The well meaning IT and Security department tries to protect the user base from malware, spyware, industrial espionage, viruses, worms, software bugs and defective hardware whilst increasing user productivity and managing corporate assets (physical and intellectual property).
The IT user is not a child, though often they are treated as such by the departments that manage and provide services to them. Most often users are college educated, mature, professional individuals. Some are quite tech-savvy themselves in fact.
Now this dichotomy of IT administratorvs corporate user exists in almost all companies. IT administrators often have the attitude that their users akin to wayward children almost.Now there are reasons for implementing controls and impeding users from achieving some tasks without checks and balances.These can generally be broken down into Security, need for internal and external Audit, and preventing the corporate assets and communications from ending up on Wikileaks.
Crouching Admin, Hidden User
Microsoft Field Engineer, GBS
Crouching Tiger, Hidden User
Thoughts on the IT process and the
human impact of same.
The lock down vs the smack down
Why corporate users sometimes resent their IT departments
The Case for Controls
• Digital Rights Management
• Mobile Device Management
• Email Discovery
• Remote Access Controls
• Patching and Updates
• Desktop Lockdowns/Branding
• Change Control
• Public Image/Reputation
• Legal Liability
• Theft of IP/Monetary Assets
The Results of Extreme Controls
• Reduced Productivity
• Lower Morale/Trust Issues
• In some ways, BYOD is the loss of respect and faith in the IT
organization by its user base. Users feel they can be productive with
own equipment rather than corporate assets.
• Long Boot Times/Slow Performance
• Frequent Crashes
• Tight System Controls
• In other ways, BYOD is an empowerment of the user to ‘get things
done’. In these cases, the “BYOD” could better be coined “PYOD” (pick
your own device).
• Usage of overly managed systems impede users from getting their
• Change control and heavy audit processes slow innovation, creativity
and organizational agility.
• Siloing creates team resentment and poor communication channels
Lower Morale/Trust Issues
• What is the cost of to the institution for an employee to walk?
• To go to a competitor?
• For both of these, one must consider the cost of training a replacement, the cost of loss
of institutional knowledge (why was a system setup a certain way 10 years ago?)
• What is the cost to an organization when teams break away and do
their own thing because of operational inefficiencies or overbearing
Control but Trust
• Remember employees, from all divisions and teams, are in it to win it.
• Control lightly, trust heavily.
• Give people the opportunity to do the right thing.
• Trust their judgment, listen before reacting!
Data Protection, not User Restriction
• Use native OS capabilities to protect the ‘good stuff’
• Digital Rights Management appropriately
• Classify Data according to Impact and Importance
• Mobile Device Management for BYOD is Paramount here
• Patch/Secure the end point devices
• Complex Passwords and Security Enforcement that is Reasonable
• Extranet Access, what is needed to do the job, control the floodgate
of information here.
Empower and Enable
• The primary task of IT is to use changing technology to improve
business productivity. Do not lose sight of this.
• Give the users good tools to achieve results. Take feedback on what
their view of ‘good tools’ means vs what IT’s view is. Invest in training.
• Remove blockers to employees and teams, make sure they can get
their job done. Remove barriers between orgs. Why reinvent the
Adapt and Change
• Create feedback loops in the environment. System monitoring,
alerting for performance, SLA breach, etc. But more importantly,
survey the business heavily. And Listen to the results.
• Be ready to be wrong. Be comfortable to admit mistakes. Nothing
stymie's innovation and action more than fear.
• Readiness and training are paramount. Change with the times, more
so, innovate with the times.
And more importantly
• Have fun. More time in life is spent working than anything else. Do
what you love. Love what you do.
• Remember, “if nothing ever breaks, IT isn’t innovating to improve
• A system that worked great 10 years ago, does not a great system