Slashdot Mirror
Is Enterprise IT More Difficult To Manage Now Than Ever?
colinneagle writes: Who's old enough to remember when the best technology was found at work, while at home we got by with clunky home computers and pokey dial-up modems? Those days are gone, and they don't look like they're ever coming back.
Instead, today's IT department is scrambling to deliver technology offerings that won't get laughed at — or, just as bad, ignored — by a modern workforce raised on slick smartphones and consumer services powered by data centers far more powerful than the one their company uses. And those services work better and faster than the programs they offer, partly because consumers don't have to worry about all the constraints that IT does, from security and privacy to, you know, actually being profitable. Plus, while IT still has to maintain all the old desktop apps, it also needs to make sure mobile users can do whatever they need to from anywhere at any time.
And that's just the users. IT's issues with corporate peers and leaders may be even rockier. Between shadow IT and other Software-as-a-Service, estimates say that 1 in 5 technology operations dollars are now being spent outside the IT department, and many think that figure is actually much higher. New digital initiatives are increasingly being driven by marketing and other business functions, not by IT. Today's CMOs often outrank the CIO, whose role may be constrained to keeping the infrastructure running at the lowest possible cost instead of bringing strategic value to the organization. Hardly a recipe for success and influence.
Instead, today's IT department is scrambling to deliver technology offerings that won't get laughed at — or, just as bad, ignored — by a modern workforce raised on slick smartphones and consumer services powered by data centers far more powerful than the one their company uses. And those services work better and faster than the programs they offer, partly because consumers don't have to worry about all the constraints that IT does, from security and privacy to, you know, actually being profitable. Plus, while IT still has to maintain all the old desktop apps, it also needs to make sure mobile users can do whatever they need to from anywhere at any time.
And that's just the users. IT's issues with corporate peers and leaders may be even rockier. Between shadow IT and other Software-as-a-Service, estimates say that 1 in 5 technology operations dollars are now being spent outside the IT department, and many think that figure is actually much higher. New digital initiatives are increasingly being driven by marketing and other business functions, not by IT. Today's CMOs often outrank the CIO, whose role may be constrained to keeping the infrastructure running at the lowest possible cost instead of bringing strategic value to the organization. Hardly a recipe for success and influence.
True.
I work in client computing. What 15 years ago was wandering around with an Office CD is now making sure that App-V Office works on non-persistent virtual machines while settings get captured by a third virtualization service. And making sure that last decade's mouse and keyboard would work has become making sure that users can get into systems from any device, anywhere, over VPN, to the aforementioned virtual systems, without them ever locking themselves out, needing to get to the password reset portal, or making sure the help desk doesn't overload their call volume. Even the proliferation of multiple monitors has left you upgrading Citrix clients and thin device firmwares, all of which connects to another byzantine layer of abstraction.
Wait, what? The filer is out? How many people are down?
force everyone to work on green phosphor , don't hire or pander to the kind of dumb-ass that needs clicky pointy and autocomplete and facebook/twitter/tumblr updates on the side. raise the bar. work will get done.
I can't answer if it's more difficult, or simply more challenging.
Increasingly, there seems to be more and more push for internal social media and the like.
There's clearly much more desire to see badges awarded for participating in discussions in Sharepoint than there is on having reliable servers.
So all the funding goes to the sexy mandates, with the apparent assumption that the stable boring stuff happens by magic and doesn't need funding.
Sometimes I find myself shaking my head, because when internally it becomes glitz over substance and functionality, the marketing idiots have screwed us all.
It is mind boggling to me that everyone seems to have gotten hoodwinked into thinking a "Like" button provides more benefit to the company than the things which keep corporate data intact.
It's like IT has become superficial and vacuous, and the decisions are being made by idiots who don't know which parts of technology add value to the business/support core business activities and are necessary.
I've seen "new collaboration tools" deployed in organizations that I immediately think "how the hell does this help me do my job, or improve anything in the company"? In some cases, I still don't have an answer.
But I've seen companies spend a lot of money on systems which add no real value, and which just siphon resources from things which do.
Lost at C:>. Found at C.
These have happened to me:
"Why do you need that $700 enterprise-grade AP? Just use the $69 linksys one like I do at home!"
Monday: "Support my new iGadget. Now." Tuesday: "We need encryption/security/firewall/2FA to meet PCI/CJIS/SOX requirements".
"Cost saving measure by centralizing printers!" By next month everyone who has the authority to ask for a personal printer again has one.
