There is little hope that IT will ever truly be aligned with the business--at least if you judge by this sometimes hilarious, sometimes maddening conversation thread on Slashdot a couple of weeks ago. It displays all the worst behaviors of business and IT people—and by accident reveals some good lessons.

The thread starts off with a bang: "The IT department at my company (approximately some 500 people) is showing signs of incompetence, and has been ignoring knowledgeable user input for about a year. Additionally, they haven't been able to sell needed changes to senior management. Unacceptable server down time, maxed network storage, and no backups systems have hit the bottom line, and those on top are starting to notice. We users are staging a revolt to make IT more responsive to users by creating a group from the company divisions and IT to discuss needs and solutions. What would you put in our charter? What services and responsibilities would you demand out of your IT department?"

Starting a conversation thread this way is akin to a Yankees' fan going into a Red Sox fans' chat room and asking why Boston fans are so rude when the Yankees come to Fenway Park. But you have to give the guy points for chuztpah--and then subtract all of them for cluelessness. The poster lets slip the word that should never be used in an opening conversation about IT issues: incompetence. Worse, he shows no curiosity about what actually might be causing all these problems besides sheer incompetence--like the state of the company, business management's interest (or lack thereof) in IT, the IT budget, or the IT workload. Then, he pushes another hot button by crowning himself an expert--a "knowledgeable user"--thereby asserting, without showing any evidence for his expertise, that any reasonable user would reach the same conclusions as he does. Consciously or not, what he is really doing is firing a shot across the bow.

So what's the first reaction to the posting? Savage humor that demonstrates the pent-up anger IT people have at this kind of treatment:

"The non-IT employees at my company (approximately some 5,000,000,000 people) are showing signs of incompetence, and have been ignoring knowledgeable technology input for about a year. Additionally, they haven't been able to accept needed changes to senior management. Unacceptable computer usage, maxed bandwidth usage, and no common sense have hit the bottom line, and those on top are starting to notice. We geeks are staging a revolt to make users more responsible to IT by creating a group from the company divisions to discuss needs and solutions. What would you put in our meeting room to kill as many people as possible?"

Just when it seems that there can't be any more tension in the exchange, a medical student logs on and says he has "an iota of what might be reasonable to expect from IT professionals, [so] here's my list of expectations."

Oh, brother.

Reminds me of the classic cartoon, "A Charlie Brown Christmas," where Charlie's little sister reads her Christmas list: "I have been extra good this year, so I have a long list of presents that I want. Please note the size and color of each item, and send as many as possible. If it seems too complicated, make it easy on yourself: just send money. How about tens and twenties?"

His (sorry, guys, but I'm even more certain his time) list includes: privilege

"Security of data: Obviously no data is *absolutely* secure if the computer is connected to the net, but enough security that I could feasibly work with medical records and HIPPA-privileged information without constantly worrying about crackers.

Continual access (within reason): If there are natural disasters, power outages, or personal emergencies, then certainly one can't reasonably expect 24-hr access. At almost any other time, however, I'd like to be able to turn a computer on at the workplace and not worry about downtime or have to call someone to fix the system.

Work ethic: Nothing pisses me off more than lazy people, especially those who try to use technobabble to hide incompetence.

Keeping me informed of new tech without trying to be a salesman: Not every new upgrade is worth getting and keeping up with the Joneses can be prohibitively expensive.

Honesty: Don't overcharge me or bend/stretch/break the truth with me. Medical professionals *seem* to be a prime target for fleecing among computer folks and I've heard horror stories about people paying several times market rate for upgrade and basic tech services."

Okay, so let's sum up: IT people could keep the network up all the time if they really wanted to or were competent; IT people are naturally lazy and display it by trying to explain technical issues that a doctor (doctors are the smartest people in the world, actually) can't understand; IT people always try to get businesspeople to buy stuff they don't need; IT people are dishonest because one of their colleagues heard from a friend who heard from a friend that the guys from "Artie the Ex-Con Computer Genius" charged $2000 for an enterprise server when the Dell website listed one with a Celeron processor for $500.

At this point in the thread, the IT people start behaving badly, too. I don't mean nasty (though there's plenty of that). I'm talking about behavior that drives even reasonable users crazy. Distilled down, it is this: "What you are asking for is impossible, or would be so inconvenient that you'd never be able to live with it."

