Certainly. No one blames IT and probably because of those specs. Someone else has to take responsibility for making sure those reports say what they should be saying. I'm just answering the question of the original post -- Do we blame IT? No -- not really. If there is some new system going in, maybe. It's not so much "blame IT" as it is "blame change", perhaps.
I would say that every where I have worked, for that matter, we do not expect the data to just match with anything. That's just not a reasonable expectation in a multibillion dollar operation. We usually know there is something going on and would not typically blame IT or anything with a well-established report. On the other hand, we also tend to do our own acquisition of the data since all too often IT will just "turn the crank" to get us something. In other words, if we try to go through IT, it becomes some sort of formal project where we give them our "specs" and they write the query and it all takes months to finally make through a sufficient amount of project management. Then, when it turns out that the wizzle wasn't in the wuzzle and we need to separate out the shizzle from the fashizzle and so on, well that's another project! IT has never been on the hoook for a final finished product in any company I have worked at. So, I guess if we ever specified reports by their end product rather than the specifics of how to make the report, we might start going back to IT a lot more. But as it stands, everyone knows that if something screws up, then it is probably the downstream effects of something else (which may well be some other IT snafu but is more than likely the unintended consequences of some other signed off on project).
No, that is the same issue. We are talking about two sides of the same coin. But beyond that, why should you need to transfer files to/from home? Why is that part of your work? If your work requires you to use personal data, then your work is flawed, and they should examine the issues that cause you to need it and resolve them so that you can use work resources to do work. No -- you're wrong. Maybe that's true about marketing. That's not true about my business. So, now what are you going to say? That it really is true about actuarial science? Why? Because you're an actuary? Because IT security would like that to be the case? Not even IT should revolve around IT security. Certainly, the pricing unit for an insurance company shouldn't have to. And, they certainly should not have to justify their habits to a bunch of people that couldn't possibly, and in any case, simply refuse to, understand them, either. I doubt the other business areas feel any differently about it than I do.
Banning web-based email and other such initiatives have simply stopped a number of good things from happening that otherwise would have. I know because I was the one that was no longer able to do it. Now, you can continue to say, "Your work is flawed," but you really don't know anything about what I do or what makes an insurance company profitable, do you? Even if you did, what about finanacial analysis for an investment bank or accounting for a reinsurer or financial reporting for an automobile company or quality assurance for a fast food chain? You simply cannot say on the basis of IT security, of all things (!), how everyone is to go about their business, for crying out loud!
This is of course because they are responsible for security.
Well of course! Prohibiting everything is good for the security professionalnot the business units. The company is not hiring the security professional to "do whatever it takes to prevent an intrusion". They hire the security professional to prevent intrusions in the most unobtrusive way possible.
You're busy imagining ways to justify fucking off.
That's just false. That you think that web-based email is just fucking off is -- and let me perfectly clear here -- wrong, as in mistaken or "you have uttered a false statement". I'm not saying that "well, sometimes it's used to not fuck off, ya know." I'm not saying that "it doesn't really hurt productivity that much but it really boosts morale!" I am saying that, specifically with regard to web-based email, you will only hurt productivity by disallowing it because while everyone spends a microscopic amount of time emailing their friends with it, other people use it to transfer files to and from home and stuff like that (which is often also a security violation, but that is another issue). The people that fuck around with it will just do the same with the company email (as has no doubt already been pointed out), and in any case the net amount fo fucking around that you have stopped is nothing compared to the shot in the nuts you have just delivered to some of your best producers.
If you were speaking from the standpoint of some particular business perspective it would be one thing. But, you are trying to justify this from some general IT persopective. Do not presume to know anything when it comes to business unit productivity if all you are is the IT guy and not a business unit person, yourself.
You haven't even begun to prove yourself in their field.
You have no idea what a day in the life of a rank-n-file employee is like or what it takes to do their job.
You certainly have no idea what it takes to be successful at what they do nor do you know the first thing about how a business is successful in their industry.
But, then again, I am largely paid by my employer to be a "Shadow IT" guy.
Ah, now here is the rub. Your employer has instituted an inefficient model. There is no reason why there should be any IT work being done by anyone outside of IT. If such a thing is going on then it points to a problem elsewhere in the model. The solution is not to compromise security, but to solve the problem.
Have you ever actually worked out here in the real world? Well, forgive us if we don't hold our breath while you devise the perfect IT department all built around security of all things. Here in the real world IT routinely falls ridiculously short of what is really required at the end of the day. So, while you're off making IT perfect, why don't you leave a little room for work arounds so we can try and turn a profit this quarter. Mmmmmkaaayyyy....
So what you're saying is that you took a Windows job, but you really wanted a Linux job, and now you want to whine about it and complain?