"Make an SSID without a password so that we can use our Chromecast."
Real programmers use "copy con program.exe"
It seems to me that the question asked in the headline doesn't quite match the summary:
"Is managing IT harder now than it used to be? I think it is, and I offer as my support that IT executives are not as influential as marketing executives!"
In a lot of ways, IT management is probably easier. The technology is better and more reliable. We have a new generation of cloud management and MDM for all kinds of things. Managing an IT department is hard, but it's always been hard.
But I think what you're really getting at is, businesses don't want to spend money in IT. The reality is, they never did. I've been working in IT for a couple decades now, and the whole time, there's always been budget issues where upper management is saying, "Do we really need to buy new workstations? Didn't we just buy new workstations 7 years ago?" Sure, a couple decades ago, they were saying, "Didn't we just install the terminals 7 years ago?" but the concept was the same. I doubt it was new then, either. Businesses don't like to spend money, and IT gets classified as a cost center.
Sure, "the cloud" makes it all a bit worse, since now clueless executives can say, "It's all this stuff supposed to be free now? I have a Dropbox account that I use for personal stuff, and it works great, and it's free. Can't we just put all of our servers in the Cloud like Dropbox is?" But is it new that marketing is driving business decisions more than the IT department is, or that clueless executives want to replace everything with whichever buzzword-heavy technology that they've recently heard about? Nope. That's pretty much the deal.
Most cloud providers are orders of magnitude more secure than company IT.
All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
And as such is a juicy target for all the hucksters. Home users can switch if they get pissed off at one brand. And nobody really needs Facebook anyway. But sitting at your desk at work, you will use what they tell you to. And when the people selling crap to corporate IT discovered this, it was game on for thousands of dollars per seat for licenses. And then there was the blow-back. Many BODs looked at the IT spending and realized that they were getting screwed by travelling salesmen. And they tightened the purse strings.
I worked in and around a few IT projects at Boeing back in the 1990s. Back when "The Web" was becoming viable for enterprise applications. But before vendors caught on that their precious "green screen" mainframe apps could be replaced for pennies on the dollar by a couple of smart people. But once they caught on, they convinced the (newly created position of) CIO that the only way to maintain corporate credibility was to be juggling a bunch of billion dollar development and procurement projects. You are measured by the budget that you consume. Finally, when the non IT management types started seeing the TV ads with the empty data centers, except for that one tiny rack in the corner that replaced it all, they cut off the blank checks, cocaine and hookers.
Have gnu, will travel.
The cloud is cheap, but so is stashing one's valuables in a box underneath a bush by a park bench as opposed to a safety deposit box. As intrusions become more brutal (where sensitive data like employee bank accounts and HR records just doesn't go to the bad guys, but gets posted for the world to see just out of spite), the cloud solution that worked in 2010 has a good chance to destroy a company due to lawsuits in 2015.
I have found the Cloud to be a magical place. Come, come and join me in... "the Cloud."
Back in the days of dial up modems, green screen terminals and WordPerfect, there were not as many questions and difficulties because there were just so few valid answers. As technology grew to answer those questions, of course it became more difficult to manage simply because things got better. I recall connecting to some places at 300 baud -- when you can watch text download in real-time, of course you want a faster connection. With green screens and non WYSIWIG computing, you wondered why it was such a pain in the ass to get a document to look right and why the computer couldn't just show you what it would look like so you could not have to waste reams of paper.
Nowadays, when you can get a decently fast Internet connection that delivers realtime HD video for less than a hundred bucks a month, is it so weird to ask why bandwidth is limited at work? When many providers will give you gigabytes (or unlimited -- services like CrashPlan) storage space for free for something around $10/month, is it odd to ask why there is a storage quota measured in megabytes? When you see commercial websites that regularly update their UI, why is it so weird that people want to know why no effort is being expended to update some godawful internal tool that hasn't been touched in more than a decade?
Of course, there can be valid answers to the above -- your industry may have reporting requirements, retention requirements, backup requirements, regulatory requirements and/or a grab bag of other things (reliability, testing, etc) that make your costs for providing services very high, and the change process rather onerous. But it doesn't make the questions wrong, you just can't say "we are IT and we control" any more -- you likely need to be more well versed in your industry, or be able to communicate clearly why you still have legacy systems or how much an upgrade would cost, or how much a decent storage array and backup system costs to run.