For example:

"Security: To increase security - you the end user get the following. All traffic is encrypted. All fields that display sensitive information are invisible, unless you move the mouse pointer over it, and click (hold the click to see the info). All screen savers are locked on blank screen (no user customizable fancy-dancy screen savers) - and set at 1 Minute, maximum - no user ability to change / reset this. All user systems have USB disabled, no CD-ROM drive and no floppy drive. All passwords must be a minimum of 8 characters long, have at least 2 numerics, 2 symbols, 2 capital letters and 2 lower case letters. Zero repeat characters and no character can be used in the same position more than once in 16 months. Passwords must be reset every 28 days - no exceptions. All users must pass basic computer literacy / ability tests. You fail the test, you're fired. Internet access is restricted to Intranet and *approved* work related internet sites. Usage is monitored, and reviewed by supervisors monthly. Users must face the entrance to their work environment, with their monitors facing away from the entrance. Spot checks will be done to see if anyone has passwords written down, if they do - they're shit-canned. Anyone caught sharing / using someone else's password is fired - no questions asked. Supervisors caught logged in as one of their employees are also shit-canned. Supervisors have the ability to review their people's work, without logging in as the user."

Then the IT posters all start chiming in with another behavior that also drives reasonable users crazy: They dive down a technology wormhole rather than focusing on the real question at hand. Just one example:

"No, the password criteria given above SUCK. 8 characters, 2 lower, 2 upper, 2 numeric, 2 symbol. There's too much information given away in the security policy about the composition of the password. Whereas a normal 8-character password would have around 90 possibilities for each letter, in this case, each character would have a maximum of around 26 possibilities - even less for some because numerics only have 10 possibilities. You really cut your password space down with overly-restrictive policies."

I counted roughly 60 posts after this one listed under the heading—ironically--"Re: From the non-tech perspective" that discuss nothing but arcane security issues. It's not wrong to have a discussion like this, obviously, but not in this context. You can imagine the posters standing in front of the business person arguing amongst themselves about something that is neither relevant nor understandable while the businessperson looks on helplessly--and eventually walks away in frustration while the technology argument rages on.

Finally, an IT person brings the discussion back on point with a funny, devastating observation:

"I come from a long helpdesk background and am now a senior developer at a mid-sized company. Unlike most of you nerds there's one thing I enjoy more than "being right" and that's "being lazy." That's why I love stupid users. I loved having a job where the biggest problem I faced in a day was telling a user to turn their monitor on. Or turn their caps lock off. The worst job I EVER had was working with some very bright and very motivated individuals who were not geeks but were extremely competent in everything they did. The one thing they didn't know well was computers, and in that business you didn't need to know computers to make a crapload of money. But because they were all so brilliant, every little thing was nitpicked. Everything had to be done now, now, now. There were no easy problems and every day I was challenged to learn and perfectly perform something that I'd never done before with technology. There was always some shit on the line: huge fines from regulatory institutions, huge investments of money, hundreds of employees counting on your work. If the worst you have to deal with is someone dumber than you, you have it made. Make friends with your users; treat them like people, and soon you'll be in middle management, making bad decisions for a big salary."

This reveals one of IT peoples' worst behavioral traits. They assume that because users don't understand IT, they must be stupid. It's a fatal flaw because generally, IT people are very smart. It's harder to major in computer science than marketing. But some math majors aren't interested in IT. They get their MBA's instead. They're smart. And it really frustrates them that they can't be smart about IT. They are used to working at a high-level and controlling everything they do. But other smart people--IT--can't always control IT, either. Invite them out for a cup of coffee to discuss that sometime.

One of the things you can mention is that it is not always possible, or worthwhile, to explain why something went wrong or what it took to fix it. Smart people get offended because they always got straight A's in school and now someone is assuming that they can't catch on. Well, you did have to do some studying for those tests, didn't you?

"As the sole IT employee in my mid-sized company, I understand your wants. However, perhaps you don't see that you're micro-managing a bit?

My bosses want to be kept informed at all times. However, trust me and let me do my job. When I fix something, don't ask me what was wrong or how I fixed it. I don't have time to explain to you what you learn in 2 semesters of network infrastructure classes. Just back off and you'll be surprised how much an IT person will get done. Sometimes you just have to accept, "It was a problem with the hosts file and it was throwing off sendmail" without probing into sendmail.mc theory. And as far as explaining it in non-techie terms, I can only dumb down SSH tunnels and the TCP/IP protocol so much before I want to jab myself in the eye with a spork. OK boss, it works likes this. A computer stands up and yells, "Hey Server!!!" All the computers hear it, but only the server yells back, "Yeah, what do you want?"

