Slashdot Mirror
IT Turf Wars: the Most Common Feuds In Tech
snydeq writes "InfoWorld's Dan Tynan reports on the most common feuds in tech: turf wars in the IT department. 'IT pros do battle every day — with cyber attackers, stubborn hardware, buggy software, clueless users, and the endless demands of other departments within their organization. But few can compare to the conflicts raging within IT itself.' Dev vs. ops, staff vs. management — taking flak from fellow IT pros has become all too common in today's highly territorial IT organizations."
it's the best.
Disagree != mod troll.
the layer between which management absolves its direct interaction with developers, and through which a SOX policy completely devoid of any comprehension of the developer or her work is enforced.
Good people go to bed earlier.
Or is that just a California thing?
To quote Lincoln Spector and sung to the tune of the Jets song from West Side Story.
When you use DOS you use DOS all the way
From your first data loss 'til you format drive A:.
When you use DOS, why your confidence grows;
For your keys there's commands, for your mouse there's Windows.
It's DOS that's sublime; it's used by all go-getters.
At file-namin' time, we're never locked in fetters--
We choose eight letters.
When you use DOS, old hardware you can swap.
You can buy something new, next month prices will drop.
When you use DOS, why, you're never a stooge,
If your 640's low, well, there's always a cludge.
DOS users: On clones we can run, with brand-names we're the choosers.
The Macs'll buy none, cause all the Apple users
Are mouse abusers.
We're using DOS, yeah! and we're gonna fix
Every last system that's not something eighty-six--
Not something eighty, very weighty, six.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Luckly we have the equivalent of Sun Tzu's Art of War for the IT crowd.
B.O.F.H
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
are not technical, they are interpersonal. Cognitive intelligence is enough to get one started in this field, but gradually developing knowledge our one's own mind, how to work with others, develop a commitment to encouragement, and gaining a think skin are a must. A lot of IT jobs are a disaster. But you can still find peace in the middle of it if you develop the strength.
Years ago I quit my job web developing because a customer of my former employer was shady, and promising that the websites could do credit card sales, built in... at no additional charge. So when I quit my job over this kind of blatant lying, I was blacklisted by the former employer. A couple months later, their prized customer stiffed them in $15k worth of fees.
I phoned my former employer when I heard the news and gave her a bit of the "I told you so," except I was kind about it, and polite. It was apparent from her responses she felt sorry for blacklisting me, and sorry for not listening.
Sometimes the flak is warranted. Management: listen to your people or don't fucking hire them to begin with.
The dangers of knowledge trigger emotional distress in human beings.
DBAs always seem to want root for some reason or other... with apologies to A Few Good Men:
SysAdmin: You want the authority?
DBA: I think I'm entitled.
SysAdmin: You want the authority?!
DBA: I want the root!
SysAdmin: You can't handle the root!
What do you mean they cut the power? How can they cut the power, man? They're animals!
Got a great idea and want to get it past security without trouble? that's simple... simply get buy-in from a senior executive. get him to adopt it as his pet project and get it working on the Dev servers. now when he announces it Security cant do anything but say yes and do your bidding because they do not dare tell the Senior VP of marketing that they wont let his project run. Do I make enemies withing security? yup. Every one of them hated me because my default approach to them was an end run. And it was simply because the security guys were incapable of thought outside of the "lock it all down" OMG OMG! DANGER DANGER! WE got a iphone/ipod app launched for use in the company and made every one of the security guys froth at the mouth and fall on the floor convulsing when I end ran them to a VP who loved it and wanted every sales person to have it. They lost their mind at allowing 190 non company locked up iphones and ipods connected to the holy internal wifi.
Just wait when my ipad system for sales forecasting get's greenlighted and they have to allow 200+ ipads on it as well...
Do not look at laser with remaining good eye.
God I remember back in high school when i discovered the Net Send command.
That's why I love patching a crossover cable from one switch to another on them and let it sit there.
making it red like their critical cables and with a "DO NOT REMOVE" label attached on each end is a great way to screw with them. Bonus points if you make it long and snake it through trays so it's not obvious.
Do not look at laser with remaining good eye.
Have you tried no being a dick yet?
Remember that the network switches / hubs / routers are part of "the network".