A lot of these changes also show that IT is fairly well integrated into our daily lives, and it's no longer a "mystery" to a lot of people -- which is good because it opens the opportunity for better partnerships with company departments to do cool stuff. Rather than sit around waiting for someone to suggest a project, why not get out there and ask the departments in your organization what you can do to help them be better? Projects that are co-sponsored by departments that make the money or make the product you sell are much more likely to get funded, and far more likely to be recognized as "strategic" and "revenue positive".
The main problem is that most of the people making "IT decisions" do not understand the full impact of those decisions (or believe that they will not be held responsible).
Moving anything "to the cloud" simply means moving it "to someone else's computer". How do you judge their security?
What happens when one of their other clients is arrested for something illegal and the "cloud" computers get confiscated?
Anyway, from TFA:
Which will NEVER work. Spend some time reading up on the latest cracks that leaked credit card info. If you have to rely on "influence" you should look for another job. There will always be someone with more "influence" than you.
Well, for some companies anyway...working for a network security company I have confidence in our network.
I'm starting to think GNU is the problem with "GNU/Linux" these days.
1) No computer ever be 100% secure. If it is, it's a brick with a power cord and a monitor.
2) One size NEVER fits all. A secretary, a programmer, a salesperson, a testing lab and a configuration management department all need wildly different configurations for security, login, admin privileges, et. al. As a CIO, your job, frankly, is to suck it up and give it to them. If you can't, you fail.
3) If you let the bean counters run the IT department, it's an automatic fail. This fail can be hidden for some years by the bean counters and they engage in the standard self-congratulatory circle jerks and self-defined measures of "productivity," but the lack of reality orientation *will* kill your organization eventually.
4) Never trust a newly minted MBA or anything they say, think or do. Ever. It's like putting a philosophy major in charge of line production on a factory floor. It's a *lot* like that. Good luck with getting anything done on budget and on schedule.
Please do not read this sig. Thank you.
I turned a down job offer from a MULTI-BILLION-DOLLAR MEGACORPORATION (the hiring manager emphasized this point a half-dozen times during the interview) that refused to use an effective anti-spyware program because the smaller company made ONLY several million-dollars in yearly revenue, forcing their IT technicians to spend hours manually removing rootkits, viruii and other crap. If IBM made the anti-spyware program, no problem. Little company, forget about it. I've never seen a more elitist form of corporate dysfunction.
I have been in IT for about 10 years, so I am not sure I am completely qualified to say since forever, but I would say that the issue is we are now competing with cloud providers as to the expectation of our customers. For example, Gmail offers you 15 GBs for free and IT customers wonder why they only have 2GBs at work. Most cloud services have pretty amazing up times, and people wonder why your IT dept. can't do the same thing (no matter how well staffed it is). People are seeing the consuming of resources as free and then trying to IT accordingly.
It depends. We hope they are more secure, but we have no idea if they actually are. Lack of data breaches doesn't indicate future performance.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
This. A million times this.
Getting so sick of the same old sub story about how the cloud is insecure, as if it is some rule of nature. The cloud will be as secure as the cloud vendor makes it.
The idea that sensitive data is more secure in-house than in the cloud, just because it is not inside your four walls, is not rooted in reality. It might make you FEEL more warm and cozy that the data is in your four walls, but does your company have all of the latest enterprise application level firewalls and IPS devices? Does your company have a well-staffed dedicated 24/7 SOC IN ADDITION TO a 24/7 NOC? Does your company have a defined IOC sharing procedure with it's peers?
So which has a better chance of having the resources needed to secure their environment - your tiny little IT shop with it's cash strapped budget, or an enterprise cloud vendor that has all of the above? My money is on the cloud vendor.
This is just another post for us to vent our increasing frustations with the way IT is being more and more undervalued.
We used to be called experts. Now we're virtual janitors.
My management started saying, "THE CLOUD," over and over again, like consumers were saying, "iPad!."
I made damn sure that my objections were documented via email at every step as I cheerfully participated in assisted suicide.
Sure enough, about 8 months later (after management got a hands-on physics lesson about propagation delay), the cloud wasn't there. People were on my ass big time.
I called the cloud center and told them to, "Do that fail-over thing to the backup site in Oklahoma and stuff," and they said that the switch-over was included in the catastrophic failure.
I got myself a cup of coffee and one of the managers got in my face and demanded that we implement the backup plan.
I told him, "Sir ... our Plan B is Plan A."
So, they bought me some servers and stuff and I'm running things from my fucking computer room.
