure why in the first place.

      --
      I never get used to these constant resurrections
    2. Re:Yeah, what he said.... by Jhon · · Score: 5, Insightful

      Ultimately users need to bear in mind that their PC is for working, and really should only provide for their working environment.
      Agreed. What need does a biller have in hooking up their IPOD to their work PC? Why would a clientservices-phone jockey need to hook up their USB memory stick? Why would a transcriptionist need access msn/hotmail/yahoomail?

      Then again, if it's a small shop and you're not really dealing with protected information on the network (say, medical records for example), then you may be fairly lax as to what users can/can't do at the workstation.

      *IF* however, you have federal and or state guidelines you MUST follow with regards to protecting identity and health information, then sorry pals, your workstation is locked down. Nope -- no unauthorized memory sticks. Nope, no internet access -- other than white listed work related sites. Nope, no access to install software.

      I've had users ask me for permission to install some "app" they like to use. The simple answer is "no" and I don't want to waste my breath re-hashing the same reasons. So I say "No. Check your employee handbook, page 12 for why" and walk away. I'm not going to have anyone of my guys jump through paperwork hoops to keep CAP or CLIA or MediCal happy so someone can have their computer go "ding" at a certain time using their favorite software.
    3. Re:Yeah, what he said.... by MobyDisk · · Score: 5, Insightful
      Everyone clap. You just met the IT guy you have all been loathing, and he posts on Slashdot. Thank you, take a bow.

      What need does a biller have in hooking up their IPOD to their work PC? Why would a clientservices-phone jockey need to hook up their USB memory stick? Because if you whitelist sites, then when the boss says "go to site XXX and tell me this..." they can't. And when the HR department says "go to www.friendlyHRpeople.com" to file a complaint they can't do it. But if you blacklist sites, then they can get to what they want anyway using some workaround. slashdot.com is blocked but engaget.com isn't. Or you can see it through someones blog, or redirection, or RSS feed, or a cache, or an anonymizer. This is a battle nobody can win.

      This is the type of attitude that gets us into the game of "If I rename the extension to .rar then I can send you this critical document you've been needing!" Then .rar files are blocked the next day. Then you zip the rar and it gets through again. The war escalates forever. Perhaps each employee should make a formal request to their boss, then to the IT department, then write a formal justification for why you need to visit each web site.

      Of course, it is probably all moot because you had to give everyone local administrator priviledges so they could run the ActiveX time-sheet application your IT department mandated.

      This is the mysterious "IT guy" who thinks he knows the fixed-length list of things that each and every person in the company needs to do their job. They create a blacklist of everything they think you could do on your computer that is bad, and use some 3rd-party product to scan everything you do and disable those actions. They already know better than you every tool needed for every position in the company. Really, this person could just do your job.

      I've had users ask me for permission to install some "app" they like to use. The simple answer is "no" and I don't want to waste my breath re-hashing the same reasons. Yes, you surely know every app they are going to need and have pre-installed it for them. And every application you haven't heard of is probably a virus. Of course, if you had setup their permissions properly then they couldn't install applications anyway. Instead of policing each application, set appropriate domain policies and work policies that make sense. Limit the size of email attachments. Put quotes on their accounts. Make sure the network drives have appropriate permissions.

      Trying to monitor every application used on every PC is a modern version of micro-management. Do you look at every tool that is on someone's desk? Do you approve each stapler? If you don't let people visit web sites, can they bring in books and newspapers? Do you blacklist/whitelist the phone numbers they can call and receive calls from?

      So I say "No. Check your employee handbook, page 12 for why" and walk away. Then you are a jerk.

      This will probably get modded as a troll. But I bet every person with mod points on this system has had to deal with the likes of you. I'm glad I got to find you and finally say it.
  2. My personal nemesis... by NerveGas · · Score: 5, Insightful


        Has always been the user who *thinks* he knows too much, and is out to prove it - usually causing problems, havoc, and destruction in so doing. You know, the kind of guy who gets pissed when you won't give them root/Administrator priveliges because he thinks he's a real big-shot. I've heard arguments as silly as "Well, I'm learning Linux on my own at home, so sooner or later, I'm going to know how to use it whether you give me root or not." Yeah, good for you.

        It seems that every company I've worked for has had one. Maybe it's a small part of my personal castigation for the things I've done wrong. Who can say...

    --
    Oh, you're not stuck, you're just unable to let go of the onion rings.
    1. Re:My personal nemesis... by 0100010001010011 · · Score: 5, Insightful

      My personal nemesis is the layers of abstraction you have from someone that actually knows something and the mentality of those people.

      My laptop at work continuously reboots. I ran a memtest on it and narrowed it down to a bad memory chip. IT wants me to send in my laptop. I'm sorry. I don't have time to deal with that down time, so I just put up with it restarting.

      The most annoying one is when they redid a few dozen internal webservers. All of a sudden the redirect didn't work (If you went to an internal site and it had been X minutes it redirected you to Corporate Web Login).

      I did some research on my own and found that when they upgraded to the newest webserver someone forgot to bring along the configuration. All the redirect websites were being sent out as plain/text. Firefox correctly rendered it as... plain text. When I e-mailed IT about it I got a nice form letter about "Firefox isn't supported, we use IE, etc".

      I then copy and pasted curl -v logs of all the websites that were broken. I didn't just tell them what was broken, I told them HOW to fix it. I never got a reply back and everything magically worked within a week.