So when there REALLY is a problem on the network, the network admins usually hear about it because EVERYONE is having problems with ALL of their apps.
If one workstation or one server is having a problem (but the others are working) then it probably isn't a problem with "the network".
It may be that the network is not configured the way you'd like it to be for whatever you're trying to do ... but remember that the network admins have to keep the network configured to support all the OTHER items that were on it before yours.
At least be able to tell them what you want to do protocol-wise.
In this regard the iPad/iPhone is equivalent to kids driving around with motorized scooters on the freeway. It's exciting and easy to use. But completely incorrect tool for the job. iPads are consumer products without any security features worth mentioning.
I admit: my first reaction is that if I worked security at your company, I'd want to kick your ass. I mean, I like you, but they probably have a very valid point about not wanting untrusted apps popping up all over the place.
But my second reaction was that you're right. There's no valid reason why you can't have unsecured guests on the holy internal wifi. We have an open WLAN here at the office, but it's firewalled away from anything we actually care about, with exceptions on a case-by-case basis. You don't get open access to the database server just because you're connecting to our corporate wifi. If your security guys can't handle that, then, well, sucks to be them. Good for you for finding away to make people actually do their jobs.
Dewey, what part of this looks like authorities should be involved?
Sigh.
Daily life around here.
Marketing wants what marketing wants. To hell if it has a positive cost/benefit ratio. "Nice and shiny and uses lots of Flash ... and runs on my iPhone ... drool"
Devs dev what marketing wants. Dev only wants to dev in production. As Administrator/root/qsecofr (or ALLOBJ).
IT Management, but especially Finance Magement skimp of every possible detail until they end up spending more time AND money patching it until it would have been cheaper to do it the way joint Ops/Securty said it would.
Ops/Security is handed a dogs breakfast of non-working, insecure code that produces amiguous, and often wrong results. Last to find out or provide input. But it's our fault when it doesn't work, or opens all security doors, or breaches laws in several countries. (The last ones to touch it must have broken it).
Classic way NOT to do it.
Q:I was listening to a CD in Grip and it sounded horrible! What's up? A:Perhaps you are listening to country music
Got a great idea and want to get it past security without trouble? that's simple... simply get buy-in from a senior executive.
One of the best environments I ever worked security for allowed for senior managers to take personal responsibility for these kinds of decisions. The business unit would announce their Big Idea. InfoSec would look at it, analyze risks / security issues, and (often missing from many InfoSec groups) work out ways to allow the same functionality while mitigating any discovered risks, and ultimately document those risks. If the business unit didn't want to follow InfoSec's recommendations, they could take their Big Idea to their boss and make the business case for it so that their boss can take personal responsibility for the decision. InfoSec would provide the risk assessment. Senior management would then decide if the business case overcame the risk and everyone would press on accordingly. The process did wonders for enforcing open communication. Management wanted good information before they put their own butts on the line. Business units couldn't get away with just grousing or avoiding InfoSec and InfoSec couldn't get away with arbitrarily dismissing any new ideas. I should point out that this system is seeped in conflict. And that's good. Conflict is fundamental to security and, in many ways, any pursuit that has many options guided by creative thinking - something that all good IT environments should be encouraging. The key is to ensure that conflict can drive a constructive process. Too many IT environments pretend conflict doesn't exist and has no proper outlet for it.
I could just as easily say "if programmers could think on their feet and fix problems that cost the bottom line thousands of dollars per minute of downtime they would be IT guys." But then I'd sound just as short-sighted as you do.
Slashdot? Oh, I just read it for the articles.
Designing a wireless / wired network to support unsecured guests is a LOT different than designing one to support only secured guests.
And the cool thing is that you don't have to pick just one. It's perfectly possible and reasonable to have open and secured networks. That how I - the network admin - built the system at my company. I'm quite well aware of the conflict between security and usability, but at the end of the day, my boss pays me to find a way for him to use the software he wants. I don't have the privilege of saying "that's insecure! You can't use that on my network!" because he can always trump with "get your stuff and leave".
So if I got orders from my boss telling me to open the network for Lumpy's pet app, I'd be pretty pissed off at Lumpy. In my case, that'd be because I'd hope that Lumpy would come to me in person so that I could help him without involving management. In his company's case, it sounds like it'd be because his network admin has a misguided concept of "their network".