As an example, my boss was on vacation in Florida. While he was gone, in 1 week, I was able to complete more projects to improve business and workflow than I previously had since the first of the year. You know why I was so non-productive? My bosses demanded a military-like work ethic, wanted to be constantly informed, wanted to triple check the line items on a budget request for a freakin' tape drive, etc. Without him breathing over my shoulder and constantly asking me why I had a browser open (that better be work related!) and without having to explain to him why DNS is so important to an AD network, I was able to do what he was trying to 'motivate' me to do, actual work!"

Now this poster has a good excuse (being the entire IT department) for simply asking to be left alone. But I've also run across 1000-person IT departments that adopt the same attitude. It never works, according to my research.

If all you do to build alignment is to rely on everyone to be nice—or worse, tell IT to take whatever the business dishes out because "we are a service function," it's not going to work. There has to be a structured relationship. IT is a vital service and it has to be paid for not in a huge lump sum, but as individual services chunked up in ways that business people can understand. Most importantly, business people have to see the effects that their decisions about IT have on their own destinies. Call it a service level agreement or whatever you want, but IT has to be bought and sold and services have to be negotiated so that understanding can be imparted to business people in a non-threatening way. They're used to negotiations and contracts and they're used to having people explain what the contract entails before they agree to it. IT has to be negotiated the same way.

There also has to be some structure around the relationship between individual users and IT people, too. Too often, the SLA stops at the business unit level and individual users still treat IT like it is a free resource and treat IT people like they have nothing better to do than answer dumb questions. This isn't an IT problem; it is an HR problem, as one poster wisely points out: "Many supposed IT problems should actually be solved by HR with a good talking to about abuse of company resources and how that might limit your career. Calling IT when you forget your password for the 5th time that month or with some dumb question because you are too lazy to crack open a manual is no better than stealing office supplies or equipment. It's all just stealing resources. 20% of the users create 80% of the work for IT."

There needs to be an SLA on individual behavior because otherwise, the problems inevitably lead to draconian crackdowns by IT that make the problems even worse. One example: a companywide ban on "non-essential" websites because a few bozos insist on sending sports video files to each other over the e-mail system. Meanwhile, no one can log into their online banking site anymore to make a quick payment at lunchtime--payments that take 30 minutes less than having to drive to the bank branch to do the same thing. The internet is part of our lives now. People start to hate IT when this happens. Users that get out of hand have to be dealt with by their bosses, not by IT.

That's also true at the more strategic, enterprise level. If business people go hiring outside consultants to install systems that don't work with the IT infrastructure because "IT wouldn't help me," that's an HR issue--as long as IT has a structure in place to make it clear what these people can and cannot do, and an avenue for them to present their project wish lists. 

At this point, after having completely alienating everyone in the conversation thread, the original poster logs back on to admit that his company's upper management is clueless about IT and won't fund anything that the CIO wants to do. So, he says, the CIO resorts to a crisis approach to get the money. "The CIO attempts to fix things by bringing current problems--e.g. we're running at 95% of network storage, and we don't have backup email server if the power goes out (twice last month)--to the board meeting. The vice-presidents who don't understand the technology or the implications say no to the cost without understanding the impact. Me and other users would like to coordinate with IT so that before they go to the president and ask for money that they come through us so they can get the support from us." He then goes on to criticize the CIO for unilaterally implementing upgrades that threaten his old Access databases.

It all argues for some structure to the relationship between the business and IT, because at its core, this is a tribal relationship, and tribes don't get along without treaties. It's time to stop thinking that these problems are going to work themselves out. Nobody likes being put in a position of servitude (IT--and I'm not just talking about the help desk here, this applies to development projects as well), and nobody likes not having control over the things they need to do their job (business people). Jeff Joerres, CEO of Manpower, the temporary staffing company, told me in a recent interview that he believes full alignment between IT and the business is simply not possible. "Look, this goes on everywhere, not just between the business and IT. It's been the same thing with field offices and headquarters since before there were computers. You can't eliminate the tension; you have to constantly manage it."

What do you think?

You do not have flash or javascript support.

Average (3 votes)

Reply
Digg this
Slashdot
Reddit
LinkedIn