IT Departments Fear Growing Expertise of Users 499
flatfilsoc recommends a long article in CIO magazine on users who know too much and the IT leaders who fear them. Dubbing the universe of consumer technology the "shadow IT department," the article highlights the extent to which the boundary between users' workplace and home have broken down. It notes the increasing clash — familiar to anyone who works in a company with an IT department — between users' home-grown productivity boosters and IT's mandate to protect corporate data. The inherent tendency of the IT department to want to crack down and control technology that it doesn't supply should be resisted at all costs, according to CIO. The article outlines strategies for co-existence. It just might persuade some desperate CIO somewhere not to embark on a career-limiting path of decreeing against gmail and IM.
All in one page (Score:2, Informative)
Sometimes it "has to fit" (Score:5, Informative)
In the US, Sarbanes-Oxley places some strict requirements on data retention for publicly-traded companies. Employees choosing to use IM and gmail, could cause those requirements to be circumvented.
Interesting article... (Score:3, Informative)
This is kind of interesting, from the article:
"When you find that people have broken rules, the best thing to do is try to figure out why and to learn from it."
Sorry, no. When you find out that people have broken the rules, you write them up or you fire them, depending on the severity of the situation. What if the rule that was broken was someone carting around an unencrypted "backup" of a customer database on a thumbdrive, which he lost? Where I work, that's three major rules broken right there. If that happened, that person would be fired immediately.
Corporations aren't stupid. Hidebound, maybe, and slow to change, but if something is forbidden, there is usually a really good reason for it. Also, IT does not run the company, in most cases. Follow the chain of command up high enough, and you'll find IT's bosses. If you have a tool that you need or want, then petition for change. Don't do an end-run around the guys that are trying to keep you working, you're only going to hamstring yourself in the end.
The major problem is, people are making their decisions based on commercials or salesmen that promise an easy, 100% reliable solution to an existing problem. Then they run to IT to complain when the product doesn't perform the way it was supposed to. This makes extra work for an IT department that is probably already overworked. You want to play with toys, play with them on your own gear, not the corporate gear.
That said, a wise CIO is going to pay attention to what the employees say they need to find out:
a): If they really need it
b): If there isn't something better or already in-house that can fill that need
c): Is it safe to use, and what are the support requirements.
The important thing then is to tell the end user, No, you can't have that because of: ___, and give them an actual reason, instead of just telling them "against policy"
Re:"Cheap" support (Score:3, Informative)
And if the "screwed up" machine was infected with a malware which keylogged and/or sent information (such as client personal information/transaction records/ssns/ccard numbers) or perhaps medical records to some PC in Denmark BEFORE you restored from that image?
Re:Sometimes it "has to fit" (Score:5, Informative)
Re:Yeah, what he said.... (Score:5, Informative)
Having only one, centrally managed, desktop image has a lot of appeal as well!
Re:My personal nemesis... (Score:1, Informative)
That's why it takes so long to find competent technical people within an IT organization. The good ones have moved up, while the mediocre ones stick around. You may find a low level admin with some level of clue, but chances are he won't be there for long.
Re:Yeah, what he said.... (Score:4, Informative)
Cut/Paste from APP -> text File -> IPOD HD.
Scan
You've obviously never worked with state/federal payors who are cracking down on fraud. Not only from the entity making the claim for service, but forcing the entity making the claim to police their own CLIENTS for fraud. There are volumes of various types of regulations and procedures that CAP/CLIA/Medi require and we are regularly inspected for compliance.
Sucks to be in IT in the medical field sometimes.
Re:Sometimes it "has to fit" (Score:3, Informative)
It's a whole lot easier and less expensive to just block access to external email or IM than it is to monitor and record them.
Re:It's called "physical security". (Score:4, Informative)
Re:Yeah, what he said.... (Score:4, Informative)