Dewey, what part of this looks like authorities should be involved?
Got a great idea and want to get it past security without trouble? that's simple... simply get buy-in from a senior executive. get him to adopt it as his pet project and get it working on the Dev servers. now when he announces it Security cant do anything but say yes and do your bidding because they do not dare tell the Senior VP of marketing that they wont let his project run.
They should go to the VP of marketing and ask him about delaying the implementation of the project to try to address some security issues, and inform him that the devs didn't give corporate security a heads up to even start considering the security ramifications.
Then a few weeks later, they can deliver a shiny report to the VP quantifying the risk that this new effort brings to the company, explain what the risks are, and propose mitigations to the risk (some of which involve removing things from the project, locking it down, or spending a lot more money), as well as the risks and costs for going forward with no changes.
After the VP weighs his options, he may cancel the project, due to the cost created by not involving security planning at Stage 1.
Do I make enemies withing security? yup. Every one of them hated me because my default approach to them was an end run. And it was simply because the security guys were incapable of thought outside of the "lock it all down" OMG OMG! DANGER DANGER! WE got a iphone/ipod app launched for use in the company and made every one of the security guys froth at the mouth and fall on the floor convulsing when I end ran them to a VP who loved it and wanted every sales person to have it. They lost their mind at allowing 190 non company locked up iphones and ipods connected to the holy internal wifi. Just wait when my ipad system for sales forecasting get's greenlighted and they have to allow 200+ ipads on it as well...
Just wait 'til Security has to have an auditor in with a pen test that involves sneaking in an iPhone with malware installed, and gives the company an F rating on a SOX audit, with demands that the "open wifi policy" cease, and 10-million$$ fines for the company.
they would rather write a buggy version of asp.net (using asp.net no less) than let .net developers do things correctly.
Where can I escape retarded senior developers???
Escape them? It sounds like you are on your way to becoming one.
Well all of us programmers don't have backgrounds in engineering or sit around in a cube programming widgets. Some of us come from small shops where we have to do complete life-cycle development, database administration, package and installation, and everything else at one time or another so, we're pretty familiar with the roles that a dedicated IT department should be responsible for. In fact I wouldn't hire any developer that doesn't know have at least intermediate level knowledge of server OS's and networking. So you can color me unimpressed if the network admin says his job is as difficult as mine, when I consider something like IT support and network administration a stepping stone.
Paint one half of the cable blue and the other half white, and hide the switch point in a mass of cables somewhere.
I always found it fun when OTHERS found net send, decided to "have some fun", and as a result I showed them the consequences of mixing 1. batch scripting, 2. net send, and 3. infinite loops. And not one of them knew how to turn the service off... One of them even started to cry..
Good times :)
It's The Golden Rule: "He who has the gold makes the rules."
I think the conflict here is between reasonable people and assholes. You sound like a reasonable person, Lumpy sounds like a bit of an asshole, but that may be the fault of working with assholes. It's quite possible that if you were Lumpy's security guy, and he knew he *could* come to you and open a reasonable dialog that would result in a mutually acceptable solution, he would. Since he works with obstructionist asshats, he bypasses them whenever possible. It's also possible he's just an asshole who always wants to get his way. Hard to tell under the circumstances. Personally my policy is to never say "no" without at least trying to come up with an alternative.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
Any developer that writes an app that requires admin rights on the desktop should be beaten and stabbed. (yes, you should be able to disable auto-updating)
If I want to run "ping" or "telnet", I have to open a ticket with the IT Helpdesk.
I don't have rights to install hardware, so if I plug in a new mouse I have to open a ticket with the IT Helpdesk.
Three times a week, they push an update for Windows Media Player that forces a reboot when I'm in the middle of something important. Virus scans start every day at 10:00AM and run for four hours.
Every programming blog in the intarweb is blocked for "Social Networking".
Most of the time, when the IT Helpdesk finally arrives, I have to help them do whatever it was I opened the ticket for.
So don't get me started on the beating and stabbing.
Godaddy is a scam and a ripoff.
http://www.infoworld.com/print/151016 "You're welcome." --Nick Burns
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).