      Sometimes there ARE users out there who know what we're talking about. I'm not asking for admin rights or root access. But I do want to be able to do my job and when your fuckups impede that, it does tick me off. The IT people I know are the ones that seem to have the hardest time saying the two 3 word phrases that every engineer (in my opinion) must learn before leaving college: "I don't know." and "I was wrong."

      In the mean time I wrote a greasemonkey script that when it saw the redirect page it sent me to the correct website.

  3. IT title does not an expert make by yagu · · Score: 5, Insightful

    I've met uncountable numbers of idiots when it comes to understanding technology. Guess what... many of them were peers in IT. In retrospect, it makes sense. I'd anticipated my move from college to a "real" job as a release from the world of idiots in the CS curricula. Finally, I'd get a chance to work shoulder to shoulder with people who knew.

    Not so much.

    I'd never considered where the rest of my university peers had to go -- into the same work force I entered -- duh.

    In the non-IT universe I discovered many were also clueless around technology, as I'd expected. What I hadn't expected was there were many non-IT people who got it, who understood technology, and worked with it adeptly. Many "got it" more than my peers. Some of the most profound ideas and innovation I've seen in IT have come from nontraditional non-IT people.

    I agree (without reading the entire article) with the summary and gist of the article -- IT does itself no favors ruling by fiat and instead should collaborate with users.

    This doesn't dismiss bad things happening and messes created by users left behind for IT to clean up. People who mess up should help clean up, but my experience has been many IT people are equally inept and likely to make messes.

    A degree and title in IT and CS means only that one has a degree in IT and CS, nothing more. It doesn't mean they're anointed and it doesn't mean they know more about technology than users.

  4. IT Isn't Master of All by Anonymous Coward · · Score: 5, Funny

    I'm sick and tired of IT departments that try to control everything I do when I know perfectly well that WeatherBug and WinFixer are the right tools for the job. I am a smart and knowledgeable IT consumer, and I've been using these fine products at home for some time now. Why not at work too?

  5. And why not? by Realistic_Dragon · · Score: 5, Interesting

    I would be 7 kinds of mad if anyone was using gmail and IM in my office.

    We work with NATO restricted data. *Everything* requires appropriate handling. E-mail is carefully fenced and the IM service is encrypted.

    But even if you aren't a company with such a strong need for data protection... well actually there is no such thing. At the very least you have financial data and client information on your systems. Losing some of that stuff is considerably more harmful than restricting people to company provided communication tools.

    Anyone placing data that hasn't been cleared for release (even by the very informal process of being sent out on purpose) onto services run by people with whom you have no contract and no reasonable expectation of integrity is, frankly, no better than the idiots who don't back up their data and are then surprised to find out that MTBF is not a guarantee. After all if your employees are using gmail et al you don't even know what data you *have* let alone what steps you need to take to protect it.

    --
    Beep beep.
  6. Re:I don't see a problem by smooth+wombat · · Score: 5, Insightful
    IT lost this fight when the USB memory stick became popular.


    Lock down usb ports.

    Besides, no matter what they do, they can't stop me from creating a knoppix cluster from my coworkers pc's after they all leave for the day.

    They can fire you.

    See, not so hard.

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  7. Re:IT dept's delay work. by aquatone282 · · Score: 5, Funny

    It makes you wonder if they spend more time reading my email and slashdot posts than actual IT work.

    Reading your email and your slashdot posts IS our actual work.

    Signed,

    Your IT Department

    P.S. You're fired.

    --
    What?
  8. For every rule, there are exceptions by bhmit1 · · Score: 5, Interesting

    I've been a user that is locked into crazy setups. The traveling consultant at client sites who's PC is setup to be managed from the corporate network. At one point, I got tired of the insanity, took a ghost image of the machine they gave me, and installed linux on the machine (and then restored the ghost image in a vmware session).

    But here's the thing, I don't ask for support from the IT department because I'm the odd guy. I know they can't support me. What annoys me (as the one who helps other IT departments manage lots of PC's) are the people that install various applications that cause our automated installs to fail. 90% of the machines are managed with little to no effort. It's the 10% that cause days of work while we try to figure out which of the 20 apps you installed is breaking our install tool.

    And for all those against IM and email lockdown, I've been to trading companies where that's the law. They get in trouble when they don't have logs of what people said on IM, email, phone calls, etc because that's how they catch insider trading. Of course for every sensible rule, I've seen 10 that make no sense at all. As has been said before, the USB key should force companies to reevaluate their policies.

  9. The power user vs the not so power user by onkelonkel · · Score: 5, Insightful

    1. "My hard drive is howling like a panther passing a kidney stone. Every time I run chkdsk I lose a few more sectors. I've backed up all my work to the network drive. When you get a chance can you come and fix my computer?"

    2. "My computer won't start. It's been making this squealy noise for about two weeks and then all of a sudden it just died. You have to come right now and fix it because all the annual budget files are on my desktop."

    Which call would you rather get?

    --
    None of them can see the clouds; The polished wings don't care.
    1. Re:The power user vs the not so power user by Heisman · · Score: 5, Funny

      Well, since user #1 is probably a typical /.er, and user #2 is probably the long leggy blond girl from accounting/payroll. I'm going to go hang out under #2's desk for a while. I'll see you guys later.