Not even close. What I am saying is that I took an actuarial job instead of an IT job because I was never particularly interested in the first place. But, since every where I go, the needs left behind by IT are so great, I have practically ended up becoming a programmer, after all. I would have been totally content doing my business unit job from 9 to 5 in a windows world and persuing my largely non-computer-related hobbies in my spare time. Instead, techinical procedural issues have dominated my job and most of my peers jobs, as well. Because I was less squeamish about IT work than my peers, I have over the years become so totally immersed in it that I have taken up linux in my spare time for practical work-related reasons. Now, I am not saying that they should, in fact, let me install linux on
In order to do their work, 99.44% of employees out there don't need access to IM, to their personal email, to myspace, or any of the other time-wasting shit that they spend their time on. Most people don't even need access to the internet at all, although some will benefit from it. Some absolutely need it, for instance people who actually work in IT. But they don't need personal email to do their jobs either. Your employer pays you to work, not to fuck off. But, at least at my particular company, IT tends to systematically remove all the options, and how does this happen? Because somehow the burden gets shifted from them showing that something really must be prohibited to us showing that we really need it right now to do our job. And so, that's what the real problem is -- that IT is out there making all these managment decisions for the managers in the company with unilateral security policies such as banning web-based email.
I think you just lack imagination. In fact, this particular policy reduces productivity, policies like these always do, and this very way of making policy is a broken process of circumventing the proper channel of management that will lead to widespread loss of productivity. And, I am not talking about the morale issue or whether or not these employees ought to be allowed to waste time -- I am not talking about any of that even a little bit. I am talking purely, here, about the opportunity cost of people not even being able to use what would otherwise be widely available resources to them. You cannot measure that in the terms you are trying to -- by simple volume of use or some such thing. It is a matter of being available when they need it.
And, the real issue is when everything else is banned (because the general policy is that unless someone can prove they need it, it gets banned), you have a situation where they wouldn't need X except for the fact that Y was banned. Now that X and Y are banned they need Z , but that is banned, too.... When it is all strung so tight, it becomes more than just a drain on productivity but even an insurmountable obstacle to getting something done altogether. I might finally note that, I am speaking from direct experience on this matter -- it happens to me, personally, all the time. But, then again, I am largely paid by my employer to be a "Shadow IT" guy.
Also, with regard to the morale issue, that issue is not just about being able to waste time at work. There is also the matter of having control over the manner and environment the employee works in. For instance, if they allowed me to install linux on my desktop, or if I had a linux option, complete with Perl, BASH scripting, MySQL on my desktop, and so on, then I would be a lot happier doing the work. (And, not just on a personal level, but on a professional one of not having to spend all this time knowing Visual Basic, for instance, which is my only option in a microsoft world and with an IT department that would never let me install something like Perl.)
So, there are some specifics for you on both the productivity issue, specifically, as well as maybe some more meaningful points on the morale issue.
Who decides what someone needs to do their job? I think this is one serious problem often over-looked in all of these sorts of discussions. It appears that, more and more, IT security gets to apparently make this determination -- or anyone that wants to that goes unchallenged, for that matter. The real truth, though, is that, at best, an employees' boss should get to. But, honestly, a world where employees' jobs are these well-defined things that managers can casually glance at and know what is or is not entailed is some sort of HR fantasy land. So, in practice, "Is this in your job description," is really just some sort of lawyerly tactic to shut down someone else's innovative and clever work-around simply because it is outside of the mainstream and using up bandwidth somewhere that probably should belong to the very employee using it, in the first place.
Slashdot Mirror
Certainly. No one blames IT and probably because of those specs. Someone else has to take responsibility for making sure those reports say what they should be saying. I'm just answering the question of the original post -- Do we blame IT? No -- not really. If there is some new system going in, maybe. It's not so much "blame IT" as it is "blame change", perhaps.
I would say that every where I have worked, for that matter, we do not expect the data to just match with anything. That's just not a reasonable expectation in a multibillion dollar operation. We usually know there is something going on and would not typically blame IT or anything with a well-established report. On the other hand, we also tend to do our own acquisition of the data since all too often IT will just "turn the crank" to get us something. In other words, if we try to go through IT, it becomes some sort of formal project where we give them our "specs" and they write the query and it all takes months to finally make through a sufficient amount of project management. Then, when it turns out that the wizzle wasn't in the wuzzle and we need to separate out the shizzle from the fashizzle and so on, well that's another project! IT has never been on the hoook for a final finished product in any company I have worked at. So, I guess if we ever specified reports by their end product rather than the specifics of how to make the report, we might start going back to IT a lot more. But as it stands, everyone knows that if something screws up, then it is probably the downstream effects of something else (which may well be some other IT snafu but is more than likely the unintended consequences of some other signed off on project).
Banning web-based email and other such initiatives have simply stopped a number of good things from happening that otherwise would have. I know because I was the one that was no longer able to do it. Now, you can continue to say, "Your work is flawed," but you really don't know anything about what I do or what makes an insurance company profitable, do you? Even if you did, what about finanacial analysis for an investment bank or accounting for a reinsurer or financial reporting for an automobile company or quality assurance for a fast food chain? You simply cannot say on the basis of IT security , of all things (!), how everyone is to go about their business, for crying out loud!
This is of course because they are responsible for security.
