Slashdot Mirror
Sorry, IT: These 5 Technologies Belong To Users
GMGruman writes "The BYOD (bring your own device) phenomenon hasn't been easy on IT, which has seen its control slip. But for these five technologies — mobile devices, cloud computing services, social technology, exploratory analytics, and specialty apps — it has already slipped, and Forrester and others argue IT needs to let go of them. That also means not investing time and money in all the management apps that vendors are happy to sell to IT shops afraid of BYOD — as this post shows, many just won't deliver what IT hopes."
Ok...I didn't read the article. But the problem with mobile devices, cloud services, etc, isn't IT's lack of control. It's not the stability of the network. It's the security of the data itself. It's a little tricky to safeguard your patent research documents if they're sitting in your iPhone email. Even more difficult if they are up in Dropbox, unencrypted, where "mistakes happen" and other people can gain access to your account by an oops by the service provider or a sharing oops by yourself.
Believe me, I'd really rather not be responsible for managing data access. No matter how dumb people are, it's IT that gets blamed for lack of security.
Better than, I'm supposed to use this dingly dangly to do work, but the tools I'm allowed to use don't quite do what I need. If I could just use this app I could increase productivity, but IT has the system so locked down that to even think about using a different app is grounds for termination.
Face it, IT's job is to facilitate the rest of the company's performance of the real purposes of the company. IT doesn't make money for the company it enables the money making areas to make the money. A wise IT dept allows users to add additional tools, but with the caveat that the only fix available is a system wipe and restore to original configuration. The Users are responsible for keeping their data backed up.
As to the Gadget aspect, if the company didn't buy it, the company isn't responsible to fix it. If the company did, the company should have an extra stockpile, and any broken gadget is simply replaced with a baseline new one, again leaving it up to the employee to restore the apps and data they want. And it's the employee's job if their failure to maintain a backup causes critical data to be lost.
Okay, everybody tell me how wrong I am.
I'm too lazy to compose a creative sig.
One company I've worked with does it this way:
Want to use our device? Good, here it is all set up. You can use it to access internal resources.
Want to use your own? the pptp server is blah, and the exchange server is blah. Have fun, remember to lock your device, and no, we won't tell you how to set it up. You can't get anything confidential unless it's emailed. Emailing anything confidential is grounds for disceplinary action. When you lose your device, call 1-800-xxx-xxxx ASAP.
This article is written by the same braindead PHB who wrote the "high priests of IT" article. He's trolling Slashdot for cash (page hits). I say the editors should be at least considering blacklisting his submissions at this point. He's one of the biggest submission trolls on Slashdot right now, and the only one doing it for money.
"When information is power, privacy is freedom" - Jah-Wren Ryel
User perspective - does this thingie work for me?
IT perspective - does this thingie work for 1,000 users?
Does this thingie have a license we can support?
Does this thingie fit our security model?
Does this thingie fit our backup/retention model?
Does this thingie cause any problems with the other systems?
Does this thingie have a road map for the next 3-5 years?
Almost any user can handle a single workstation. Maybe even two workstations.
It requires a different perspective when you move to 1,000 workstations for 1,000 users running 250 different apps in 10 different segments across 3 continents and 5 languages.
The niche that the company is operating in might not be the same niche that the user sees himself in. Just as there are markets for mass produced goods/services, so is there a market for customized/personalized items.
I think Gruman is advocating the customized/personalized market niche (everyone at the company uses whatever they want to use / how they want to use it / where they want to use it / etc) when the experience of most of the Slashdot readers is the opposite (thousands of workstations and users with hundreds of apps and downtime that is measured in millions of dollars).
Car analogy - your motorcycle might have better acceleration, higher top speed and be more maneuverable than the 18-wheeler but they aren't serving the same market. Nor does the motorcycle scale to the 18-wheeler level at anything near the same price point.
What is this "tech-savvy user" you speak of?
There is a recurring discussion on Slashdot about the wisdom of putting critical infrastructure systems on the 'Web where any "terrorist" living anywhere in the world can attack it at any time.
That is the key to this discussion.
The IT department is tasked with keeping the private company data private. One of the reasons for that is so the company does not get sued for "losing" that information (or lose an advantage to a competitor).
Once the "tech-savvy user" connects his/her "personal IT" to the Internet it can be attacked by anyone, anywhere in the world, at any time. And losing your credit card info just means a problem for you. If the company loses the credit card info of their clients / customers / partners / etc, that's a problem for a LOT of people.
I don't know how many times I have heard: "We know it is not our policy to make you support/fix this. However, your boss is requiring you to make an exception this time, since we have some important time-sensitive thing going on."
Mutually-agreed-upon responsibility limits don't work when upper management lacks the discipline to keep up their end of the agreement.
I have worked for, or consulted for, many tech companies. The best had IT departments that saw themselves as ISPs. They made the assumption that the individuals were going to bring in viruses, dud devices, etc and built their network much like the cable company built theirs bulletproof. Connections to internal services were made in the same way as over the Internet secure as possible. Most workers were handed a workstation assembled by IT and it just worked. But if people had special needs or devices either they obtained their own bits or got help from IT obtaining special bits. At the time things like Macs didn't get much support as the IT would claim that they knew little about them. It worked well. Interestingly enough the head of IT usually had some bastard collection of old bits as his personal machine.
.zip files.
The worst had a convoluted proxy system, a wonky DMZ setup, Novell shared drives that nobody used, and the oddest selection of software that was mandatory on all machines; machines that they picked largely for their compatibility to Novell. Needless to say the head of this IT department had the best damn desktop machine in the company. Plus the best laptop that money could buy. Where programmers had trouble getting machines that could barely run the software they were building let alone a modern IDE.
The best company didn't trust their employees at all and designed their system around this. The worst company pretended that they could design a system where they could pretend to trust their employees.
The layers of stupid in the bad company were many. One good example was the dedicated email machine had a raid with a few terabytes of space. Yet in a 100 person company employees were limited to 3meg attachments (two floppies) and 10meg email account total. Plus many attachment extensions were banned such as
I am willing to bet that the bad IT company cost 3 or more times as much to run.
Citrix
Fuck you!
Contrary to the popular belief, there indeed is no God.