It little behooves the best of us to comment on the rest of us.
The problem here isn't the "new kids", it's the company for buying into crappy "solutions" which are proprietary and keep the IT department stuck supporting them for years or decades. For instance, look at Rational ClearCase. It's a complete piece of shit compared to modern DVCS systems like git or mercurial; it's slow as hell, requires full-time administrators to keep it running, and is a PITA to use, and lacks all kinds of modern features such as atomic commits. Maybe in 1989 it was pretty cool, but so were patent leather jackets. So why do companies still keep paying millions of dollars for this POS? Because management is stupid and believes the marketing BS from IBM/Rational, and also probably because they've based all their development on it and are afraid of change (even though CC is so shitty it's costing them dearly in development time because it's such a PITA to use).
If companies worked harder to keep themselves independent and not reliant on proprietary products that only aim to lock them in, they wouldn't have this problem so much.
You IT security is only as good as your control of the hardware!
I dont care if it is Windows or Linux, if someone other than the company personal can get to the hardware they can access your system and all the data in it. When you outsource your services to a data center provider you are trusting there security, there hiring practices, and there employees. Ill tell you right now, having worked for several of the BIG data center providers, most of them dont do a background checks. I have worked with many that were felons and in three cases worked with people convicted of credit fraud as well as hacking.
How many CIO's/CTO's/etc ever investigate the data center provider to determine there hiring practices and who has access to the hardware they will be storing the virtual machines on?
IT people say is it insecure because we know that #1) the person making the decision does not understand technology and #2) s/he simply went with the lowest bidder.
But that's exactly his point. All organizations have sensitive data infrastructure these days - most do not have IT staff competent to actually manage it once everyone's connected to the internet. And the staff they have was getting cut to the bone before IT got outsourced to the cloud. So, unless you're as tech savvy as the cloud majors, your data's likely to be less secure in house. Of course, that assumes you're a big enough target for hackers to take an interest in you. If Sony can be cracked, you can bet you can be too. So if you're as conspicuous a target as a Sony, you're probably better off in the cloud than relying on your IT staff to protect you. Odds are they're not as good as Sony's staff...
Posted from my Android phone. Oh, I can change this? There, that's better...
LCARS 3.0 was a disaster.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Actually they will. AWS and Azure don't offer a security service. But there are cloud providers that do and will act against unusual traffic.
The problem has been the same since the PC first came out: users can "do things" with a PC/laptop/smartphone/tablet and think that "doing things" makes them an expert on IT. So when they come up with a "great idea for a new application", they can not and will not fathom the fact that it can take months or years to implement, is going to cost hundreds of thousands if not millions of dollars, and will be obsolete before it ever hits production due to changing business needs.
There is no cure for the "wisdom" of people who tell you how to do your job, or how their 14 year old nephew could write the application in a few weeks. They've made up their mind that you're just a lazy SOB trying to milk the company for money and a cushy job, and will never, ever, ever understand just how much effort goes into security, design, testing, porting, etc. To them, everything is "easy."
The real problem is that companies let such users and managers make business decisions based on "their gut instinct" instead of properly planned and projected schedules. Because heaven forbid you should ever tell the marketting manager that he can't have his shiny Sharepoint solution because it doesn't provide anything useful to the company that can't be accomplished with a properly organized set of folders on a shared drive/server somewhere.
No, they're the ones who sign for the budgets, and they're the ones who like the "shiny", so you're the one who gets stuck trying to make the shiny work with all the line of business systems that are actually important to the operation of the business.
And if you even hint that you can't do it, well, there's a company overseas that's promising to do it in a month as an offshore service, so you're fired.
Which, in a nutshell, is how the bean counters and their ilk get away with their bad business decisions: they constantly hold the threat of offshoring and termination over your head to beat Mr. IT into submission.
I do not fail; I succeed at finding out what does not work.
The hiring manager told me that 90% of the job would be manually removing the crud from systems because anti-spyware and virus infections were frequent events. The last Fortune 500 company I worked for that had a virus outbreak was back in the 1990's. I guess Microsoft Defender isn't that good. I've never seen an IT shop so screwed up before.
The hiring manager also told me that the companies I worked for before -- Cisco, eBay, Fujitsu, Google, Intuit, Sony, and many smaller companies in between -- weren't real companies. This smug arrogance got on my nerves. He was shocked when I rejected his job offer. The job I did accept paid $8/hr more with benefits and has a network that's 20X larger than the "real" megacorporation.