Well of course! Prohibiting everything is good for the security professional not the business units. The company is not hiring the security professional to "do whatever it takes to prevent an intrusion". They hire the security professional to prevent intrusions in the most unobtrusive way possible.
You're busy imagining ways to justify fucking off.
That's just false. That you think that web-based email is just fucking off is -- and let me perfectly clear here -- wrong, as in mistaken or "you have uttered a false statement". I'm not saying that "well, sometimes it's used to not fuck off, ya know." I'm not saying that "it doesn't really hurt productivity that much but it really boosts morale!" I am saying that, specifically with regard to web-based email, you will only hurt productivity by disallowing it because while everyone spends a microscopic amount of time emailing their friends with it, other people use it to transfer files to and from home and stuff like that (which is often also a security violation, but that is another issue). The people that fuck around with it will just do the same with the company email (as has no doubt already been pointed out), and in any case the net amount fo fucking around that you have stopped is nothing compared to the shot in the nuts you have just delivered to some of your best producers.
If you were speaking from the standpoint of some particular business perspective it would be one thing. But, you are trying to justify this from some general IT persopective. Do not presume to know anything when it comes to business unit productivity if all you are is the IT guy and not a business unit person, yourself.
You haven't even begun to prove yourself in their field.
You have no idea what a day in the life of a rank-n-file employee is like or what it takes to do their job.
You certainly have no idea what it takes to be successful at what they do nor do you know the first thing about how a business is successful in their industry.
But, then again, I am largely paid by my employer to be a "Shadow IT" guy.
Ah, now here is the rub. Your employer has instituted an inefficient model. There is no reason why there should be any IT work being done by anyone outside of IT. If such a thing is going on then it points to a problem elsewhere in the model. The solution is not to compromise security, but to solve the problem.
Have you ever actually worked out here in the real world? Well, forgive us if we don't hold our breath while you devise the perfect IT department all built around security of all things. Here in the real world IT routinely falls ridiculously short of what is really required at the end of the day. So, while you're off making IT perfect, why don't you leave a little room for work arounds so we can try and turn a profit this quarter. Mmmmmkaaayyyy....
So what you're saying is that you took a Windows job, but you really wanted a Linux job, and now you want to whine about it and complain?
Not even close. What I am saying is that I took an actuarial job instead of an IT job because I was never particularly interested in the first place. But, since every where I go, the needs left behind by IT are so great, I have practically ended up becoming a programmer, after all. I would have been totally content doing my business unit job from 9 to 5 in a windows world and persuing my largely non-computer-related hobbies in my spare time. Instead, techinical procedural issues have dominated my job and most of my peers jobs, as well. Because I was less squeamish about IT work than my peers, I have over the years become so totally immersed in it that I have taken up linux in my spare time for practical work-related reasons. Now, I am not saying that they should, in fact, let me install linux on
I think you just lack imagination. In fact, this particular policy reduces productivity, policies like these always do, and this very way of making policy is a broken process of circumventing the proper channel of management that will lead to widespread loss of productivity. And, I am not talking about the morale issue or whether or not these employees ought to be allowed to waste time -- I am not talking about any of that even a little bit. I am talking purely, here, about the opportunity cost of people not even being able to use what would otherwise be widely available resources to them. You cannot measure that in the terms you are trying to -- by simple volume of use or some such thing. It is a matter of being available when they need it.
And, the real issue is when everything else is banned (because the general policy is that unless someone can prove they need it, it gets banned), you have a situation where they wouldn't need X except for the fact that Y was banned. Now that X and Y are banned they need Z , but that is banned, too.... When it is all strung so tight, it becomes more than just a drain on productivity but even an insurmountable obstacle to getting something done altogether. I might finally note that, I am speaking from direct experience on this matter -- it happens to me, personally, all the time. But, then again, I am largely paid by my employer to be a "Shadow IT" guy.
Also, with regard to the morale issue, that issue is not just about being able to waste time at work. There is also the matter of having control over the manner and environment the employee works in. For instance, if they allowed me to install linux on my desktop, or if I had a linux option, complete with Perl, BASH scripting, MySQL on my desktop, and so on, then I would be a lot happier doing the work. (And, not just on a personal level, but on a professional one of not having to spend all this time knowing Visual Basic, for instance, which is my only option in a microsoft world and with an IT department that would never let me install something like Perl.)
So, there are some specifics for you on both the productivity issue, specifically, as well as maybe some more meaningful points on the morale issue.
Who decides what someone needs to do their job? I think this is one serious problem often over-looked in all of these sorts of discussions. It appears that, more and more, IT security gets to apparently make this determination -- or anyone that wants to that goes unchallenged, for that matter. The real truth, though, is that, at best, an employees' boss should get to. But, honestly, a world where employees' jobs are these well-defined things that managers can casually glance at and know what is or is not entailed is some sort of HR fantasy land. So, in practice, "Is this in your job description," is really just some sort of lawyerly tactic to shut down someone else's innovative and clever work-around simply because it is outside of the mainstream and using up bandwidth somewhere that probably should belong to the very employee using it, in the first place.