CSO - Earlier this week, I posted a question to Twitter and one reader offered an interesting rant on the topic, one that I felt was worth sharing.
The question was simple: What's a dumb practice in IT that needs to go away?
When I posted the question, I was thinking of things such as passwords as a whole or limits on failed log-ins. The idea came from a panel discussion I was watching at a company event, so I figured Twitter would be a good place to seek responses.
However, one reader went above and beyond, offering a take on the topic that offers a spot-on assessment of some of the frustration and pressures faced by those working in and around the IT department. I've posted the comments below, with minor edits to redact language and offer clarification, in addition to edits that that the reader remains anonymous as asked.
"[IT] as a whole needs to understand that they are a dying breed; they're going the way of the dinosaur... they are still sat holding onto practices that were relevant or standards that were developed over 10 years ago. ISO-who? SAS-What? ITIL-Get-the-f***-outta-here.
"[One] big problem is the arrogance that emanates from IT departments that they're somehow important to the organization. I believe that was the case 15 years ago, when people would hire you for simply knowing HTML [or knowing how to use FrontPage], but now the credit card and cloud provider phenomenon has allowed businesses to say "f*** you IT that charges me 10 times as much money, takes 20 times longer and still gets my requirements wrong."
The marketing term for this process, Shadow IT, seems to have negative connotations. However, the always-on, world of instant IT can be a blessing and a curse. Organizations turn to instant IT for quick solutions to problems, which are a boon for business units such as sales, marketing, R&D, and the like.
Sometimes when a request is made to IT, it can take time to see it completed due to the way requests are given a strict triage treatment by the department. It's painful for both sides, because IT feels the pressure to complete the assigned tasks (put out the fire) and those requesting the service are frustrated with waiting.
However, when security and/or compliance issues are brought into the fold, instant IT can cause more problems in the long run than they solve, which is why larger organizations embrace the process of instant IT, but with limits.
"I think it's dumb for IT departments to believe that they are part of the company, or that the company will fail without them. Their competitors are public cloud providers like Amazon, Rackspace, Google, Microsoft and [others]. They need to wrap up this service like an external business would, and sell and market to the business in the same way."
This part of the reader's rant I only partly agree with. IT is part of the company, only now they are just one business unit among many, and need to adjust so that they can co-exist with the others. However, depending on the business objectives and needs, if IT didn't exist, odds are the company would be fine. But that isn't universally the case.
It wasn't always like this, but times have changed and the rapid advance of technology has moved IT from being the center of connectivity and resource management to being a one of the providers. This is why the second part of the reader's rant makes sense.
IT should determine what each business unit needs in the way of technology and resources, and provide them as a service to the organization. With some basic controls and practices, this model of IT delivery can help productivity, and streamline various initiatives. It shouldn't be a-la cart instant IT, but something closer to a self-service IT process.
Plus, self-service IT initiatives tend to make security a bit easier to manage, and it helps lower the number of smaller fires that need to be addressed, allowing the IT staff to deal with larger issues quicker.
The question still stands, feel free to comment or email with thoughts. What is a dumb practice or process in IT that needs to go away?
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- The Business Value of Continuous Delivery Download this whitepaper to learn more about the business value of Continuous Delivery and see why it could be a game changer for...
- Ten Factors Shaping the Future of Application Delivery Download this research report conducted by Enterprise Management Associates (EMA) to learn how those that are seeking to accelerate application delivery are leveraging...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All Cyberwarfare White Papers | Webcasts